- aaa_base
-
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
to also fix the typo to set JAVA_BINDIR in the csh variant
of the alljava profile script (bsc#1221361)
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
make sure the script does not exit with 1 if a file
with content is found (bsc#1222547)
- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- silence the output in the case of broken symlinks (bsc#1218232)
- fix git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
to actually apply
- replace git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
by git-47-056fc66c699a8544c7692a03c905fca568f5390b.patch
* fix the issues from bsc#1107342 and bsc#1215434 and just
use the settings from update-alternatives to set JAVA_HOME
- audit-secondary
-
- Fix plugin termination when using systemd service units (bsc#1215377)
* add auditd.service-fix-plugin-termination.patch
- autofs
-
- autofs-5.1.6-remove-intr-hosts-map-mount-option.patch
Don't use the intr option on NFS mounts by default, it's been
ignored by the kernel for a long time now. (bsc#1225130)
- autofs-5.1.8-dont-use-initgroups-at-spawn.patch
Don't use initgroups at spawn (bsc#1214710, bsc#1221181)
- aws-cli
-
- Reconfigure the spec file support builds better in Factory and SLE
supporting different Python interpreter versions
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN.
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371)
- Switch to wheel build
- Update to version 1.32.31
* Forward port ac_update-docutils.patch
* api-change:``datazone``: Add new skipDeletionCheck to DeleteDomain. Add
new skipDeletionCheck to DeleteProject which also automatically deletes
dependent objects
* api-change:``route53``: Update the SDKs for text changes in the APIs.
- From 1.32.30
* api-change:``autoscaling``: EC2 Auto Scaling customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
* api-change:``comprehend``: Comprehend PII analysis now supports Spanish
input documents.
* api-change:``ec2``: EC2 Fleet customers who use attribute based
instance-type selection can now intuitively define their Spot instances
price protection limit as a percentage of the lowest priced On-Demand
instance type.
* api-change:``mwaa``: This release adds MAINTENANCE environment status for
Amazon MWAA environments.
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods.
This provides enhanced error handling, ensuring a more robust experience.
* api-change:``snowball``: Modified description of createaddress to include
direction to add path when providing a JSON file.
- From 1.32.29
* api-change:``connect``: Update list and string length limits for predefined
attributes.
* api-change:``inspector2``: This release adds ECR container image scanning
based on their lastRecordedPullTime.
* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now
provides an API to programmatically delete tuning jobs.
- From 1.32.28
* api-change:``acm-pca``: AWS Private CA now supports an option to omit the
CDP extension from issued certificates, when CRL revocation is enabled.
* api-change:``lightsail``: This release adds support for IPv6-only instance
plans.
- From 1.32.27
* api-change:``ec2``: Introduced a new clientToken request parameter on
CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter
allows idempotent operations on the APIs.
* api-change:``ecs``: Documentation updates for Amazon ECS.
* api-change:``outposts``: DeviceSerialNumber parameter is now optional in
StartConnection API
* api-change:``rds``: This release adds support for Aurora Limitless Database.
* api-change:``storagegateway``: Add DeprecationDate and SoftwareVersion to
response of ListGateways.
- From 1.32.26
* api-change:``inspector2``: This release adds support for CIS scans on EC2
instances.
- From 1.32.25
* bugfix:``s3 sync``: Disable S3 Express support for s3 sync command
- From 1.32.24
* api-change:``appconfigdata``: Fix FIPS Endpoints in aws-us-gov.
* api-change:``cloud9``: Doc-only update around removing AL1 from list of
available AMIs for Cloud9
* api-change:``cloudfront-keyvaluestore``: This release improves upon the
DescribeKeyValueStore API by returning two additional fields, Status of the
KeyValueStore and the FailureReason in case of failures during creation of
KeyValueStore.
* api-change:``connectcases``: This release adds the ability to view audit
history on a case and introduces a new parameter, performedBy, for
CreateCase and UpdateCase API's.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``ecs``: This release adds support for Transport Layer Security
(TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates
privacy and data security for inter-service communications, while
Configurable Timeout allows customized per-request timeout and idle timeout
for Service Connect services.
* api-change:``finspace``: Allow customer to set zip default through command
line arguments.
* api-change:``organizations``: Doc only update for quota increase change
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.23
* api-change:``athena``: Introducing new NotebookS3LocationUri parameter to
Athena ImportNotebook API. Payload is no longer required and either Payload
or NotebookS3LocationUri needs to be provided (not both) for a successful
ImportNotebook API call. If both are provided, an InvalidRequestException
will be thrown.
* api-change:``codebuild``: Release CodeBuild Reserved Capacity feature
* api-change:``dynamodb``: This release adds support for including
ApproximateCreationDateTimePrecision configurations in
EnableKinesisStreamingDestination API, adds the same as an optional field
in the response of DescribeKinesisStreamingDestination, and adds support
for a new UpdateKinesisStreamingDestination API.
* api-change:``qconnect``: Increased Quick Response name max length to 100
- From 1.32.22
* api-change:``b2bi``: Increasing TestMapping inputFileContent file size
limit to 5MB and adding file size limit 250KB for TestParsing input file.
This release also includes exposing InternalServerException for Tag APIs.
* api-change:``cloudtrail``: This release adds a new API
ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
* api-change:``connect``: GetMetricDataV2 now supports 3 groupings
* api-change:``drs``: Removed invalid and unnecessary default values.
* api-change:``firehose``: Allow support for Snowflake as a Kinesis Data
Firehose delivery destination.
* api-change:``sagemaker-featurestore-runtime``: Increase BatchGetRecord
limits from 10 items to 100 items
- From 1.32.21
* api-change:``dynamodb``: Updating note for enabling streams for UpdateTable.
* api-change:``keyspaces``: This release adds support for Multi-Region
Replication with provisioned tables, and Keyspaces auto scaling APIs
- From 1.32.20
* api-change:``iot``: Revert release of LogTargetTypes
* api-change:``iotfleetwise``: Updated APIs: SignalNodeType query parameter
has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse
has been extended with attributes field.
* api-change:``macie2``: This release adds support for analyzing Amazon S3
objects that are encrypted using dual-layer server-side encryption with
AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS
details in statistics and metadata about encryption settings for S3 buckets
and objects.
* api-change:``payment-cryptography``: Provide an additional option for key
exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and
ExportKey operations. Added new key usage (type)
TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane
operations with ISO9797 Algorithm 1 MAC calculations.
* api-change:``personalize-runtime``: Documentation updates for Amazon
Personalize
* api-change:``personalize``: Documentation updates for Amazon Personalize.
* api-change:``rekognition``: This release adds ContentType and TaxonomyLevel
attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- From 1.32.19
* api-change:``sagemaker``: This release will have ValidationException thrown
if certain invalid app types are provided. The release will also throw
ValidationException if more than 10 account ids are provided in
VpcOnlyTrustedAccounts.
- From 1.32.18
* api-change:``connect``: Supervisor Barge for Chat is now supported through
the MonitorContact API.
* api-change:``connectparticipant``: Introduce new Supervisor participant
role
* api-change:``location``: Location SDK documentation update. Added missing
fonts to the MapConfiguration data type. Updated note for the
SubMunicipality property in the place data type.
* api-change:``mwaa``: This Amazon MWAA feature release includes new fields
in CreateWebLoginToken response model. The new fields IamIdentity and
AirflowIdentity will let you match identifications, as the Airflow identity
length is currently hashed to 64 characters.
* api-change:``s3control``: S3 On Outposts team adds dualstack endpoints
support for S3Control and S3Outposts API calls.
* api-change:``supplychain``: This release includes APIs
CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
* api-change:``transfer``: AWS Transfer Family now supports static IP
addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.17
* api-change:``ec2``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``ecs``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``events``: Update events command to latest version
* api-change:``iot``: Add ConflictException to Update APIs of AWS IoT
Software Package Catalog
* api-change:``iotfleetwise``: The following dataTypes have been removed:
CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType;
CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason;
CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in
NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
* api-change:``secretsmanager``: Doc only update for Secrets Manager
* api-change:``workspaces``: Added AWS Workspaces RebootWorkspaces
API - Extended Reboot documentation update
- From 1.32.16
* api-change:``connectcampaigns``: Minor pattern updates for Campaign and
Dial Request API fields.
* api-change:``location``: This release adds API support for custom layers
for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
* api-change:``logs``: Add support for account level subscription filter
policies to PutAccountPolicy, DescribeAccountPolicies, and
DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified
with new optional "selectionCriteria" parameter for resource selection.
* api-change:``qconnect``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
* api-change:``redshift-serverless``: Updates to ConfigParameter for RSS
workgroup, removal of use_fips_ssl
* api-change:``route53``: Route53 now supports geoproximity routing in AWS
regions
* api-change:``wisdom``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
- From 1.32.15
* api-change:``codebuild``: Aws CodeBuild now supports new compute type
BUILD_GENERAL1_XLARGE
* api-change:``ec2``: Amazon EC2 R7iz bare metal instances are powered by
custom 4th generation Intel Xeon Scalable processors.
* api-change:``route53resolver``: This release adds support for query type
configuration on firewall rules that enables customers for granular action
(ALLOW, ALERT, BLOCK) by DNS query type.
- From 1.32.14
* api-change:``connect``: Minor trait updates for User APIs
* api-change:``kms``: Documentation updates for AWS Key Management Service
(KMS).
* api-change:``redshift-serverless``: use_fips_ssl and require_ssl parameter
support for Workgroup, UpdateWorkgroup, and CreateWorkgroup
- From 1.32.13
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config in November and December 2023.
* api-change:``docdb``: Adding PerformanceInsightsEnabled and
PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.
* api-change:``ecs``: This release adds support for managed instance
draining which facilitates graceful termination of Amazon ECS instances.
* api-change:``es``: This release adds support for new or existing Amazon
OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``lightsail``: This release adds support to set up an HTTPS
endpoint on an instance.
* api-change:``opensearch``: This release adds support for new or existing
Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``sagemaker``: Adding support for provisioned throughput mode
for SageMaker Feature Groups
* api-change:``servicecatalog``: Added Idempotency token support to Service
Catalog AssociateServiceActionWithProvisioningArtifact,
DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.12
* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API
increase evaluation notes max length to 3072.
* api-change:``mediaconvert``: This release includes video engine updates
including HEVC improvements, support for ingesting VP9 encoded video in
MP4 containers, and support for user-specified 3D LUTs.
- From 1.32.11
* api-change:``apprunner``: AWS App Runner adds Python 3.11 and Node.js 18
runtimes.
* api-change:``location``: This release introduces a new parameter to
bypasses an API key's expiry conditions and delete the key.
* api-change:``quicksight``: Add LinkEntityArn support for different
partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks
API; Add support for New Reader Experience Topics
- From 1.32.10
* api-change:``codestar-connections``: New integration with the GitLab
self-managed provider type.
* api-change:``kinesis-video-archived-media``: NoDataRetentionException
thrown when GetImages requested for a Stream that does not retain data
(that is, has a DataRetentionInHours of 0).
* api-change:``sagemaker``: Amazon SageMaker Studio now supports Docker
access from within app container
- From 1.32.9
* api-change:``emr``: Update emr command to latest version
- From 1.32.8
* api-change:``iam``: Documentation updates for AWS Identity and Access
Management (IAM).
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.7
* api-change:``bedrock-agent``: Adding Claude 2.1 support to Bedrock Agents
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
* api-change:``glue``: This release adds additional configurations for Query
Session Context on the following APIs: GetUnfilteredTableMetadata,
GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.
* api-change:``lakeformation``: This release adds additional configurations
on GetTemporaryGlueTableCredentials for Query Session Context.
* api-change:``mediaconnect``: This release adds the DescribeSourceMetadata
API. This API can be used to view the stream information of the flow's
source.
* api-change:``networkmonitor``: CloudWatch Network Monitor is a new service
within CloudWatch that will help network administrators and operators
continuously monitor network performance metrics such as round-trip-time
and packet loss between their AWS-hosted applications and their on-premises
locations.
* api-change:``omics``: Provides minor corrections and an updated description
of APIs.
* api-change:``secretsmanager``: Update endpoint rules and examples.
- From 1.32.6
* api-change:``amp``: This release updates Amazon Managed Service for
Prometheus APIs to support customer managed KMS keys.
* api-change:``appintegrations``: The Amazon AppIntegrations service adds
DeleteApplication API for deleting applications, and updates APIs to
support third party applications reacting to workspace events and make
data requests to Amazon Connect for agent and contact events.
* api-change:``bedrock-agent``: This release introduces Amazon Aurora as a
vector store on Knowledge Bases for Amazon Bedrock
* api-change:``codecommit``: AWS CodeCommit now supports customer managed
keys from AWS Key Management Service. UpdateRepositoryEncryptionKey is
added for updating the key configuration. CreateRepository, GetRepository,
BatchGetRepositories are updated with new input or output parameters.
* api-change:``connect``: Adds APIs to manage User Proficiencies and
Predefined Attributes. Enhances StartOutboundVoiceContact API input.
Introduces SearchContacts API. Enhances DescribeContact API. Adds an API to
update Routing Attributes in QueuePriority and QueueTimeAdjustmentSeconds.
* api-change:``medialive``: MediaLive now supports the ability to configure
the audio that an AWS Elemental Link UHD device produces, when the device
is configured as the source for a flow in AWS Elemental MediaConnect.
* api-change:``neptune-graph``: Adds Waiters for successful creation and
deletion of Graph, Graph Snapshot, Import Task and Private Endpoints for
Neptune Analytics
* api-change:``rds-data``: This release adds support for using RDS Data API
with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``rds``: This release adds support for using RDS Data API with
Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``sagemaker``: Amazon SageMaker Training now provides model
training container access for debugging purposes. Amazon SageMaker Search
now provides the ability to use visibility conditions to limit resource
access to a single domain or multiple domains.
- From 1.32.5
* api-change:``appstream``: This release introduces configurable clipboard,
allowing admins to specify the maximum length of text that can be copied by
the users from their device to the remote session and vice-versa.
* api-change:``eks``: Add support for cluster insights, new EKS capability
that surfaces potentially upgrade impacting issues.
* api-change:``guardduty``: This release 1) introduces a new API:
GetOrganizationStatistics , and 2) adds a new UsageStatisticType
TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API
* api-change:``managedblockchain-query``: Adding Confirmation Status and
Execution Status to GetTransaction Response.
* api-change:``mediatailor``: Adds the ability to configure time shifting on
MediaTailor channels using the TimeShiftConfiguration field
* api-change:``route53``: Amazon Route 53 now supports the Canada West
(Calgary) Region (ca-west-1) for latency records, geoproximity records,
and private DNS for Amazon VPCs in that region.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.4
* api-change:``appsync``: This release adds additional configurations on
GraphQL APIs for limits on query depth, resolver count, and introspection
* api-change:``chime-sdk-meetings``: Add meeting features to specify a
maximum camera resolution, a maximum content sharing resolution, and a
maximum number of attendees for a given meeting.
* api-change:``ec2``: Provision BYOIPv4 address ranges and advertise them by
specifying the network border groups option in Los Angeles, Phoenix and
Dallas AWS Local Zones.
* api-change:``fsx``: Added support for FSx for OpenZFS on-demand data
replication across AWS accounts and/or regions.Added the IncludeShared
attribute for DescribeSnapshots.Added the CopyStrategy attribute for
OpenZFSVolumeConfiguration.
* api-change:``marketplace-catalog``: AWS Marketplace now supports a new API,
BatchDescribeEntities, which returns metadata and content for multiple
entities.
* api-change:``rds``: RDS - The release adds two new APIs:
DescribeDBRecommendations and ModifyDBRecommendation
- From 1.32.3
* api-change:``cognito-idp``: Amazon Cognito now supports trigger versions
that define the fields in the request sent to pre token generation Lambda
triggers.
* api-change:``eks``: Add support for EKS Cluster Access Management.
* api-change:``quicksight``: A docs-only release to add missing entities to
the API reference.
* api-change:``route53resolver``: Add DOH protocols in resolver endpoints.
- From 1.32.2
* enhancement:``cloudformation package``: Add support for intrinsic
Fn:ForEach (fixes `#8075 <https://github.com/aws/aws-cli/issues/8075>`__)
* api-change:``cloud9``: Updated Cloud9 API documentation for AL2023 release
* api-change:``connect``: Adds relatedContactId field to
StartOutboundVoiceContact API input. Introduces PauseContact API and
ResumeContact API for Task contacts. Adds pause duration, number of pauses,
timestamps for last paused and resumed events to DescribeContact API
response. Adds new Rule type and new Rule action.
* api-change:``connectcases``: Increase number of fields that can be included
in CaseEventIncludedData from 50 to 200
* api-change:``kms``: Documentation updates for AWS Key Management Service
* api-change:``rds``: Updates Amazon RDS documentation by adding code examples
* api-change:``sagemaker``: This release 1) introduces a new API:
DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe
training job API
- From 1.32.1
* api-change:``appstream``: This release includes support for images of
Windows Server 2022 platform.
* api-change:``b2bi``: Documentation updates for AWS B2B Data Interchange
* api-change:``billingconductor``: Billing Conductor is releasing a new API,
GetBillingGroupCostReport, which provides the ability to retrieve/view the
Billing Group Cost Report broken down by attributes for a specific billing
group.
* api-change:``connect``: This release adds support for more granular
billing using tags (key:value pairs)
* api-change:``controltower``: Documentation updates for AWS Control Tower.
* api-change:``firehose``: This release, 1) adds configurable buffering hints
for the Splunk destination, and 2) reduces the minimum configurable
buffering interval for supported destinations
* api-change:``gamelift``: Amazon GameLift adds the ability to add and update
the game properties of active game sessions.
* api-change:``iot``: This release adds the ability to self-manage
certificate signing in AWS IoT Core fleet provisioning using the new
certificate provider resource.
* api-change:``neptune-graph``: This is the initial SDK release for Amazon
Neptune Analytics
* api-change:``opensearch``: Updating documentation for Amazon OpenSearch
Service support for new zero-ETL integration with Amazon S3.
* api-change:``quicksight``: Update Dashboard Links support;
SingleAxisOptions support; Scatterplot Query limit support.
* api-change:``workspaces``: Updated note to ensure customers understand
running modes.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.0
* feature:Python: End of support for Python 3.7
* api-change:``drs``: Adding AgentVersion to SourceServer and
RecoveryInstance structures
* feature:Python: End of support for Python 3.7
- From 1.31.13
* api-change:``imagebuilder``: This release adds the Image Workflows feature
to give more flexibility and control over the image building and testing
process.
* api-change:``location``: This release 1) adds sub-municipality field in
Places API for searching and getting places information, and 2) allows
optimizing route calculation based on expected arrival time.
* api-change:``logs``: This release introduces the StartLiveTail API to tail
ingested logs in near real time.
- From 1.31.12
* api-change:``neptune``: This release adds a new parameter configuration
setting to the Neptune cluster related APIs that can be leveraged to
switch between the underlying supported storage modes.
* api-change:``pinpoint``: This release includes Amazon Pinpoint API
documentation updates pertaining to campaign message sending rate limits.
* api-change:``securityhub``: Added new resource detail objects to ASFF,
including resources for AwsDynamoDbTable, AwsEc2ClientVpnEndpoint,
AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- Update to version 1.31.11
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.31.11/CHANGELOG.rst
- Add patch to update docutils dependency (bsc#1217336)
+ ac_update-docutils.patch
- Update Requires in spec file from setup.py
- Update to version 1.30.6
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.30.6/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.61
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.61/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.36
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.27/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.27
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.27/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.2
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.2/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.163
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.163/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.153
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.153/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.130
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.130/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.115
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.115/CHANGELOG.rst
- Update Requires in spec file from setup.py
- bind
-
- Update to release 9.16.48
Feature Changes:
* The IP addresses for B.ROOT-SERVERS.NET have been updated to
170.247.170.2 and 2801:1b8:10::b.
Security Fixes:
* Validating DNS messages containing a lot of DNSSEC signatures
could cause excessive CPU load, leading to a denial-of-service
condition. This has been fixed. (CVE-2023-50387)
[bsc#1219823]
* Preparing an NSEC3 closest encloser proof could cause excessive
CPU load, leading to a denial-of-service condition. This has
been fixed. (CVE-2023-50868)
[bsc#1219826]
* Parsing DNS messages with many different names could cause
excessive CPU load. This has been fixed. (CVE-2023-4408)
[bsc#1219851]
* Specific queries could cause named to crash with an assertion
failure when nxdomain-redirect was enabled. This has been
fixed. (CVE-2023-5517)
[bsc#1219852]
* A bad interaction between DNS64 and serve-stale could cause
named to crash with an assertion failure, when both of these
features were enabled. This has been fixed. (CVE-2023-5679)
[bsc#1219853]
* Query patterns that continuously triggered cache database
maintenance could cause an excessive amount of memory to be
allocated, exceeding max-cache-size and potentially leading to
all available memory on the host running named being exhausted.
This has been fixed. (CVE-2023-6516)
[bsc#1219854]
Removed Features:
* Support for using AES as the DNS COOKIE algorithm
(cookie-algorithm aes;) has been deprecated and will be removed
in a future release. Please use the current default,
SipHash-2-4, instead.
- ca-certificates
-
- Update to version 2+git20240416.98ae794 (bsc#1221184):
* Use flock to serialize calls (boo#1188500)
* Make certbundle.run container friendly
* Create /var/lib/ca-certificates if needed
- catatonit
-
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
- chrony
-
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
- Use shorter NTS-KE retry interval when network is down
(bsc#1213551, chrony-burst_total_samples_to_go.patch,
chrony-retry_interval_ke_start.patch).
- cloud-init
-
- Add cloud-init-skip-rename.patch (bsc#1219680)
+ Brute force appraoch to skip renames if the device is already present
- Add cloud-init-usr-sudoers.patch (bsc#1223469)
+ Handle the existence of /usr/etc/sudoers to search for the expected
include location
- Update cloud-init-no-openstack-guess.patch
+ Do not enable cloud-init on systems where there is no DMI just
because no data source has been found. No data source means
cloud-init will not run.
- Add cloud-init-no-nmcfg-needed.patch (bsc#1221726)
+ Do not require a NetworkManager config file in order to detect
NetworkManager as the renderer
- Add cloud-init-no-openstack-guess.patch (bsc#1222113)
+ Do not guess if we are running on OpenStack or not. Only recognize
the known markers and enable cloud-init if we know for sure.
- Add cloud-init-ds-deterministic.patch (bsc#1221132)
+ Do not guess a data source when checking for a CloudStack
environment
- Hardcode distribution to suse for proper cloud.cfg generation
(bsc#1220132).
- Prepare for RPM 4.20 switch patch syntax
- Add cloud-init-skip-empty-conf.patch
+ Skip tests with empty config
- Add cloud-init-pckg-reboot.patch (boo#1198533, bsc#1218952, jsc#SMO-326)
+ Support reboot on package update/upgrade via the cloud-init config
- Switch build dependency to the generic distribution-release package
- cloud-netconfig
-
- Update to version 1.14
+ Use '-s' instead of '--no-progress-meter' for curl (bsc#1221757)
- Add version settings to Provides/Obsoletes
- Update to version 1.12 (bsc#1221202)
+ If token access succeeds using IPv4 do not use the IPv6 endpoint
only use the IPv6 IMDS endpoint if IPv4 access fails.
- Add Provides/Obsoletes for dropped cloud-netconfig-nm
- Install dispatcher script into /etc/NetworkManager/dispatcher.d
on older distributions
- Add BuildReqires: NetworkManager to avoid owning dispatcher.d
parent directory
- Update to version 1.11:
+ Revert address metadata lookup in GCE to local lookup (bsc#1219454)
+ Fix hang on warning log messages
+ Check whether getting IPv4 addresses from metadata failed and abort
if true
+ Only delete policy rules if they exist
+ Skip adding/removing IPv4 ranges if metdata lookup failed
+ Improve error handling and logging in Azure
+ Set SCRIPTDIR when installing netconfig wrapper
- Update to version 1.10:
+ Drop cloud-netconfig-nm sub package and include NM dispatcher
script in main packages (bsc#1219007)
+ Spec file cleanup
- Update to version 1.9:
+ Drop package dependency on sysconfig-netconfig
+ Improve log level handling
+ Support IPv6 IMDS endpoint in EC2 (bsc#1218069)
- cloud-regionsrv-client
-
- Update to version 10.1.7 (bsc#1220164, bsc#1220165)
+ Fix the failover path to a new target update server. At present a new
server is not found since credential validation fails. We targeted
the server detected in down condition to verify the credentials instead
of the replacement server.
- containerd
-
- Revert noarch for devel subpackage
Switching to noarch causes issues on SLES maintenance updates, reverting it
fixes our image builds
- Update to containerd v1.7.17. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.17>
- Switch back to using tar_scm service. Aside from obs_scm using more bandwidth
and storage than a locally-compressed tar.xz, it seems there's some weird
issue with paths in obscpio that break our SLE-12-only patch.
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.16. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.16>
CVE-2023-45288 bsc#1221400
- Use obs_scm service instead of tar_scm
- Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch
(merged upstream at
<https://github.com/containerd/containerd/pull/9571>)
- Update to containerd v1.7.15. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.15>
- Update to containerd v1.7.14. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.14>
- Update to containerd v1.7.13. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.13>
- Update to containerd v1.7.12. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.12>
- Update to containerd v1.7.11. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.11>
GHSA-jq35-85cj-fj4p bsc#1224323
- Use %patch -P N instead of deprecated %patchN.
- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
- coreutils
-
- ls: avoid triggering automounts (bsc#1221632)
- add coreutils-ls-avoid-triggering-automounts.patch
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
- add coreutils-tail-fix-tailing-sysfs-files-where-PAGE_SIZE-BUFSIZ.patch
- cups
-
- Require the exact matching version-release of all libcups*
sub-packages (bsc#1226192)
- cups-2.2.7-CVE-2024-35235.patch is derived
from the upstream patch against master (CUPS 2.5)
to behave backward compatible for CUPS 2.2.7
in SLE15 and openSUSE Leap 15 to fix CVE-2024-35235
"cupsd Listen port arbitrary chmod 0140777"
without the more secure but backward-incompatible behaviour
of the upstream patch for CUPS 2.5
that ignores domain sockets specified in 'Listen' entries
in /etc/cups/cupsd.conf when cupsd is lauched via systemd
(in particular when launched on-demand by systemd)
https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
bsc#1225365
- cups-2.2.7-web-ui-kerberos-authentication.patch, update
patch to handle local 'Negotiate' authentication response
for cli clients. (bsc#1223179).
- Remove '--enable-debug-printfs' from configure options, see
https://github.com/OpenPrinting/cups/issues/875
(bsc#1217119).
- curl
-
- Security fix: [bsc#1221665, CVE-2024-2004]
* Usage of disabled protocol
* Add curl-CVE-2024-2004.patch
- Security fix: [bsc#1221667, CVE-2024-2398]
* curl: HTTP/2 push headers memory-leak
* Add curl-CVE-2024-2398.patch
- docker
-
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.6-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2506>
- This update includes a fix for CVE-2024-41110. bsc#1228324
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
* 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
symlinks. Backport of <https://github.com/moby/buildkit/pull/4896> and
<https://github.com/moby/buildkit/pull/5060>. bsc#1221916
+ 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- Write volume options atomically so sudden system crashes won't result in
future Docker starts failing due to empty files. Backport of
<https://github.com/moby/moby/pull/48034>. bsc#1214855
+ 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.5-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2505> bsc#1223409
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- Update --add-runtime to point to correct binary path.
[NOTE: This update was only ever released in SLES and Leap.]
- Add patch to fix bsc#1220339
* 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch
- Allow to disable apparmor support (ALP supports only SELinux)
- Update to Docker 25.0.3-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2503>
- Fixes:
* bsc#1219267 - CVE-2024-23651
* bsc#1219268 - CVE-2024-23652
* bsc#1219438 - CVE-2024-23653
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch
- Vendor latest buildkit v0.11:
Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that
vendors in the latest v0.11 buildkit branch including bugfixes for the following:
* bsc#1219438: CVE-2024-23653
* bsc#1219268: CVE-2024-23652
* bsc#1219267: CVE-2024-23651
- rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- switch from %patchN to %patch -PN syntax
- remove unused rpmlint filters and add filters to silence pointless bash & zsh
completion warnings
- dracut
-
- Update to version 055+suse.357.g905645c2:
* fix(dracut-install): continue parsing if ldd prints "cannot be preloaded" (bsc#1208690)
* fix(zfcp_rules): correct shellcheck regression when parsing ccw args (bsc#1220485)
* fix(dracut.sh): skip README for AMD microcode generation (bsc#1217083)
- e2fsprogs
-
EA Inode handling fixes:
- ext2fs-avoid-re-reading-inode-multiple-times.patch: ext2fs: avoid re-reading
inode multiple times (bsc#1223596)
- e2fsck-fix-potential-out-of-bounds-read-in-inc_ea_in.patch: e2fsck: fix
potential out-of-bounds read in inc_ea_inode_refs() (bsc#1223596)
- e2fsck-add-more-checks-for-ea-inode-consistency.patch: e2fsck: add more
checks for ea inode consistency (bsc#1223596)
- e2fsck-fix-golden-output-of-several-tests.patch: e2fsck: fix golden output of
several tests (bsc#1223596)
- fdupes
-
- Do not use sqlite, as this pulls sqlite into Ring0 at no real
benefit performance wise: the cache is not reused between runs.
+ Drop sqlite-devel BuildRequires
+ Pass --without-sqlite to configure
- Update to 2.3.0:
* Add --cache option to speed up file comparisons.
* Use nanosecond precision for file times, if available.
* Fix compilation issue on OpenBSD.
* Other changes like fixing typos, wording, etc.
- update to 2.2.1:
* Fix bug in code meant to skip over the current log file when --log option is given.
* Updates to copyright notices in source code.
* Add --deferconfirmation option.
* Check that files marked as duplicates haven't changed during program execution before deleting them.
* Update documentation to indicate units for SIZE in command-line options.
* Move some configuration settings to configure.ac file.
- Fixes for the new wrapper:
* Order duplicates by name, to get a reproducible file set
(boo#1197484).
* Remove redundant order parameter from fdupes invocation.
* Modernize code, significantly reduce allocations.
* Exit immediately when mandatory parameters are missing.
* Remove obsolete buildroot parameter
* Add some tests for the wrapper
- A more correct approach to creating symlinks (old bug actually):
Do not link the files as given by fdupes, but turn them into
relative links (it works by chance if given a buildroot, but
fails if running on a subdirectory)
- Support multiple directories given (as glob to the macro)
- Handle symlinks (-s argument) correctly
- Simplify macros.fdupes with a call to a C++ program that does
the same within a fraction of a second what the shell loop did
in many seconds (bsc#1195709)
- gdk-pixbuf
-
- Enable test suite on x86_64 (other arches seem too flaky for now):
+ Add %check section and call %meson_test
+ Add gdk-pixbuf-jpeg-slow.patch: allow pixbuf-jpeg to run for
more than 30s, by marking it as a slow test
(glgo#GNOME/gdk-pixbuf!174).
- Migrate package to a regular obs_scm service, no longer password
protecting a zip file. The originally reported bsc#1159337 seems
no longer be applicable and we prefer the easier route.
- Drop unzip BuildRequires and pre_checkin.sh script.
- Update to version 2.42.12:
+ Fix a build failure,
+ Fix occasional build failures,
+ ani: Reject files with multiple INA or IART chunks,
+ ani: Reject files with multiple anih chunks (CVE-2022-48622),
+ ani: validate chunk size,
+ Updated translations.
- Drop 238893d8cd6f9c2616a05ab521a29651a17a38c2.patch: fixed
upstream.
- Pass -Dothers=enabled to meson: enable other image loaders (most
notably beeded seems xpm,xbm). This is in line with upstreams
recommendation for now, but won't be working past version 2.43.x.
The loaders will likely be split out into a separate repo.
(boo#1223903, glgo#GNOME/gdk-pixbuf!169).
- Add 238893d8cd6f9c2616a05ab521a29651a17a38c2.patch: Fix test
suite with other loaders enabled.
- Update to version 2.42.11:
+ Disable fringe loaders by default.
+ Introspection fixes.
+ Updated translations.
- Fix path to gdk-pixbuf-query-loader in pkg-config file: we rename
the loader to be multi-arch compatible and thus also need to
adjust the .pc file to have build-systems find it.
- Update to version 2.42.10:
+ Search for rst2man.py.
+ Update the memory size limit for JPEG images.
+ Updated translations.
- Drop patch fixed upstream (with different limit):
+ 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch
- glib2
-
- Add patches to fix CVE-2024-34397 (boo#1224044):
glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
- glibc
-
- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
addgetnetgrentX (CVE-2024-33602, bsc#1223425)
- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
for _start routine (bsc#1221940)
- glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch:
nscd: Stack-based buffer overflow in netgroup cache
(CVE-2024-33599, bsc#1223423, BZ #31677)
- glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch:
nscd: Avoid null pointer crashes after notfound response
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch:
nscd: Do not send missing not-found response in addgetnetgrentX
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch:
netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601,
CVE-2024-33602, bsc#1223425, BZ #31680)
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
- duplocale-global-locale.patch: duplocale: protect use of global locale
(bsc#1220441, BZ #23970)
- qsort-invalid-cmp.patch: qsort: handle degenerated compare function
(bsc#1218866)
- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr
(bsc#1217445, BZ #31113)
- gtk2
-
- Add CVE-2024-6655.patch: CVE-2024-6655 Stop looking for modules
in cwd (bsc#1228120).
- ipset
-
- Fix build with latest kernel, bsc#1223370
* bsc1223370.patch
- iputils
-
- Backport upstream fix for bsc#1225963
b589819 ("arping: Fix exit code if receive more replies than sent")
0001-arping-Fix-exit-code-if-receive-more-replies-than-se.patch
- Update 0002-arping-Fix-unsolicited-ARP-regressions-on-c-1.patch
after upstream merged the fix, update git commit hashes.
- Backport proposed fix for regression in upstream commit 4db1de6 (bsc#1224877)
0002-arping-Fix-unsolicited-ARP-regressions-on-c-1.patch
- Backport upstream fix for bsc#1224877
4db1de6 ("arping: Fix 1s delay on exit for unsolicited arpings")
0001-arping-Fix-1s-delay-on-exit-for-unsolicited-arpings.patch
- kernel-default
-
- hsr: Prevent use after free in prp_create_tagged_frame()
(CVE-2023-52846 bsc#1225098).
- commit 74c7662
- Update
patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch
(bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678).
- commit bb42730
- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique()
(CVE-2024-36904 bsc#1225732).
- commit 975b193
- tcp: do not accept ACK of bytes we never sent (CVE-2023-52881
bsc#1225611).
- commit ab5f35b
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
(bsc#1222015 bsc#1226962).
- commit bcf126b
- random: treat bootloader trust toggle the same way as cpu
trust toggle (bsc#1226953).
- commit 9e8060b
- Update
patches.suse/smb-client-guarantee-refcounted-children-from-parent-session.patch
(bsc#1224679 CVE-2024-35869).
- commit ed4e9d0
- bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in
BPF_LINK_CREATE (bsc#1226789 CVE-2024-38564).
- bpf: Add attach_type checks under
bpf_prog_attach_check_attach_type (bsc#1226789 CVE-2024-38564).
- commit fec2539
- scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758
CVE-2024-38559).
- scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786
CVE-2024-38560).
- commit 45c369f
- ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634, CVE-2024-38578).
- commit 7445d84
- RDMA/hns: Fix UAF for cq async event (bsc#1226595 CVE-2024-38545)
- commit 98b2f74
- nbd: fix uaf in nbd_open (bsc#1224935 CVE-2023-52837).
- commit fac144b
- of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1226587 CVE-2024-38541)
- commit 0394d90
- of: module: add buffer overflow check in of_modalias() (bsc#1226587 CVE-2024-38541)
- commit e54e996
- net: preserve kabi for struct dst_ops (CVE-2024-36971
bsc#1226145).
- commit 74d650a
- net: fix __dst_negative_advice() race (CVE-2024-36971
bsc#1226145).
- commit 6d5c393
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high
(bsc#1219224).
- commit f18a759
- smb: client: guarantee refcounted children from parent session
(bsc#1224679, CVE-35869).
- commit b0f469c
- smb: client: ensure to try all targets when finding nested links
(bsc#1224020).
- commit df159e7
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1224765, CVE-2024-35864).
- commit c296805
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1224764, CVE-2024-35862).
- commit aa75c00
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1224766, CVE-2024-35861).
- commit f77cc8d
- smb: client: fix use-after-free bug in
cifs_debug_data_proc_show() (bsc#1225487, CVE-2023-52752).
- commit 39fb8f3
- blacklist.conf: Add a7fb0423c201 cgroup: Move rcu_head up near the top of cgroup_root
- commit 552377b
- gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225737 CVE-2024-36899).
- commit 9b295f5
- rpmsg: virtio: Free driver_override when rpmsg_remove()
(bsc#1224696 CVE-2023-52670).
- commit beb5bc4
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- commit 240d70b
- cgroup: Add annotation for holding namespace_sem in
current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in
proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe
(bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- commit 8c880e4
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
changes (CVE-2024-35789 bsc#1224749).
- commit 2b6904d
- fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1225866 CVE-2024-36964).
- commit b5d7488
- pinctrl: core: delete incorrect free in pinctrl_enable()
(CVE-2024-36940 bsc#1225840).
- commit 9b799cc
- staging: rtl8192e: Fix use after free in
_rtl92e_pci_disconnect() (CVE-2021-47571 bsc#1225518).
- commit 9461ee5
- xfs: don't include bnobt blocks when reserving free block pool
(bsc#1226270).
- commit 1f7ae4f
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212)
Some builds don't just create an iso9660 image, but also mount it during
build.
- commit aaee141
- rpm/kernel-obs-build.spec.in: Add networking modules for docker
(bsc#1226211)
docker needs more networking modules, even legacy iptable_nat and _filter.
- commit 415e132
- net: vlan: fix underflow for the real_dev refcnt
(CVE-2021-47555 bsc#1225467).
- commit 345ef84
- Bluetooth: Add more enc key size check (bsc#1218148
CVE-2023-24023).
- commit 38891ed
- Bluetooth: Normalize HCI_OP_READ_ENC_KEY_SIZE cmdcmplt
(bsc#1218148 CVE-2023-24023).
- commit b7a79da
- blacklist.conf: Add 1971d13ffa84a "af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc()."
- commit afe27ac
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO
request complete (CVE-2024-36894 bsc#1225749).
- commit 5501fb7
- net: preserve kabi for sk_buff (CVE-2024-26921 bsc#1223138).
- commit 68cb9bf
- inet: inet_defrag: prevent sk release while still in use
(CVE-2024-26921 bsc#1223138).
- commit fb20c1d
- Update references
- commit 006ab15
- drm/client: Fully protect modes with dev->mode_config.mutex (CVE-2024-35950 bsc#1224703).
- commit 75706b6
- bpf: Protect against int overflow for stack access size
(bsc#1224488 CVE-2024-35905).
- commit 1edb341
- cifs: fix underflow in parse_server_interfaces() (bsc#1223084,
CVE-2024-26828).
- commit cade548
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1224763, CVE-2024-35863).
- commit bfa9e6b
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1224664, CVE-2024-35867).
- commit 45bad5a
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1224678, CVE-2024-35868).
- commit 3ae3416
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1223532, CVE-2024-26928).
- commit e95e3a6
- Update
patches.suse/ALSA-hda-Do-not-unset-preset-when-cleaning-up-codec.patch
(git-fixes CVE-2023-52736 bsc#1225486).
- Update
patches.suse/ALSA-hda-Fix-possible-null-ptr-deref-when-assigning-.patch
(git-fixes CVE-2023-52806 bsc#1225554).
- Update
patches.suse/Bluetooth-btusb-Add-date-evt_skb-is-NULL-check.patch
(git-fixes CVE-2023-52833 bsc#1225595).
- Update
patches.suse/Fix-page-corruption-caused-by-racy-check-in-__free_pages.patch
(bsc#1208149 CVE-2023-52739 bsc#1225118).
- Update
patches.suse/IB-IPoIB-Fix-legacy-IPoIB-due-to-wrong-number-of-que.patch
(git-fixes CVE-2023-52745 bsc#1225032).
- Update
patches.suse/IB-hfi1-Restore-allocated-resources-on-failed-copyou.patch
(git-fixes CVE-2023-52747 bsc#1224931).
- Update
patches.suse/Input-synaptics-rmi4-fix-use-after-free-in-rmi_unreg.patch
(git-fixes CVE-2023-52840 bsc#1224928).
- Update
patches.suse/RDMA-irdma-Fix-potential-NULL-ptr-dereference.patch
(git-fixes CVE-2023-52744 bsc#1225121).
- Update
patches.suse/atl1c-Work-around-the-DMA-RX-overflow-issue.patch
(git-fixes CVE-2023-52834 bsc#1225599).
- Update
patches.suse/can-dev-can_put_echo_skb-don-t-crash-kernel-if-can_p.patch
(git-fixes CVE-2023-52878 bsc#1225000).
- Update
patches.suse/cifs-Fix-use-after-free-in-rdata-read_into_pages-.patch
(git-fixes CVE-2023-52741 bsc#1225479).
- Update
patches.suse/clk-mediatek-clk-mt2701-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52875 bsc#1225096).
- Update
patches.suse/clk-mediatek-clk-mt6765-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52870 bsc#1224937).
- Update
patches.suse/clk-mediatek-clk-mt6779-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52873 bsc#1225589).
- Update
patches.suse/clk-mediatek-clk-mt6797-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52865 bsc#1225086).
- Update
patches.suse/clk-mediatek-clk-mt7629-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52858 bsc#1225566).
- Update
patches.suse/clk-mediatek-clk-mt7629-eth-Add-check-for-mtk_alloc_.patch
(git-fixes CVE-2023-52876 bsc#1225036).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-Pola.patch
(git-fixes CVE-2023-52819 bsc#1225532).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-SMU7.patch
(git-fixes CVE-2023-52818 bsc#1225530).
- Update
patches.suse/drm-amd-display-Avoid-NULL-dereference-of-timing-gen.patch
(git-fixes CVE-2023-52753 bsc#1225478).
- Update
patches.suse/drm-amdgpu-Fix-a-null-pointer-access-when-the-smc_rr.patch
(git-fixes CVE-2023-52817 bsc#1225569).
- Update
patches.suse/drm-amdgpu-Fix-potential-null-pointer-derefernce.patch
(git-fixes CVE-2023-52814 bsc#1225565).
- Update
patches.suse/drm-amdgpu-fence-Fix-oops-due-to-non-matching-drm_sc.patch
(git-fixes CVE-2023-52738 bsc#1225005).
- Update
patches.suse/drm-amdkfd-Fix-a-race-condition-of-vram-buffer-unref.patch
(git-fixes CVE-2023-52825 bsc#1225076).
- Update
patches.suse/drm-amdkfd-Fix-shift-out-of-bounds-issue.patch
(git-fixes CVE-2023-52816 bsc#1225529).
- Update
patches.suse/drm-bridge-lt8912b-Fix-crash-on-bridge-detach.patch
(git-fixes CVE-2023-52856 bsc#1224932).
- Update
patches.suse/drm-panel-fix-a-possible-null-pointer-dereference.patch
(git-fixes CVE-2023-52821 bsc#1225022).
- Update
patches.suse/drm-panel-panel-tpo-tpg110-fix-a-possible-null-point.patch
(git-fixes CVE-2023-52826 bsc#1225077).
- Update patches.suse/drm-radeon-possible-buffer-overflow.patch
(git-fixes CVE-2023-52867 bsc#1225009).
- Update
patches.suse/fbdev-imsttfb-fix-a-resource-leak-in-probe.patch
(git-fixes CVE-2023-52838 bsc#1225031).
- Update
patches.suse/fs-jfs-Add-check-for-negative-db_l2nbperpage.patch
(git-fixes CVE-2023-52810 bsc#1225557).
- Update
patches.suse/fs-jfs-Add-validity-check-for-db_maxag-and-db_agpref.patch
(git-fixes CVE-2023-52804 bsc#1225550).
- Update patches.suse/gfs2-ignore-negated-quota-changes.patch
(git-fixes CVE-2023-52759 bsc#1225560).
- Update
patches.suse/hid-cp2112-Fix-duplicate-workqueue-initialization.patch
(git-fixes CVE-2023-52853 bsc#1224988).
- Update
patches.suse/i2c-core-Run-atomic-i2c-xfer-when-preemptible.patch
(git-fixes CVE-2023-52791 bsc#1225108).
- Update
patches.suse/i3c-master-mipi-i3c-hci-Fix-a-kernel-panic-for-acces.patch
(git-fixes CVE-2023-52763 bsc#1225570).
- Update
patches.suse/i915-perf-Fix-NULL-deref-bugs-with-drm_dbg-calls.patch
(git-fixes CVE-2023-52788 bsc#1225106).
- Update
patches.suse/ice-Do-not-use-WQ_MEM_RECLAIM-flag-for-workqueue.patch
(git-fixes CVE-2023-52743 bsc#1225003).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbFindLeaf.patch
(git-fixes CVE-2023-52799 bsc#1225472).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diAlloc.patch
(git-fixes CVE-2023-52805 bsc#1225553).
- Update
patches.suse/media-bttv-fix-use-after-free-error-due-to-btv-timeo.patch
(git-fixes CVE-2023-52847 bsc#1225588).
- Update
patches.suse/media-gspca-cpia1-shift-out-of-bounds-in-set_flicker.patch
(git-fixes CVE-2023-52764 bsc#1225571).
- Update
patches.suse/media-imon-fix-access-to-invalid-resource-for-the-se.patch
(git-fixes CVE-2023-52754 bsc#1225490).
- Update
patches.suse/media-vidtv-mux-Add-check-and-kfree-for-kstrdup.patch
(git-fixes CVE-2023-52841 bsc#1225592).
- Update patches.suse/media-vidtv-psi-Add-check-for-kstrdup.patch
(git-fixes CVE-2023-52844 bsc#1225590).
- Update
patches.suse/mmc-mmc_spi-fix-error-handling-in-mmc_spi_probe.patch
(git-fixes CVE-2023-52708 bsc#1225483).
- Update
patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch
(git-fixes CVE-2023-52730 bsc#1224956).
- Update
patches.suse/net-USB-Fix-wrong-direction-WARNING-in-plusb.c.patch
(git-fixes CVE-2023-52742 bsc#1225482).
- Update
patches.suse/net-openvswitch-fix-possible-memory-leak-in-ovs_mete.patch
(git-fixes CVE-2023-52702 bsc#1224945).
- Update
patches.suse/net-usb-kalmia-Don-t-pass-act_len-in-usb_bulk_msg-er.patch
(git-fixes CVE-2023-52703 bsc#1225549).
- Update
patches.suse/padata-Fix-refcnt-handling-in-padata_free_shell.patch
(git-fixes CVE-2023-52854 bsc#1225584).
- Update
patches.suse/platform-x86-wmi-Fix-opening-of-char-device.patch
(git-fixes CVE-2023-52864 bsc#1225132).
- Update
patches.suse/powerpc-64s-interrupt-Fix-interrupt-exit-race-with-s.patch
(bsc#1194869 CVE-2023-52740 bsc#1225471).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686 bsc#1224682).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-to-scom_deb.patch
(bsc#1194869 CVE-2023-52690 bsc#1224611).
- Update patches.suse/pwm-Fix-double-shift-bug.patch (git-fixes
CVE-2023-52756 bsc#1225461).
- Update
patches.suse/s390-dasd-protect-device-queue-against-concurrent-access.patch
(git-fixes bsc#1217515 CVE-2023-52774 bsc#1225572).
- Update
patches.suse/s390-decompressor-specify-__decompress-buf-len-to-avoid-overflow.patch
(git-fixes bsc#1213863 CVE-2023-52733 bsc#1225488).
- Update
patches.suse/sched-psi-Fix-use-after-free-in-ep_remove_wait_queue.patch
(bsc#1209799 CVE-2023-52707 bsc#1225109).
- Update
patches.suse/soc-qcom-llcc-Handle-a-second-device-without-data-co.patch
(git-fixes CVE-2023-52871 bsc#1225534).
- Update
patches.suse/thermal-core-prevent-potential-string-overflow.patch
(git-fixes CVE-2023-52868 bsc#1225044).
- Update
patches.suse/tty-n_gsm-fix-race-condition-in-status-line-change-o.patch
(git-fixes CVE-2023-52872 bsc#1225591).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-vcc-Add-check-for-kstrdup-in-vcc_probe.patch
(git-fixes CVE-2023-52789 bsc#1225180).
- Update
patches.suse/usb-config-fix-iteration-issue-in-usb_get_bos_descri.patch
(git-fixes CVE-2023-52781 bsc#1225092).
- Update
patches.suse/usb-dwc2-fix-possible-NULL-pointer-dereference-cause.patch
(git-fixes CVE-2023-52855 bsc#1225583).
- Update
patches.suse/usb-typec-tcpm-Fix-NULL-pointer-dereference-in-tcpm_.patch
(git-fixes CVE-2023-52877 bsc#1224944).
- Update
patches.suse/wifi-ath11k-fix-dfs-radar-event-locking.patch
(git-fixes CVE-2023-52798 bsc#1224947).
- Update
patches.suse/wifi-mac80211-don-t-return-unset-power-in-ieee80211_.patch
(git-fixes CVE-2023-52832 bsc#1225577).
- commit c6aceca
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(git-fixes CVE-2022-48710 bsc#1225230).
- Update
patches.suse/ice-switch-fix-potential-memleak-in-ice_add_adv_reci.patch
(git-fixes CVE-2022-48709 bsc#1225095).
- Update
patches.suse/pinctrl-single-fix-potential-NULL-dereference.patch
(git-fixes CVE-2022-48708 bsc#1224942).
- commit 41f6d79
- Update
patches.suse/ALSA-pcm-oss-Fix-negative-period-buffer-sizes.patch
(git-fixes CVE-2021-47511 bsc#1225411).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes CVE-2021-47509 bsc#1225409).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes stable-5.14.10 CVE-2021-47381 bsc#1225206).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes CVE-2021-47502 bsc#1225369).
- Update
patches.suse/HID-amd_sfh-Fix-potential-NULL-pointer-dereference.patch
(stable-5.14.10 CVE-2021-47380 bsc#1225205).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(stable-5.14.10 CVE-2021-47404 bsc#1225303).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(git-fixes CVE-2021-47522 bsc#1225437).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(stable-5.14.10 CVE-2021-47405 bsc#1225238).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(jsc#SLE-19242 CVE-2021-47523 bsc#1225438).
- Update
patches.suse/IB-qib-Protect-from-buffer-overflow-in-struct-qib_us.patch
(stable-5.14.16 CVE-2021-47485 bsc#1224904).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(stable-5.14.15 bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056 CVE-2021-47465 bsc#1225341).
- Update
patches.suse/KVM-SVM-fix-missing-sev_decommission-in-sev_receive_.patch
(stable-5.14.10 CVE-2021-47389 bsc#1225126).
- Update
patches.suse/KVM-arm64-Fix-host-stage-2-PGD-refcount.patch
(stable-5.14.15 CVE-2021-47450 bsc#1225258).
- Update
patches.suse/KVM-x86-Fix-stack-out-of-bounds-memory-access-from-i.patch
(stable-5.14.10 CVE-2021-47390 bsc#1225125).
- Update
patches.suse/KVM-x86-Handle-SRCU-initialization-failure-during-pa.patch
(stable-5.14.10 CVE-2021-47407 bsc#1225306).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(stable-5.14.14 CVE-2021-47442 bsc#1225263).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(stable-5.14.14 CVE-2021-47443 bsc#1225262).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(stable-5.14.10 CVE-2021-47391 bsc#1225318).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(stable-5.14.10 CVE-2021-47392 bsc#1225320).
- Update patches.suse/RDMA-hfi1-Fix-kernel-pointer-leak.patch
(stable-5.14.10 CVE-2021-47398 bsc#1225131).
- Update
patches.suse/RDMA-mlx5-Initialize-the-ODP-xarray-when-creating-an.patch
(stable-5.14.16 CVE-2021-47481 bsc#1224910).
- Update
patches.suse/afs-Fix-corruption-in-reads-at-fpos-2G-4G-from-an-Op.patch
(stable-5.14.9 CVE-2021-47366 bsc#1225160).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 CVE-2021-47505 bsc#1225400).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(stable-5.14.15 CVE-2021-47464 bsc#1225393).
- Update patches.suse/binder-make-sure-fd-closes-complete.patch
(stable-5.14.9 CVE-2021-47360 bsc#1225122).
- Update
patches.suse/blk-cgroup-fix-UAF-by-grabbing-blkcg-lock-before-des.patch
(stable-5.14.9 CVE-2021-47379 bsc#1225203).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(stable-5.14.9 CVE-2021-47375 bsc#1225193).
- Update
patches.suse/block-don-t-call-rq_qos_ops-done_bio-if-the-bio-isn-.patch
(stable-5.14.11 CVE-2021-47412 bsc#1225332).
- Update
patches.suse/bpf-Add-oversize-check-before-call-kvcalloc.patch
(stable-5.14.9 CVE-2021-47376 bsc#1225195).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(stable-5.14.12 CVE-2021-47426 bsc#1225370).
- Update
patches.suse/btrfs-fix-abort-logic-in-btrfs_replace_file_extents.patch
(stable-5.14.14 CVE-2021-47433 bsc#1225392).
- Update
patches.suse/btrfs-fix-re-dirty-process-of-tree-log-nodes.patch
(bsc#1197915 CVE-2021-47510 bsc#1225410).
- Update
patches.suse/can-isotp-isotp_sendmsg-add-result-check-for-wait_ev.patch
(stable-5.14.15 CVE-2021-47457 bsc#1225235).
- Update
patches.suse/can-j1939-j1939_netdev_start-fix-UAF-for-rx_kref-of-.patch
(stable-5.14.15 CVE-2021-47459 bsc#1225253).
- Update
patches.suse/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
(git-fixes CVE-2021-47520 bsc#1225431).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(stable-5.14.15 CVE-2021-47456 bsc#1225256).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes CVE-2021-47521 bsc#1225435).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes stable-5.14.16 CVE-2021-47494 bsc#1225450).
- Update
patches.suse/cgroup-Fix-memory-leak-caused-by-missing-cgroup_bpf_.patch
(stable-5.14.16 CVE-2021-47488 bsc#1224902).
- Update patches.suse/cifs-Fix-soft-lockup-during-fsstress.patch
(stable-5.14.9 CVE-2021-47359 bsc#1225145).
- Update
patches.suse/comedi-Fix-memory-leak-in-compat_insnlist.patch
(stable-5.14.9 CVE-2021-47364 bsc#1225158).
- Update patches.suse/comedi-dt9812-fix-DMA-buffers-on-stack.patch
(git-fixes stable-5.14.18 CVE-2021-47477 bsc#1224912).
- Update
patches.suse/comedi-ni_usb6501-fix-NULL-deref-in-command-paths.patch
(git-fixes stable-5.14.18 CVE-2021-47476 bsc#1224913).
- Update
patches.suse/comedi-vmk80xx-fix-bulk-buffer-overflow.patch
(git-fixes stable-5.14.18 CVE-2021-47474 bsc#1224915).
- Update
patches.suse/comedi-vmk80xx-fix-transfer-buffer-overflows.patch
(git-fixes stable-5.14.18 CVE-2021-47475 bsc#1224914).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(stable-5.14.10 CVE-2021-47387 bsc#1225316).
- Update
patches.suse/devlink-fix-netns-refcount-leak-in-devlink_nl_cmd_re.patch
(git-fixes CVE-2021-47514 bsc#1225425).
- Update
patches.suse/dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(stable-5.14.14 CVE-2021-47435 bsc#1225247).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(stable-5.14.14 CVE-2021-47498 bsc#1225357).
- Update
patches.suse/dma-debug-prevent-an-error-message-from-causing-runt.patch
(stable-5.14.9 CVE-2021-47374 bsc#1225191).
- Update patches.suse/drm-amd-amdgpu-fix-potential-memleak.patch
(git-fixes CVE-2021-47550 bsc#1225379).
- Update
patches.suse/drm-amd-amdkfd-Fix-kernel-panic-when-reset-failed-an.patch
(git-fixes CVE-2021-47551 bsc#1225510).
- Update
patches.suse/drm-amd-pm-Update-intermediate-power-state-for-SI.patch
(stable-5.14.9 CVE-2021-47362 bsc#1225153).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(stable-5.14.13 CVE-2021-47431 bsc#1225390).
- Update
patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch
(git-fixes stable-5.14.12 CVE-2021-47421 bsc#1225353).
- Update
patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47420 bsc#1225339).
- Update
patches.suse/drm-amdkfd-fix-svm_migrate_fini-warning.patch
(stable-5.14.11 CVE-2021-47410 bsc#1225331).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(git-fixes stable-5.14.14 CVE-2021-47444 bsc#1225243).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes stable-5.14.14 CVE-2021-47445 bsc#1225261).
- Update
patches.suse/drm-msm-a3xx-fix-error-handling-in-a3xx_gpu_init.patch
(git-fixes stable-5.14.14 CVE-2021-47447 bsc#1225260).
- Update
patches.suse/drm-msm-a4xx-fix-error-handling-in-a4xx_gpu_init.patch
(git-fixes stable-5.14.14 CVE-2021-47446 bsc#1225240).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(git-fixes CVE-2021-47535 bsc#1225446).
- Update
patches.suse/drm-mxsfb-Fix-NULL-pointer-dereference-crash-on-unlo.patch
(stable-5.14.15 CVE-2021-47471 bsc#1225187).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47423 bsc#1225366).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47422 bsc#1225233).
- Update
patches.suse/drm-ttm-fix-memleak-in-ttm_transfered_destroy.patch
(stable-5.14.16 CVE-2021-47490 bsc#1225436).
- Update
patches.suse/drm-vc4-kms-Clear-the-HVS-FIFO-commit-pointer-once-d.patch
(git-fixes CVE-2021-47533 bsc#1225445).
- Update
patches.suse/enetc-Fix-illegal-access-when-reading-affinity_hint.patch
(stable-5.14.9 CVE-2021-47368 bsc#1225161).
- Update
patches.suse/ethtool-ioctl-fix-potential-NULL-deref-in-ethtool_se.patch
(jsc#SLE-19253 CVE-2021-47556 bsc#1225383).
- Update
patches.suse/ext4-add-error-checking-to-ext4_ext_replay_set_ibloc.patch
(stable-5.14.10 CVE-2021-47406 bsc#1225304).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes stable-5.14.10 CVE-2021-47393 bsc#1225321).
- Update
patches.suse/hwmon-w83791d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 CVE-2021-47386 bsc#1225268).
- Update
patches.suse/hwmon-w83792d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 CVE-2021-47385 bsc#1225210).
- Update
patches.suse/hwmon-w83793-Fix-NULL-pointer-dereference-by-removin.patch
(stable-5.14.10 CVE-2021-47384 bsc#1225209).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes stable-5.14.12 CVE-2021-47425 bsc#1225223).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(jsc#SLE-18378 CVE-2021-47501 bsc#1225361).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(stable-5.14.12 CVE-2021-47424 bsc#1225367).
- Update
patches.suse/ice-Avoid-crash-from-unnecessary-IDA-free.patch
(stable-5.14.15 CVE-2021-47453 bsc#1225239).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-18375 CVE-2021-47563 bsc#1225500).
- Update
patches.suse/ice-fix-locking-for-Tx-timestamp-tracking-flush.patch
(stable-5.14.14 CVE-2021-47449 bsc#1225259).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-18375 CVE-2021-47562 bsc#1225499).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes CVE-2021-47499 bsc#1225358).
- Update
patches.suse/iio-adis16475-fix-deadlock-on-frequency-set.patch
(git-fixes stable-5.14.14 CVE-2021-47437 bsc#1225245).
- Update
patches.suse/iio-mma8452-Fix-trigger-reference-couting.patch
(git-fixes CVE-2021-47500 bsc#1225360).
- Update
patches.suse/ipack-ipoctal-fix-module-reference-leak.patch
(stable-5.14.10 CVE-2021-47403 bsc#1225241).
- Update
patches.suse/ipack-ipoctal-fix-stack-information-leak.patch
(stable-5.14.10 CVE-2021-47401 bsc#1225242).
- Update
patches.suse/irqchip-gic-v3-its-Fix-potential-VPE-leak-on-error.patch
(stable-5.14.9 CVE-2021-47373 bsc#1225190).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(stable-5.14.15 CVE-2021-47468 bsc#1225346).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(stable-5.14.18 CVE-2021-47478 bsc#1225198).
- Update
patches.suse/iwlwifi-Fix-memory-leaks-in-error-handling-path.patch
(git-fixes CVE-2021-47529 bsc#1225373).
- Update
patches.suse/iwlwifi-mvm-Fix-possible-NULL-dereference.patch
(git-fixes stable-5.14.12 CVE-2021-47415 bsc#1225335).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(stable-5.14.10 CVE-2021-47399 bsc#1225328).
- Update
patches.suse/kunit-fix-reference-count-leak-in-kfree_at_end.patch
(stable-5.14.15 CVE-2021-47467 bsc#1225344).
- Update patches.suse/libbpf-Fix-memory-leak-in-strset.patch
(git-fixes stable-5.14.12 CVE-2021-47417 bsc#1225227).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes stable-5.14.10 CVE-2021-47388 bsc#1225214).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes stable-5.14.10 CVE-2021-47396 bsc#1225327).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes stable-5.14.10 CVE-2021-47395 bsc#1225326).
- Update
patches.suse/mcb-fix-error-handling-in-mcb_alloc_bus.patch
(stable-5.14.9 CVE-2021-47361 bsc#1225151).
- Update
patches.suse/mlxsw-spectrum-Protect-driver-from-buggy-firmware.patch
(git-fixes CVE-2021-47560 bsc#1225495).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(stable-5.14.14 CVE-2021-47441 bsc#1225224).
- Update
patches.suse/mm-mempolicy-do-not-allow-illegal-MPOL_F_NUMA_BALANC.patch
(stable-5.14.15 CVE-2021-47462 bsc#1225250).
- Update
patches.suse/mm-secretmem-fix-NULL-page-mapping-dereference-in-pa.patch
(stable-5.14.15 CVE-2021-47463 bsc#1225127).
- Update
patches.suse/mm-slub-fix-potential-memoryleak-in-kmem_cache_open.patch
(stable-5.14.15 CVE-2021-47466 bsc#1225342).
- Update
patches.suse/mm-slub-fix-potential-use-after-free-in-slab_debugfs.patch
(stable-5.14.15 CVE-2021-47470 bsc#1225186).
- Update
patches.suse/mptcp-ensure-tx-skbs-always-have-the-MPTCP-ext.patch
(stable-5.14.9 CVE-2021-47370 bsc#1225183).
- Update patches.suse/mptcp-fix-possible-stall-on-recvmsg.patch
(stable-5.14.14 CVE-2021-47448 bsc#1225129).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes CVE-2021-47540 bsc#1225386).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes stable-5.14.16 CVE-2021-47482 bsc#1224909).
- Update
patches.suse/net-dsa-felix-Fix-memory-leak-in-felix_setup_mmio_fi.patch
(git-fixes CVE-2021-47513 bsc#1225380).
- Update
patches.suse/net-dsa-microchip-Added-the-condition-for-scheduling.patch
(stable-5.14.14 CVE-2021-47439 bsc#1225246).
- Update
patches.suse/net-encx24j600-check-error-in-devm_regmap_init_encx2.patch
(stable-5.14.14 CVE-2021-47440 bsc#1225248).
- Update
patches.suse/net-hns3-do-not-allow-call-hns3_nic_net_open-repeate.patch
(stable-5.14.10 CVE-2021-47400 bsc#1225329).
- Update patches.suse/net-macb-fix-use-after-free-on-rmmod.patch
(stable-5.14.9 CVE-2021-47372 bsc#1225184).
- Update
patches.suse/net-marvell-prestera-fix-double-free-issue-on-err-pa.patch
(git-fixes CVE-2021-47564 bsc#1225501).
- Update
patches.suse/net-mdiobus-Fix-memory-leak-in-__mdiobus_register.patch
(stable-5.14.15 CVE-2021-47472 bsc#1225189).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(jsc#SLE-19256 CVE-2021-47541 bsc#1225453).
- Update
patches.suse/net-mlx5e-Fix-memory-leak-in-mlx5_core_destroy_cq-er.patch
(stable-5.14.14 CVE-2021-47438 bsc#1225229).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes CVE-2021-47542 bsc#1225455).
- Update
patches.suse/net-sched-flower-protect-fl_walk-with-rcu.patch
(stable-5.14.10 CVE-2021-47402 bsc#1225301).
- Update
patches.suse/net-sched-sch_taprio-properly-cancel-timer-from-tapr.patch
(stable-5.14.12 CVE-2021-47419 bsc#1225338).
- Update
patches.suse/net-smc-Fix-NULL-pointer-dereferencing-in-smc_vlan_by_tcpsk
(git-fixes CVE-2021-47559 bsc#1225396).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes CVE-2021-47536 bsc#1225447).
- Update
patches.suse/net-stmmac-Disable-Tx-queues-when-reconfiguring-the-.patch
(jsc#SLE-19033 CVE-2021-47558 bsc#1225492).
- Update
patches.suse/net-tls-Fix-flipped-sign-in-tls_err_abort-calls.patch
(stable-5.14.16 CVE-2021-47496 bsc#1225354).
- Update
patches.suse/net_sched-fix-NULL-deref-in-fifo_set_limit.patch
(stable-5.14.12 CVE-2021-47418 bsc#1225337).
- Update
patches.suse/netfilter-conntrack-serialize-hash-resizes-and-clean.patch
(stable-5.14.10 CVE-2021-47408 bsc#1225236).
- Update
patches.suse/netfilter-nf_tables-skip-netdev-events-generated-on-.patch
(stable-5.14.15 CVE-2021-47452 bsc#1225257).
- Update
patches.suse/netfilter-nf_tables-unlink-table-before-deleting-it.patch
(stable-5.14.10 CVE-2021-47394 bsc#1225323).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(stable-5.14.15 CVE-2021-47451 bsc#1225237).
- Update
patches.suse/nexthop-Fix-division-by-zero-while-replacing-a-resil.patch
(stable-5.14.9 CVE-2021-47363 bsc#1225156).
- Update
patches.suse/nexthop-Fix-memory-leaks-in-nexthop-notification-cha.patch
(stable-5.14.9 CVE-2021-47371 bsc#1225167).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes CVE-2021-47518 bsc#1225372).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes CVE-2021-47516 bsc#1225427).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes CVE-2021-47507 bsc#1225405).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes CVE-2021-47506 bsc#1225404).
- Update
patches.suse/nvme-rdma-destroy-cm-id-before-destroy-qp-to-avoid-u.patch
(bsc#1190569 stable-5.14.9 CVE-2021-47378 bsc#1225201).
- Update
patches.suse/nvmem-Fix-shift-out-of-bound-UBSAN-with-byte-size-ce.patch
(stable-5.14.14 CVE-2021-47497 bsc#1225355).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(stable-5.14.15 CVE-2021-47460 bsc#1225251).
- Update
patches.suse/ocfs2-fix-race-between-searching-chunks-and-release-.patch
(stable-5.14.16 CVE-2021-47493 bsc#1225439).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(stable-5.14.15 CVE-2021-47458 bsc#1225252).
- Update
patches.suse/octeontx2-af-Fix-a-memleak-bug-in-rvu_mbox_init.patch
(git-fixes CVE-2021-47537 bsc#1225375).
- Update
patches.suse/octeontx2-af-Fix-possible-null-pointer-dereference.patch
(stable-5.14.16 CVE-2021-47484 bsc#1224905).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 CVE-2021-47416 bsc#1225336).
- Update
patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
(stable-5.14.12 CVE-2021-47429 bsc#1225388).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(stable-5.14.12 CVE-2021-47428 bsc#1225387).
- Update
patches.suse/powerpc-smp-do-not-decrement-idle-task-preempt-count.patch
(stable-5.14.15 CVE-2021-47454 bsc#1225255).
- Update
patches.suse/ptp-Fix-possible-memory-leak-in-ptp_clock_register.patch
(stable-5.14.15 CVE-2021-47455 bsc#1225254).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes stable-5.14.16 CVE-2021-47483 bsc#1224907).
- Update
patches.suse/riscv-Flush-current-cpu-icache-before-other-cpus.patch
(stable-5.14.12 CVE-2021-47414 bsc#1225334).
- Update
patches.suse/riscv-bpf-Fix-potential-NULL-dereference.patch
(stable-5.14.16 CVE-2021-47486 bsc#1224903).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_.patch
(stable-5.14.9 CVE-2021-47369 bsc#1225164).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery.patch
(stable-5.14.10 CVE-2021-47382 bsc#1225207).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes CVE-2021-47549 bsc#1225508).
- Update
patches.suse/sched-scs-Reset-task-stack-state-in-bringup_cpu.patch
(git-fixes CVE-2021-47553 bsc#1225464).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is.patch
(stable-5.14.17 CVE-2021-47480 bsc#1225322).
- Update
patches.suse/scsi-iscsi-Fix-iscsi_task-use-after-free.patch
(stable-5.14.12 CVE-2021-47427 bsc#1225225).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes CVE-2021-47565 bsc#1225384).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes CVE-2021-47503 bsc#1225374).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-q.patch
(stable-5.14.15 CVE-2021-47473 bsc#1225192).
- Update
patches.suse/sctp-break-out-if-skb_header_pointer-returns-NULL-in.patch
(stable-5.14.10 CVE-2021-47397 bsc#1225082).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes CVE-2021-47527 bsc#1194288).
- Update
patches.suse/serial-liteuart-Fix-NULL-pointer-dereference-in-remo.patch
(git-fixes CVE-2021-47526 bsc#1225376).
- Update
patches.suse/serial-liteuart-fix-minor-number-leak-on-probe-error.patch
(git-fixes CVE-2021-47524 bsc#1225377).
- Update
patches.suse/serial-liteuart-fix-use-after-free-and-memleak-on-un.patch
(git-fixes CVE-2021-47525 bsc#1225441).
- Update
patches.suse/spi-Fix-deadlock-when-adding-SPI-controllers-on-SPI-.patch
(stable-5.14.15 CVE-2021-47469 bsc#1225347).
- Update
patches.suse/staging-greybus-uart-fix-tty-use-after-free.patch
(stable-5.14.9 CVE-2021-47358 bsc#1224920).
- Update
patches.suse/staging-rtl8712-fix-use-after-free-in-rtl8712_dl_fw.patch
(git-fixes stable-5.14.18 CVE-2021-47479 bsc#1224911).
- Update
patches.suse/tcp-fix-page-frag-corruption-on-page-fault.patch
(git-fixes CVE-2021-47544 bsc#1225463).
- Update
patches.suse/tty-Fix-out-of-bound-vmalloc-access-in-imageblit.patch
(stable-5.14.10 CVE-2021-47383 bsc#1225208).
- Update
patches.suse/usb-cdnsp-Fix-a-NULL-pointer-dereference-in-cdnsp_en.patch
(git-fixes CVE-2021-47528 bsc#1225368).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes stable-5.14.12 CVE-2021-47413 bsc#1225333).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(stable-5.14.11 CVE-2021-47409 bsc#1225330).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes stable-5.14.14 CVE-2021-47436 bsc#1225244).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(stable-5.14.16 CVE-2021-47495 bsc#1225351).
- Update
patches.suse/userfaultfd-fix-a-race-between-writeprotect-and-exit.patch
(stable-5.14.15 CVE-2021-47461 bsc#1225249).
- Update
patches.suse/vdpa_sim-avoid-putting-an-uninitialized-iova_domain.patch
(git-fixes CVE-2021-47554 bsc#1225466).
- Update
patches.suse/virtio-net-fix-pages-leaking-when-building-skb-in-bi.patch
(stable-5.14.9 CVE-2021-47367 bsc#1225123).
- Update
patches.suse/x86-entry-Clear-X86_FEATURE_SMAP-when-CONFIG_X86_SMA.patch
(stable-5.14.12 CVE-2021-47430 bsc#1225228).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(stable-5.14.14 CVE-2021-47434 bsc#1225232).
- commit 3a2e44b
- Update
patches.suse/ALSA-hda-Do-not-unset-preset-when-cleaning-up-codec.patch
(git-fixes bsc#1225486 CVE-2023-52736).
- Update
patches.suse/ALSA-hda-Fix-possible-null-ptr-deref-when-assigning-.patch
(git-fixes bsc#1225554 CVE-2023-52806).
- Update
patches.suse/ALSA-pcm-oss-Fix-negative-period-buffer-sizes.patch
(git-fixes bsc#1225411 CVE-2021-47511).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes bsc#1225409 CVE-2021-47509).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes stable-5.14.10 bsc#1225206 CVE-2021-47381).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes bsc#1225369 CVE-2021-47502).
- Update
patches.suse/Bluetooth-btusb-Add-date-evt_skb-is-NULL-check.patch
(git-fixes bsc#1225595 CVE-2023-52833).
- Update
patches.suse/Fix-page-corruption-caused-by-racy-check-in-__free_pages.patch
(bsc#1208149 bsc#1225118 CVE-2023-52739).
- Update
patches.suse/HID-amd_sfh-Fix-potential-NULL-pointer-dereference.patch
(stable-5.14.10 bsc#1225205 CVE-2021-47380).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(stable-5.14.10 bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(git-fixes bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(stable-5.14.10 bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-IPoIB-Fix-legacy-IPoIB-due-to-wrong-number-of-que.patch
(git-fixes bsc#1225032 CVE-2023-52745).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(jsc#SLE-19242 bsc#1225438 CVE-2021-47523).
- Update
patches.suse/IB-hfi1-Restore-allocated-resources-on-failed-copyou.patch
(git-fixes bsc#1224931 CVE-2023-52747).
- Update
patches.suse/IB-qib-Protect-from-buffer-overflow-in-struct-qib_us.patch
(stable-5.14.16 bsc#1224904 CVE-2021-47485).
- Update
patches.suse/Input-synaptics-rmi4-fix-use-after-free-in-rmi_unreg.patch
(git-fixes bsc#1224928 CVE-2023-52840).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(stable-5.14.15 bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056 bsc#1225341 CVE-2021-47465).
- Update
patches.suse/KVM-SVM-fix-missing-sev_decommission-in-sev_receive_.patch
(stable-5.14.10 bsc#1225126 CVE-2021-47389).
- Update
patches.suse/KVM-arm64-Fix-host-stage-2-PGD-refcount.patch
(stable-5.14.15 bsc#1225258 CVE-2021-47450).
- Update
patches.suse/KVM-x86-Fix-stack-out-of-bounds-memory-access-from-i.patch
(stable-5.14.10 bsc#1225125 CVE-2021-47390).
- Update
patches.suse/KVM-x86-Handle-SRCU-initialization-failure-during-pa.patch
(stable-5.14.10 bsc#1225306 CVE-2021-47407).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(stable-5.14.14 bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(stable-5.14.14 bsc#1225262 CVE-2021-47443).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(stable-5.14.10 bsc#1225318 CVE-2021-47391).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(stable-5.14.10 bsc#1225320 CVE-2021-47392).
- Update patches.suse/RDMA-hfi1-Fix-kernel-pointer-leak.patch
(stable-5.14.10 bsc#1225131 CVE-2021-47398).
- Update
patches.suse/RDMA-irdma-Fix-potential-NULL-ptr-dereference.patch
(git-fixes bsc#1225121 CVE-2023-52744).
- Update
patches.suse/RDMA-mlx5-Initialize-the-ODP-xarray-when-creating-an.patch
(stable-5.14.16 bsc#1224910 CVE-2021-47481).
- Update
patches.suse/afs-Fix-corruption-in-reads-at-fpos-2G-4G-from-an-Op.patch
(stable-5.14.9 bsc#1225160 CVE-2021-47366).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/atl1c-Work-around-the-DMA-RX-overflow-issue.patch
(git-fixes bsc#1225599 CVE-2023-52834).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(stable-5.14.15 bsc#1225393 CVE-2021-47464).
- Update patches.suse/binder-make-sure-fd-closes-complete.patch
(stable-5.14.9 bsc#1225122 CVE-2021-47360).
- Update
patches.suse/blk-cgroup-fix-UAF-by-grabbing-blkcg-lock-before-des.patch
(stable-5.14.9 bsc#1225203 CVE-2021-47379).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(stable-5.14.9 bsc#1225193 CVE-2021-47375).
- Update
patches.suse/block-don-t-call-rq_qos_ops-done_bio-if-the-bio-isn-.patch
(stable-5.14.11 bsc#1225332 CVE-2021-47412).
- Update
patches.suse/bpf-Add-oversize-check-before-call-kvcalloc.patch
(stable-5.14.9 bsc#1225195 CVE-2021-47376).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(stable-5.14.12 bsc#1225370 CVE-2021-47426).
- Update
patches.suse/btrfs-fix-abort-logic-in-btrfs_replace_file_extents.patch
(stable-5.14.14 bsc#1225392 CVE-2021-47433).
- Update
patches.suse/btrfs-fix-re-dirty-process-of-tree-log-nodes.patch
(bsc#1197915 bsc#1225410 CVE-2021-47510).
- Update
patches.suse/can-dev-can_put_echo_skb-don-t-crash-kernel-if-can_p.patch
(git-fixes bsc#1225000 CVE-2023-52878).
- Update
patches.suse/can-isotp-isotp_sendmsg-add-result-check-for-wait_ev.patch
(stable-5.14.15 bsc#1225235 CVE-2021-47457).
- Update
patches.suse/can-j1939-j1939_netdev_start-fix-UAF-for-rx_kref-of-.patch
(stable-5.14.15 bsc#1225253 CVE-2021-47459).
- Update
patches.suse/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
(git-fixes bsc#1225431 CVE-2021-47520).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(stable-5.14.15 bsc#1225256 CVE-2021-47456).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes bsc#1225435 CVE-2021-47521).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes stable-5.14.16 bsc#1225450 CVE-2021-47494).
- Update
patches.suse/cgroup-Fix-memory-leak-caused-by-missing-cgroup_bpf_.patch
(stable-5.14.16 bsc#1224902 CVE-2021-47488).
- Update patches.suse/cifs-Fix-soft-lockup-during-fsstress.patch
(stable-5.14.9 bsc#1225145 CVE-2021-47359).
- Update
patches.suse/cifs-Fix-use-after-free-in-rdata-read_into_pages-.patch
(git-fixes bsc#1225479 CVE-2023-52741).
- Update
patches.suse/clk-mediatek-clk-mt2701-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225096 CVE-2023-52875).
- Update
patches.suse/clk-mediatek-clk-mt6765-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1224937 CVE-2023-52870).
- Update
patches.suse/clk-mediatek-clk-mt6779-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225589 CVE-2023-52873).
- Update
patches.suse/clk-mediatek-clk-mt6797-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225086 CVE-2023-52865).
- Update
patches.suse/clk-mediatek-clk-mt7629-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225566 CVE-2023-52858).
- Update
patches.suse/clk-mediatek-clk-mt7629-eth-Add-check-for-mtk_alloc_.patch
(git-fixes bsc#1225036 CVE-2023-52876).
- Update
patches.suse/comedi-Fix-memory-leak-in-compat_insnlist.patch
(stable-5.14.9 bsc#1225158 CVE-2021-47364).
- Update patches.suse/comedi-dt9812-fix-DMA-buffers-on-stack.patch
(git-fixes stable-5.14.18 bsc#1224912 CVE-2021-47477).
- Update
patches.suse/comedi-ni_usb6501-fix-NULL-deref-in-command-paths.patch
(git-fixes stable-5.14.18 bsc#1224913 CVE-2021-47476).
- Update
patches.suse/comedi-vmk80xx-fix-bulk-buffer-overflow.patch
(git-fixes stable-5.14.18 bsc#1224915 CVE-2021-47474).
- Update
patches.suse/comedi-vmk80xx-fix-transfer-buffer-overflows.patch
(git-fixes stable-5.14.18 bsc#1224914 CVE-2021-47475).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(stable-5.14.10 bsc#1225316 CVE-2021-47387).
- Update
patches.suse/devlink-fix-netns-refcount-leak-in-devlink_nl_cmd_re.patch
(git-fixes bsc#1225425 CVE-2021-47514).
- Update
patches.suse/dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(stable-5.14.14 bsc#1225247 CVE-2021-47435).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(stable-5.14.14 bsc#1225357 CVE-2021-47498).
- Update
patches.suse/dma-debug-prevent-an-error-message-from-causing-runt.patch
(stable-5.14.9 bsc#1225191 CVE-2021-47374).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-Pola.patch
(git-fixes bsc#1225532 CVE-2023-52819).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-SMU7.patch
(git-fixes bsc#1225530 CVE-2023-52818).
- Update patches.suse/drm-amd-amdgpu-fix-potential-memleak.patch
(git-fixes bsc#1225379 CVE-2021-47550).
- Update
patches.suse/drm-amd-amdkfd-Fix-kernel-panic-when-reset-failed-an.patch
(git-fixes bsc#1225510 CVE-2021-47551).
- Update
patches.suse/drm-amd-display-Avoid-NULL-dereference-of-timing-gen.patch
(git-fixes bsc#1225478 CVE-2023-52753).
- Update
patches.suse/drm-amd-pm-Update-intermediate-power-state-for-SI.patch
(stable-5.14.9 bsc#1225153 CVE-2021-47362).
- Update
patches.suse/drm-amdgpu-Fix-a-null-pointer-access-when-the-smc_rr.patch
(git-fixes bsc#1225569 CVE-2023-52817).
- Update
patches.suse/drm-amdgpu-Fix-potential-null-pointer-derefernce.patch
(git-fixes bsc#1225565 CVE-2023-52814).
- Update
patches.suse/drm-amdgpu-fence-Fix-oops-due-to-non-matching-drm_sc.patch
(git-fixes bsc#1225005 CVE-2023-52738).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(stable-5.14.13 bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch
(git-fixes stable-5.14.12 bsc#1225353 CVE-2021-47421).
- Update
patches.suse/drm-amdkfd-Fix-a-race-condition-of-vram-buffer-unref.patch
(git-fixes bsc#1225076 CVE-2023-52825).
- Update
patches.suse/drm-amdkfd-Fix-shift-out-of-bounds-issue.patch
(git-fixes bsc#1225529 CVE-2023-52816).
- Update
patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch
(git-fixes stable-5.14.12 bsc#1225339 CVE-2021-47420).
- Update
patches.suse/drm-amdkfd-fix-svm_migrate_fini-warning.patch
(stable-5.14.11 bsc#1225331 CVE-2021-47410).
- Update
patches.suse/drm-bridge-lt8912b-Fix-crash-on-bridge-detach.patch
(git-fixes bsc#1224932 CVE-2023-52856).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(git-fixes stable-5.14.14 bsc#1225243 CVE-2021-47444).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes stable-5.14.14 bsc#1225261 CVE-2021-47445).
- Update
patches.suse/drm-msm-a3xx-fix-error-handling-in-a3xx_gpu_init.patch
(git-fixes stable-5.14.14 bsc#1225260 CVE-2021-47447).
- Update
patches.suse/drm-msm-a4xx-fix-error-handling-in-a4xx_gpu_init.patch
(git-fixes stable-5.14.14 bsc#1225240 CVE-2021-47446).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(git-fixes bsc#1225446 CVE-2021-47535).
- Update
patches.suse/drm-mxsfb-Fix-NULL-pointer-dereference-crash-on-unlo.patch
(stable-5.14.15 bsc#1225187 CVE-2021-47471).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 bsc#1225366 CVE-2021-47423).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 bsc#1225233 CVE-2021-47422).
- Update
patches.suse/drm-panel-fix-a-possible-null-pointer-dereference.patch
(git-fixes bsc#1225022 CVE-2023-52821).
- Update
patches.suse/drm-panel-panel-tpo-tpg110-fix-a-possible-null-point.patch
(git-fixes bsc#1225077 CVE-2023-52826).
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(git-fixes bsc#1225230 CVE-2022-48710).
- Update patches.suse/drm-radeon-possible-buffer-overflow.patch
(git-fixes bsc#1225009 CVE-2023-52867).
- Update
patches.suse/drm-ttm-fix-memleak-in-ttm_transfered_destroy.patch
(stable-5.14.16 bsc#1225436 CVE-2021-47490).
- Update
patches.suse/drm-vc4-kms-Add-missing-drm_crtc_commit_put.patch
(git-fixes CVE-2021-47534).
- Update
patches.suse/drm-vc4-kms-Clear-the-HVS-FIFO-commit-pointer-once-d.patch
(git-fixes bsc#1225445 CVE-2021-47533).
- Update
patches.suse/enetc-Fix-illegal-access-when-reading-affinity_hint.patch
(stable-5.14.9 bsc#1225161 CVE-2021-47368).
- Update
patches.suse/ethtool-ioctl-fix-potential-NULL-deref-in-ethtool_se.patch
(jsc#SLE-19253 bsc#1225383 CVE-2021-47556).
- Update
patches.suse/ext4-add-error-checking-to-ext4_ext_replay_set_ibloc.patch
(stable-5.14.10 bsc#1225304 CVE-2021-47406).
- Update
patches.suse/fbdev-imsttfb-fix-a-resource-leak-in-probe.patch
(git-fixes bsc#1225031 CVE-2023-52838).
- Update
patches.suse/fs-jfs-Add-check-for-negative-db_l2nbperpage.patch
(git-fixes bsc#1225557 CVE-2023-52810).
- Update
patches.suse/fs-jfs-Add-validity-check-for-db_maxag-and-db_agpref.patch
(git-fixes bsc#1225550 CVE-2023-52804).
- Update patches.suse/gfs2-ignore-negated-quota-changes.patch
(git-fixes bsc#1225560 CVE-2023-52759).
- Update
patches.suse/hid-cp2112-Fix-duplicate-workqueue-initialization.patch
(git-fixes bsc#1224988 CVE-2023-52853).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes stable-5.14.10 bsc#1225321 CVE-2021-47393).
- Update
patches.suse/hwmon-w83791d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 bsc#1225268 CVE-2021-47386).
- Update
patches.suse/hwmon-w83792d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 bsc#1225210 CVE-2021-47385).
- Update
patches.suse/hwmon-w83793-Fix-NULL-pointer-dereference-by-removin.patch
(stable-5.14.10 bsc#1225209 CVE-2021-47384).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes stable-5.14.12 bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i2c-core-Run-atomic-i2c-xfer-when-preemptible.patch
(git-fixes bsc#1225108 CVE-2023-52791).
- Update
patches.suse/i3c-master-mipi-i3c-hci-Fix-a-kernel-panic-for-acces.patch
(git-fixes bsc#1225570 CVE-2023-52763).
- Update
patches.suse/i3c-mipi-i3c-hci-Fix-out-of-bounds-access-in-hci_dma.patch
(git-fixes CVE-2023-52766).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(jsc#SLE-18378 bsc#1225361 CVE-2021-47501).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(stable-5.14.12 bsc#1225367 CVE-2021-47424).
- Update
patches.suse/i915-perf-Fix-NULL-deref-bugs-with-drm_dbg-calls.patch
(git-fixes bsc#1225106 CVE-2023-52788).
- Update
patches.suse/ice-Avoid-crash-from-unnecessary-IDA-free.patch
(stable-5.14.15 bsc#1225239 CVE-2021-47453).
- Update
patches.suse/ice-Do-not-use-WQ_MEM_RECLAIM-flag-for-workqueue.patch
(git-fixes bsc#1225003 CVE-2023-52743).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-18375 bsc#1225500 CVE-2021-47563).
- Update
patches.suse/ice-fix-locking-for-Tx-timestamp-tracking-flush.patch
(stable-5.14.14 bsc#1225259 CVE-2021-47449).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-18375 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/ice-switch-fix-potential-memleak-in-ice_add_adv_reci.patch
(git-fixes bsc#1225095 CVE-2022-48709).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes bsc#1225358 CVE-2021-47499).
- Update
patches.suse/iio-adis16475-fix-deadlock-on-frequency-set.patch
(git-fixes stable-5.14.14 bsc#1225245 CVE-2021-47437).
- Update
patches.suse/iio-mma8452-Fix-trigger-reference-couting.patch
(git-fixes bsc#1225360 CVE-2021-47500).
- Update
patches.suse/ipack-ipoctal-fix-module-reference-leak.patch
(stable-5.14.10 bsc#1225241 CVE-2021-47403).
- Update
patches.suse/ipack-ipoctal-fix-stack-information-leak.patch
(stable-5.14.10 bsc#1225242 CVE-2021-47401).
- Update
patches.suse/irqchip-gic-v3-its-Fix-potential-VPE-leak-on-error.patch
(stable-5.14.9 bsc#1225190 CVE-2021-47373).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(stable-5.14.15 bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(stable-5.14.18 bsc#1225198 CVE-2021-47478).
- Update
patches.suse/iwlwifi-Fix-memory-leaks-in-error-handling-path.patch
(git-fixes bsc#1225373 CVE-2021-47529).
- Update
patches.suse/iwlwifi-mvm-Fix-possible-NULL-dereference.patch
(git-fixes stable-5.14.12 bsc#1225335 CVE-2021-47415).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(stable-5.14.10 bsc#1225328 CVE-2021-47399).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbFindLeaf.patch
(git-fixes bsc#1225472 CVE-2023-52799).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diAlloc.patch
(git-fixes bsc#1225553 CVE-2023-52805).
- Update
patches.suse/kunit-fix-reference-count-leak-in-kfree_at_end.patch
(stable-5.14.15 bsc#1225344 CVE-2021-47467).
- Update patches.suse/libbpf-Fix-memory-leak-in-strset.patch
(git-fixes stable-5.14.12 bsc#1225227 CVE-2021-47417).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes stable-5.14.10 bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes stable-5.14.10 bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes stable-5.14.10 bsc#1225326 CVE-2021-47395).
- Update
patches.suse/mcb-fix-error-handling-in-mcb_alloc_bus.patch
(stable-5.14.9 bsc#1225151 CVE-2021-47361).
- Update
patches.suse/media-bttv-fix-use-after-free-error-due-to-btv-timeo.patch
(git-fixes bsc#1225588 CVE-2023-52847).
- Update
patches.suse/media-gspca-cpia1-shift-out-of-bounds-in-set_flicker.patch
(git-fixes bsc#1225571 CVE-2023-52764).
- Update
patches.suse/media-imon-fix-access-to-invalid-resource-for-the-se.patch
(git-fixes bsc#1225490 CVE-2023-52754).
- Update
patches.suse/media-vidtv-mux-Add-check-and-kfree-for-kstrdup.patch
(git-fixes bsc#1225592 CVE-2023-52841).
- Update patches.suse/media-vidtv-psi-Add-check-for-kstrdup.patch
(git-fixes bsc#1225590 CVE-2023-52844).
- Update
patches.suse/mlxsw-spectrum-Protect-driver-from-buggy-firmware.patch
(git-fixes bsc#1225495 CVE-2021-47560).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(stable-5.14.14 bsc#1225224 CVE-2021-47441).
- Update
patches.suse/mm-mempolicy-do-not-allow-illegal-MPOL_F_NUMA_BALANC.patch
(stable-5.14.15 bsc#1225250 CVE-2021-47462).
- Update
patches.suse/mm-secretmem-fix-NULL-page-mapping-dereference-in-pa.patch
(stable-5.14.15 bsc#1225127 CVE-2021-47463).
- Update
patches.suse/mm-slub-fix-potential-memoryleak-in-kmem_cache_open.patch
(stable-5.14.15 bsc#1225342 CVE-2021-47466).
- Update
patches.suse/mm-slub-fix-potential-use-after-free-in-slab_debugfs.patch
(stable-5.14.15 bsc#1225186 CVE-2021-47470).
- Update
patches.suse/mmc-mmc_spi-fix-error-handling-in-mmc_spi_probe.patch
(git-fixes bsc#1225483 CVE-2023-52708).
- Update
patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch
(git-fixes bsc#1224956 CVE-2023-52730).
- Update
patches.suse/mptcp-ensure-tx-skbs-always-have-the-MPTCP-ext.patch
(stable-5.14.9 bsc#1225183 CVE-2021-47370).
- Update patches.suse/mptcp-fix-possible-stall-on-recvmsg.patch
(stable-5.14.14 bsc#1225129 CVE-2021-47448).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes bsc#1225386 CVE-2021-47540).
- Update
patches.suse/net-USB-Fix-wrong-direction-WARNING-in-plusb.c.patch
(git-fixes bsc#1225482 CVE-2023-52742).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes stable-5.14.16 bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-dsa-felix-Fix-memory-leak-in-felix_setup_mmio_fi.patch
(git-fixes bsc#1225380 CVE-2021-47513).
- Update
patches.suse/net-dsa-microchip-Added-the-condition-for-scheduling.patch
(stable-5.14.14 bsc#1225246 CVE-2021-47439).
- Update
patches.suse/net-encx24j600-check-error-in-devm_regmap_init_encx2.patch
(stable-5.14.14 bsc#1225248 CVE-2021-47440).
- Update
patches.suse/net-hns3-do-not-allow-call-hns3_nic_net_open-repeate.patch
(stable-5.14.10 bsc#1225329 CVE-2021-47400).
- Update patches.suse/net-macb-fix-use-after-free-on-rmmod.patch
(stable-5.14.9 bsc#1225184 CVE-2021-47372).
- Update
patches.suse/net-marvell-prestera-fix-double-free-issue-on-err-pa.patch
(git-fixes bsc#1225501 CVE-2021-47564).
- Update
patches.suse/net-mdiobus-Fix-memory-leak-in-__mdiobus_register.patch
(stable-5.14.15 bsc#1225189 CVE-2021-47472).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(jsc#SLE-19256 bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-mlx5e-Fix-memory-leak-in-mlx5_core_destroy_cq-er.patch
(stable-5.14.14 bsc#1225229 CVE-2021-47438).
- Update
patches.suse/net-openvswitch-fix-possible-memory-leak-in-ovs_mete.patch
(git-fixes bsc#1224945 CVE-2023-52702).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/net-sched-flower-protect-fl_walk-with-rcu.patch
(stable-5.14.10 bsc#1225302 CVE-2021-47402).
- Update
patches.suse/net-sched-sch_taprio-properly-cancel-timer-from-tapr.patch
(stable-5.14.12 bsc#1225338 CVE-2021-47419).
- Update
patches.suse/net-smc-Fix-NULL-pointer-dereferencing-in-smc_vlan_by_tcpsk
(git-fixes bsc#1225396 CVE-2021-47559).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes bsc#1225447 CVE-2021-47536).
- Update
patches.suse/net-stmmac-Disable-Tx-queues-when-reconfiguring-the-.patch
(jsc#SLE-19033 bsc#1225492 CVE-2021-47558).
- Update
patches.suse/net-tls-Fix-flipped-sign-in-tls_err_abort-calls.patch
(stable-5.14.16 bsc#1225354 CVE-2021-47496).
- Update
patches.suse/net-usb-kalmia-Don-t-pass-act_len-in-usb_bulk_msg-er.patch
(git-fixes bsc#1225549 CVE-2023-52703).
- Update
patches.suse/net_sched-fix-NULL-deref-in-fifo_set_limit.patch
(stable-5.14.12 bsc#1225337 CVE-2021-47418).
- Update
patches.suse/netfilter-conntrack-serialize-hash-resizes-and-clean.patch
(stable-5.14.10 bsc#1225236 CVE-2021-47408).
- Update
patches.suse/netfilter-nf_tables-skip-netdev-events-generated-on-.patch
(stable-5.14.15 bsc#1225257 CVE-2021-47452).
- Update
patches.suse/netfilter-nf_tables-unlink-table-before-deleting-it.patch
(stable-5.14.10 bsc#1225323 CVE-2021-47394).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(stable-5.14.15 bsc#1225237 CVE-2021-47451).
- Update
patches.suse/nexthop-Fix-division-by-zero-while-replacing-a-resil.patch
(stable-5.14.9 bsc#1225156 CVE-2021-47363).
- Update
patches.suse/nexthop-Fix-memory-leaks-in-nexthop-notification-cha.patch
(stable-5.14.9 bsc#1225167 CVE-2021-47371).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes bsc#1225372 CVE-2021-47518).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes bsc#1225405 CVE-2021-47507).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes bsc#1225404 CVE-2021-47506).
- Update
patches.suse/nvme-rdma-destroy-cm-id-before-destroy-qp-to-avoid-u.patch
(bsc#1190569 stable-5.14.9 bsc#1225201 CVE-2021-47378).
- Update
patches.suse/nvmem-Fix-shift-out-of-bound-UBSAN-with-byte-size-ce.patch
(stable-5.14.14 bsc#1225355 CVE-2021-47497).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(stable-5.14.15 bsc#1225251 CVE-2021-47460).
- Update
patches.suse/ocfs2-fix-race-between-searching-chunks-and-release-.patch
(stable-5.14.16 bsc#1225439 CVE-2021-47493).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(stable-5.14.15 bsc#1225252 CVE-2021-47458).
- Update
patches.suse/octeontx2-af-Fix-a-memleak-bug-in-rvu_mbox_init.patch
(git-fixes bsc#1225375 CVE-2021-47537).
- Update
patches.suse/octeontx2-af-Fix-possible-null-pointer-dereference.patch
(stable-5.14.16 bsc#1224905 CVE-2021-47484).
- Update
patches.suse/padata-Fix-refcnt-handling-in-padata_free_shell.patch
(git-fixes bsc#1225584 CVE-2023-52854).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 bsc#1225336 CVE-2021-47416).
- Update
patches.suse/pinctrl-single-fix-potential-NULL-dereference.patch
(git-fixes bsc#1224942 CVE-2022-48708).
- Update
patches.suse/platform-x86-wmi-Fix-opening-of-char-device.patch
(git-fixes bsc#1225132 CVE-2023-52864).
- Update
patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
(stable-5.14.12 bsc#1225388 CVE-2021-47429).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(stable-5.14.12 bsc#1225387 CVE-2021-47428).
- Update
patches.suse/powerpc-64s-interrupt-Fix-interrupt-exit-race-with-s.patch
(bsc#1194869 bsc#1225471 CVE-2023-52740).
- Update
patches.suse/powerpc-smp-do-not-decrement-idle-task-preempt-count.patch
(stable-5.14.15 bsc#1225255 CVE-2021-47454).
- Update
patches.suse/ptp-Fix-possible-memory-leak-in-ptp_clock_register.patch
(stable-5.14.15 bsc#1225254 CVE-2021-47455).
- Update patches.suse/pwm-Fix-double-shift-bug.patch (git-fixes
bsc#1225461 CVE-2023-52756).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes stable-5.14.16 bsc#1224907 CVE-2021-47483).
- Update
patches.suse/riscv-Flush-current-cpu-icache-before-other-cpus.patch
(stable-5.14.12 bsc#1225334 CVE-2021-47414).
- Update
patches.suse/riscv-bpf-Fix-potential-NULL-dereference.patch
(stable-5.14.16 bsc#1224903 CVE-2021-47486).
- Update
patches.suse/s390-dasd-protect-device-queue-against-concurrent-access.patch
(git-fixes bsc#1217515 bsc#1225572 CVE-2023-52774).
- Update
patches.suse/s390-decompressor-specify-__decompress-buf-len-to-avoid-overflow.patch
(git-fixes bsc#1213863 bsc#1225488 CVE-2023-52733).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_.patch
(stable-5.14.9 bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery.patch
(stable-5.14.10 bsc#1225207 CVE-2021-47382).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes bsc#1225508 CVE-2021-47549).
- Update
patches.suse/sched-psi-Fix-use-after-free-in-ep_remove_wait_queue.patch
(bsc#1209799 bsc#1225109 CVE-2023-52707).
- Update
patches.suse/sched-scs-Reset-task-stack-state-in-bringup_cpu.patch
(git-fixes bsc#1225464 CVE-2021-47553).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is.patch
(stable-5.14.17 bsc#1225322 CVE-2021-47480).
- Update
patches.suse/scsi-ibmvfc-Remove-BUG_ON-in-the-case-of-an-empty-ev.patch
(bsc#1209834 ltc#202097 bsc#1225559 CVE-2023-52811).
- Update
patches.suse/scsi-iscsi-Fix-iscsi_task-use-after-free.patch
(stable-5.14.12 bsc#1225225 CVE-2021-47427).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes bsc#1225374 CVE-2021-47503).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-q.patch
(stable-5.14.15 bsc#1225192 CVE-2021-47473).
- Update
patches.suse/sctp-break-out-if-skb_header_pointer-returns-NULL-in.patch
(stable-5.14.10 bsc#1225082 CVE-2021-47397).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/serial-liteuart-Fix-NULL-pointer-dereference-in-remo.patch
(git-fixes bsc#1225376 CVE-2021-47526).
- Update
patches.suse/serial-liteuart-fix-minor-number-leak-on-probe-error.patch
(git-fixes bsc#1225377 CVE-2021-47524).
- Update
patches.suse/serial-liteuart-fix-use-after-free-and-memleak-on-un.patch
(git-fixes bsc#1225441 CVE-2021-47525).
- Update
patches.suse/soc-qcom-llcc-Handle-a-second-device-without-data-co.patch
(git-fixes bsc#1225534 CVE-2023-52871).
- Update
patches.suse/spi-Fix-deadlock-when-adding-SPI-controllers-on-SPI-.patch
(stable-5.14.15 bsc#1225347 CVE-2021-47469).
- Update
patches.suse/staging-greybus-uart-fix-tty-use-after-free.patch
(stable-5.14.9 bsc#1224920 CVE-2021-47358).
- Update
patches.suse/staging-rtl8712-fix-use-after-free-in-rtl8712_dl_fw.patch
(git-fixes stable-5.14.18 bsc#1224911 CVE-2021-47479).
- Update
patches.suse/tcp-fix-page-frag-corruption-on-page-fault.patch
(git-fixes bsc#1225463 CVE-2021-47544).
- Update
patches.suse/thermal-core-prevent-potential-string-overflow.patch
(git-fixes bsc#1225044 CVE-2023-52868).
- Update
patches.suse/tty-Fix-out-of-bound-vmalloc-access-in-imageblit.patch
(stable-5.14.10 bsc#1225208 CVE-2021-47383).
- Update
patches.suse/tty-n_gsm-fix-race-condition-in-status-line-change-o.patch
(git-fixes bsc#1225591 CVE-2023-52872).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-vcc-Add-check-for-kstrdup-in-vcc_probe.patch
(git-fixes bsc#1225180 CVE-2023-52789).
- Update
patches.suse/usb-cdnsp-Fix-a-NULL-pointer-dereference-in-cdnsp_en.patch
(git-fixes bsc#1225368 CVE-2021-47528).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes stable-5.14.12 bsc#1225333 CVE-2021-47413).
- Update
patches.suse/usb-config-fix-iteration-issue-in-usb_get_bos_descri.patch
(git-fixes bsc#1225092 CVE-2023-52781).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(stable-5.14.11 bsc#1225330 CVE-2021-47409).
- Update
patches.suse/usb-dwc2-fix-possible-NULL-pointer-dereference-cause.patch
(git-fixes bsc#1225583 CVE-2023-52855).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes stable-5.14.14 bsc#1225244 CVE-2021-47436).
- Update
patches.suse/usb-typec-tcpm-Fix-NULL-pointer-dereference-in-tcpm_.patch
(git-fixes bsc#1224944 CVE-2023-52877).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(stable-5.14.16 bsc#1225351 CVE-2021-47495).
- Update
patches.suse/userfaultfd-fix-a-race-between-writeprotect-and-exit.patch
(stable-5.14.15 bsc#1225249 CVE-2021-47461).
- Update
patches.suse/vdpa_sim-avoid-putting-an-uninitialized-iova_domain.patch
(git-fixes bsc#1225466 CVE-2021-47554).
- Update
patches.suse/virtio-net-fix-pages-leaking-when-building-skb-in-bi.patch
(stable-5.14.9 bsc#1225123 CVE-2021-47367).
- Update
patches.suse/wifi-ath11k-fix-dfs-radar-event-locking.patch
(git-fixes bsc#1224947 CVE-2023-52798).
- Update patches.suse/wifi-ath11k-fix-htt-pktlog-locking.patch
(git-fixes CVE-2023-52800).
- Update
patches.suse/wifi-mac80211-don-t-return-unset-power-in-ieee80211_.patch
(git-fixes bsc#1225577 CVE-2023-52832).
- Update
patches.suse/x86-entry-Clear-X86_FEATURE_SMAP-when-CONFIG_X86_SMA.patch
(stable-5.14.12 bsc#1225228 CVE-2021-47430).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(stable-5.14.14 bsc#1225232 CVE-2021-47434).
- commit c477ba3
- powerpc/pseries/iommu: LPAR panics during boot up with a frozen
PE (bsc#1222011 ltc#205900 CVE-2024-36926).
- commit db3b1aa
- netfilter: nf_tables: release mutex after nft_gc_seq_end from
abort path (CVE-2024-26925 bsc#1223390).
- commit d38b98f
- idpf: extend tx watchdog timeout (bsc#1224137).
- commit 64976b7
- efi/capsule-loader: fix incorrect allocation size (bsc#1224438
CVE-2024-27413).
- commit bcbd0b7
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (CVE-2024-35817 bsc#1224736).
- commit 3fd949a
- selinux: avoid dereference of garbage after mount failure
(bsc#1224494 CVE-2024-35904).
- commit dad5bc3
- af_unix: annote lockless accesses to unix_tot_inflight &
gc_in_progress (bsc#1223384).
- Refresh
patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch.
- commit 478234c
- Update
patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch
(bsc#1209657 CVE-2023-0160 CVE-2024-35895 bsc#1224511).
- Update
patches.suse/fs-aio-Check-IOCB_AIO_RW-before-the-struct-aio_kiocb.patch
(bsc#1222721 CVE-2024-26764 CVE-2024-35815 bsc#1224685).
- Update
patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch
(bsc#1221044 CVE-2023-52591 CVE-2024-35914 bsc#1224482).
- Update
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch
(CVE-2023-47233 bsc#1216702 CVE-2024-35811 bsc#1224592).
- commit 78f49e4
- Update
patches.suse/bpf-Guard-stack-limits-against-32bit-overflow.patch
(git-fixes CVE-2023-52676 bsc#1224730).
- commit bdae745
- Update patches.suse/afs-Fix-page-leak.patch (stable-5.14.9
CVE-2021-47365 bsc#1224895).
- Update
patches.suse/drm-amdgpu-Fix-even-more-out-of-bound-writes-from-de.patch
(bsc#1191949 CVE-2021-42327 stable-5.14.16 CVE-2021-47489
bsc#1224901).
- Update
patches.suse/mm-khugepaged-skip-huge-page-collapse-for-special-fi.patch
(stable-5.14.16 bsc#1193983 CVE-2021-4148 CVE-2021-47491
bsc#1224900).
- Update
patches.suse/mm-thp-bail-out-early-in-collapse_file-for-writeback.patch
(stable-5.14.16 CVE-2021-47492 bsc#1224898).
- commit 9ce4e35
- Update
patches.suse/drm-nouveau-avoid-a-use-after-free-when-BO-init-fail.patch
(git-fixes stable-5.14.12 CVE-2020-36788 bsc#1224816).
- commit 92d2a7f
- Update patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686).
- Update patches.suse/powerpc-powernv-Add-a-null-pointer-check-to-scom_deb.patch
(bsc#1194869 CVE-2023-52690).
- commit 2a79a5d
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling
(bsc#1216124).
- commit 7f04710
- rpm/kernel-obs-build.spec.in: remove reiserfs from OBS initrd
We disabled the FS in bug 1202309. And we actively blacklist it in:
/usr/lib/modprobe.d/60-blacklist_fs-reiserfs.conf
This, as a side-effect, fixes obs-build's warning:
dracut-pre-udev[1463]: sh: line 1: /usr/lib/module-init-tools/unblacklist: No such file or directory
Exactly due to the above 60-blacklist_fs-reiserfs.conf trying to call the
above unblacklist.
We should likely drop ext2+ext3 from the list too, as we don't build
them at all. But that's a different story.
- commit 9e1a078
- filemap: remove use of wait bookmarks (bsc#1224085).
- commit 36d572b
- scsi: qla2xxx: Fix double free of fcport (bsc#1223715
CVE-2024-26929).
- commit b3136a1
- powerpc/pseries/vio: Don't return ENODEV if node or compatible
missing (bsc#1220783).
- commit 1f4ad41
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(bsc#1224174 CVE-2024-27398).
- commit d55ff83
- af_unix: Fix garbage collector racing against connect()
(CVE-2024-26923 bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- commit 94450ec
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(bsc#1223626 CVE-2024-26930).
- commit dba3cc6
- Update
patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1218447 CVE-2023-6531 CVE-2023-52654 bsc#1224099).
- commit 659f245
- Update
patches.suse/usb-aqc111-check-packet-for-fixup-for-true-limit.patch
(bsc#1217169 CVE-2023-52655).
Added bugzilla ID and CVE
- commit a741c33
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- commit cca73b5
- Update
patches.suse/sched-debug-fix-dentry-leak-in-update_sched_domain_d.patch
(git-fixes CVE-2022-48699 bsc#1223996).
- commit 201a58f
- cachefiles: fix memory leak in cachefiles_add_cache()
(bsc#1222976 CVE-2024-26840).
- commit 6543e12
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
references (CVE-2024-26739 bsc#1222559, drop incorrect references).
- commit 892e634
- Update
patches.suse/ALSA-emu10k1-Fix-out-of-bounds-access-in-snd_emu10k1.patch
(git-fixes CVE-2022-48702 bsc#1223923).
- Update
patches.suse/ALSA-usb-audio-Fix-an-out-of-bounds-bug-in-__snd_usb.patch
(git-fixes CVE-2022-48701 bsc#1223921).
- Update
patches.suse/RDMA-irdma-Fix-drain-SQ-hang-with-no-completion.patch
(jsc#SLE-18383 CVE-2022-48694 bsc#1223964).
- Update
patches.suse/RDMA-srp-Set-scmnd-result-only-when-scmnd-is-not-NUL.patch
(git-fixes CVE-2022-48692 bsc#1223962).
- Update
patches.suse/cgroup-Add-missing-cpus_read_lock-to-cgroup_attach_task_all.patch
(bsc#1196869 CVE-2022-48671 bsc#1223929).
- Update
patches.suse/drm-radeon-add-a-force-flush-to-delay-work-when-rade.patch
(git-fixes CVE-2022-48704 bsc#1223932).
- Update
patches.suse/i40e-Fix-kernel-crash-during-module-removal.patch
(jsc#SLE-18378 CVE-2022-48688 bsc#1223953).
- Update
patches.suse/ipv6-sr-fix-out-of-bounds-read-when-setting-HMAC-dat.patch
(bsc#1211592 CVE-2023-2860 CVE-2022-48687 bsc#1223952).
- Update
patches.suse/net-smc-Fix-possible-access-to-freed-memory-in-link-clear
(git-fixes CVE-2022-48673 bsc#1223934).
- Update
patches.suse/nvme-tcp-fix-uaf-when-detecting-digest-errors.patch
(bsc#1200313 bsc#1201489 CVE-2022-48686 bsc#1223948).
- Update patches.suse/nvmet-fix-a-use-after-free.patch (git-fixes
CVE-2022-48697 bsc#1223922).
- Update
patches.suse/of-fdt-fix-off-by-one-error-in-unflatten_dt_nodes.patch
(git-fixes CVE-2022-48672 bsc#1223931).
- Update
patches.suse/scsi-mpt3sas-Fix-use-after-free-warning.patch
(git-fixes CVE-2022-48695 bsc#1223941).
- Update
patches.suse/soc-brcmstb-pm-arm-Fix-refcount-leak-and-__iomem-lea.patch
(git-fixes CVE-2022-48693 bsc#1223963).
- Update
patches.suse/thermal-int340x_thermal-handle-data_vault-when-the-v.patch
(bsc#1201308 CVE-2022-48703 bsc#1223924).
- Update patches.suse/vfio-type1-Unpin-zero-pages.patch (git-fixes
CVE-2022-48700 bsc#1223957).
- commit c8677b5
- packet: annotate data-races around ignore_outgoing
(CVE-2024-26862 bsc#1223111).
- commit 6e591e7
- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
(CVE-2024-0639 bsc#1218917).
- commit 517d4f7
- Update
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(CVE-2022-48662 bsc#1223505).
Unbreak metadata (References: collides with our internal tracking,
switch to Fixes: when referencing a commit).
- commit cd38265
- Update
patches.suse/IB-core-Fix-a-nested-dead-lock-as-part-of-ODP-flow.patch
(git-fixes CVE-2022-48675 bsc#1223894).
- Update
patches.suse/drm-gma500-Fix-BUG-sleeping-function-called-from-inv.patch
(git-fixes CVE-2022-48634 bsc#1223501).
- Update
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(CVE-2022-48662 bsc#1223505a4e7ccdac38e ("drm/i915: Move
context management under GEM") bsc#1223505).
- Update
patches.suse/i2c-mlxbf-prevent-stack-overflow-in-mlxbf_i2c_smbus_.patch
(git-fixes CVE-2022-48632 bsc#1223481).
- Update
patches.suse/ice-Fix-crash-by-keep-old-cfg-when-update-TCs-more-t.patch
(git-fixes CVE-2022-48652 bsc#1223520).
- Update
patches.suse/s390-dasd-fix-Oops-in-dasd_alias_get_start_dev-due-to-missing-pavgroup
(git-fixes CVE-2022-48636 bsc#1223512).
- commit 523501c
- pstore: inode: Only d_invalidate() is needed (bsc#1223705
CVE-2024-27389).
- commit bbe965a
- media: edia: dvbdev: fix a use-after-free (CVE-2024-27043
bsc#1223824).
- commit e3d9ce5
- Update
patches.suse/ext4-fix-bug-in-extents-parsing-when-eh_entries-0-an.patch
(bsc#1206881 bsc#1223475 CVE-2022-48631).
- commit 718df1c
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
(CVE-2024-26852 bsc#1223057)
- commit d89430d
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit d2d22f0
- kABI workaround for cec_adapter (CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid confusing "transmit timed out" message
(CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid recursive cec_claim_log_addrs
(CVE-2024-23848 bsc#1219104).
- media: cec: cec-api: add locking in cec_release()
(CVE-2024-23848 bsc#1219104).
- media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
(CVE-2024-23848 bsc#1219104).
- commit 5f84bce
- media: cec: abort if the current transmit was canceled
(CVE-2024-23848 bsc#1219104).
- commit f23b730
- Update
patches.suse/gpio-mockup-fix-NULL-pointer-dereference-when-removi.patch
(git-fixes CVE-2022-48663 bsc#1223523).
- commit fb50f4d
- Update
patches.suse/cgroup-cgroup_get_from_id-must-check-the-looked-up-kn-is-a-directory.patch
(bsc#1203906 CVE-2022-48638 bsc#1223522).
- commit 1b1d545
- Update
patches.suse/sfc-fix-TX-channel-offset-when-using-legacy-interrup.patch
(git-fixes CVE-2022-48647 bsc#1223519).
- commit 2df3009
- Update
patches.suse/smb3-fix-temporary-data-corruption-in-insert-range.patch
(bsc#1193629 CVE-2022-48667 bsc#1223518).
- commit 2544640
- Update
patches.suse/bnxt-prevent-skb-UAF-after-handing-over-to-PTP-worke.patch
(jsc#SLE-18978 CVE-2022-48637 bsc#1223517).
- commit 8af9f52
- Update
patches.suse/smb3-fix-temporary-data-corruption-in-collapse-range.patch
(bsc#1193629 CVE-2022-48668 bsc#1223516).
- commit ea57df6
- drm/i915/gem: Really move i915_gem_context.link under ref
protection (CVE-2022-48662 bsc#1223505).
- commit 1ea0422
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
(bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit ecd523c
- Update
patches.suse/sfc-fix-null-pointer-dereference-in-efx_hard_start_x.patch
(git-fixes CVE-2022-48648 bsc#1223503).
- commit 2cd307a
- Update
patches.suse/gpiolib-cdev-Set-lineevent_state-irq-after-IRQ-regis.patch
(git-fixes CVE-2022-48660 bsc#1223487).
- commit 30d7811
- Update
patches.suse/arm64-topology-fix-possible-overflow-in-amu_fie_setu.patch
(git-fixes CVE-2022-48657 bsc#1223484).
- commit d7e1659
- Update
patches.suse/netfilter-nfnetlink_osf-fix-possible-bogus-match-in-.patch
(bsc#1204614 CVE-2022-48654 bsc#1223482).
- commit a8a2952
- Update
patches.suse/dmaengine-ti-k3-udma-private-Fix-refcount-leak-bug-i.patch
(git-fixes CVE-2022-48656 bsc#1223479).
- commit 90546f3
- Update
patches.suse/ice-Don-t-double-unplug-aux-on-peer-initiated-reset.patch
(git-fixes CVE-2022-48653 bsc#1223474).
- commit dba84ad
- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
(bsc#1223513 CVE-2022-48651).
- commit c96a663
- Update patches.suse/firmware-arm_scmi-Harden-accesses-to-the-reset-domai.patch (git-fixes CVE-2022-48655 bsc#1223477)
- commit 2dabafb
- Call flush_delayed_fput() from nfsd main-loop (bsc#1223380).
- commit 18e662b
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- commit 23bb7e0
- Update
patches.suse/spi-spi-zynqmp-gqspi-Handle-error-for-dma_set_mask.patch
(git-fixes CVE-2021-47047 bsc#1220761).
- commit 1f6461d
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
(CVE-2023-52616 bsc#1221612).
- commit 6fa74bc
- x86/boot: Ignore relocations in .notes sections in walk_relocs() too (bsc#1222624 CVE-2024-26816).
- commit 9c9dbbd
- x86, relocs: Ignore relocations in .notes section (bsc#1222624 CVE-2024-26816).
- commit 9bcfc48
- Update
patches.suse/aoe-fix-the-potential-use-after-free-problem-in-aoec.patch
(bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016).
- commit 5a56f33
- Update
patches.suse/Bluetooth-rfcomm-Fix-null-ptr-deref-in-rfcomm_check_.patch
(bsc#1219170 CVE-2024-22099 CVE-2024-26903 bsc#1223187).
- commit 1a4ee0a
- powerpc/kasan: Don't instrument non-maskable or raw interrupts
(bsc#1223191).
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
- Refresh patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
- commit c442aed
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt
(bsc#1221645 ltc#205739 bsc#1223191).
- commit 9826a2e
- Update
patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
(bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
- Update
patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch
(bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
(CVE-2024-26733 bsc#1222585 CVE-2024-26739 bsc#1222559).
- commit ac0df3e
- Update
patches.suse/ALSA-gus-fix-null-pointer-dereference-on-pointer-blo.patch
(git-fixes CVE-2021-47207 bsc#1222790).
- Update
patches.suse/ALSA-usb-audio-fix-null-pointer-dereference-on-point.patch
(bsc#1192354 CVE-2021-47211 bsc#1222869).
- Update
patches.suse/RDMA-core-Set-send-and-receive-CQ-before-forwarding-.patch
(jsc#SLE-19249 CVE-2021-47196 bsc#1222773).
- Update
patches.suse/arm64-dts-qcom-msm8998-Fix-CPU-L2-idle-state-latency.patch
(git-fixes CVE-2021-47187 bsc#1222703).
- Update
patches.suse/cfg80211-call-cfg80211_stop_ap-when-switch-from-P2P_.patch
(git-fixes CVE-2021-47194 bsc#1222829).
- Update
patches.suse/clk-sunxi-ng-Unregister-clocks-resets-when-unbinding.patch
(git-fixes CVE-2021-47205 bsc#1222888).
- Update
patches.suse/drm-prime-Fix-use-after-free-in-mmap-with-drm_gem_tt.patch
(git-fixes CVE-2021-47200 bsc#1222838).
- Update
patches.suse/i40e-Fix-NULL-ptr-dereference-on-VSI-filter-sync.patch
(jsc#SLE-18378 CVE-2021-47184 bsc#1222666).
- Update
patches.suse/iavf-free-q_vectors-before-queues-in-iavf_disable_vf.patch
(jsc#SLE-18385 CVE-2021-47201 bsc#1222792).
- Update
patches.suse/msft-hv-2480-x86-hyperv-Fix-NULL-deref-in-set_hv_tscchange_cb-if-.patch
(git-fixes CVE-2021-47217 bsc#1222836).
- Update
patches.suse/net-dpaa2-eth-fix-use-after-free-in-dpaa2_eth_remove.patch
(git-fixes CVE-2021-47204 bsc#1222787).
- Update
patches.suse/net-mlx5-Update-error-handler-for-UCTX-and-UMEM.patch
(jsc#SLE-19253 CVE-2021-47212 bsc#1222709).
- Update
patches.suse/net-mlx5e-CT-Fix-multiple-allocations-and-memleak-of.patch
(jsc#SLE-19253 CVE-2021-47199 bsc#1222785).
- Update
patches.suse/net-mlx5e-kTLS-Fix-crash-in-RX-resync-flow.patch
(jsc#SLE-19253 CVE-2021-47215 bsc#1222704).
- Update
patches.suse/net-mlx5e-nullify-cq-dbg-pointer-in-mlx5_debug_cq_re.patch
(jsc#SLE-19253 CVE-2021-47197 bsc#1222776).
- Update
patches.suse/sched-fair-Prevent-dead-task-groups-from-regaining-cfs_rq-s.patch
(bsc#1192837 CVE-2021-47209 bsc#1222796).
- Update patches.suse/scsi-advansys-Fix-kernel-pointer-leak.patch
(git-fixes CVE-2021-47216 bsc#1222876).
- Update
patches.suse/scsi-core-sysfs-Fix-hang-when-device-state-is-set-via-sysfs
(git-fixes CVE-2021-47192 bsc#1222867).
- Update
patches.suse/scsi-lpfc-Fix-list_add-corruption-in-lpfc_drain_txq.patch
(bsc#1190576 CVE-2021-47203 bsc#1222881).
- Update
patches.suse/scsi-lpfc-Fix-use-after-free-in-lpfc_unreg_rpi-routi.patch
(bsc#1192145 CVE-2021-47198 bsc#1222883).
- Update
patches.suse/scsi-pm80xx-Fix-memory-leak-during-rmmod.patch
(git-fixes CVE-2021-47193 bsc#1222879).
- Update
patches.suse/scsi-scsi_debug-Fix-out-of-bound-read-in-resp_readcap16.patch
(git-fixes CVE-2021-47191 bsc#1222866).
- Update
patches.suse/scsi-scsi_debug-Fix-out-of-bound-read-in-resp_report_tgtpgs.patch
(git-fixes CVE-2021-47219 bsc#1222824).
- Update patches.suse/scsi-ufs-core-Improve-SCSI-abort-handling
(git-fixes CVE-2021-47188 bsc#1222671).
- Update
patches.suse/selinux-fix-NULL-pointer-dereference-when-hashtab-al.patch
(git-fixes CVE-2021-47218 bsc#1222791).
- Update
patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch
(stable-5.14.21 CVE-2021-47202 bsc#1222878).
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185 bsc#1222669).
- Update
patches.suse/usb-host-ohci-tmio-check-return-value-after-calling-.patch
(git-fixes CVE-2021-47206 bsc#1222894).
- Update
patches.suse/usb-typec-tipd-Remove-WARN_ON-in-tps6598x_block_read.patch
(git-fixes CVE-2021-47210 bsc#1222901).
- commit 48b69db
- wifi: iwlwifi: fix a memory corruption (CVE-2024-26610
bsc#1221299).
- commit e7967c5
- xen/events: close evtchn after mapping cleanup (CVE-2024-26687,
bsc#1222435).
- commit eb41ab9
- Update patches.suse/arp-Prevent-overflow-in-arp_req_get.patch
- fix build warning
- commit b98055d
- ext4: regenerate buddy after block freeing failed if under fc
replay (bsc#1220342 CVE-2024-26601).
- commit c12e20f
- blacklist.conf: Blacklist 83e80a6e3543f3
- commit 62a580e
- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
(bsc#1222721 CVE-2024-26764).
- commit b81d662
- fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via
libaio (bsc#1222721 CVE-2024-26764).
- commit 6f0ed6e
- ext4: avoid allocating blocks from corrupted group in
ext4_mb_try_best_found() (bsc#1222618 CVE-2024-26773).
- commit 821043d
- Update patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch (stable-5.14.21 CVE-2021-47202 bsc#1222878)
- commit 9b2ed28
- Update references in
patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch
(bsc#1221044 bsc#1221088 CVE-2023-52591 CVE-2023-52590).
- commit 6a6852e
- Update patches.suse/spi-fix-use-after-free-of-the-add_lock-mutex.patch (git-fixes CVE-2021-47195 bsc#1222832)
- commit e8d48f1
- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (bsc#1222726 CVE-2024-26766)
- commit dc4bba0
- scsi: Update max_hw_sectors on rescan (bsc#1216223).
- ibmvfc: make 'max_sectors' a module option (bsc#1216223).
- commit af79c3f
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit 7709383
- Update
patches.suse/btrfs-fix-memory-ordering-between-normal-and-ordered-work-functions.patch
(git-fixes CVE-2021-47189 bsc#1222706).
- commit 95bc72d
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185).
- commit de9e1db
- Update
patches.suse/scsi-lpfc-Fix-link-down-processing-to-address-NULL-p.patch
(bsc#1192145 CVE-2021-47183 bsc#1222664).
- commit 720685d
- Update
patches.suse/scsi-core-Fix-scsi_mode_sense-buffer-length-handling.patch
(git-fixes CVE-2021-47182 bsc#1222662).
- commit 641c737
- Update
patches.suse/usb-musb-tusb6010-check-return-value-after-calling-p.patch
(git-fixes CVE-2021-47181 bsc#1222660).
- commit 27da195
- ceph: prevent use-after-free in encode_cap_msg() (CVE-2024-26689
bsc#1222503).
- commit c307f9b
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
(bsc#1222619).
- commit 900d642
- arp: Prevent overflow in arp_req_get() (CVE-2024-26733
bsc#1222585).
- commit aed9764
- net/sched: act_mirred: don't override retval if we already
lost the skb (CVE-2024-26733 bsc#1222585).
- commit 57213f3
- Update
patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch
(bsc#1219126 CVE-2024-23850 CVE-2024-26727 bsc#1222536).
- commit 9619dfe
- ext4: fix double-free of blocks due to wrong extents moved_len
(bsc#1222422 CVE-2024-26704).
- commit 4e96ad3
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit aa8204a
- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
CVE-2023-52591).
- commit a849be1
- scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
cve-2023-52500).
- commit fc88013
- Update
patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
(CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- commit fd3aabc
- selinux: saner handling of policy reloads (bsc#1222230 bsc#1221044
CVE-2023-52591).
- commit 66a189d
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- commit 989b8c6
- blacklist.conf: omit reverted sockmap deadlock fix
- commit 397323e
- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 2e3eba1
- netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642 bsc#1221830).
- commit 02a907f
- netfilter: ctnetlink: fix possible refcount leak in
ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit 0b47032
- README.BRANCH: Remove copy of branch name
- commit 4834fba
- README.BRANCH: Remove copy of branch name
- commit 704bda3
- ipv6: init the accept_queue's spinlocks in inet6_create
(bsc#1221293 CVE-2024-26614).
- commit 0ab8c0f
- tcp: make sure init the accept_queue's spinlocks once
(bsc#1221293 CVE-2024-26614).
- commit 943f002
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
(CVE-2023-52607 bsc#1221061).
- commit 36feafa
- Update
patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch
(git-fixes CVE-2023-52519 bsc#1220920).
- Update
patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch
(git-fixes CVE-2023-52529 bsc#1220929).
- Update
patches.suse/IB-hfi1-Fix-bugs-with-non-PAGE_SIZE-end-multi-iovec-.patch
(git-fixes CVE-2023-52474 bsc#1220445).
- Update
patches.suse/RDMA-siw-Fix-connection-failure-handling.patch
(git-fixes CVE-2023-52513 bsc#1221022).
- Update
patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch
(git-fixes CVE-2023-52515 bsc#1221048).
- Update
patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch
(git-fixes CVE-2023-52564 bsc#1220938).
- Update
patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch
(bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073).
- Update
patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch
(git-fixes CVE-2023-52510 bsc#1220898).
- Update
patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch
(git-fixes CVE-2023-52524 bsc#1220927).
- Update
patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch
(git-fixes CVE-2023-52528 bsc#1220843).
- Update
patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch
(git-fixes CVE-2023-52507 bsc#1220833).
- Update
patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch
(git-fixes CVE-2023-52566 bsc#1220940).
- Update
patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
(bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch
(git-fixes CVE-2023-52520 bsc#1220921).
- Update
patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
(bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch
(git-fixes CVE-2023-52501 bsc#1220885).
- Update
patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch
(git-fixes CVE-2023-52567 bsc#1220839).
- Update
patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch
(git-fixes CVE-2023-52517 bsc#1221055).
- Update
patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch
(git-fixes CVE-2023-52511 bsc#1221012).
- Update
patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch
(git-fixes CVE-2023-52525 bsc#1220840).
- Update
patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch
(git-fixes CVE-2023-52504 bsc#1221553).
- Update
patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
(git-fixes CVE-2023-52575 bsc#1220871).
- commit 5f353b0
- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
(bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- Update
patches.suse/crypto-qcom-rng-ensure-buffer-for-generate-is-comple.patch
(git-fixes CVE-2022-48629 bsc#1220989).
- Update
patches.suse/crypto-qcom-rng-fix-infinite-loop-on-requests-not-mu.patch
(git-fixes CVE-2022-48630 bsc#1220990).
- commit f8cf886
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-harden-detection-of-controll.patch
(git-fixes CVE-2021-46926 bsc#1220478).
- Update
patches.suse/ALSA-rawmidi-fix-the-uninitalized-user_pversion.patch
(git-fixes CVE-2021-47096 bsc#1220981).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(git-fixes CVE-2021-47104 bsc#1220960).
- Update
patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
(git-fixes CVE-2021-47097 bsc#1220982).
- Update
patches.suse/KVM-x86-mmu-Don-t-advance-iterator-after-restart-due.patch
(git-fixes CVE-2021-47094 bsc#1221551).
- Update patches.suse/NFSD-Fix-READDIR-buffer-overflow.patch
(git-fixes bsc#1196346 CVE-2021-47107 bsc#1220965).
- Update
patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
(git-fixes CVE-2021-47101 bsc#1220987).
- Update
patches.suse/drm-mediatek-hdmi-Perform-NULL-pointer-check-for-mtk.patch
(git-fixes CVE-2021-47108 bsc#1220986).
- Update
patches.suse/hwmon-lm90-Prevent-integer-overflow-underflow-in-hys.patch
(git-fixes CVE-2021-47098 bsc#1220983).
- Update
patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
(git-fixes CVE-2021-47100 bsc#1220985).
- Update
patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
(bsc#1193490 CVE-2021-47095 bsc#1220979).
- Update
patches.suse/mac80211-fix-locking-in-ieee80211_start_ap-error-pat.patch
(git-fixes CVE-2021-47091 bsc#1220959).
- Update
patches.suse/net-fix-use-after-free-in-tw_timer_handler.patch
(bsc#1217195 CVE-2021-46936 bsc#1220439).
- Update
patches.suse/net-marvell-prestera-fix-incorrect-structure-access.patch
(git-fixes CVE-2021-47102 bsc#1221009).
- Update
patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock
(git-fixes CVE-2021-46925 bsc#1220466).
- Update
patches.suse/nitro_enclaves-Use-get_user_pages_unlocked-call-to-handle-mmap-assert.patch
(git fixes (mm/gup) CVE-2021-46927 bsc#1220443).
- Update
patches.suse/platform-x86-intel_pmc_core-fix-memleak-on-registrat.patch
(git-fixes CVE-2021-47093 bsc#1220978).
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
(CVE-2022-20154 bsc#1200599 CVE-2021-46929 bsc#1220482).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
(jsc#SLE-21844 CVE-2021-47087 bsc#1220954).
- Update
patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
(bsc#1209635 CVE-2022-4744 git-fixes CVE-2021-47082
bsc#1220969).
- Update
patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
(git-fixes CVE-2021-46933 bsc#1220487).
- Update patches.suse/usb-mtu3-fix-list_head-check-warning.patch
(git-fixes CVE-2021-46930 bsc#1220484).
- Update
patches.suse/veth-ensure-skb-entering-GRO-are-not-cloned.patch
(git-fixes CVE-2021-47099 bsc#1220955).
- commit b15f74e
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
CVE-2023-7042).
- commit 1784f9f
- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 02ed75a
- dmaengine: fix NULL pointer in channel unregistration function (bsc#1221276 CVE-2023-52492)
- commit f21c2ab
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(bsc#1219170 CVE-2024-22099).
- commit ece27a6
- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
CVE-2023-52476).
- commit c52b506
- fs: introduce lock_rename_child() helper (bsc#1221044
CVE-2023-52591).
Refresh patches.suse/fs-Establish-locking-order-for-unrelated-directories.patch
- commit 86376e0
- rename(): avoid a deadlock in the case of parents having no
common ancestor (bsc#1221044 CVE-2023-52591).
- commit 16e3098
- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit 8b8deef
- rename(): fix the locking of subdirectories (bsc#1221044
CVE-2023-52591).
- commit 146d81f
- f2fs: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 5344280
- ext4: don't access the source subdirectory content on
same-directory rename (bsc#1221044 CVE-2023-52591).
- commit b2b6374
- ext2: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 2edcc11
- udf_rename(): only access the child content on cross-directory
rename (bsc#1221044 CVE-2023-52591).
- commit 0257614
- ocfs2: Avoid touching renamed directory if parent does not
change (bsc#1221044 CVE-2023-52591).
- commit e786f3a
- reiserfs: Avoid touching renamed directory if parent does not
change (git-fixes bsc#1221044 CVE-2023-52591).
Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit 523ddca
- fs: don't assume arguments are non-NULL (bsc#1221044
CVE-2023-52591).
- commit 2177893
- fs: Restrict lock_two_nondirectories() to non-directory inodes
(bsc#1221044 CVE-2023-52591).
- commit a59a7cb
- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 8c6576f
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in
upi_fill_topology() (bsc#1220237, CVE-2023-52450).
- commit 246b58a
- net/sched: Add module alias for sch_fq_pie (bsc#1210335 CVE-2023-1829).
- commit a69d933
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- commit 961c535
- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
- commit 4fed4e6
- Sort upstream patches
- Refresh
patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
patches.suse/x86-entry-ia32-Ensure-s32-is-sign-extended-to-s64.patch.
- Refresh
patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit f172e12
- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
Fix for kABI workaround.
- commit 6ba2f5d
- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
CVE-2023-52583).
- commit 1a81018
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit dfd082b
- Refresh
patches.suse/mm-ima-kexec-of-use-memblock_free_late-from-ima_free.patch.
Fix:
* Section mismatch (function ima_free_kexec_buffer()) in modpost: vmlinux.o in ima_free_kexec_buffer()
WARNING: modpost: vmlinux.o(.text+0xac1250): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late()
- commit 5522f01
- powerpc/pseries/iommu: IOMMU table is not initialized for
kdump over SR-IOV (bsc#1220492 ltc#205270).
- commit 535ea22
- Update
patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
(bsc#1220790 CVE-2023-52477).
- commit d33bab7
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit 9d7d799
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit f4f0cf4
- group-source-files.pl: Quote filenames (boo#1221077).
The kernel source now contains a file with a space in the name.
Add quotes in group-source-files.pl to avoid splitting the filename.
Also use -print0 / -0 when updating timestamps.
- commit a005e42
- mm,ima,kexec,of: use memblock_free_late from
ima_free_kexec_buffer (bsc#1220872 CVE-2023-52576).
- commit b1b1c9a
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit 78e2b4a
- erofs: fix lz4 inplace decompression (CVE-2023-52497
bsc#1220879).
- commit ddeedf9
- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
CVE-2023-52605).
- commit 635c481
- kernel-binary: Fix i386 build
Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351
- btrfs: remove BUG() after failure to insert delayed dir index
item (bsc#1220918 CVE-2023-52569).
- btrfs: improve error message after failure to add delayed dir
index item (bsc#1220918 CVE-2023-52569).
- commit 53e1d2d
- net: nfc: fix races in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 8c33586
- kabi: team: Hide new member header_ops (bsc#1220870
CVE-2023-52574).
- commit 9f49992
- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392
bsc#1221040 CVE-2023-52597).
- commit a90b87c
- kernel-binary: vdso: fix filelist for non-usrmerged kernel
Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221
- bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
(bsc#1220926 CVE-2023-52523).
- commit 90d9f50
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
(bsc#1218562 CVE-2023-6270).
- commit 57a4cd4
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit eed7fb0
- iommu/vt-d: Avoid memory allocation in iommu_suspend()
(CVE-2023-52559 bsc#1220933).
- commit c9b01ef
- Refresh patches.suse/0001-powerpc-pseries-memhp-Fix-access-beyond-end-of-drmem.patch.
- update to upstream version
- rename to same name as SLE15 SP5
- commit 1d2def1
- KVM: x86: Export RFDS_NO and RFDS_CLEAR to guests (bsc#1213456 CVE-2023-28746).
- commit 4aebf4f
- x86/rfds: Mitigate Register File Data Sampling (RFDS) (bsc#1213456 CVE-2023-28746).
- Update config files.
- commit 29c1c99
- Documentation/hw-vuln: Add documentation for RFDS (bsc#1213456 CVE-2023-28746).
- commit 81de603
- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514 CVE-2023-35827).
- team: fix null-ptr-deref when team device type is changed
(bsc#1220870 CVE-2023-52574).
- commit 2cc53f5
- Update
patches.suse/ice-xsk-return-xsk-buffers-back-to-pool-when-cleanin.patch
(jsc#SLE-18375 bsc#1220961 CVE-2021-47105).
- Update patches.suse/net-mana-Fix-TX-CQE-error-handling.patch
(bsc#1215986 bsc#1220932 CVE-2023-52532).
- Update
patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
(jsc#SLE-19253 bsc#1220486 CVE-2021-46931).
Added CVE references.
- commit 3e396c2
- Update patches.suse/i2c-validate-user-data-in-compat-ioctl.patch
(git-fixes bsc#1220469 CVE-2021-46934).
Add bug and CVE references.
- commit 3a04060
- wifi: mac80211: fix potential key use-after-free (CVE-2023-52530
bsc#1220930).
- commit 3feca94
- Update patch reference for iwlwifi fix (CVE-2023-52531 bsc#1220931)
- commit bde87cf
- Update patch reference for pinctrl fix (CVE-2021-47083 bsc#1220917)
- commit b608623
- drm/bridge: sii902x: Fix probing race issue (bsc#1220736 CVE-2024-26607).
- commit 70198c4
- Update
patches.suse/vt-fix-memory-overlapping-when-deleting-chars-in-the.patch
(git-fixes bsc#1220845 CVE-2022-48627).
- Update
patches.suse/x86-srso-add-srso-mitigation-for-hygon-processors.patch
(git-fixes bsc#1220735 CVE-2023-52482).
Add CVE references.
- commit dcdac38
- mfd: syscon: Fix null pointer dereference in
of_syscon_register() (bsc#1220433 CVE-2023-52467).
- commit b0262b8
- bpf: Fix re-attachment branch in bpf_tracing_prog_attach
(bsc#1220254 CVE-2024-26591).
- commit fc948d3
- selftests/bpf: Add test for alu on PTR_TO_FLOW_KEYS (bsc#1220255
CVE-2024-26589).
- bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255
CVE-2024-26589).
- commit 8a833ce
- iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range (CVE-2023-52484 bsc#1220797).
- commit 2229de3
- tls: fix race between tx work scheduling and socket close
(CVE-2024-26585 bsc#1220187).
- commit 1306bff
- kabi: restore return type of dst_ops::gc() callback
(CVE-2023-52340 bsc#1219295).
- ipv6: remove max_size check inline with ipv4 (CVE-2023-52340
bsc#1219295).
- commit b8eec42
- netfilter: nf_tables: fix 64-bit load issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit e095cd0
- netfilter: nft_set_pipapo: skip inactive elements during set
walk (CVE-2023-6817 bsc#1218195).
- commit 4032aa7
- tomoyo: fix UAF write bug in tomoyo_write_control() (bsc#1220825
CVE-2024-26622).
- commit c8e5b38
- doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
Following the code change in SLE15-SP6 to have externally supported
modules no longer taint the kernel, update the respective documentation
in README.SUSE:
* Describe that support status can be obtained at runtime for each
module from /sys/module/$MODULE/supported and for the entire system
from /sys/kernel/supported. This provides a way how to now check that
the kernel has any externally supported modules loaded.
* Remove a mention that externally supported modules taint the kernel,
but keep the information about bit 16 (X) and add a note that it is
still tracked per module and can be read from
/sys/module/$MODULE/taint. This per-module information also appears in
Oopses.
- commit 9ed8107
- btrfs: fix double free of anonymous device after snapshot
creation failure (bsc#1219126 CVE-2024-23850).
- commit 257a534
- btrfs: do not ASSERT() if the newly created subvolume already
got read (bsc#1219126 CVE-2024-23850).
- commit a2ac581
- bpf: Minor cleanup around stack bounds (bsc#1220257
CVE-2023-52452).
- bpf: Fix accesses to uninit stack slots (bsc#1220257
CVE-2023-52452).
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Fix verification of indirect var-off stack access
(git-fixes).
- commit 7d03125
- serial: 8250: omap: Don't skip resource freeing if
pm_runtime_resume_and_get() failed (bsc#1220350 CVE-2023-52457).
- commit c82f528
- serial: imx: fix tx statemachine deadlock (bsc#1220364
CVE-2023-52456).
- commit cd9f92c
- powerpc/pseries/memhp: Fix access beyond end of drmem array
(bsc#1220250,CVE-2023-52451).
- commit fdc7254
- Update patch reference for input fix (CVE-2021-46932 bsc#1220444)
- commit e44e0b1
- Update patches.suse/i2c-Fix-a-potential-use-after-free.patch
(git-fixes bsc#1220409 CVE-2019-25162).
Add bug and CVE references.
- commit 6df4ebd
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit 3cfef52
- btrfs: fix double free of anonymous device after snapshot
creation failure (bsc#1219126 CVE-2024-23850).
- commit f8ba729
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
(bsc#1220238 CVE-2023-52449).
- commit c132b67
- fs/mount_setattr: always cleanup mount_kattr (bsc#1220457
CVE-2021-46923).
- commit 89afe2f
- kABI: bpf: map_fd_put_ptr() signature kABI workaround
(bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
CVE-2023-52447).
- kABI: bpf: map_fd_put_ptr() signature kABI workaround
(bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
CVE-2023-52447).
- commit bec1c61
- selftests/bpf: Test outer map update operations in syscall
program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
(bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
CVE-2023-52447).
- selftests/bpf: Test outer map update operations in syscall
program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
(bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
CVE-2023-52447).
- commit aa6db76
- Update patch reference for HID fix (CVE-2023-52478 bsc#1220796)
- commit 4aec836
- Update patch reference for input fix (CVE-2023-52475 bsc#1220649)
- commit 00a87c8
- KVM: arm64: vgic-its: Avoid potential UAF in LPI translation
cache (bsc#1220326, CVE-2024-26598).
- commit 74fd0dd
- x86/fpu: Stop relying on userspace for info to fault in xsave buffer (bsc#1220335, CVE-2024-26603).
- commit 4cbbdbf
- Update patch reference for NFC fix (CVE-2021-46924 bsc#1220459)
- commit 8ac32a8
- media: pvrusb2: fix use after free on context disconnection
(CVE-2023-52445 bsc#1220241).
- commit e4643a5
- uio: Fix use-after-free in uio_open (bsc#1220140
CVE-2023-52439).
- commit fbf52b1
- apparmor: avoid crash when parsed profile name is empty
(CVE-2023-52443 bsc#1220240).
- commit 732bc93
- btrfs: do not ASSERT() if the newly created subvolume already
got read (bsc#1219126 CVE-2024-23850).
- commit 087f1fb
- sched/membarrier: reduce the ability to hammer on sys_membarrier
(git-fixes, bsc#1220398, CVE-2024-26602).
- commit 6f61ce3
- i2c: i801: Fix block process call transactions (bsc#1220009
CVE-2024-26593).
- commit 1b64da9
- mlxsw: spectrum_acl_tcam: Fix stack corruption (bsc#1220243
CVE-2024-26586).
- mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in
error path (bsc#1220344 CVE-2024-26595).
- commit 6e8b589
- EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330, CVE-2023-52464)
- commit 369d1fd
- Drop 2 git-fixes patches which are suspicious to introduce regression
reported in bsc#1219073,
- patches.suse/md-Set-MD_BROKEN-for-RAID1-and-RAID10-9631.patch.
- patches.suse/md-raid1-free-the-r1bio-before-waiting-for-blocked-r-992d.patch.
- Refresh patches.suse/md-display-timeout-error.patch for the above
change.
- commit 4ecd26a
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
(bsc#1220253 CVE-2023-52448).
- commit 12cdab5
- rpm templates: Always define usrmerged
usrmerged is now defined in kernel-spec-macros and not the distribution.
Only check if it's defined in kernel-spec-macros, not everywhere where
it's used.
- commit a6ad8af
- nvme: remove nvme_alloc_request and nvme_alloc_request_qid
(bsc#1214064).
Refresh:
- patches.suse/nvme-tcp-delay-error-recovery-until-the-next-kato.patch
- commit 6fc2117
- rpm templates: Move macro definitions below buildrequires
Many of the rpm macros defined in the kernel packages depend directly or
indirectly on script execution. OBS cannot execute scripts which means
values of these macros cannot be used in tags that are required for OBS
to see such as package name, buildrequires or buildarch.
Accumulate macro definitions that are not directly expanded by mkspec
below buildrequires and buildarch to make this distinction clear.
- commit 89eaf4c
- rpm/check-for-config-changes: add GCC_ASM_GOTO_OUTPUT_WORKAROUND to IGNORED_CONFIGS_RE
Introduced by commit 68fb3ca0e408 ("update workarounds for gcc "asm
goto" issue").
- commit be1bdab
- net: openvswitch: limit the number of recursions from action
sets (bsc#1219835 CVE-2024-1151).
- commit ed2fd55
- README.BRANCH: use correct mail for Roy
- commit 6f3c32f
- compute-PATCHVERSION: Do not produce output when awk fails
compute-PATCHVERSION uses awk to produce a shell script that is
subsequently executed to update shell variables which are then printed
as the patchversion.
Some versions of awk, most notably bysybox-gawk do not understand the
awk program and fail to run. This results in no script generated as
output, and printing the initial values of the shell variables as
the patchversion.
When the awk program fails to run produce 'exit 1' as the shell script
to run instead. That prevents printing the stale values, generates no
output, and generates invalid rpm spec file down the line. Then the
problem is flagged early and should be easier to diagnose.
- commit 8ef8383
- nvme: move nvme_stop_keep_alive() back to original position
(bsc#1211515).
- commit b945fa0
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- commit 636fc4c
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
Also add the removed mds_user_clear symbol to kABI severities as it is
exposed just for KVM module and is generally a core kernel component so
removing it is low risk.
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (git-fixes).
- commit 5b0be3c
- netfilter: nf_tables: disallow rule removal from chain binding
(bsc#1218216 CVE-2023-5197).
- commit d7a1a4d
- netfilter: nf_tables: skip bound chain in netns release path
(bsc#1218216 CVE-2023-5197).
- commit af879c8
- nvme: start keep-alive after admin queue setup (bsc#1211515).
- commit 13f904b
- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
(bsc#1219127 CVE-2024-23849).
- commit 43577c1
- kernel-binary: Move build script to the end
All other spec templates have the build script at the end, only
kernel-binary has it in the middle. Align with the other templates.
- commit 98cbdd0
- rpm templates: Aggregate subpackage descriptions
While in some cases the package tags, description, scriptlets and
filelist are located together in other cases they are all across the
spec file. Aggregate the information related to a subpackage in one
place.
- commit 8eeb08c
- rpm templates: sort rpm tags
The rpm tags in kernel spec files are sorted at random.
Make the order of rpm tags somewhat more consistent across rpm spec
templates.
- commit 8875c35
- dm: limit the number of targets and parameter size area
(bsc#1219827, bsc#1219146, CVE-2023-52429, CVE-2024-23851).
- commit 26dc83e
- Fix unresolved hunks in README.BRANCH
- commit 99bb861
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633).
- commit b6a1f9a
- vhost: use kzalloc() instead of kmalloc() followed by memset()
(CVE-2024-0340, bsc#1218689).
- commit 4c5a740
- README.BRANCH: Update cve/linux-5.14 maintainers
Add myself to match SLE15-SP5 consumer + fix typo in branch name.
- commit da26653
- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
Accidentally removed nfs4_get_stateowner
- commit d77a474
- kernel-binary: certs: Avoid trailing space
- commit bc7dc31
- Bluetooth: Fix atomicity violation in {min,max}_key_size_set
(git-fixes bsc#1219608 CVE-2024-24860).
- commit a1186fd
- README.BRANCH: update branch name to cve/linux-5.14, update maintainers
as requested
- commit 8e34879
- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config
(bsc#1219653)
They are put into -devel subpackage. And a proper link to
/usr/share/gdb/auto-load/ is created.
- commit 1dccf2a
- netfilter: nf_tables: check if catch-all set element is active
in next generation (CVE-2024-1085 bsc#1219429).
- commit 7b3f4c4
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
(CVE-2024-1086 bsc#1219434).
- commit 5f917ff
- Update
patches.suse/drm-amdgpu-Fix-potential-fence-use-after-free-v2.patch
(bsc#1219128 CVE-2023-51042 git-fixes).
- commit 4b937fc
- rpm/mkspec: sort entries in _multibuild
Otherwise it creates unnecessary diffs when tar-up-ing. It's of course
due to readdir() using "random" order as served by the underlying
filesystem.
See for example:
https://build.opensuse.org/request/show/1144457/changes
- commit d1155de
- Revert "tracing: Increase trace array ref count on enable and
filter files" (bsc#1219490).
Deleted:
patches.suse/tracing-Increase-trace-array-ref-count-on-enable-and-filter-files.patch
patches.suse/tracing-Have-event-inject-files-inc-the-trace-array-ref-count.patch
Backported commit f5ca233e2e66 ("tracing: Increase trace array ref count
on enable and filter files") causes a kernel panic and its upstream
fix-up bb32500fb9b7 ("tracing: Have trace_event_file have ref counters")
cannot be easily backported because it affects kABI. Revert the commit
and its one related + dependent patch, at least for now.
- commit 90d885a
- README.BRANCH: SLE15-SP4 became LTSS, update maintainers
- commit 94325df
- atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780
bsc#1218730).
- commit 658d424
- xen-netback: don't produce zero-size SKB frags (CVE-2023-46838,
XSA-448, bsc#1218836).
- commit 9a897ff
- Update
patches.suse/ext4-fix-kernel-BUG-in-ext4_write_inline_data_end.patch
(CVE-2021-33631 bsc#1219412 bsc#1206894).
- commit 96c942c
- kabi, vmstat: skip periodic vmstat update for isolated CPUs
(bsc#1217895).
- commit 8cb5798
- sched/isolation: add cpu_is_isolated() API (bsc#1217895).
- trace,smp: Add tracepoints around remotelly called functions
(bsc#1217895).
- vmstat: skip periodic vmstat update for isolated CPUs
(bsc#1217895).
- Refresh
patches.suse/0002-kernel-smp-make-csdlock-timeout-depend-on-boot-param.patch.
- commit 668c0e0
- kernel-source: Fix description typo
- commit 8abff35
- nvmet-tcp: Fix the H2C expected PDU len calculation
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356).
- nvmet-tcp: remove boilerplate code (bsc#1217987 bsc#1217988
bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356).
- nvmet-tcp: fix a crash in nvmet_req_complete() (bsc#1217987
bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356).
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C
PDU length (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535
CVE-2023-6536 CVE-2023-6356).
- commit d968940
- clocksource: Skip watchdog check for large watchdog intervals
(bsc#1217217).
- commit 63b1d6d
- clocksource: disable watchdog checks on TSC when TSC is watchdog
(bsc#1215885).
- commit 2f92dd8
- nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968
bsc#1219349).
- commit d38f35d
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
(CVE-2023-47233 bsc#1216702).
- commit 433859d
- rpm/constraints.in: set jobs for riscv to 8
The same workers are used for x86 and riscv and the riscv builds take
ages. So align the riscv jobs count to x86.
- commit b2c82b9
- net: sched: sch_qfq: Use non-work-conserving warning handler
(CVE-2023-4921 bsc#1215275).
- commit b50ba0e
- mkspec: Use variant in constraints template
Constraints are not applied consistently with kernel package variants.
Add variant to the constraints template as appropriate, and expand it
in mkspec.
- commit cc68ab9
- rpm/constraints.in: add static multibuild packages
Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for
constraints on multibuild) added "kernel-source:" prefix to the
dynamically generated kernels. But there are also static ones like
kernel-docs. Those fail to build as the constraints are still not
applied.
So add the prefix also to the static ones.
Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it
will ever be multibuilt...
- commit c2e0681
- Update
patches.suse/drm-atomic-Fix-potential-use-after-free-in-nonblocki.patch
(bsc#1219120 CVE-2023-51043 git-fixes).
- commit d004027
- Revert "Limit kernel-source build to architectures for which the kernel binary"
This reverts commit 08a9e44c00758b5f3f3b641830ab6affff041132.
The fix for bsc#1108281 directly causes bsc#1218768, revert.
- commit 2943b8a
- mkspec: Include constraints for both multibuild and plain package always
There is no need to check for multibuild flag, the constraints can be
always generated for both cases.
- commit 308ea09
- rpm/mkspec: use kernel-source: prefix for constraints on multibuild
Otherwise the constraints are not applied with multibuild enabled.
- commit 841012b
- rpm/kernel-source.rpmlintrc: add action-ebpf
Upstream commit a79d8ba734bd (selftests: tc-testing: remove buildebpf
plugin) added this precompiled binary blob. Adapt rpmlintrc for
kernel-source.
- commit b5ccb33
- block: Fix kabi header include (bsc#1218929).
- commit 8f511ac
- scripts/tar-up.sh: don't add spurious entry from kernel-sources.changes.old
The previous change added the manual entry from kernel-sources.change.old
to old_changelog.txt unnecessarily. Let's fix it.
- commit fb033e8
- Update
patches.suse/ext4-improve-error-recovery-code-paths-in-__ext4_rem.patch
(bsc#1213017 bsc#1219053 CVE-2024-0775).
- commit 97ea702
- block: free the extended dev_t minor later (bsc#1218930).
- commit 0972f94
- rpm/kernel-docs.spec.in: fix build with 6.8
Since upstream commit f061c9f7d058 (Documentation: Document each netlink
family), the build needs python yaml.
- commit 6a7ece3
- hv_netvsc: rndis_filter needs to select NLS (git-fixes).
- commit 6f3116b
- nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
- commit 605df5b
- netfilter: nf_tables: Reject tables of unsupported family
(bsc#1218752 CVE-2023-6040).
- commit e03f1d3
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
btree_gc_coalesce() (git-fixes).
- rbd: take header_rwsem in rbd_dev_refresh() only when updating
(git-fixes).
- dm: don't lock fs when the map is NULL during suspend or resume
(git-fixes).
- commit fe9ee72
- tipc: fix a potential deadlock on &tx->lock (bsc#1218916
CVE-2024-0641).
- commit c872674
- Update metadata
- commit d121b79
- tipc: fix a potential deadlock on &tx->lock (bsc#1218916
CVE-2024-0641).
- commit 7953be2
- Update metadata
- commit c015ae2
- smb: client: fix OOB in receive_encrypted_standard()
(bsc#1218832 CVE-2024-0565).
- commit 3cac9c2
- ida: Fix crash in ida_free when the bitmap is empty (bsc#1218804
CVE-2023-6915).
- commit 7caa324
- dm-integrity: don't modify bio's immutable bio_vec in
integrity_metadata() (git-fixes).
- dm-verity: align struct dm_verity_fec_io properly (git-fixes).
- dm verity: don't perform FEC for failed readahead IO
(git-fixes).
- bcache: avoid NULL checking to c->root in run_cache_set()
(git-fixes).
- bcache: add code comments for bch_btree_node_get() and
__bch_btree_node_alloc() (git-fixes).
- bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up
race (git-fixes).
- bcache: fixup lock c->root error (git-fixes).
- bcache: fixup init dirty data errors (git-fixes).
- bcache: prevent potential division by zero error (git-fixes).
- bcache: remove redundant assignment to variable cur_idx
(git-fixes).
- bcache: check return value from btree_node_alloc_replacement()
(git-fixes).
- bcache: avoid oversize memory allocation by small stripe_size
(git-fixes).
- dm-delay: fix a race between delay_presuspend and delay_bio
(git-fixes).
- dm zoned: free dmz->ddev array in dmz_put_zoned_devices
(git-fixes).
- rbd: decouple parent info read-in from updating rbd_dev
(git-fixes).
- rbd: decouple header read-in from updating rbd_dev->header
(git-fixes).
- rbd: move rbd_dev_refresh() definition (git-fixes).
- rbd: prevent busy loop when requesting exclusive lock
(git-fixes).
- rbd: retrieve and check lock owner twice before blocklisting
(git-fixes).
- rbd: harden get_lock_owner_info() a bit (git-fixes).
- rbd: make get_lock_owner_info() return a single locker or NULL
(git-fixes).
- dm cache policy smq: ensure IO doesn't prevent cleaner policy
progress (git-fixes).
- dm raid: clean up four equivalent goto tags in raid_ctr()
(git-fixes).
- dm raid: fix missing reconfig_mutex unlock in raid_ctr()
error paths (git-fixes).
- dm integrity: reduce vmalloc space footprint on 32-bit
architectures (git-fixes).
- dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client
(git-fixes).
- bcache: fixup btree_cache_wait list damage (git-fixes).
- bcache: Fix __bch_btree_node_alloc to make the failure behavior
consistent (git-fixes).
- bcache: Remove unnecessary NULL point check in node allocations
(git-fixes).
- dm thin metadata: check fail_io before using data_sm
(git-fixes).
- commit 7e800d7
- rbd: get snapshot context after exclusive lock is ensured to
be held (git-fixes).
- Refresh for the above change,
patches.suse/rbd-export-some-functions-used-by-lio-rbd-backend.patch.
patches.suse/target_core_rbd-fix-rbd_img_request.snap_id-assignme.patch.
- commit dcd100d
- rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting (git-fixes).
- Rebased for the above change,
patches.suse/rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch.
- commit b5f85f8
- nbd: Fix debugfs_create_dir error checking (git-fixes).
- dm: don't lock fs when the map is NULL in process of resume
(git-fixes).
- dm flakey: fix a crash with invalid table line (git-fixes).
- dm integrity: call kmem_cache_destroy() in dm_integrity_init()
error path (git-fixes).
- dm clone: call kmem_cache_destroy() in dm_clone_init() error
path (git-fixes).
- dm verity: fix error handling for check_at_most_once on FEC
(git-fixes).
- nbd: fix incomplete validation of ioctl arg (git-fixes).
- null_blk: Always check queue mode setting from configfs
(git-fixes).
- dm stats: check for and propagate alloc_percpu failure
(git-fixes).
- dm crypt: avoid accessing uninitialized tasklet (git-fixes).
- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
- commit ad93a37
- dm thin: fix deadlock when swapping to thin device
(bsc#1177529).
- Delete the in-house patch by the above upstream patch,
patches.suse/Avoid-deadlock-for-recursive-I-O-on-dm-thin-when-used-as-swap-4905.patch.
- commit 13bcec1
- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create()
fails (git-fixes).
- dm cache: add cond_resched() to various workqueue loops
(git-fixes).
- dm thin: add cond_resched() to various workqueue loops
(git-fixes).
- dm: add cond_resched() to dm_wq_work() (git-fixes).
- dm: remove flush_scheduled_work() during local_exit()
(git-fixes).
- dm: send just one event on resize, not two (git-fixes).
- dm flakey: fix logic when corrupting a bio (git-fixes).
- dm flakey: don't corrupt the zero page (git-fixes).
- dm init: add dm-mod.waitfor to wait for asynchronously probed
block devices (git-fixes).
- loop: suppress uevents while reconfiguring the device
(git-fixes).
- commit 2a9583d
- nbd: use the correct block_device in nbd_bdev_reset (git-fixes).
- Refresh for the above change,
patches.suse/0019-nbd-fix-io-hung-while-disconnecting-device.patch.
patches.suse/0031-nbd-Fix-hung-when-signal-interrupts-nbd_start_device_ioctl.patch.
- commit 2cb1a83
- blacklist.conf: add non-backport git-fixes commit
- commit ab480ce
- dm verity: skip redundant verity_handle_err() on I/O errors
(git-fixes).
- commit 7d823a7
- Update
patches.kabi/NFS-Fix-another-fsync-issue-after-a-server-reboot.patch
(git-fixes, bsc#1217670).
- commit 69dfe32
- blacklist.conf: df1c357f25d8 netfs: Only call folio_start_fscache() one time for each folio
- commit 049ab09
- intel_idle: add Emerald Rapids Xeon support (bsc#1216016).
- commit 30bac4b
- Update patch reference for rose fix (CVE-2023-51782 bsc#1218757)
- commit da9f8e9
- blacklist.conf: c4d361f66ac9 fuse: share lookup state between submount and its parent
- commit 3180cfa
- powerpc/powernv: Add a null pointer check to
scom_debug_init_one() (bsc#1194869).
- commit 5dce54b
- powerpc/pseries/iommu: enable_ddw incorrectly returns direct
mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes).
- commit f20e9a0
- powerpc/powernv: Add a null pointer check in opal_event_init()
(bsc#1065729).
- commit 9ecfceb
- Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
The old entries are found in kernel-docs/old_changelog.txt in docdir.
rpm/old_changelog.txt can be an optional file that stores the similar
info like rpm/kernel-sources.changes.old. It can specify the commit
range that have been truncated. scripts/tar-up.sh expands from the
git log accordingly.
- commit c9a2566
- krb5
-
- Fix vulnerabilities in GSS message token handling, add patch
0013-Fix-vulnerabilities-in-GSS-message-token-handling.patch
* CVE-2024-37370, bsc#1227186
* CVE-2024-37371, bsc#1227187
- Fix memory leaks, add patch 0012-Fix-two-unlikely-memory-leaks.patch
* CVE-2024-26458, bsc#1220770
* CVE-2024-26461, bsc#1220771
- less
-
- Fix CVE-2024-32487, mishandling of \n character in paths when
LESSOPEN is set leads to OS command execution
(CVE-2024-32487, bsc#1222849)
* CVE-2024-32487.patch
- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
metacharacters, bsc#1219901
* CVE-2022-48624.patch
- avahi
-
- Add avahi-CVE-2023-38471.patch: Extract host name using
avahi_unescape_label (bsc#1216594, CVE-2023-38471).
- Add avahi-CVE-2023-38469.patch: Reject overly long TXT resource
records (bsc#1216598, CVE-2023-38469).
- util-linux
-
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- Add upstream patch
more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch
bsc#1220117 - L3-Question: Processes not cleaned up after failed SSH session are using up 100% CPU
- cairo
-
- Add cairo-fix-infinite-loop-bsc1122321-CVE-2019-6462.patch: This
fixes a potentially infinite loop (bsc#1122321, CVE-2019-6462,
glfo#cairo/cairo#155).
- c-ares
-
- CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
(bsc#1220279, CVE-2024-25629)
- expat
-
- Security fix (boo#1221289, CVE-2024-28757): XML Entity Expansion
attack when there is isolated use of external parsers.
* Added expat-CVE-2024-28757.patch
- Security fix:
* (CVE-2023-52425, bsc#1219559) denial of service (resource
consumption) caused by processing large tokens.
- Added patch expat-CVE-2023-52425-1.patch
- Added patch expat-CVE-2023-52425-2.patch
- Added patch expat-CVE-2023-52425-backport-parser-changes.patch
- Added patch expat-CVE-2023-52425-fix-tests.patch
- mozilla-nss
-
- Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh
depends on it and will create a broken, empty config, if sed is
missing (bsc#1227918)
- update to NSS 3.101.2
* bmo#1905691 - ChaChaXor to return after the function
- Added nss-fips-safe-memset.patch, fixing bsc#1222811.
- Removed some dead code from nss-fips-constructor-self-tests.patch.
- Rebased nss-fips-approved-crypto-non-ec.patch on above changes.
- Added nss-fips-aes-gcm-restrict.patch, fixing bsc#1222830.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222813,
bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118.
- Updated nss-fips-approved-crypto-non-ec.patch and
nss-fips-constructor-self-tests.patch, fixing bsc#1222807,
bsc#1222828, bsc#1222834.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222804,
bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116.
- update to NSS 3.101.1
* bmo#1901932 - missing sqlite header.
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
- update to NSS 3.101
* bmo#1900413 - add diagnostic assertions for SFTKObject refcount.
* bmo#1899759 - freeing the slot in DeleteCertAndKey if authentication failed
* bmo#1899883 - fix formatting issues.
* bmo#1889671 - Add Firmaprofesional CA Root-A Web to NSS.
* bmo#1899593 - remove invalid acvp fuzz test vectors.
* bmo#1898830 - pad short P-384 and P-521 signatures gtests.
* bmo#1898627 - remove unused FreeBL ECC code.
* bmo#1898830 - pad short P-384 and P-521 signatures.
* bmo#1898825 - be less strict about ECDSA private key length.
* bmo#1854439 - Integrate HACL* P-521.
* bmo#1854438 - Integrate HACL* P-384.
* bmo#1898074 - memory leak in create_objects_from_handles.
* bmo#1898858 - ensure all input is consumed in a few places in mozilla::pkix
* bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
* bmo#1748105 - clean up escape handling
* bmo#1896353 - Use lib::pkix as default validator instead of the old-one
* bmo#1827444 - Need to add high level support for PQ signing.
* bmo#1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation
* bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
* bmo#1893404 - Allow for non-full length ecdsa signature when using softoken
* bmo#1830415 - Modification of .taskcluster.yml due to mozlint indent defects
* bmo#1793811 - Implement support for PBMAC1 in PKCS#12
* bmo#1897487 - disable VLA warnings for fuzz builds.
* bmo#1895032 - remove redundant AllocItem implementation.
* bmo#1893334 - add PK11_ReadDistrustAfterAttribute.
* bmo#215997 - Clang-formatting of SEC_GetMgfTypeByOidTag update
* bmo#1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
* bmo#1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile.
* bmo#1830415 - Switch to the mozillareleases/image_builder image
- Follow upstream changes in nss-fips-constructor-self-tests.patch (switch from ec_field_GFp to ec_field_plain)
- Remove part of nss-fips-zeroization.patch that got removed upstream
- update to NSS 3.100
- bmo#1893029 - merge pk11_kyberSlotList into pk11_ecSlotList for
faster Xyber operations.
- bmo#1893752 - remove ckcapi.
- bmo#1893162 - avoid a potential PK11GenericObject memory leak.
- bmo#671060 - Remove incomplete ESDH code.
- bmo#215997 - Decrypt RSA OAEP encrypted messages.
- bmo#1887996 - Fix certutil CRLDP URI code.
- bmo#1890069 - Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
- bmo#676118 - Add ability to encrypt and decrypt CMS messages using ECDH.
- bmo#676100 - Correct Templates for key agreement in smime/cmsasn.c.
- bmo#1548723 - Moving the decodedCert allocation to NSS.
- bmo#1885404 - Allow developers to speed up repeated local execution
of NSS tests that depend on certificates.
- update to NSS 3.99
* Removing check for message len in ed25519 (bmo#1325335)
* add ed25519 to SECU_ecName2params. (bmo#1884276)
* add EdDSA wycheproof tests. (bmo#1325335)
* nss/lib layer code for EDDSA. (bmo#1325335)
* Adding EdDSA implementation. (bmo#1325335)
* Exporting Certificate Compression types (bmo#1881027)
* Updating ACVP docker to rust 1.74 (bmo#1880857)
* Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335)
* Add NSS_CMSRecipient_IsSupported. (bmo#1877730)
- update to NSS 3.98
* bmo#1780432 - (CVE-2023-5388) Timing attack against RSA decryption
in TLS
* bmo#1879513 - Certificate Compression: enabling the check that
the compression was advertised
* bmo#1831552 - Move Windows workers to nss-1/b-win2022-alpha
* bmo#1879945 - Remove Email trust bit from OISTE WISeKey
Global Root GC CA
* bmo#1877344 - Replace `distutils.spawn.find_executable` with
`shutil.which` within `mach` in `nss`
* bmo#1548723 - Certificate Compression: Updating nss_bogo_shim to
support Certificate compression
* bmo#1548723 - TLS Certificate Compression (RFC 8879) Implementation
* bmo#1875356 - Add valgrind annotations to freebl kyber operations
for constant-time execution tests
* bmo#1870673 - Set nssckbi version number to 2.66
* bmo#1874017 - Add Telekom Security roots
* bmo#1873095 - Add D-Trust 2022 S/MIME roots
* bmo#1865450 - Remove expired Security Communication RootCA1 root
* bmo#1876179 - move keys to a slot that supports concatenation in
PK11_ConcatSymKeys
* bmo#1876800 - remove unmaintained tls-interop tests
* bmo#1874937 - bogo: add support for the -ipv6 and -shim-id shim
flags
* bmo#1874937 - bogo: add support for the -curves shim flag and
update Kyber expectations
* bmo#1874937 - bogo: adjust expectation for a key usage bit test
* bmo#1757758 - mozpkix: add option to ignore invalid subject
alternative names
* bmo#1841029 - Fix selfserv not stripping `publicname:` from -X value
* bmo#1876390 - take ownership of ecckilla shims
* bmo#1874458 - add valgrind annotations to freebl/ec.c
* bmo#864039 - PR_INADDR_ANY needs PR_htonl before assignment to inet.ip
* bmo#1875965 - Update zlib to 1.3.1
- Use %patch -P N instead of deprecated %patchN.
- update to NSS 3.97
* bmo#1875506 - make Xyber768d00 opt-in by policy
* bmo#1871631 - add libssl support for xyber768d00
* bmo#1871630 - add PK11_ConcatSymKeys
* bmo#1775046 - add Kyber and a PKCS#11 KEM interface to softoken
* bmo#1871152 - add a FreeBL API for Kyber
* bmo#1826451 - part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff
* bmo#1826451 - part 1: add a script for vendoring kyber from pq-crystals repo
* bmo#1835828 - Removing the calls to RSA Blind from loader.*
* bmo#1874111 - fix worker type for level3 mac tasks
* bmo#1835828 - RSA Blind implementation
* bmo#1869642 - Remove DSA selftests
* bmo#1873296 - read KWP testvectors from JSON
* bmo#1822450 - Backed out changeset dcb174139e4f
* bmo#1822450 - Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation
* bmo#1871219 - Wrap CC shell commands in gyp expansions
- update to NSS 3.96.1
* bmo#1869408 - Use pypi dependencies for MacOS worker in ./build_gyp.sh
* bmo#1830978 - p7sign: add -a hash and -u certusage (also p7verify cleanups)
* bmo#1867408 - add a defensive check for large ssl_DefSend return values
* bmo#1869378 - Add dependency to the taskcluster script for Darwin
* bmo#1869378 - Upgrade version of the MacOS worker for the CI
- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
explicit default trust flags" test needs longer than the allowed
6 seconds on s390x
- update to NSS 3.95
* bmo#1842932 - Bump builtins version number.
* bmo#1851044 - Remove Email trust bit from Autoridad de Certificacion
Firmaprofesional CIF A62634068 root cert.
* bmo#1855318 - Remove 4 DigiCert (Symantec/Verisign) Root Certificates
* bmo#1851049 - Remove 3 TrustCor Root Certificates from NSS.
* bmo#1850982 - Remove Camerfirma root certificates from NSS.
* bmo#1842935 - Remove old Autoridad de Certificacion Firmaprofesional
Certificate.
* bmo#1860670 - Add four Commscope root certificates to NSS.
* bmo#1850598 - Add TrustAsia Global Root CA G3 and G4 root certificates.
* bmo#1863605 - Include P-384 and P-521 Scalar Validation from HACL*
* bmo#1861728 - Include P-256 Scalar Validation from HACL*.
* bmo#1861265 - After the HACL 256 ECC patch, NSS incorrectly encodes
256 ECC without DER wrapping at the softoken level
* bmo#1837987 - Add means to provide library parameters to C_Initialize
* bmo#1573097 - clang format
* bmo#1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
* bmo#1858241 - Typo in ssl3_AppendHandshakeNumber
* bmo#1858241 - Introducing input check of ssl3_AppendHandshakeNumber
* bmo#1573097 - Fix Invalid casts in instance.c
- update to NSS 3.94
* bmo#1853737 - Updated code and commit ID for HACL*
* bmo#1840510 - update ACVP fuzzed test vector: refuzzed with
current NSS
* bmo#1827303 - Softoken C_ calls should use system FIPS setting
to select NSC_ or FC_ variants
* bmo#1774659 - NSS needs a database tool that can dump the low level
representation of the database
* bmo#1852179 - declare string literals using char in pkixnames_tests.cpp
* bmo#1852179 - avoid implicit conversion for ByteString
* bmo#1818766 - update rust version for acvp docker
* bmo#1852011 - Moving the init function of the mpi_ints before
clean-up in ec.c
* bmo#1615555 - P-256 ECDH and ECDSA from HACL*
* bmo#1840510 - Add ACVP test vectors to the repository
* bmo#1849077 - Stop relying on std::basic_string<uint8_t>
* bmo#1847845 - Transpose the PPC_ABI check from Makefile to gyp
- rebased patches
- added nss-fips-test.patch to fix broken test
- Update to NSS 3.93:
* bmo#1849471 - Update zlib in NSS to 1.3.
* bmo#1848183 - softoken: iterate hashUpdate calls for long inputs.
* bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980).
- Rebase nss-fips-pct-pubkeys.patch.
- update to NSS 3.92
* bmo#1822935 - Set nssckbi version number to 2.62
* bmo#1833270 - Add 4 Atos TrustedRoot Root CA certificates to NSS
* bmo#1839992 - Add 4 SSL.com Root CA certificates
* bmo#1840429 - Add Sectigo E46 and R46 Root CA certificates
* bmo#1840437 - Add LAWtrust Root CA2 (4096)
* bmo#1822936 - Remove E-Tugra Certification Authority root
* bmo#1827224 - Remove Camerfirma Chambers of Commerce Root.
* bmo#1840505 - Remove Hongkong Post Root CA 1
* bmo#1842928 - Remove E-Tugra Global Root CA ECC v3 and RSA v3
* bmo#1842937 - Avoid redefining BYTE_ORDER on hppa Linux
- update to NSS 3.91
* bmo#1837431 - Implementation of the HW support check for ADX instruction
* bmo#1836925 - Removing the support of Curve25519
* bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
* bmo#1839327 - Adding args to enable-legacy-db build
* bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
default trust flags"
* bmo#1837617 - Initialize flags in slot structures
* bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
* bmo#1829112 - Followup Fixes
* bmo#1784253 - avoid processing unexpected inputs by checking for
m_exptmod base sign
* bmo#1826652 - add a limit check on order_k to avoid infinite loop
* bmo#1834851 - Update HACL* to commit 5f6051d2
* bmo#1753026 - add SHA3 to cryptohi and softoken
* bmo#1753026 - HACL SHA3
* bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch
- update to NSS 3.90.3
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
* bmo#1748105 - clean up escape handling.
* bmo#1895032 - remove redundant AllocItem implementation.
* bmo#1836925 - Disable ASM support for Curve25519.
* bmo#1836781 - Disable ASM support for Curve25519 for all but X86_64.
- remove upstreamed nss-fix-bmo1836925.patch
- Adding nss-fips-bsc1223724.patch to fix startup crash of Firefox
when using FIPS-mode (bsc#1223724).
- Added "Provides: nss" so other RPMs that require 'nss' can
be installed (jira PED-6358).
- update to NSS 3.90.2
* bmo#1780432 - (CVE-2023-5388) Timing attack against RSA
decryption in TLS. (bsc#1216198)
* bmo#1867408 - add a defensive check for large ssl_DefSend
return values.
- gcc13
-
- Update to GCC 13.3 release
- Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761
- Removed gcc13-pr111731.patch now included upstream
- Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from
the GCN offload compiler as that is requiring Code Object version 3
which is no longer supported by llvm18.
- Add gcc13-pr101523.patch to avoid combine spending too much
compile-time and memory doing nothing on s390x. [boo#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- Add gcc13-pr111731.patch to fix unwinding for JIT code.
[bsc#1221239]
- Revert libgccjit dependency change. [boo#1220724]
- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.
- Use %patch -P N instead of %patchN.
- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
- fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
* Includes fix for building TVM. [boo#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[boo#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
in gcc13-devel. [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
are linked against libstdc++6.
- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205
- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
* Includes fix for building mariadb on i686. [bsc#1217667]
* Remove pr111411.patch contained in the update.
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
- gnutls
-
- Security fix: [bsc#1221747, CVE-2024-28835]
* gnutls: certtool crash when verifying a certificate chain
* Add gnutls-CVE-2024-28835.patch
- Security fix: [bsc#1221746, CVE-2024-28834]
* gnutls: side-channel in the deterministic ECDSA
* Add gnutls-CVE-2024-28834.patch
- jitterentropy: Release the memory of the entropy collector when
using jitterentropy with phtreads as there is also a
pre-intitization done in the main thread. [bsc#1221242]
* Add gnutls-FIPS-jitterentropy-deinit-threads.patch
- Security fix: [bsc#1218862, CVE-2024-0567]
* gnutls: rejects certificate chain with distributed trust
* Cockpit (which uses gnuTLS) rejects certificate chain with
distributed trust.
* Add gnutls-CVE-2024-0567.patch
- Security fix: [bsc#1218865, CVE-2024-0553]
* Incomplete fix for CVE-2023-5981.
* The response times to malformed ciphertexts in RSA-PSK
ClientKeyExchange differ from response times of ciphertexts
with correct PKCS#1 v1.5 padding.
* Add gnutls-CVE-2024-0553.patch
- jitterentropy
-
- Fix a stack corruption on s390x: [bsc#1209627]
* Output size of the STCKE command on s390x is 16 bytes, compared
to 8 bytes of the STCK command. Fix a stack corruption in the
s390x version of jent_get_nstime(). Add some more detailed
information on the STCKE command.
* github.com/smuellerDD/jitterentropy-library/commit/7bf9f85
* Add jitterentropy-fix-a-stack-corruption-on-s390x.patch
- ncurses
-
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
* Backport from ncurses-6.4-20230615.patch
improve checks in convert_string() for corrupt terminfo entry
- nftables
-
- port python-single-spec logic from Factory package to allow shipment of
python311 modules as well (bsc#1219253).
- nghttp2
-
- security update
- added patches
fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-1.patch
fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-2.patch
- openssl-1_1
-
- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
security vulnerability. Calling the function SSL_free_buffers()
potentially caused memory to be accessed that was previously
freed in some situations and a malicious attacker could attempt
to engineer a stituation where this occurs to facilitate a
denial-of-service attack. [CVE-2024-4741, bsc#1225551]
- Security fix: [bsc#1222548, CVE-2024-2511]
* Fix unconstrained session cache growth in TLSv1.3
* Add openssl-CVE-2024-2511.patch
- Security fix: [bsc#1219243, CVE-2024-0727]
* Add NULL checks where ContentInfo data can be NULL
* Add openssl-CVE-2024-0727.patch
- protobuf
-
- update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
- update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating
edition feature set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Editions: Refactor feature resolution to use an intermediate
message.
* Publish extension declarations with declaration
verifications.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to
string literals (only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support
editions.
[#] C++
* Set `PROTOBUF_EXPORT` on
`InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions
that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest
possible UTF-8 character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't
have more than that
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
repeated and map field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
string field accessors.
* Editions: Refactor feature resolution to use an intermediate
message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration
verifications.
* Export the constants in protobuf's any.h to support DLL
builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
message field accessors.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support
editions.
[#] Java
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor
tables.
* Timestamps.parse: Add error handling for invalid
hours/minutes in the timezone offset.
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Add missing debugging version info to Protobuf Java gencode
when multiple files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due
to using the result of put() directly (which is null if it
currently has no value)
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Fix a NPE in putBuilderIfAbsent due to using the result of
put() directly (which is null if it currently has no value)
* Update Kotlin compiler to escape package names
* Add MapFieldBuilder and change codegen to generate it and the
put{field}BuilderIfAbsent method.
* Introduce recursion limit in Java text format parsing
* Consider the protobuf.Any invalid if typeUrl.split("/")
returns an empty array.
* Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
* Fixed Python memory leak in map lookup.
* Loosen upb for json name conflict check in proto2 between
json name and field
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Ensure Timestamp.ToDatetime(tz) has correct offset
* Do not check required field for upb python MergeFrom
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Comparing a proto message with an object of unknown returns
NotImplemented
* Emit __slots__ in pyi output as a tuple rather than a list
for --pyi_out.
* Fix a bug that strips options from descriptor.proto in
Python.
* Raise warings for message.UnknownFields() usages and navigate
to the new add
* Add protobuf python keyword support in path for stub
generator.
* Add tuple support to set Struct
* ### Python C-Extension (Default)
* Comparing a proto message with an object of unknown returns
NotImplemented
* Check that ffi-compiler loads before using it to define
tasks.
[#] UPB (Python/PHP/Ruby C-Extension)
* Include .inc files directly instead of through a filegroup
* Loosen upb for json name conflict check in proto2 between
json name and field
* Add utf8_validation feature back to the global feature set.
* Do not check required field for upb python MergeFrom
* Merge the protobuf and upb Bazel repos
* Added malloc_trim() calls to Python allocator so RSS will
decrease when memory is freed
* Upb: fix a Python memory leak in ByteSize()
* Support ASAN detection on clang
* Upb: bugfix for importing a proto3 enum from within a proto2
file
* Expose methods needed by Ruby FFI using UPB_API
* Fix `PyUpb_Message_MergeInternal` segfault
- build against modern python on sle15
- Build with source and target levels 8
* fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
macro resolves the variables at the install time
- update to 23.4:
* Add dllexport_decl for generated default instance.
* Deps: Update Guava to 32.0.1
- update to 23.3:
C++
* Regenerate stale files
* Use the same ABI for static and shared libraries on non-
Windows platforms
* Add a workaround for GCC constexpr bug
Objective-C
* Regenerate stale files
UPB (Python/PHP/Ruby C-Extension)
* Fixed a bug in `upb_Map_Delete()` that caused crashes in
map.delete(k) for Ruby when string-keyed maps were in use.
Compiler
* Add missing header to Objective-c generator
* Add a workaround for GCC constexpr bug
Java
* Rollback of: Simplify protobuf Java message builder by
removing methods that calls the super class only.
Csharp
* [C#] Replace regex that validates descriptor names
- drop 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch (upstream)
- Add patch to fix linking ThreadSafeArena:
* 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch
- Drop the protobuf-source package, no longer used
- update to 22.5:
C++
* Add missing cstdint header
* Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
* Avoid using string(JOIN..., which requires cmake 3.12
* Explicitly include GTest package in examples
* Bump Abseil submodule to 20230125.3 (#12660)
- update to 22.4:
C++
* Fix libprotoc: export useful symbols from .so
* Fix btree issue in map tests.
Python
* Fix bug in _internal_copy_files where the rule would fail in
downstream repositories.
Other
* Bump utf8_range to version with working pkg-config (#12584)
* Fix declared dependencies for pkg-config
* Update abseil dependency and reorder dependencies to ensure
we use the version specified in protobuf_deps.
* Turn off clang::musttail on i386
- drop python2 handling
- fix version handling and package the private libs again
- Fix confusion in versions
- Mention the rpmlintrc file in the spec.
- Make possible to build on older systems, like SLE12 that miss
some of the used macros.
- update to v22.3
UPB (Python/PHP/Ruby C-Extension)
* Remove src prefix from proto import
* Fix .gitmodules to use the correct absl branch
* Remove erroneous dependency on googletest
- update to 22.2:
Java
* Add version to intra proto dependencies and add kotlin stdlib
dependency
* Add $ back for osgi header
* Remove $ in pom files
- update to 22.1:
* Add visibility of plugin.proto to python directory
* Strip "src" from file name of plugin.proto
* Add OSGi headers to pom files.
* Remove errorprone dependency from kotlin protos.
* Version protoc according to the compiler version number.
- update to 22.0:
* This version includes breaking changes to: Cpp.
Please refer to the migration guide for information:
https://protobuf.dev/support/migration/#compiler-22
* [Cpp] Migrate to Abseil's logging library.
* [Cpp] `proto2::Map::value_type` changes to `std::pair`.
* [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
and DefaultFieldComparator classes.
* [Cpp] Add a dependency on Abseil (#10416)
* [Cpp] Remove all autotools usage (#10132)
* [Cpp] Add C++20 reserved keywords
* [Cpp] Dropped C++11 Support
* [Cpp] Delete Arena::Init
* [Cpp] Replace JSON parser with new implementation
* [Cpp] Make RepeatedField::GetArena non-const in order to
support split RepeatedFields.
* long list of bindings specific fixes see
https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
- python sub packages version is set 4.22.3 as defined in
python/google/protobuf/__init__.py to stay compatible
- skip python2 builds by default
- drop patches:
* 10355.patch,
* gcc12-disable-__constinit-with-c++-11.patch (merged upstream)
- added patches:
* add-missing-stdint-header.patch added for compile fixes
- Enable LTO (boo#1133277).
- update to v21.12:
* Python
* Fix broken enum ranges (#11171)
* Stop requiring extension fields to have a sythetic oneof (#11091)
* Python runtime 4.21.10 not works generated code can not load valid
proto.
- update to 21.11:
* Python
* Add license file to pypi wheels (#10936)
* Fix round-trip bug (#10158)
- update to 21.10:
* Java
* Use bit-field int values in buildPartial to skip work on unset groups of
fields. (#10960)
* Mark nested builder as clean after clear is called (#10984)
- update to 21.9:
* Ruby
* Replace libc strdup usage with internal impl to restore musl compat (#10818)
* Auto capitalize enums name in Ruby (#10454) (#10763)
* Other
* Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
* C++
* 21.x No longer define no_threadlocal on OpenBSD (#10743)
* Java
* Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
* Refactoring java full runtime to reuse sub-message builders and prepare to
migrate parsing logic from parse constructor to builder.
* Move proto wireformat parsing functionality from the private "parsing
constructor" to the Builder class.
* Change the Lite runtime to prefer merging from the wireformat into mutable
messages rather than building up a new immutable object before merging. This
way results in fewer allocations and copy operations.
* Make message-type extensions merge from wire-format instead of building up
instances and merging afterwards. This has much better performance.
* Fix TextFormat parser to build up recurring (but supposedly not repeated)
sub-messages directly from text rather than building a new sub-message and
merging the fully formed message into the existing field.
- update to 21.6:
C++:
* Reduce memory consumption of MessageSet parsing
- update to 21.5:
PHP
* Added getContainingOneof and getRealContainingOneof to descriptor.
* fix PHP readonly legacy files for nested messages
Python
* Fixed comparison of maps in Python.
- add 10355.patch to fix soversioning
- update to 21.4:
* Reduce the required alignment of ArenaString from 8 to 4
- update to 21.3:
* C++
* Add header search paths to Protobuf-C++.podspec (#10024)
* Fixed Visual Studio constinit errors (#10232)
* Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
* UPB
* Allow empty package names (fixes behavior regression in 4.21.0)
* Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
* Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
* for x in mapping now yields keys rather than values, to match Python
conventions and the behavior of the old library.
* Lookup operations now correctly reject unhashable types as map keys.
* We implement repr() to use the same format as dict.
* Fix maps to use the ScalarMapContainer class when appropriate
* Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
* PHP
* Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
* Python
* Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
* Bazel
* Add back a filegroup for :well_known_protos (#10061)
- Update to 21.2:
- C++
- cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
- Escape GetObject macro inside protoc-generated code (#9739)
- Update CMake configuration to add a dependency on Abseil (#9793)
- Fix cmake install targets (#9822)
- Use __constinit only in GCC 12.2 and up (#9936)
- Java
- Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python
- Increment python major version to 4 in version.json for python upb (#9926)
- The C extension module for Python has been rewritten to use the upb library.
- This is expected to deliver significant performance benefits, especially when
parsing large payloads. There are some minor breaking changes, but these
should not impact most users. For more information see:
https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates
- PHP
- [PHP] fix PHP build system (#9571)
- Fix building packaged PHP extension (#9727)
- fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633)
- fix: phpdoc syntax for repeatedfield parameters (#9784)
- fix: phpdoc for repeatedfield (#9783)
- Change enum string name for reserved words (#9780)
- chore: [PHP] fix phpdoc for MapField keys (#9536)
- Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby
- Allow pre-compiled binaries for ruby 3.1.0 (#9566)
- Implement respond_to? in RubyMessage (#9677)
- [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
- Do not use range based UTF-8 validation in truffleruby (#9769)
- Improve range handling logic of RepeatedField (#9799)
- Other
- Fix invalid dependency manifest when using descriptor_set_out (#9647)
- Remove duplicate java generated code (#9909)
- Do not use %%autosetup, but %%setup and %%patch on other line
* Allows building on SLE-12-SP5
- Add temporary patch gcc12-disable-__constinit-with-c++-11.patch
that addresses gh#protocolbuffers/protobuf#9916.
- python3
-
- Add CVE-2024-4032-private-IP-addrs.patch to fix bsc#1226448
(CVE-2024-4032) rearranging definition of private v global IP
addresses.
- Add CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
fixing bsc#1226447 (CVE-2024-0397) by removing memory race
condition in ssl.SSLContext certificate store methods.
- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
gh#python/cpython!16557) fixes syslog making default "ident"
from sys.argv[0].
- Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that
it uses features sniffing, not just comparing version number
(bsc#1220664, bsc#1219559, bsc#1221563, bsc#1222075).
- Remove support-expat-CVE-2022-25236-patched.patch, which was
the previous name of this patch.
- Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping
failing tests.
- Refresh patches:
- CVE-2023-27043-email-parsing-errors.patch
- fix_configure_rst.patch
- skip_if_buildbot-extend.patch
- bsc#1221854 (CVE-2024-0450) Add
CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
detecting the vulnerability of the "quoted-overlap" zipbomb
(from gh#python/cpython!110016).
- Add bh42369-thread-safety-zipfile-SharedFile.patch (from
gh#python/cpython!26974) required by the previous patch.
- Add expat-260-test_xml_etree-reparse-deferral.patch to make the
interpreter work with patched libexpat in our distros.
- Move all patches from locally sourced to the branch
opensuse-3.6 branch at GitHub repo, and move all metadata to
commits themselves (readable in the headers of each patch).
- Add bpo-41675-modernize-siginterrupt.patch to make Python build
cleanly even on more recent SPs of SLE-15
(gh#python/cpython#85841).
- Remove patches:
- bpo36263-Fix_hashlib_scrypt.patch - fix against bug in
OpenSSL fixed in 1.1.1c (gh#openssl/openssl!8483), so this
patch is redundant on all SUSE-supported distros
- python-3.3.0b1-test-posix_fadvise.patch - protection
against the kernel issues which has been fixed in
gh#torvalds/linux@3d3727cdb07f, which has been included in
all our kernels more recent than SLE-11.
- python-3.3.3-skip-distutils-test_sysconfig_module.patch -
skips a test, which should be relevant only for testing on
Mac OS X systems with universal builds. I have no valid
record, that this test would be ever problematic on Linux.
- bpo-36576-skip_tests_for_OpenSSL-111.patch, which was
included already in Python 3.5.
- (bsc#1219666, CVE-2023-6597) Add
CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
gh#python/cpython!99930) fixing symlink bug in cleanup of
tempfile.TemporaryDirectory.
- Merge together bpo-36576-skip_tests_for_OpenSSL-111.patch into
skip_SSL_tests.patch, and make them include all conditionals.
- Refresh CVE-2023-27043-email-parsing-errors.patch to
gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).
- libsolv
-
- add a conflict to older libsolv-tools to libsolv-tools-base
- improve updating of installed multiversion packages
- fix decision introspection going into an endless loop in some
cases
- added experimental lua bindings
- bump version to 0.7.29
- split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- build for multiple python versions [jsc#PED-6218]
- bump version to 0.7.28
- libssh
-
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)
* Added libssh-fix-ipv6-hostname-regression.patch
- suseconnect-ng
-
- Update version to 1.11
- Added uname as collector
- Added SAP workload detection
- Added detection of container runtimes
- Multiple fixes on ARM64 detection
- Use `read_values` for the CPU collector on Z
- Fixed data collection for ppc64le
- Grab the home directory from /etc/passwd if needed (bsc#1226128)
- Update version to 1.10.0
* Build zypper-migration and zypper-packages-search as standalone
binaries rather then one single binary
* Add --gpg-auto-import-keys flag before action in zypper command (bsc#1219004)
* Include /etc/products.d in directories whose content are backed
up and restored if a zypper-migration rollback happens. (bsc#1219004)
* Add the ability to upload the system uptime logs, produced by the
suse-uptime-tracker daemon, to SCC/RMT as part of keepalive report.
(jsc#PED-7982) (jsc#PED-8018)
* Add support for third party packages in SUSEConnect
* Refactor existing system information collection implementation
- Update to version 1.9.0
* Fix certificate import for Yast when using a registration proxy with
self-signed SSL certificate (bsc#1223107)
- Update to version 1.8.0
* Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)
- Update to version 1.7.0
* Allow SUSEConnect on read write transactional systems (bsc#1219425)
- tiff
-
- security update:
* CVE-2023-3164 [bsc#1212233]
Fix heap buffer overflow in tiffcrop
+ tiff-CVE-2023-3164.patch
- security update:
* CVE-2023-40745[bsc#1214687] CVE-2023-41175[bsc#1214686] [bsc#1221187]
CVE-2023-38288[bsc#1213590]
Fix potential int overflow in raw2tiff.c and tiffcp.c
Rename tiff-CVE-2023-38288.patch into
tiff-CVE-2023-38288,CVE-2023-40745,CVE-2023-41175.patch
- security update:
* CVE-2023-52356 [bsc#1219213]
Fix segfault in TIFFReadRGBATileExt()
+ tiff-CVE-2023-52356.patch
- libxml2
-
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
xmlHTMLPrintFileContext in xmllint.c
* Added libxml2-CVE-2024-34459.patch
- Security fix (CVE-2024-25062, bsc#1219576) use-after-free in XMLReader
* Added libxml2-CVE-2024-25062.patch
- libzypp
-
- zypp-tui: Make sure translated texts use the correct textdomain
(fixes #551)
- Skip libproxy1 requires for tumbleweed.
- version 17.34.1 (34)
- don't require libproxy1 on tumbleweed, it is optional now
- version 17.34.0 (34)
- Fix versioning scheme
- version 17.33.4 (35)
- add one more missing export for libyui-qt-pkg
- Revert eintrSafeCall behavior to setting errno to 0.
- version 17.33.3 (34)
- fix up requires_eq usage for libsolv-tools-base
- add one more missing export for PackageKit
- version 17.33.2
- version 17.33.1 (33)
- switch to reduced size libsolv-tools-base (jsc#PED-8153)
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- Add ZYPP_API for exported functions and switch to
visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- version 17.33.0 (33)
- Fix download from gpgkey URL (bsc#1223430, fixes openSUSE/zypper#546)
- version 17.32.6 (32)
- Don't try to refresh volatile media as long as raw metadata are
present (bsc#1223094)
- version 17.32.5 (32)
- Fix creation of sibling cache dirs with too restrictive mode
(bsc#1222398)
Some install workflows in YAST may lead to too restrictive (0700)
raw cache directories in case of newly created repos. Later
commands running with user privileges may not be able to access
these repos.
- version 17.32.4 (32)
- Update RepoStatus fromCookieFile according to the files mtime
(bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)
- Fixup New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
Fixed the name of the keyword to "support_superseded" as it was
agreed on in jsc#OBS-301.
- version 17.32.2 (32)
- Add resolver option 'removeUnneeded' to file weak remove jobs
for unneeded packages (bsc#1175678)
- version 17.32.1 (32)
- Add resolver option 'removeOrphaned' for distupgrade
(bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)
- ProblemSolution::skipsPatchesOnly overload to handout the
patches.
- Remove https->http redirection exceptions for
download.opensuse.org.
- version 17.31.32 (22)
- tui: allow to access the underlying ostream of out::Info.
- Add MLSep: Helper to produce not-NL-terminated multi line
output.
- version 17.31.31 (22)
- applydeltaprm: Create target directory if it does not exist
(bsc#1219442)
- Add ProblemSolution::skipsPatchesOnly (for openSUSE/zypper#514)
- Fix problems with EINTR in ExternalDataSource::getline (fixes
bsc#1215698)
- version 17.31.30 (22)
- CheckAccessDeleted: fix running_in_container detection
(bsc#1218782)
- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime
(bsc#1218831)
- Make Wakeup class EINTR safe.
- Add a way to cancel media operations on shutdown
(openSUSE/zypper#522)
This patch adds a mechanism to signal libzypp that a shutdown was
requested, usually when CTRL+C was pressed by the user. Currently
only the media backend will utilize this, but can be extended to
all code paths that use g_poll() to wait for events.
- Manually poll fds for curl in MediaCurl.
Using curl_easy_perform does not give us the required control on
when we want to cancel a download. Switching to the MultiCurl
implementation with a external poll() event loop will give us
much more freedom and helps us to improve our Ctrl+C handling.
- Move reusable curl poll code to curlhelper.h.
- version 17.31.29 (22)
- Fix to build with libxml 2.12.x (fixes #505)
- version 17.31.28 (22)
- shadow
-
- bsc#1228770: Fix not copying of skel files
Update shadow-CVE-2013-4235.patch
- bsc#916845 (CVE-2013-4235): Fix TOCTOU race condition
Add shadow-CVE-2013-4235.patch
- bsc#1176006: Fix chage date miscalculation
Add shadow-bsc1176006-chage-date.patch
- bsc#1188307: Fix passwd segfault
Add shadow-bsc1188307-passwd-segfault.patch
- bsc#1203823: Remove pam_keyinit from PAM config files
Remove pam_keyinit from PAM configuration.
This was introduced for bsc#1144060.
- netcfg
-
- Add krb-prop entry, fix for bsc#1211886.
- opensc
-
- Security fix: [CVE-2023-5992, bsc#1219386]
* Add patch:
- opensc-CVE-2023-5992.patch
- openssh
-
- Add patches from upstream to change the default value of
UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
This makes ssh update the known_hosts stored keys with all
published versions by the server (after it's authenticated
with an existing key), which will allow to identify the
server with a different key if the existing key is considered
insecure at some point in the future (bsc#1222831).
* 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
* 0002-upstream-disable-UpdateHostkeys-by-default-if.patch
- Add patches openssh-7.7p1-seccomp_getuid.patch and
openssh-bsc1216474-s390-leave-fds-open.patch
(bsc#1216474, bsc#1218871)
- Fix hostbased ssh login failing occasionally with "signature
unverified: incorrect signature" by fixing a typo in patch
(bsc#1221123):
* openssh-7.8p1-role-mls.patch
- Added openssh-cve-2023-51385.patch (bsc#1218215, CVE-2023-51385).
This limits the use of shell metacharacters in host- and
user names.
- pam-config
-
- Fix pam_gnome_keyring module for AUTH.
[pam-config-fix-pam_gnome_keyring.patch, bsc#1219767]
- pam_pkcs11
-
- Fix for bsc#1221255:
* Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch
- patterns-base
-
- Added a fips-certified pattern matching the exact certified
FIPS versions
- perl-Bootloader
-
- merge gh#openSUSE/perl-bootloader#166
- log grub2-install errors correctly (bsc#1221470)
- 0.947
- merge gh#openSUSE/perl-bootloader#161
- support old grub versions (<= 2.02) that used /usr/lib
(bsc#1218842)
- create EFI boot fallback directory if necessary
- 0.946
- perl
-
- fix space calculation issues in pp_pack.c [bnc#1082216]
[CVE-2018-6913]
* new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
[CVE-2018-6798]
new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
new patch: perl-net-ftp-tls13.diff
- python-instance-billing-flavor-check
-
- Version 0.0.6 (bsc#1218561)
Support proxy setup on the client to access the update infrastructure
API
- Version 0.0.5
Add IPv6 support (bsc#1218739)
- python-Jinja2
-
- Add CVE-2024-34064.patch upstream patch
(CVE-2024-34064, bsc#1223980, gh#pallets/jinja@0668239dc6b4)
Also fixes (CVE-2024-22195, bsc#1218722)
- python3-M2Crypto
-
- Disable broken tests with openssl 3.2, bsc#1217782
- add timeout_300hz.patch to accept a small deviation from time
in the testsuite (bsc#1212757)
- Adapt tests for OpenSSL v3.1.0
* Add openssl-adapt-tests-for-3.1.0.patch
- add openssl-stop-parsing-header.patch (bsc#1205042)
- add m2crypto-0.38-ossl3-tests.patch
- python-idna
-
- Add CVE-2024-3651.patch, backported from upstream commit
gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
(bsc#1222842, CVE-2024-3651)
- python-requests
-
- Update CVE-2024-35195.patch to allow the usage of "verify" parameter
as a directory, bsc#1225912
- Add CVE-2024-35195.patch (CVE-2024-35195, bsc#1224788)
- Add httpbin.patch to fix a test failure caused by the previous patch.
- salt
-
- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master
- Mark python3-CherryPy as recommended package for the testsuite
- Added:
* make-salt-master-self-recoverable-on-killing-eventpu.patch
* skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
* remove-redundant-_file_find-call-to-the-master.patch
* prevent-possible-exception-in-tornado.concurrent.fut.patch
* improve-broken-events-catching-and-reporting.patch
* add-missing-contextvars-dependency-in-salt.version.patch
* do-not-call-the-async-wrapper-calls-with-the-separat.patch
* make-logging-calls-lighter.patch
* make-reactor-engine-less-blocking-the-eventpublisher.patch
* speed-up-salt.matcher.confirm_top-by-using-__context.patch
* remove-unused-import-causing-delays-on-starting-salt.patch
* prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
- Make "man" a recommended package instead of required
- Convert oscap output to UTF-8
- Make Salt compatible with Python 3.11
- Ignore non-ascii chars in oscap output (bsc#1219001)
- Fix detected issues in Salt tests when running on VMs
- Make importing seco.range thread safe (bsc#1211649)
- Fix problematic tests and allow smooth tests executions
on containers
- Discover Ansible playbook files as "*.yml" or "*.yaml"
files (bsc#1211888)
- Provide user(salt)/group(salt) capabilities for RPM 4.19
- Extend dependencies for python3-salt-testsuite
and python3-salt packages
- Improve Salt and testsuite packages multibuild
- Enable multibuilld and create test flavor
- Prevent exceptions with fileserver.update when called
via state (bsc#1218482)
- Improve pip target override condition with VENV_PIP_TARGET
environment variable (bsc#1216850)
- Fixed KeyError in logs when running a state that fails
- Added:
* fixed-keyerror-in-logs-when-running-a-state-that-fai.patch
* decode-oscap-byte-stream-to-string-bsc-1219001.patch
* fix-salt-warnings-and-testuite-for-python-3.11-635.patch
* make-importing-seco.range-thread-safe-bsc-1211649.patch
* improve-pip-target-override-condition-with-venv_pip_.patch
* allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch
* fix-problematic-tests-and-allow-smooth-tests-executi.patch
* discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch
* fix-tests-failures-and-errors-when-detected-on-vm-ex.patch
* switch-oscap-encoding-to-utf-8-639.patch
- Prevent directory traversal when creating syndic cache directory
on the master (CVE-2024-22231, bsc#1219430)
- Prevent directory traversal attacks in the master's serve_file
method (CVE-2024-22232, bsc#1219431)
- Added:
* fix-cve-2024-22231-and-cve-2024-22232-bsc-1219430-bs.patch
- Ensure that pillar refresh loads beacons from pillar without restart
- Fix the aptpkg.py unit test failure
- Prefer unittest.mock to python-mock in test suite
- Enable "KeepAlive" probes for Salt SSH executions (bsc#1211649)
- Revert changes to set Salt configured user early in the stack (bsc#1216284)
- Align behavior of some modules when using salt-call via symlink (bsc#1215963)
- Fix gitfs "__env__" and improve cache cleaning (bsc#1193948)
- Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed
- Added:
* fix-the-aptpkg.py-unit-test-failure.patch
* enable-keepalive-probes-for-salt-ssh-executions-bsc-.patch
* prefer-unittest.mock-for-python-versions-that-are-su.patch
* update-__pillar__-during-pillar_refresh.patch
* revert-make-sure-configured-user-is-properly-set-by-.patch
* fix-gitfs-__env__-and-improve-cache-cleaning-bsc-119.patch
* dereference-symlinks-to-set-proper-__cli-opt-bsc-121.patch
- python-urllib3
-
- Add CVE-2024-37891.patch (bsc#1226469, CVE-2024-37891)
- python-PyNaCl
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- python-six not required
- python-bcrypt
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- Removed not needed C build dependencies
- Enable for all archs by default
- Update to 4.0.1:
* We now build PyPy manylinux wheels.
* Fixed a bug where passing an invalid salt to checkpw could result in a
pyo3_runtime.PanicException. It now correctly raises a ValueError.
- 4.0.0:
* bcrypt is now implemented in Rust. Users building from source will need to
have a Rust compiler available. Nothing will change for users downloading
wheels.
* We no longer ship manylinux2010 wheels. Users should upgrade to the latest
pip to ensure this doesn’t cause issues downloading wheels on their
platform. We now ship manylinux_2_28 wheels for users on new enough
platforms.
* NUL bytes are now allowed in inputs.
- Remove not needed python-six dependency
- update to 3.2.2:
* Fixed packaging of ``py.typed`` files in wheels so that ``mypy`` works.
* Added support for compilation on z/OS
* The next release of ``bcrypt`` with be 4.0 and it will require Rust at
compile time, for users building from source. There will be no additional
requirement for users who are installing from wheels. Users on most
platforms will be able to obtain a wheel by making sure they have an up to
date ``pip``. The minimum supported Rust version will be 1.56.0.
- python-boto3
-
- Drop Provides for SLE 15 SP4 and openSUSE Leap 15.4 and later
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371)
- Switch to wheel build
- Update to 1.34.31
* api-change:``datazone``: [``botocore``] Add new skipDeletionCheck to
DeleteDomain. Add new skipDeletionCheck to DeleteProject which also
automatically deletes dependent objects
* api-change:``route53``: [``botocore``] Update the SDKs for text changes
in the APIs.
- From 1.34.30
* api-change:``autoscaling``: [``botocore``] EC2 Auto Scaling customersi
who use attribute based instance-type selection can now intuitively
define their Spot instances price protection limit as a percentage of
the lowest priced On-Demand instance type.
* api-change:``comprehend``: [``botocore``] Comprehend PII analysis now
supports Spanish input documents.
* api-change:``ec2``: [``botocore``] EC2 Fleet customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
* api-change:``mwaa``: [``botocore``] This release adds MAINTENANCE
environment status for Amazon MWAA environments.
* api-change:``rds``: [``botocore``] Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods.
This provides enhanced error handling, ensuring a more robust experience.
* api-change:``snowball``: [``botocore``] Modified description of
createaddress to include direction to add path when providing a JSON file.
- From 1.34.29
* api-change:``connect``: [``botocore``] Update list and string length
limits for predefined attributes.
* api-change:``inspector2``: [``botocore``] This release adds ECR container
image scanning based on their lastRecordedPullTime.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Automatic
Model Tuning now provides an API to programmatically delete tuning jobs.
- From 1.34.28
* api-change:``acm-pca``: [``botocore``] AWS Private CA now supports an
option to omit the CDP extension from issued certificates, when CRL
revocation is enabled.
* api-change:``lightsail``: [``botocore``] This release adds support for
IPv6-only instance plans.
- From 1.34.27
* api-change:``ec2``: [``botocore``] Introduced a new clientToken request
parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken
parameter allows idempotent operations on the APIs.
* api-change:``ecs``: [``botocore``] Documentation updates for Amazon ECS.
* api-change:``outposts``: [``botocore``] DeviceSerialNumber parameter is
now optional in StartConnection API
* api-change:``rds``: [``botocore``] This release adds support for Aurora
Limitless Database.
* api-change:``storagegateway``: [``botocore``] Add DeprecationDate and
SoftwareVersion to response of ListGateways.
- From 1.34.26
* api-change:``inspector2``: [``botocore``] This release adds support for
CIS scans on EC2 instances.
- From 1.34.25
* enhancement:documentation: [``botocore``] Updates the GitHub issue
creation link in our README
- From 1.34.24
* api-change:``appconfigdata``: [``botocore``] Fix FIPS Endpoints in
aws-us-gov.
* api-change:``cloud9``: [``botocore``] Doc-only update around removing AL1
from list of available AMIs for Cloud9
* api-change:``cloudfront-keyvaluestore``: [``botocore``] This release
improves upon the DescribeKeyValueStore API by returning two additional
fields, Status of the KeyValueStore and the FailureReason in case of
failures during creation of KeyValueStore.
* api-change:``connectcases``: [``botocore``] This release adds the ability
to view audit history on a case and introduces a new parameter,
performedBy, for CreateCase and UpdateCase API's.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``ecs``: [``botocore``] This release adds support for
Transport Layer Security (TLS) and Configurable Timeout to ECS Service
Connect. TLS facilitates privacy and data security for inter-service
communications, while Configurable Timeout allows customized per-request
timeout and idle timeout for Service Connect services.
* api-change:``finspace``: [``botocore``] Allow customer to set zip default
through command line arguments.
* api-change:``organizations``: [``botocore``] Doc only update for quota
increase change
* api-change:``rds``: [``botocore``] Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules
client to latest version
- From 1.34.23
* api-change:``athena``: [``botocore``] Introducing new
NotebookS3LocationUri parameter to Athena ImportNotebook API. Payload is
no longer required and either Payload or NotebookS3LocationUri needs to be
provided (not both) for a successful ImportNotebook API call. If both are
provided, an InvalidRequestException will be thrown.
* api-change:``codebuild``: [``botocore``] Release CodeBuild Reserved
Capacity feature
* api-change:``dynamodb``: [``botocore``] This release adds support for
including ApproximateCreationDateTimePrecision configurations in
EnableKinesisStreamingDestination API, adds the same as an optional field
in the response of DescribeKinesisStreamingDestination, and adds support
for a new UpdateKinesisStreamingDestination API.
* api-change:``qconnect``: [``botocore``] Increased Quick Response name max
length to 100
- From 1.34.22
* api-change:``b2bi``: [``botocore``] Increasing TestMapping inputFileContent
file size limit to 5MB and adding file size limit 250KB for TestParsing
input file. This release also includes exposing InternalServerException
for Tag APIs.
* api-change:``cloudtrail``: [``botocore``] This release adds a new API
ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
* api-change:``connect``: [``botocore``] GetMetricDataV2 now supports 3
groupings
* api-change:``drs``: [``botocore``] Removed invalid and unnecessary
default values.
* api-change:``firehose``: [``botocore``] Allow support for Snowflake as
a Kinesis Data Firehose delivery destination.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Increase
BatchGetRecord limits from 10 items to 100 items
- From 1.34.21
* api-change:``dynamodb``: [``botocore``] Updating note for enabling streams
for UpdateTable.
* api-change:``keyspaces``: [``botocore``] This release adds support for
Multi-Region Replication with provisioned tables, and Keyspaces auto
scaling APIs
- From 1.34.20
* api-change:``iot``: [``botocore``] Revert release of LogTargetTypes
* api-change:``iotfleetwise``: [``botocore``] Updated APIs: SignalNodeType
query parameter has been added to ListSignalCatalogNodesRequest and
ListVehiclesResponse has been extended with attributes field.
* api-change:``macie2``: [``botocore``] This release adds support for
analyzing Amazon S3 objects that are encrypted using dual-layer
server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support
for reporting DSSE-KMS details in statistics and metadata about
encryption settings for S3 buckets and objects.
* api-change:``payment-cryptography``: [``botocore``] Provide an additional
option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31
in ImportKey and ExportKey operations. Added new key usage (type)
TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane
operations with ISO9797 Algorithm 1 MAC calculations.
* api-change:``personalize-runtime``: [``botocore``] Documentation updates
for Amazon Personalize
* api-change:``personalize``: [``botocore``] Documentation updates for
Amazon Personalize.
* api-change:``rekognition``: [``botocore``] This release adds ContentType
and TaxonomyLevel attributes to DetectModerationLabels and
GetMediaAnalysisJob API responses.
* api-change:``securityhub``: [``botocore``] Documentation updates for
AWS Security Hub
- From 1.34.19
* api-change:``sagemaker``: [``botocore``] This release will have
ValidationException thrown if certain invalid app types are provided. The
release will also throw ValidationException if more than 10 account ids
are provided in VpcOnlyTrustedAccounts.
- From 1.34.18
* api-change:``connect``: [``botocore``] Supervisor Barge for Chat is now
supported through the MonitorContact API.
* api-change:``connectparticipant``: [``botocore``] Introduce new
Supervisor participant role
* api-change:``location``: [``botocore``] Location SDK documentation update.
Added missing fonts to the MapConfiguration data type. Updated note for
the SubMunicipality property in the place data type.
* api-change:``mwaa``: [``botocore``] This Amazon MWAA feature release
includes new fields in CreateWebLoginToken response model. The new fields
IamIdentity and AirflowIdentity will let you match identifications, as
the Airflow identity length is currently hashed to 64 characters.
* api-change:``s3control``: [``botocore``] S3 On Outposts team adds
dualstack endpoints support for S3Control and S3Outposts API calls.
* api-change:``supplychain``: [``botocore``] This release includes APIs
CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
* api-change:``transfer``: [``botocore``] AWS Transfer Family now supports
static IP addresses for SFTP & AS2 connectors and for async MDNs on AS2
servers.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.17
* api-change:``ec2``: [``botocore``] This release adds support for adding
an ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``ecs``: [``botocore``] This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``events``: [``botocore``] Update events client to latest
version
* api-change:``iot``: [``botocore``] Add ConflictException to Update APIs of
AWS IoT Software Package Catalog
* api-change:``iotfleetwise``: [``botocore``] The following dataTypes have
been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType;
CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason;
CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in
NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
* api-change:``secretsmanager``: [``botocore``] Doc only update for Secrets
Manager
* api-change:``workspaces``: [``botocore``] Added AWS Workspaces
RebootWorkspaces API - Extended Reboot documentation update
- From 1.34.16
* api-change:``connectcampaigns``: [``botocore``] Minor pattern updates
for Campaign and Dial Request API fields.
* api-change:``location``: [``botocore``] This release adds API support for
custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
* api-change:``logs``: [``botocore``] Add support for account level
subscription filter policies to PutAccountPolicy, DescribeAccountPolicies,
and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been
modified with new optional "selectionCriteria" parameter for resource
selection.
* api-change:``qconnect``: [``botocore``] QueryAssistant and
GetRecommendations will be discontinued starting June 1, 2024. To receive
generative responses after March 1, 2024 you will need to create a new
Assistant in the Connect console and integrate the Amazon Q in Connect
JavaScript library (amazon-q-connectjs) into your applications.
* api-change:``redshift-serverless``: [``botocore``] Updates to
ConfigParameter for RSS workgroup, removal of use_fips_ssl
* api-change:``route53``: [``botocore``] Route53 now supports geoproximity
routing in AWS regions
* api-change:``wisdom``: [``botocore``] QueryAssistant and GetRecommendations
will be discontinued starting June 1, 2024. To receive generative responses
after March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
- From 1.34.15
* api-change:``codebuild``: [``botocore``] Aws CodeBuild now supports new
compute type BUILD_GENERAL1_XLARGE
* api-change:``ec2``: [``botocore``] Amazon EC2 R7iz bare metal instances
are powered by custom 4th generation Intel Xeon Scalable processors.
* api-change:``route53resolver``: [``botocore``] This release adds support
for query type configuration on firewall rules that enables customers for
granular action (ALLOW, ALERT, BLOCK) by DNS query type.
- From 1.34.14
* api-change:``connect``: [``botocore``] Minor trait updates for User APIs
* api-change:``kms``: [``botocore``] Documentation updates for AWS Key
Management Service (KMS).
* api-change:``redshift-serverless``: [``botocore``] use_fips_ssl and
require_ssl parameter support for Workgroup, UpdateWorkgroup, and
CreateWorkgroup
-From 1.34.13
* api-change:``config``: [``botocore``] Updated ResourceType enum with new
resource types onboarded by AWS Config in November and December 2023.
* api-change:``docdb``: [``botocore``] Adding PerformanceInsightsEnabled and
PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.
* api-change:``ecs``: [``botocore``] This release adds support for managed
instance draining which facilitates graceful termination of Amazon ECS
instances.
* api-change:``es``: [``botocore``] This release adds support for new or
existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with
perfect forward secrecy cipher suites for domain endpoints.
* api-change:``lightsail``: [``botocore``] This release adds support to set
up an HTTPS endpoint on an instance.
* api-change:``opensearch``: [``botocore``] This release adds support for
new or existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2
with perfect forward secrecy cipher suites for domain endpoints.
* api-change:``sagemaker``: [``botocore``] Adding support for provisioned
throughput mode for SageMaker Feature Groups
* api-change:``servicecatalog``: [``botocore``] Added Idempotency token
support to Service Catalog AssociateServiceActionWithProvisioningArtifact,
DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.12
* api-change:``connect``: [``botocore``] Amazon Connect, Contact Lens
Evaluation API increase evaluation notes max length to 3072.
* api-change:``mediaconvert``: [``botocore``] This release includes video
engine updates including HEVC improvements, support for ingesting VP9
encoded video in MP4 containers, and support for user-specified 3D LUTs.
- From 1.34.11
* api-change:``apprunner``: [``botocore``] AWS App Runner adds Python 3.11
and Node.js 18 runtimes.
* api-change:``location``: [``botocore``] This release introduces a new
parameter to bypasses an API key's expiry conditions and delete the key.
* api-change:``quicksight``: [``botocore``] Add LinkEntityArn support for
different partitions; Add UnsupportedUserEditionException in
UpdateDashboardLinks API; Add support for New Reader Experience Topics
- From 1.34.10
* api-change:``codestar-connections``: [``botocore``] New integration with
the GitLab self-managed provider type.
* api-change:``kinesis-video-archived-media``: [``botocore``]
NoDataRetentionException thrown when GetImages requested for a Stream
that does not retain data (that is, has a DataRetentionInHours of 0).
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Studio now
supports Docker access from within app container
- From 1.34.9
* api-change:``emr``: [``botocore``] Update emr client to latest version
- From 1.34.8
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity
and Access Management (IAM).
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules
client to latest version
- From 1.34.7
* api-change:``bedrock-agent``: [``botocore``] Adding Claude 2.1 support to
Bedrock Agents
* api-change:``glue``: [``botocore``] This release adds additional
configurations for Query Session Context on the following APIs:
GetUnfilteredTableMetadata, GetUnfilteredPartitionMetadata,
GetUnfilteredPartitionsMetadata.
* api-change:``lakeformation``: [``botocore``] This release adds additional
configurations on GetTemporaryGlueTableCredentials for Query Session
Context.
* api-change:``mediaconnect``: [``botocore``] This release adds the
DescribeSourceMetadata API. This API can be used to view the stream
information of the flow's source.
* api-change:``networkmonitor``: [``botocore``] CloudWatch Network Monitor
is a new service within CloudWatch that will help network administrators
and operators continuously monitor network performance metrics such as
round-trip-time and packet loss between their AWS-hosted applications and
their on-premises locations.
* api-change:``omics``: [``botocore``] Provides minor corrections and an
updated description of APIs.
* api-change:``secretsmanager``: [``botocore``] Update endpoint rules and
examples.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.6
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.19
* api-change:``amp``: [``botocore``] This release updates Amazon Managed
Service for Prometheus APIs to support customer managed KMS keys.
* api-change:``appintegrations``: [``botocore``] The Amazon AppIntegrations
service adds DeleteApplication API for deleting applications, and updates
APIs to support third party applications reacting to workspace events and
make data requests to Amazon Connect for agent and contact events.
* api-change:``bedrock-agent``: [``botocore``] This release introduces
Amazon Aurora as a vector store on Knowledge Bases for Amazon Bedrock
* api-change:``codecommit``: [``botocore``] AWS CodeCommit now supports
customer managed keys from AWS Key Management Service.
UpdateRepositoryEncryptionKey is added for updating the key configuration.
CreateRepository, GetRepository, BatchGetRepositories are updated with new
input or output parameters.
* api-change:``connect``: [``botocore``] Adds APIs to manage User
Proficiencies and Predefined Attributes. Enhances StartOutboundVoiceContact
API input. Introduces SearchContacts API. Enhances DescribeContact API.
Adds an API to update Routing Attributes in QueuePriority and
QueueTimeAdjustmentSeconds.
* api-change:``medialive``: [``botocore``] MediaLive now supports the ability
to configure the audio that an AWS Elemental Link UHD device produces, when
the device is configured as the source for a flow in AWS Elemental
MediaConnect.
* api-change:``neptune-graph``: [``botocore``] Adds Waiters for successful
creation and deletion of Graph, Graph Snapshot, Import Task and Private
Endpoints for Neptune Analytics
* api-change:``rds-data``: [``botocore``] This release adds support for
using RDS Data API with Aurora PostgreSQL Serverless v2 and provisioned DB
clusters.
* api-change:``rds``: [``botocore``] This release adds support for using RDS
Data API with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Training now
provides model training container access for debugging purposes. Amazon
SageMaker Search now provides the ability to use visibility conditions to
limit resource access to a single domain or multiple domains.
- From 1.34.5
* api-change:``appstream``: [``botocore``] This release introduces
configurable clipboard, allowing admins to specify the maximum length of
text that can be copied by the users from their device to the remote
session and vice-versa.
* api-change:``eks``: [``botocore``] Add support for cluster insights, new
EKS capability that surfaces potentially upgrade impacting issues.
* api-change:``guardduty``: [``botocore``] This release 1) introduces a new
API: GetOrganizationStatistics , and 2) adds a new UsageStatisticType
TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API
* api-change:``managedblockchain-query``: [``botocore``] Adding Confirmation
Status and Execution Status to GetTransaction Response.
* api-change:``mediatailor``: [``botocore``] Adds the ability to configure
time shifting on MediaTailor channels using the TimeShiftConfiguration
field
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the
Canada West (Calgary) Region (ca-west-1) for latency records, geoproximity
records, and private DNS for Amazon VPCs in that region.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.4
* api-change:``appsync``: [``botocore``] This release adds additional
configurations on GraphQL APIs for limits on query depth, resolver count,
and introspection
* api-change:``chime-sdk-meetings``: [``botocore``] Add meeting features to
specify a maximum camera resolution, a maximum content sharing resolution,
and a maximum number of attendees for a given meeting.
* api-change:``ec2``: [``botocore``] Provision BYOIPv4 address ranges and
advertise them by specifying the network border groups option in
Los Angeles, Phoenix and Dallas AWS Local Zones.
* api-change:``fsx``: [``botocore``] Added support for FSx for OpenZFS
on-demand data replication across AWS accounts and/or regions.Added the
IncludeShared attribute for DescribeSnapshots.Added the CopyStrategy
attribute for OpenZFSVolumeConfiguration.
* api-change:``marketplace-catalog``: [``botocore``] AWS Marketplace now
supports a new API, BatchDescribeEntities, which returns metadata and
content for multiple entities.
* api-change:``rds``: [``botocore``] RDS - The release adds two new APIs:
DescribeDBRecommendations and ModifyDBRecommendation
- From 1.34.3
* api-change:``cognito-idp``: [``botocore``] Amazon Cognito now supports
trigger versions that define the fields in the request sent to pre token
generation Lambda triggers.
* api-change:``eks``: [``botocore``] Add support for EKS Cluster Access
Management.
* api-change:``quicksight``: [``botocore``] A docs-only release to add
missing entities to the API reference.
* api-change:``route53resolver``: [``botocore``] Add DOH protocols in
resolver endpoints.
- From 1.34.2
* api-change:``cloud9``: [``botocore``] Updated Cloud9 API documentation for
AL2023 release
* api-change:``connect``: [``botocore``] Adds relatedContactId field to
StartOutboundVoiceContact API input. Introduces PauseContact API and
ResumeContact API for Task contacts. Adds pause duration, number of pauses,
timestamps for last paused and resumed events to DescribeContact API
response. Adds new Rule type and new Rule action.
* api-change:``connectcases``: [``botocore``] Increase number of fields that
can be included in CaseEventIncludedData from 50 to 200
* api-change:``kms``: [``botocore``] Documentation updates for AWS Key
Management Service
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation by
adding code examples
* api-change:``sagemaker``: [``botocore``] This release 1) introduces a new
API: DeleteCompilationJob , and 2) adds InfraCheckConfig for
Create/Describe training job API
- From 1.34.1
* api-change:``appstream``: [``botocore``] This release includes support for
images of Windows Server 2022 platform.
* api-change:``b2bi``: [``botocore``] Documentation updates for AWS B2B Data
Interchange
* api-change:``billingconductor``: [``botocore``] Billing Conductor is
releasing a new API, GetBillingGroupCostReport, which provides the ability
to retrieve/view the Billing Group Cost Report broken down by attributes
for a specific billing group.
* api-change:``connect``: [``botocore``] This release adds support for more
granular billing using tags (key:value pairs)
* api-change:``controltower``: [``botocore``] Documentation updates for
AWS Control Tower.
* api-change:``firehose``: [``botocore``] This release, 1) adds configurable
buffering hints for the Splunk destination, and 2) reduces the minimum
configurable buffering interval for supported destinations
* api-change:``gamelift``: [``botocore``] Amazon GameLift adds the ability
to add and update the game properties of active game sessions.
* api-change:``iot``: [``botocore``] This release adds the ability to
self-manage certificate signing in AWS IoT Core fleet provisioning using
the new certificate provider resource.
* api-change:``neptune-graph``: [``botocore``] This is the initial SDK
release for Amazon Neptune Analytics
* api-change:``opensearch``: [``botocore``] Updating documentation for Amazon
OpenSearch Service support for new zero-ETL integration with Amazon S3.
* api-change:``quicksight``: [``botocore``] Update Dashboard Links support;
SingleAxisOptions support; Scatterplot Query limit support.
* api-change:``workspaces``: [``botocore``] Updated note to ensure customers
understand running modes.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.0
* feature:Python: End of support for Python 3.7
* feature:Python: [``botocore``] End of support for Python 3.7
* api-change:``drs``: [``botocore``] Adding AgentVersion to SourceServer and
RecoveryInstance structures
- From 1.33.13
* api-change:``imagebuilder``: [``botocore``] This release adds the Image
Workflows feature to give more flexibility and control over the image
building and testing process.
* api-change:``location``: [``botocore``] This release 1) adds
sub-municipality field in Places API for searching and getting places
information, and 2) allows optimizing route calculation based on expected
arrival time.
* api-change:``logs``: [``botocore``] This release introduces the
StartLiveTail API to tail ingested logs in near real time.
- From 1.33.12
* api-change:``neptune``: [``botocore``] This release adds a new parameter
configuration setting to the Neptune cluster related APIs that can be
leveraged to switch between the underlying supported storage modes.
* api-change:``pinpoint``: [``botocore``] This release includes Amazon
Pinpoint API documentation updates pertaining to campaign message sending
rate limits.
* api-change:``securityhub``: [``botocore``] Added new resource detail
objects to ASFF, including resources for AwsDynamoDbTable,
AwsEc2ClientVpnEndpoint, AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- Update to 1.33.11:
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``ec2``: [``botocore``] M2 Mac instances are built on Apple M2 Mac mini computers. I4i
instances are powered by 3rd generation Intel Xeon Scalable processors. C7i compute optimized, M7i
general purpose and R7i memory optimized instances are powered by custom 4th Generation Intel Xeon
Scalable processors.
* api-change:``finspace``: [``botocore``] Releasing Scaling Group, Dataview, and Volume APIs
- from version 1.33.10
* api-change:``codedeploy``: [``botocore``] This release adds support for two new CodeDeploy
features: 1) zonal deployments for Amazon EC2 in-place deployments, 2) deployments triggered by
Auto Scaling group termination lifecycle hook events.
- from version 1.33.9
* api-change:``backup``: [``botocore``] AWS Backup - Features: Add VaultType to the output of
DescribeRecoveryPoint, ListRecoveryPointByBackupVault API and add ResourceType to the input of
ListRestoreJobs API
* api-change:``comprehend``: [``botocore``] Documentation updates for Trust and Safety features.
* api-change:``connect``: [``botocore``] Releasing Tagging Support for Instance Management APIS
* api-change:``ec2``: [``botocore``] Releasing the new cpuManufacturer attribute within the
DescribeInstanceTypes API response which notifies our customers with information on who the
Manufacturer is for the processor attached to the instance, for example: Intel.
* api-change:``payment-cryptography``: [``botocore``] AWS Payment Cryptography IPEK feature release
- from version 1.33.8
* api-change:``athena``: [``botocore``] Adding IdentityCenter enabled request for interactive query
* api-change:``cleanroomsml``: [``botocore``] Updated service title from cleanroomsml to
CleanRoomsML.
* api-change:``cloudformation``: [``botocore``] Documentation update, December 2023
* api-change:``ec2``: [``botocore``] Adds A10G, T4G, and H100 as accelerator name options and
Habana as an accelerator manufacturer option for attribute based selection
- from version 1.33.7
* api-change:``billingconductor``: [``botocore``] This release adds the ability to specify a linked
account of the billing group for the custom line item resource.
* api-change:``braket``: [``botocore``] This release enhances service support to create quantum
tasks and hybrid jobs associated with Braket Direct Reservations.
* api-change:``cloud9``: [``botocore``] This release adds the requirement to include the imageId
parameter in the CreateEnvironmentEC2 API call.
* api-change:``cloudformation``: [``botocore``] Including UPDATE_* states as a success status for
CreateStack waiter.
* api-change:``finspace``: [``botocore``] Release General Purpose type clusters
* api-change:``medialive``: [``botocore``] Adds support for custom color correction on channels
using 3D LUT files.
* api-change:``servicecatalog-appregistry``: [``botocore``] Documentation-only updates for Dawn
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.6
* api-change:``qconnect``: [``botocore``] This release adds the PutFeedback API and allows
providing feedback against the specified assistant for the specified target.
* api-change:``rbin``: [``botocore``] Added resource identifier in the output and updated error
handling.
* api-change:``verifiedpermissions``: [``botocore``] Adds description field to PolicyStore API's
and namespaces field to GetSchema.
- from version 1.33.5
* api-change:``arc-zonal-shift``: [``botocore``] This release adds a new capability, zonal
autoshift. You can configure zonal autoshift so that AWS shifts traffic for a resource away from an
Availability Zone, on your behalf, when AWS determines that there is an issue that could
potentially affect customers in the Availability Zone.
* api-change:``glue``: [``botocore``] Adds observation and analyzer support to the
GetDataQualityResult and BatchGetDataQualityResult APIs.
* api-change:``sagemaker``: [``botocore``] This release adds support for 1/ Code Editor, based on
Code-OSS, Visual Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/
JupyterLab, a new fully managed JupyterLab IDE experience in SageMaker Studio
- from version 1.33.4
* bugfix:``s3transfer``: Raise floor for ``s3transfer`` to 0.8.2 to avoid any conflicts with the
awscrt
* api-change:``marketplace-agreement``: [``botocore``] The AWS Marketplace Agreement Service
provides an API interface that helps AWS Marketplace sellers manage their agreements, including
listing, filtering, and viewing details about their agreements.
* api-change:``marketplace-catalog``: [``botocore``] This release enhances the ListEntities API to
support new entity type-specific strongly typed filters in the request and entity type-specific
strongly typed summaries in the response.
* api-change:``marketplace-deployment``: [``botocore``] AWS Marketplace Deployment is a new service
that provides essential features that facilitate the deployment of software, data, and services
procured through AWS Marketplace.
* api-change:``redshift-serverless``: [``botocore``] This release adds the following support for
Amazon Redshift Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3)
scheduling snapshot creation, and 4) restoring tables from a recovery point.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.3
* api-change:``application-autoscaling``: [``botocore``] Amazon SageMaker customers can now use
Application Auto Scaling to automatically scale the number of Inference Component copies across an
endpoint to meet the varying demand of their workloads.
* api-change:``cleanrooms``: [``botocore``] AWS Clean Rooms now provides differential privacy to
protect against user-identification attempts and machine learning modeling to allow two parties to
identify similar users in their data.
* api-change:``cleanroomsml``: [``botocore``] Public Preview SDK release of AWS Clean Rooms ML APIs
* api-change:``opensearch``: [``botocore``] Launching Amazon OpenSearch Service support for new
zero-ETL integration with Amazon S3. Customers can now manage their direct query data sources to
Amazon S3 programatically
* api-change:``opensearchserverless``: [``botocore``] Amazon OpenSearch Serverless collections
support an additional attribute called standby-replicas. This allows to specify whether a
collection should have redundancy enabled.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: [``botocore``] This release adds following support 1/ Improved SDK
tooling for model deployment. 2/ New Inference Component based features to lower inference costs
and latency 3/ SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in
Autopilot
* api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.2
* api-change:``accessanalyzer``: [``botocore``] This release adds support for external access
findings for S3 directory buckets to help you easily identify cross-account access. Updated service
API, documentation, and paginators.
* api-change:``bedrock-agent-runtime``: [``botocore``] This release introduces Agents for Amazon
Bedrock Runtime
* api-change:``bedrock-agent``: [``botocore``] This release introduces Agents for Amazon Bedrock
* api-change:``bedrock-runtime``: [``botocore``] This release adds support for minor
versions/aliases for invoke model identifier.
* api-change:``bedrock``: [``botocore``] This release adds support for customization types, model
life cycle status and minor versions/aliases for model identifiers.
* api-change:``connect``: [``botocore``] Added support for following capabilities: Amazon Connect's
in-app, web, and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics
feature. Amazon Connect Analytics Datalake capability. Capability to configure real time chat rules.
* api-change:``customer-profiles``: [``botocore``] This release introduces DetectProfileObjectType
API to auto generate object type mapping.
* api-change:``qbusiness``: [``botocore``] Amazon Q - a generative AI powered application that your
employees can use to ask questions and get answers from knowledge spread across disparate content
repositories, summarize reports, write articles, take actions, and much more - all within their
company's connected content repositories.
* api-change:``qconnect``: [``botocore``] Amazon Q in Connect, an LLM-enhanced evolution of Amazon
Connect Wisdom. This release adds generative AI support to Amazon Q Connect QueryAssistant and
GetRecommendations APIs.
* api-change:``s3``: [``botocore``] Adds support for S3 Express One Zone.
* api-change:``s3control``: [``botocore``] Adds support for S3 Express One Zone, and
InvocationSchemaVersion 2.0 for S3 Batch Operations.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.1
* api-change:``elasticache``: [``botocore``] Launching Amazon ElastiCache Serverless that enables
you to create a cache in under a minute without any capacity management. ElastiCache Serverless
monitors the cache's memory, CPU, and network usage and scales both vertically and horizontally to
support your application's requirements.
- from version 1.33.0
* enhancement:Versioning: Bump boto3 from 1.29.7 to 1.33.0 to match Botocore versioning scheme.
* feature:``s3``: Boto3 will now opt into using the awscrt on select EC2 instance types for s3
transfers.
* feature:Versioning: [``botocore``] With the release of Botocore 1.33.0, Boto3 and Botocore will
share the same version number.
* api-change:``appsync``: [``botocore``] This update enables introspection of Aurora cluster
databases using the RDS Data API
* api-change:``b2bi``: [``botocore``] This is the initial SDK release for AWS B2B Data Interchange.
* api-change:``backup``: [``botocore``] AWS Backup now supports restore testing, a new feature that
allows customers to automate restore testing and validating their backups. Additionally, this
release adds support for EBS Snapshots Archive tier.
* api-change:``controltower``: [``botocore``] This release adds the following support: 1. The
EnableControl API can configure controls that are configurable. 2. The GetEnabledControl API shows
the configured parameters on an enabled control. 3. The new UpdateEnabledControl API can change
parameters on an enabled control.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``fis``: [``botocore``] AWS FIS adds support for multi-account experiments & empty
target resolution. This release also introduces the CreateTargetAccountConfiguration API that
allows experiments across multiple AWS accounts, and the ListExperimentResolvedTargets API to list
target details.
* api-change:``glue``: [``botocore``] add observations support to DQ CodeGen config model + update
document for connectiontypes supported by ConnectorData entities
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for support for RDS for Db2.
* api-change:``securityhub``: [``botocore``] Adds and updates APIs to support central
configuration. This feature allows the Security Hub delegated administrator to configure Security
Hub for their entire AWS Org across multiple regions from a home Region. With this release,
findings also include account name and application metadata.
* api-change:``transcribe``: [``botocore``] This release adds support for AWS HealthScribe APIs
within Amazon Transcribe
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.7
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.17
* api-change:``accessanalyzer``: [``botocore``] IAM Access Analyzer now continuously monitors IAM
roles and users in your AWS account or organization to generate findings for unused access.
Additionally, IAM Access Analyzer now provides custom policy checks to validate that IAM policies
adhere to your security standards ahead of deployments.
* api-change:``amp``: [``botocore``] This release adds support for the Amazon Managed Service for
Prometheus collector, a fully managed, agentless Prometheus metrics scraping capability.
* api-change:``bcm-data-exports``: [``botocore``] Users can create, read, update, delete Exports of
billing and cost management data. Users can get details of Export Executions and details of Tables
for exporting. Tagging support is provided for Exports
* api-change:``cloudtrail``: [``botocore``] CloudTrail Lake now supports federating event data
stores. giving users the ability to run queries against their event data using Amazon Athena.
* api-change:``codestar-connections``: [``botocore``] This release adds support for the
CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template
stored in a Git repository.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate recommendations with customization and discounts preferences.
* api-change:``config``: [``botocore``] Support Periodic Recording for Configuration Recorder
* api-change:``controltower``: [``botocore``] Add APIs to create and manage a landing zone.
* api-change:``cost-optimization-hub``: [``botocore``] This release launches Cost Optimization Hub,
a new AWS Billing and Cost Management feature that helps you consolidate and prioritize cost
optimization recommendations across your AWS Organizations member accounts and AWS Regions, so that
you can get the most out of your AWS spend.
* api-change:``detective``: [``botocore``] Added new APIs in Detective to support resource
investigations
* api-change:``ecs``: [``botocore``] Adds a new 'type' property to the Setting structure. Adds a
new AccountSetting - guardDutyActivate for ECS.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``eks-auth``: [``botocore``] This release adds support for EKS Pod Identity feature.
EKS Pod Identity makes it easy for customers to obtain IAM permissions for their applications
running in the EKS clusters.
* api-change:``eks``: [``botocore``] This release adds support for EKS Pod Identity feature. EKS
Pod Identity makes it easy for customers to obtain IAM permissions for the applications running in
their EKS clusters.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``freetier``: [``botocore``] This is the initial SDK release for the AWS Free Tier
GetFreeTierUsage API
* api-change:``fsx``: [``botocore``] Added support for FSx for ONTAP scale-out file systems and
FlexGroup volumes. Added the HAPairs field and ThroughputCapacityPerHAPair for filesystem. Added
AggregateConfiguration (containing Aggregates and ConstituentsPerAggregate) and SizeInBytes for
volume.
* api-change:``guardduty``: [``botocore``] Add support for Runtime Monitoring for ECS and ECS-EC2.
* api-change:``iotfleetwise``: [``botocore``] AWS IoT FleetWise introduces new APIs for vision
system data, such as data collected from cameras, radars, and lidars. You can now model and decode
complex data types.
* api-change:``lakeformation``: [``botocore``] This release adds four new APIs
"DescribeLakeFormationIdentityCenterConfiguration",
"CreateLakeFormationIdentityCenterConfiguration",
"DescribeLakeFormationIdentityCenterConfiguration", and
"DeleteLakeFormationIdentityCenterConfiguration", and also updates the corresponding documentation.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
* api-change:``logs``: [``botocore``] Added APIs to Create, Update, Get, List and Delete
LogAnomalyDetectors and List and Update Anomalies in Detector. Added LogGroupClass attribute for
LogGroups to classify loggroup as Standard loggroup with all capabilities or InfrequentAccess
loggroup with limited capabilities.
* api-change:``managedblockchain``: [``botocore``] Add optional NetworkType property to Accessor
APIs
* api-change:``personalize-events``: [``botocore``] This release enables PutActions and
PutActionInteractions
* api-change:``personalize-runtime``: [``botocore``] Enables metadata in recommendations and next
best action recommendations
* api-change:``personalize``: [``botocore``] Enables metadata in recommendations, recommendations
with themes, and next best action recommendations
* api-change:``quicksight``: [``botocore``] This release launches new APIs for trusted identity
propagation setup and supports creating datasources using trusted identity propagation as
authentication method for QuickSight accounts configured with IAM Identity Center.
* api-change:``redshift``: [``botocore``] This release adds support for multi-data warehouse writes
through data sharing.
* api-change:``repostspace``: [``botocore``] Initial release of AWS re:Post Private
* api-change:``s3``: [``botocore``] Adding new params - Key and Prefix, to S3 API operations for
supporting S3 Access Grants. Note - These updates will not change any of the existing S3 API
functionality.
* api-change:``s3control``: [``botocore``] Introduce Amazon S3 Access Grants, a new S3 access
control feature that maps identities in directories such as Active Directory, or AWS Identity and
Access Management (IAM) Principals, to datasets in S3.
* api-change:``secretsmanager``: [``botocore``] AWS Secrets Manager has released the
BatchGetSecretValue API, which allows customers to fetch up to 20 Secrets with a single request
using a list of secret names or filters.
* api-change:``securityhub``: [``botocore``] Adds and updates APIs to support customizable security
controls. This feature allows Security Hub customers to provide custom parameters for security
controls. With this release, findings for controls that support custom parameters will include the
parameters used to generate the findings.
* api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
* api-change:``transcribe``: [``botocore``] This release adds support for transcriptions from audio
sources in 64 new languages and introduces generative call summarization in Transcribe Call
Analytics (Post call)
* api-change:``workspaces-thin-client``: [``botocore``] Initial release of Amazon WorkSpaces Thin
Client
* api-change:``workspaces``: [``botocore``] The release introduces Multi-Region Resilience one-way
data replication that allows you to replicate data from your primary WorkSpace to a standby
WorkSpace in another AWS Region. DescribeWorkspaces now returns the status of data replication.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- Update BuildRequires and Requires from setup.py
- Update to 1.29.6:
* bugfix:sqs: [``botocore``] Rolled back recent change to wire format protocol
* api-change:``kinesis``: [``botocore``] This release adds support for resource based policies on
streams and consumers.
* api-change:``s3control``: [``botocore``] Amazon S3 Batch Operations now manages buckets or
prefixes in a single step.
* api-change:``sagemaker``: [``botocore``] This feature adds the end user license agreement status
as a model access configuration parameter.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.5
* api-change:``cloudfront-keyvaluestore``: [``botocore``] This release adds support for CloudFront
KeyValueStore, a globally managed key value datastore associated with CloudFront Functions.
* api-change:``cloudfront``: [``botocore``] This release adds support for CloudFront KeyValueStore,
a globally managed key value datastore associated with CloudFront Functions.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``inspector-scan``: [``botocore``] This release adds support for the new Amazon
Inspector Scan API. The new Inspector Scan API can synchronously scan SBOMs adhering to the
CycloneDX v1.5 format.
* api-change:``iotsitewise``: [``botocore``] Adds 1/ user-defined unique identifier for asset and
model metadata, 2/ asset model components, and 3/ query API for asset metadata and telemetry data.
Supports 4/ multi variate anomaly detection using Amazon Lookout for Equipment, 5/ warm storage
tier, and 6/ buffered ingestion of time series data.
* api-change:``iottwinmaker``: [``botocore``] This release adds following support. 1. New APIs for
metadata bulk operations. 2. Modify the component type API to support composite component types -
nesting component types within one another. 3. New list APIs for components and properties. 4.
Support the larger scope digital twin modeling.
* api-change:``s3``: [``botocore``] Add support for automatic date based partitioning in S3 Server
Access Logs.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.4
* enhancement:IMDS: [``botocore``] Adds a config option to opt out of IMDSv1 fallback
* api-change:``codestar-connections``: [``botocore``] This release updates a few CodeStar
Connections related APIs.
* api-change:``docdb``: [``botocore``] Amazon DocumentDB updates for new cluster storage
configuration: Amazon DocumentDB I/O-Optimized.
* api-change:``ec2``: [``botocore``] This release adds support for Security group referencing over
Transit gateways, enabling you to simplify Security group management and control of
instance-to-instance traffic across VPCs that are connected by Transit gateway.
- from version 1.29.3
* api-change:``macie``: [``botocore``] The macie client has been removed following the deprecation
of the service.
* api-change:``appmesh``: [``botocore``] Change the default value of these fields from 0 to null:
MaxConnections, MaxPendingRequests, MaxRequests, HealthCheckThreshold, PortNumber, and
HealthCheckPolicy -> port. Users are not expected to perceive the change, except that
badRequestException is thrown when required fields missing configured.
* api-change:``athena``: [``botocore``] Adding SerivicePreProcessing time metric
* api-change:``cloud9``: [``botocore``] A minor doc only update related to changing the date of an
API change.
* api-change:``cloudformation``: [``botocore``] This release adds a new flag
ImportExistingResources to CreateChangeSet. Specify this parameter on a CREATE- or UPDATE-type
change set to import existing resources with custom names instead of recreating them.
* api-change:``codepipeline``: [``botocore``] CodePipeline now supports overriding source revisions
to achieve manual re-deploy of a past revision
* api-change:``codestar-connections``: [``botocore``] This release adds support for the
CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template
stored in a Git repository.
* api-change:``connect``: [``botocore``] This release adds WISDOM_QUICK_RESPONSES as new
IntegrationType of Connect IntegrationAssociation resource and bug fixes.
* api-change:``dlm``: [``botocore``] Added support for SAP HANA in Amazon Data Lifecycle Manager
EBS snapshot lifecycle policies with pre and post scripts.
* api-change:``ec2``: [``botocore``] This release adds new features for Amazon VPC IP Address
Manager (IPAM) Allowing a choice between Free and Advanced Tiers, viewing public IP address
insights across regions and in Amazon Cloudwatch, use IPAM to plan your subnet IPs within a VPC and
bring your own autonomous system number to IPAM.
* api-change:``ecr``: [``botocore``] Documentation and operational updates for Amazon ECR, adding
support for pull through cache rules for upstream registries that require authentication.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``internetmonitor``: [``botocore``] Adds new querying capabilities for running data
queries on a monitor
* api-change:``ivs``: [``botocore``] type & defaulting refinement to various range properties
* api-change:``ivschat``: [``botocore``] type & defaulting refinement to various range properties
* api-change:``kinesisvideo``: [``botocore``] Docs only build to bring up-to-date with public docs.
* api-change:``location``: [``botocore``] Remove default value and allow nullable for request
parameters having minimum value larger than zero.
* api-change:``medialive``: [``botocore``] MediaLive has now added support for per-output static
image overlay.
* api-change:``mgn``: [``botocore``] Removed invalid and unnecessary default values.
* api-change:``osis``: [``botocore``] Add support for enabling a persistent buffer when creating or
updating an OpenSearch Ingestion pipeline. Add tags to Pipeline and PipelineSummary response models.
* api-change:``pipes``: [``botocore``] TargetParameters now properly supports
BatchJobParameters.ArrayProperties.Size and BatchJobParameters.RetryStrategy.Attempts being
optional, and EcsTaskParameters.Overrides.EphemeralStorage.SizeInGiB now properly required when
setting EphemeralStorage
* api-change:``rds``: [``botocore``] This release adds support for option groups and replica
enhancements to Amazon RDS Custom.
* api-change:``redshift-serverless``: [``botocore``] Updated SDK for Amazon Redshift Serverless,
which provides the ability to configure a connection with IAM Identity Center to manage user and
group access to databases.
* api-change:``redshift``: [``botocore``] Updated SDK for Amazon Redshift, which you can use to
configure a connection with IAM Identity Center to manage access to databases. With these, you can
create a connection through a managed application. You can also change a managed application,
delete it, or get information about an existing one.
* api-change:``s3``: [``botocore``] Removes all default 0 values for numbers and false values for
booleans
* api-change:``sso-admin``: [``botocore``] Improves support for configuring RefreshToken and
TokenExchange grants on applications.
* api-change:``sso-oidc``: [``botocore``] Adding support for `sso-oauth:CreateTokenWithIAM`.
* api-change:``sts``: [``botocore``] API updates for the AWS Security Token Service
* api-change:``trustedadvisor``: [``botocore``] AWS Trusted Advisor introduces new APIs to enable
you to programmatically access Trusted Advisor best practice checks, recommendations, and
prioritized recommendations. Trusted Advisor APIs enable you to integrate Trusted Advisor with your
operational tools to automate your workloads.
* api-change:``verifiedpermissions``: [``botocore``] Adding BatchIsAuthorized API which supports
multiple authorization requests against a PolicyStore
* api-change:``wisdom``: [``botocore``] This release adds QuickResponse as a new Wisdom resource
and Wisdom APIs for import, create, read, search, update and delete QuickResponse resources.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.2
* api-change:``codecatalyst``: [``botocore``] This release includes updates to the Dev Environment
APIs to include an optional vpcConnectionName parameter that supports using Dev Environments with
Amazon VPC.
* api-change:``dlm``: [``botocore``] This release adds support for Amazon Data Lifecycle Manager
default policies for EBS snapshots and EBS-backed AMIs.
* api-change:``ec2``: [``botocore``] Enable use of tenant-specific PublicSigningKeyUrl from device
trust providers and onboard jumpcloud as a new device trust provider.
* api-change:``fsx``: [``botocore``] Enables customers to update their PerUnitStorageThroughput on
their Lustre file systems.
* api-change:``glue``: [``botocore``] Introduces new column statistics APIs to support statistics
generation for tables within the Glue Data Catalog.
* api-change:``imagebuilder``: [``botocore``] This release adds the Image Lifecycle Management
feature to automate the process of deprecating, disabling and deleting outdated images and their
associated resources.
* api-change:``iot``: [``botocore``] GA release the ability to index and search devices based on
their GeoLocation data. With GeoQueries you can narrow your search to retrieve devices located in
the desired geographic boundary.
* api-change:``ivs-realtime``: [``botocore``] This release introduces server side composition and
recording for stages.
* api-change:``kafka``: [``botocore``] Added a new API response field which determines if there is
an action required from the customer regarding their cluster.
* api-change:``lambda``: [``botocore``] Adds support for logging configuration in Lambda Functions.
Customers will have more control how their function logs are captured and to which cloud watch log
group they are delivered also.
* api-change:``macie2``: [``botocore``] This release adds support for configuring Macie to assume
an IAM role when retrieving sample occurrences of sensitive data reported by findings.
* api-change:``mediapackage``: [``botocore``] DRM_TOP_LEVEL_COMPACT allows placing content
protection elements at the MPD level and referenced at the AdaptationSet level
* api-change:``pinpoint-sms-voice-v2``: [``botocore``] Amazon Pinpoint now offers additional
operations as part of version 2 of the SMS and voice APIs. This release includes 26 new APIs to
create and manage phone number registrations, add verified destination numbers, and request sender
IDs.
* api-change:``polly``: [``botocore``] Add new engine - long-form - dedicated for longer content,
such as news articles, training materials, or marketing videos.
* api-change:``quicksight``: [``botocore``] Custom permission support for QuickSight roles; Three
new datasources STARBURST, TRINO, BIGQUERY; Lenient mode changes the default behavior to allow for
exporting and importing with certain UI allowed errors, Support for permissions and tags export and
import.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Studio now supports Trainium instance
types - trn1.2xlarge, trn1.32xlarge, trn1n.32xlarge.
* api-change:``ssm-incidents``: [``botocore``] Introduces new APIs ListIncidentFindings and
BatchGetIncidentFindings to use findings related to an incident.
* api-change:``ssm``: [``botocore``] This release introduces the ability to filter automation
execution steps which have parent steps. In addition, runbook variable information is returned by
GetAutomationExecution and parent step information is returned by the
DescribeAutomationStepExecutions API.
* api-change:``sso-admin``: [``botocore``] Instances bound to a single AWS account, API operations
for managing instances and applications, and assignments to applications are now supported. Trusted
identity propagation is also supported, with new API operations for managing trusted token issuers
and application grants and scopes.
* api-change:``transfer``: [``botocore``] Introduced S3StorageOptions for servers to enable
directory listing optimizations and added Type fields to logical directory mappings.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.1
* enhancement:Package Size: [``botocore``] The botocore .whl file distributed on PyPI now provides
compressed service models to improve total size on disk.
* api-change:``autoscaling``: [``botocore``] This release introduces Instance Maintenance Policy, a
new EC2 Auto Scaling capability that allows customers to define whether instances are launched
before or after existing instances are terminated during instance replacement operations.
* api-change:``cloudtrail``: [``botocore``] The Lake Repricing feature lets customers configure a
BillingMode for an event data store. The BillingMode determines the cost for ingesting and storing
events and the default and maximum retention period for the event data store.
* api-change:``codecatalyst``: [``botocore``] This release adds functionality for retrieving
information about workflows and workflow runs and starting workflow runs in Amazon CodeCatalyst.
* api-change:``ec2``: [``botocore``] AWS EBS now supports Snapshot Lock, giving users the ability
to lock an EBS Snapshot to prohibit deletion of the snapshot. This release introduces the
LockSnapshot, UnlockSnapshot & DescribeLockedSnapshots APIs to manage lock configuration for
snapshots. The release also includes the dl2q_24xlarge.
* api-change:``finspace-data``: [``botocore``] Adding deprecated trait to APIs in this name space.
* api-change:``finspace``: [``botocore``] Adding deprecated trait on Dataset Browser Environment
APIs
* api-change:``lambda``: [``botocore``] Add Java 21 (java21) support to AWS Lambda
* api-change:``mwaa``: [``botocore``] This Amazon MWAA release adds support for customer-managed
VPC endpoints. This lets you choose whether to create, and manage your environment's VPC endpoints,
or to have Amazon MWAA create, and manage them for you.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for support for upgrading RDS
for MySQL snapshots from version 5.7 to version 8.0.
* api-change:``redshift``: [``botocore``] The custom domain name SDK for Amazon Redshift
provisioned clusters is updated with additional required parameters for modify and delete
operations. Additionally, users can provide domain names with longer top-level domains.
* api-change:``s3control``: [``botocore``] Add 5 APIs to create, update, get, list, delete S3
Storage Lens group(eg. CreateStorageLensGroup), 3 APIs for
tagging(TagResource,UntagResource,ListTagsForResource), and update to StorageLensConfiguration to
allow metrics to be aggregated on Storage Lens groups.
* api-change:``ssm-sap``: [``botocore``] Update the default value of MaxResult to 50.
- from version 1.29.0
* feature:ContainerProvider: [``botocore``] Added Support for EKS container credentials
* api-change:``backup``: [``botocore``] AWS Backup - Features: Provide Job Summary for your backup
activity.
* api-change:``cleanrooms``: [``botocore``] This feature provides the ability for the collaboration
creator to configure either the member who can run queries or a different member in the
collaboration to be billed for query compute costs.
* api-change:``connect``: [``botocore``] Introducing SegmentAttributes parameter for
StartChatContact API
* api-change:``glue``: [``botocore``] Introduces new storage optimization APIs to support automatic
compaction of Apache Iceberg tables.
* api-change:``iot``: [``botocore``] This release introduces new attributes in API
CreateSecurityProfile, UpdateSecurityProfile and DescribeSecurityProfile to support management of
Metrics Export for AWS IoT Device Defender Detect.
* api-change:``lambda``: [``botocore``] Add Python 3.12 (python3.12) support to AWS Lambda
* api-change:``mediatailor``: [``botocore``] Removed unnecessary default values.
* api-change:``pipes``: [``botocore``] Added support (via new LogConfiguration field in CreatePipe
and UpdatePipe APIs) for logging to Amazon CloudWatch Logs, Amazon Simple Storage Service (Amazon
S3), and Amazon Kinesis Data Firehose
* api-change:``resource-explorer-2``: [``botocore``] Resource Explorer supports multi-account
search. You can now use Resource Explorer to search and discover resources across AWS accounts
within your organization or organizational unit.
* api-change:``sagemaker``: [``botocore``] This release makes Model Registry Inference
Specification fields as not required.
* api-change:``signer``: [``botocore``] Documentation updates for AWS Signer
* api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.85
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.12
* api-change:``dataexchange``: [``botocore``] Removed Required trait for
DataSet.OriginDetails.ProductId.
* api-change:``dms``: [``botocore``] Added new Db2 LUW Target endpoint with related endpoint
settings. New executeTimeout endpoint setting for mysql endpoint. New ReplicationDeprovisionTime
field for serverless describe-replications.
* api-change:``ec2``: [``botocore``] Adds the new EC2 DescribeInstanceTopology API, which you can
use to retrieve the network topology of your running instances on select platform types to
determine their relative proximity to each other.
* api-change:``ecs``: [``botocore``] Adds a Client Token parameter to the ECS RunTask API. The
Client Token parameter allows for idempotent RunTask requests.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``servicecatalog-appregistry``: [``botocore``] When the customer associates a resource
collection to their application with this new feature, then a new application tag will be applied
to all supported resources that are part of that collection. This allows customers to more easily
find the application that is associated with those resources.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.84
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.10
* api-change:``controltower``: [``botocore``] AWS Control Tower supports tagging for enabled
controls. This release introduces TagResource, UntagResource and ListTagsForResource APIs to manage
tags in existing enabled controls. It updates EnabledControl API to tag resources at creation time.
* api-change:``cur``: [``botocore``] This release adds support for tagging and customers can now
tag report definitions. Additionally, ReportStatus is now added to report definition to show when
the last delivered time stamp and if it succeeded or not.
* api-change:``ec2``: [``botocore``] EC2 adds API updates to enable ENA Express at instance launch
time.
* api-change:``fms``: [``botocore``] Adds optimizeUnassociatedWebACL flag to ManagedServiceData,
updates third-party firewall examples, and other minor documentation updates.
* api-change:``marketplace-entitlement``: [``botocore``] Update marketplace-entitlement client to
latest version
* api-change:``mediaconvert``: [``botocore``] This release includes the ability to specify any
input source as the primary input for corresponding follow modes, and allows users to specify fit
and fill behaviors without resizing content.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for zero-ETL integrations.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.83
* api-change:``cloudformation``: [``botocore``] Added new ConcurrencyMode feature for AWS
CloudFormation StackSets for faster deployments to target accounts.
* api-change:``cloudtrail``: [``botocore``] The Insights in Lake feature lets customers enable
CloudTrail Insights on a source CloudTrail Lake event data store and create a destination event
data store to collect Insights events based on unusual management event activity in the source
event data store.
* api-change:``comprehend``: [``botocore``] This release adds support for toxicity detection and
prompt safety classification.
* api-change:``connect``: [``botocore``] This release adds the ability to integrate customer lambda
functions with Connect attachments for scanning and updates the ListIntegrationAssociations API to
support filtering on IntegrationArn.
* api-change:``ec2``: [``botocore``] AWS EBS now supports Block Public Access for EBS Snapshots.
This release introduces the EnableSnapshotBlockPublicAccess, DisableSnapshotBlockPublicAccess and
GetSnapshotBlockPublicAccessState APIs to manage account-level public access settings for EBS
Snapshots in an AWS Region.
* api-change:``eks``: [``botocore``] Adding EKS Anywhere subscription related operations.
* api-change:``lambda``: [``botocore``] Add Custom runtime on Amazon Linux 2023 (provided.al2023)
support to AWS Lambda.
* api-change:``logs``: [``botocore``] Update to support new APIs for delivery of logs from AWS
services.
* api-change:``omics``: [``botocore``] Support UBAM filetype for Omics Storage and make
referenceArn optional
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.82
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol and bug fix.
- from version 1.28.81
* api-change:``connect``: [``botocore``] This release clarifies in our public documentation that
InstanceId is a requirement for SearchUsers API requests.
* api-change:``connectcases``: [``botocore``] This release adds the ability to add/view comment
authors through CreateRelatedItem and SearchRelatedItems API. For more information see
https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``datasync``: [``botocore``] This change allows for 0 length access keys and secret
keys for object storage locations. Users can now pass in empty string credentials.
* api-change:``guardduty``: [``botocore``] Added API support for new GuardDuty EKS Audit Log
finding types.
* api-change:``lambda``: [``botocore``] Add Node 20 (nodejs20.x) support to AWS Lambda.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``omics``: [``botocore``] Adding Run UUID and Run Output URI: GetRun and StartRun API
response has two new fields "uuid" and "runOutputUri".
* api-change:``rds``: [``botocore``] This Amazon RDS release adds support for patching the OS of an
RDS Custom for Oracle DB instance. You can now upgrade the database or operating system using the
modify-db-instance command.
* api-change:``redshift-serverless``: [``botocore``] Added a new parameter in the workgroup that
helps you control your cost for compute resources. This feature provides a ceiling for RPUs that
Amazon Redshift Serverless can scale up to. When automatic compute scaling is required, having a
higher value for MaxRPU can enhance query throughput.
* api-change:``resiliencehub``: [``botocore``] AWS Resilience Hub enhances Resiliency Score,
providing actionable recommendations to improve application resilience. Amazon Elastic Kubernetes
Service (EKS) operational recommendations have been added to help improve the resilience posture of
your applications.
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.80
* api-change:``dataexchange``: [``botocore``] Updated SendDataSetNotificationRequest Comment to be
maximum length 4096.
* api-change:``dlm``: [``botocore``] Added support for pre and post scripts in Amazon Data
Lifecycle Manager EBS snapshot lifecycle policies.
* api-change:``rds``: [``botocore``] This Amazon RDS release adds support for the multi-tenant
configuration. In this configuration, an RDS DB instance can contain multiple tenant databases. In
RDS for Oracle, a tenant database is a pluggable database (PDB).
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.79
* api-change:``ce``: [``botocore``] This release extends the GetReservationPurchaseRecommendation
API to support recommendations for Amazon MemoryDB reservations.
* api-change:``codebuild``: [``botocore``] AWS CodeBuild now supports AWS Lambda compute.
* api-change:``connect``: [``botocore``] Added new API that allows Amazon Connect Outbound
Campaigns to create contacts in Amazon Connect when ingesting your dial requests.
* api-change:``docdb``: [``botocore``] Update the input of CreateDBInstance and ModifyDBInstance to
support setting CA Certificates. Update the output of DescribeDBInstance and
DescribeDBEngineVersions to show current and supported CA certificates.
* api-change:``iam``: [``botocore``] Add partitional endpoint for iso-e.
* api-change:``mwaa``: [``botocore``] This release adds support for Apache Airflow version 2.7.2.
This version release includes support for deferrable operators and triggers.
* api-change:``polly``: [``botocore``] Amazon Polly adds new US English voices - Danielle and
Gregory. Danielle and Gregory are available as Neural voices only.
* api-change:``route53``: [``botocore``] Add partitional endpoints for iso-e and iso-f.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.78
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in October 2023.
* api-change:``connect``: [``botocore``] Amazon Connect Chat introduces Create Persistent Contact
Association API, allowing customers to choose when to resume previous conversations from previous
chats, eliminating the need to repeat themselves and allowing agents to provide personalized
service with access to entire conversation history.
* api-change:``iotwireless``: [``botocore``] Added LoRaWAN version 1.0.4 support
* api-change:``launch-wizard``: [``botocore``] AWS Launch Wizard is a service that helps reduce the
time it takes to deploy applications to the cloud while providing a guided deployment experience.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.77
* api-change:``apprunner``: [``botocore``] AWS App Runner now supports using dual-stack address
type for the public endpoint of your incoming traffic.
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Update to include new metrics
PERCENT_NON_TALK_TIME, PERCENT_TALK_TIME, PERCENT_TALK_TIME_AGENT, PERCENT_TALK_TIME_CUSTOMER
* api-change:``gamelift``: [``botocore``] Amazon GameLift adds support for shared credentials,
which allows applications that are deployed on managed EC2 fleets to interact with other AWS
resources.
* api-change:``glue``: [``botocore``] This release introduces Google BigQuery Source and Target in
AWS Glue CodeGenConfigurationNode.
* api-change:``network-firewall``: [``botocore``] This release introduces the stateless rule
analyzer, which enables you to analyze your stateless rules for asymmetric routing.
* api-change:``quicksight``: [``botocore``] This release introduces Float Decimal Type as SubType
in QuickSight SPICE datasets and Custom week start and Custom timezone options in Analysis and
Dashboard
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.76
* api-change:``connect``: [``botocore``] Adds the BatchGetFlowAssociation API which returns flow
associations (flow-resource) corresponding to the list of resourceArns supplied in the request.
This release also adds IsDefault, LastModifiedRegion and LastModifiedTime fields to the responses
of several Describe and List APIs.
* api-change:``globalaccelerator``: [``botocore``] Global Accelerator now support accelerators with
cross account endpoints.
* api-change:``rds``: [``botocore``] This release adds support for customized networking resources
to Amazon RDS Custom.
* api-change:``redshift``: [``botocore``] Added support for Multi-AZ deployments for Provisioned
RA3 clusters that provide 99.99% SLA availability.
* api-change:``sagemaker``: [``botocore``] Support for batch transform input in Model dashboard
- from version 1.28.75
* api-change:``amplify``: [``botocore``] Add backend field to CreateBranch and UpdateBranch
requests. Add pagination support for ListApps, ListDomainAssociations, ListBranches, and ListJobs
* api-change:``application-insights``: [``botocore``] Automate attaching managed policies
* api-change:``ec2``: [``botocore``] Capacity Blocks for ML are a new EC2 purchasing option for
reserving GPU instances on a future date to support short duration machine learning (ML) workloads.
Capacity Blocks automatically place instances close together inside Amazon EC2 UltraClusters for
low-latency, high-throughput networking.
* api-change:``m2``: [``botocore``] Added name filter ability for ListDataSets API, added
ForceUpdate for Updating environment and BatchJob submission using S3BatchJobIdentifier
* api-change:``neptunedata``: [``botocore``] Minor change to not retry CancelledByUserException
* api-change:``translate``: [``botocore``] Added support for Brevity translation settings feature.
- from version 1.28.74
* api-change:``connect``: [``botocore``] This release adds InstanceId field for phone number APIs.
* api-change:``dataexchange``: [``botocore``] We added a new API action: SendDataSetNotification.
* api-change:``datasync``: [``botocore``] Platform version changes to support AL1 deprecation
initiative.
* api-change:``finspace``: [``botocore``] Introducing new API UpdateKxClusterCodeConfiguration,
introducing new cache types for clusters and introducing new deployment modes for updating clusters.
* api-change:``mediapackagev2``: [``botocore``] This feature allows customers to create a
combination of manifest filtering, startover and time delay configuration that applies to all
egress requests by default.
* api-change:``rds``: [``botocore``] This release launches the CreateIntegration,
DeleteIntegration, and DescribeIntegrations APIs to manage zero-ETL Integrations.
* api-change:``redshift-serverless``: [``botocore``] Added support for custom domain names for
Amazon Redshift Serverless workgroups. This feature enables customers to create a custom domain
name and use ACM to generate fully secure connections to it.
* api-change:``resiliencehub``: [``botocore``] Introduced the ability to filter applications by
their last assessment date and time and have included metrics for the application's estimated
workload Recovery Time Objective (RTO) and estimated workload Recovery Point Objective (RPO).
* api-change:``s3outposts``: [``botocore``] Updated ListOutpostsWithS3 API response to include
S3OutpostArn for use with AWS RAM.
* api-change:``wisdom``: [``botocore``] This release added necessary API documents on creating a
Wisdom knowledge base to integrate with S3.
- from version 1.28.73
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``neptune``: [``botocore``] Update TdeCredentialPassword type to SensitiveString
* api-change:``pinpoint``: [``botocore``] Updated documentation to describe the case insensitivity
for EndpointIds.
* api-change:``redshift``: [``botocore``] added support to create a dual stack cluster
* api-change:``wafv2``: [``botocore``] Updates the descriptions for the calls that manage web ACL
associations, to provide information for customer-managed IAM policies.
- from version 1.28.72
* api-change:``appstream``: [``botocore``] This release introduces multi-session fleets, allowing
customers to provision more than one user session on a single fleet instance.
* api-change:``ec2``: [``botocore``] Launching GetSecurityGroupsForVpc API. This API gets security
groups that can be associated by the AWS account making the request with network interfaces in the
specified VPC.
* api-change:``network-firewall``: [``botocore``] Network Firewall now supports inspection of
outbound SSL/TLS traffic.
* api-change:``opensearch``: [``botocore``] You can specify ipv4 or dualstack IPAddressType for
cluster endpoints. If you specify IPAddressType as dualstack, the new endpoint will be visible
under the 'EndpointV2' parameter and will support IPv4 and IPv6 requests. Whereas, the 'Endpoint'
will continue to serve IPv4 requests.
* api-change:``redshift``: [``botocore``] Add Redshift APIs GetResourcePolicy,
DeleteResourcePolicy, PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift
Zero-ETL integration feature, which can be used to control data ingress into Redshift namespace,
and view inbound integrations.
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Autopilot now supports Text Generation
jobs.
* api-change:``sns``: [``botocore``] Message Archiving and Replay is now supported in Amazon SNS
for FIFO topics.
* api-change:``ssm-sap``: [``botocore``] AWS Systems Manager for SAP added support for registration
and discovery of SAP ABAP applications
* api-change:``transfer``: [``botocore``] No API changes from previous release. This release
migrated the model to Smithy keeping all features unchanged.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.71
* enhancement:Configuration: [``botocore``] Adds client context params support to ``Config``.
* api-change:``connectcases``: [``botocore``] Increase maximum length of CommentBody to 3000, and
increase maximum length of StringValue to 1500
* api-change:``groundstation``: [``botocore``] This release will allow KMS alias names to be used
when creating Mission Profiles
* api-change:``iam``: [``botocore``] Updates to GetAccessKeyLastUsed action to replace NoSuchEntity
error with AccessDeniedException error.
- from version 1.28.70
* api-change:``codepipeline``: [``botocore``] Add ability to trigger pipelines from git tags,
define variables at pipeline level and new pipeline type V2.
* api-change:``ec2``: [``botocore``] This release updates the documentation for
InstanceInterruptionBehavior and HibernationOptionsRequest to more accurately describe the behavior
of these two parameters when using Spot hibernation.
* api-change:``eks``: [``botocore``] Added support for Cluster Subnet and Security Group mutability.
* api-change:``iam``: [``botocore``] Add the partitional endpoint for IAM in iso-f.
* api-change:``migrationhub-config``: [``botocore``] This release introduces
DeleteHomeRegionControl API that customers can use to delete the Migration Hub Home Region
configuration
* api-change:``migrationhubstrategy``: [``botocore``] This release introduces multi-data-source
feature in Migration Hub Strategy Recommendations. This feature now supports vCenter as a data
source to fetch inventory in addition to ADS and Import from file workflow that is currently
supported with MHSR collector.
* api-change:``opensearchserverless``: [``botocore``] This release includes the following new APIs:
CreateLifecyclePolicy, UpdateLifecyclePolicy, BatchGetLifecyclePolicy, DeleteLifecyclePolicy,
ListLifecyclePolicies and BatchGetEffectiveLifecyclePolicy to support the data lifecycle management
feature.
- from version 1.28.69
* api-change:``marketplacecommerceanalytics``: [``botocore``] The StartSupportDataExport operation
has been deprecated as part of the Product Support Connection deprecation. As of December 2022,
Product Support Connection is no longer supported.
* api-change:``networkmanager``: [``botocore``] This release adds API support for Tunnel-less
Connect (NoEncap Protocol) for AWS Cloud WAN
* api-change:``redshift-serverless``: [``botocore``] This release adds support for customers to see
the patch version and workgroup version in Amazon Redshift Serverless.
* api-change:``rekognition``: [``botocore``] Amazon Rekognition introduces StartMediaAnalysisJob,
GetMediaAnalysisJob, and ListMediaAnalysisJobs operations to run a bulk analysis of images with a
Detect Moderation model.
- from version 1.28.68
* api-change:``appconfig``: [``botocore``] Update KmsKeyIdentifier constraints to support AWS KMS
multi-Region keys.
* api-change:``appintegrations``: [``botocore``] Updated ScheduleConfig to be an optional input to
CreateDataIntegration to support event driven downloading of files from sources such as Amazon s3
using Amazon Connect AppIntegrations.
* api-change:``connect``: [``botocore``] This release adds support for updating phone number
metadata, such as phone number description.
* api-change:``discovery``: [``botocore``] This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``medical-imaging``: [``botocore``] Updates on documentation links
* api-change:``ssm``: [``botocore``] This release introduces a new API: DeleteOpsItem. This allows
deletion of an OpsItem.
- from version 1.28.67
* api-change:``gamesparks``: [``botocore``] The gamesparks client has been removed following the
deprecation of the service.
* api-change:``ec2``: [``botocore``] Amazon EC2 C7a instances, powered by 4th generation AMD EPYC
processors, are ideal for high performance, compute-intensive workloads such as high performance
computing. Amazon EC2 R7i instances are next-generation memory optimized and powered by custom 4th
Generation Intel Xeon Scalable processors.
* api-change:``managedblockchain-query``: [``botocore``] This release adds support for Ethereum
Sepolia network
* api-change:``neptunedata``: [``botocore``] Doc changes to add IAM action mappings for the data
actions.
* api-change:``omics``: [``botocore``] This change enables customers to retrieve failure reasons
with detailed status messages for their failed runs
* api-change:``opensearch``: [``botocore``] Added Cluster Administrative options for node restart,
opensearch process restart and opensearch dashboard restart for Multi-AZ without standby domains
* api-change:``quicksight``: [``botocore``] This release adds the following: 1) Trino and Starburst
Database Connectors 2) Custom total for tables and pivot tables 3) Enable restricted folders 4) Add
rolling dates for time equality filters 5) Refine DataPathValue and introduce DataPathType 6) Add
SeriesType to ReferenceLineDataConfiguration
* api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
* api-change:``servicecatalog``: [``botocore``] Introduce support for EXTERNAL product and
provisioning artifact type in CreateProduct and CreateProvisioningArtifact APIs.
* api-change:``verifiedpermissions``: [``botocore``] Improving Amazon Verified Permissions Create
experience
* api-change:``workspaces``: [``botocore``] Documentation updates for WorkSpaces
- from version 1.28.66
* api-change:``cloud9``: [``botocore``] Update to imageId parameter behavior and dates updated.
* api-change:``dynamodb``: [``botocore``] Updating descriptions for several APIs.
* api-change:``kendra``: [``botocore``] Changes for a new feature in Amazon Kendra's Query API to
Collapse/Expand query results
* api-change:``rds``: [``botocore``] This release adds support for upgrading the storage file
system configuration on the DB instance using a blue/green deployment or a read replica.
* api-change:``wisdom``: [``botocore``] This release adds an max limit of 25 recommendation ids for
NotifyRecommendationsReceived API.
- from version 1.28.65
* api-change:``codepipeline``: [``botocore``] Add retryMode ALL_ACTIONS to RetryStageExecution API
that retries a failed stage starting from first action in the stage
* api-change:``discovery``: [``botocore``] This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``ecs``: [``botocore``] Documentation only updates to address Amazon ECS tickets.
* api-change:``globalaccelerator``: [``botocore``] Fixed error where
ListCustomRoutingEndpointGroups did not have a paginator
* api-change:``guardduty``: [``botocore``] Add domainWithSuffix finding field to dnsRequestAction
* api-change:``kafka``: [``botocore``] AWS Managed Streaming for Kafka is launching MSK Replicator,
a new feature that enables customers to reliably replicate data across Amazon MSK clusters in same
or different AWS regions. You can now use SDK to create, list, describe, delete, update, and manage
tags of MSK Replicators.
* api-change:``route53-recovery-cluster``: [``botocore``] Adds Owner field to ListRoutingControls
API.
* api-change:``route53-recovery-control-config``: [``botocore``] Adds permissions for
GetResourcePolicy to support returning details about AWS Resource Access Manager resource policies
for shared resources.
- from version 1.28.64
* api-change:``cloudformation``: [``botocore``] SDK and documentation updates for
UpdateReplacePolicy
* api-change:``drs``: [``botocore``] Updated exsiting API to allow AWS Elastic Disaster Recovery
support of launching recovery into existing EC2 instances.
* api-change:``entityresolution``: [``botocore``] This launch expands our matching techniques to
include provider-based matching to help customer match, link, and enhance records with minimal data
movement. With data service providers, we have removed the need for customers to build bespoke
integrations,.
* api-change:``managedblockchain-query``: [``botocore``] This release introduces two new APIs:
GetAssetContract and ListAssetContracts. This release also adds support for Bitcoin Testnet.
* api-change:``mediapackagev2``: [``botocore``] This release allows customers to manage
MediaPackage v2 resource using CloudFormation.
* api-change:``opensearch``: [``botocore``] This release allows customers to list and associate
optional plugin packages with compatible Amazon OpenSearch Service clusters for enhanced
functionality.
* api-change:``redshift-serverless``: [``botocore``] Added support for managing credentials of
serverless namespace admin using AWS Secrets Manager.
* api-change:``redshift``: [``botocore``] Added support for managing credentials of provisioned
cluster admin using AWS Secrets Manager.
* api-change:``sesv2``: [``botocore``] This release provides enhanced visibility into your SES
identity verification status. This will offer you more actionable insights, enabling you to
promptly address any verification-related issues.
* api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family
* api-change:``xray``: [``botocore``] This releases enhances GetTraceSummaries API to support new
TimeRangeType Service to query trace summaries by segment end time.
- from version 1.28.63
* api-change:``auditmanager``: [``botocore``] This release introduces a new limit to the
awsAccounts parameter. When you create or update an assessment, there is now a limit of 200 AWS
accounts that can be specified in the assessment scope.
* api-change:``autoscaling``: [``botocore``] Update the NotificationMetadata field to only allow
visible ascii characters. Add paginators to DescribeInstanceRefreshes, DescribeLoadBalancers, and
DescribeLoadBalancerTargetGroups
* api-change:``config``: [``botocore``] Add enums for resource types supported by Config
* api-change:``controltower``: [``botocore``] Added new EnabledControl resource details to
ListEnabledControls API and added new GetEnabledControl API.
* api-change:``customer-profiles``: [``botocore``] Adds sensitive trait to various shapes in
Customer Profiles Calculated Attribute API model.
* api-change:``ec2``: [``botocore``] This release adds Ubuntu Pro as a supported platform for
On-Demand Capacity Reservations and adds support for setting an Amazon Machine Image (AMI) to
disabled state. Disabling the AMI makes it private if it was previously shared, and prevents new
EC2 instance launches from it.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``glue``: [``botocore``] Extending version control support to GitLab and Bitbucket
from AWSGlue
* api-change:``inspector2``: [``botocore``] Add MacOs ec2 platform support
* api-change:``ivs-realtime``: [``botocore``] Update GetParticipant to return additional metadata.
* api-change:``lambda``: [``botocore``] Adds support for Lambda functions to access Dual-Stack
subnets over IPv6, via an opt-in flag in CreateFunction and UpdateFunctionConfiguration APIs
* api-change:``location``: [``botocore``] This release adds endpoint updates for all AWS Location
resource operations.
* api-change:``machinelearning``: [``botocore``] This release marks Password field as sensitive
* api-change:``pricing``: [``botocore``] Documentation updates for Price List
* api-change:``rds``: [``botocore``] This release adds support for adding a dedicated log volume to
open-source RDS instances.
* api-change:``rekognition``: [``botocore``] Amazon Rekognition introduces support for Custom
Moderation. This allows the enhancement of accuracy for detect moderation labels operations by
creating custom adapters tuned on customer data.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Canvas adds KendraSettings and
DirectDeploySettings support for CanvasAppSettings
* api-change:``textract``: [``botocore``] This release adds 9 new APIs for adapter and adapter
version management, 3 new APIs for tagging, and updates AnalyzeDocument and StartDocumentAnalysis
API parameters for using adapters.
* api-change:``transcribe``: [``botocore``] This release is to enable m4a format to customers
* api-change:``workspaces``: [``botocore``] Updated the CreateWorkspaces action documentation to
clarify that the PCoIP protocol is only available for Windows bundles.
- from version 1.28.62
* enhancement:Dependencies: [``botocore``] Add support for urllib3 2.0 for Python 3.10+
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``fsx``: [``botocore``] After performing steps to repair the Active Directory
configuration of a file system, use this action to initiate the process of attempting to recover to
the file system.
* api-change:``marketplace-catalog``: [``botocore``] This release adds support for Document type as
an alternative for stringified JSON for StartChangeSet, DescribeChangeSet and DescribeEntity APIs
* api-change:``quicksight``: [``botocore``] NullOption in FilterListConfiguration; Dataset
schema/table max length increased; Support total placement for pivot table visual; Lenient mode
relaxes the validation to create resources with definition; Data sources can be added to folders;
Redshift data sources support IAM Role-based authentication
* api-change:``transfer``: [``botocore``] This release updates the max character limit of
PreAuthenticationLoginBanner and PostAuthenticationLoginBanner to 4096 characters
- Update BuildRequires and Requires from setup.py
- Update to 1.31.61:
* api-change:``omics``: [``botocore``] Add Etag Support for Omics Storage in ListReadSets and
GetReadSetMetadata API
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for corrections and minor
improvements.
* api-change:``route53``: [``botocore``] Add hostedzonetype filter to ListHostedZones API.
* api-change:``securityhub``: [``botocore``] Added new resource detail objects to ASFF, including
resources for AwsEventsEventbus, AwsEventsEndpoint, AwsDmsEndpoint, AwsDmsReplicationTask,
AwsDmsReplicationInstance, AwsRoute53HostedZone, and AwsMskCluster
* api-change:``storagegateway``: [``botocore``] Add SoftwareVersion to response of
DescribeGatewayInformation.
* api-change:``workspaces``: [``botocore``] This release introduces Manage applications. This
feature allows users to manage their WorkSpaces applications by associating or disassociating their
WorkSpaces with applications. The DescribeWorkspaces API will now additionally return
OperatingSystemName in its responses.
- from version 1.28.60
* api-change:``appconfig``: [``botocore``] AWS AppConfig introduces KMS customer-managed key (CMK)
encryption support for data saved to AppConfig's hosted configuration store.
* api-change:``datazone``: [``botocore``] Initial release of Amazon DataZone
* api-change:``mediatailor``: [``botocore``] Updates DescribeVodSource to include a list of ad
break opportunities in the response
* api-change:``mgn``: [``botocore``] This release includes the following new APIs: ListConnectors,
CreateConnector, UpdateConnector, DeleteConnector and UpdateSourceServer to support the source
action framework feature.
* api-change:``sagemaker``: [``botocore``] Adding support for AdditionalS3DataSource, a data source
used for training or inference that is in addition to the input dataset or model data.
- from version 1.28.59
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Update to include new metrics
CONTACTS_RESOLVED_IN_X , AVG_HOLD_TIME_ALL_CONTACTS , AVG_RESOLUTION_TIME , ABANDONMENT_RATE ,
AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS with added features: Interval Period, TimeZone, Negate
MetricFilters, Extended date time range.
* api-change:``location``: [``botocore``] Amazon Location Service adds support for bounding polygon
queries. Additionally, the GeofenceCount field has been added to the DescribeGeofenceCollection API
response.
* api-change:``mediaconvert``: [``botocore``] This release adds the ability to replace video frames
without modifying the audio essence.
* api-change:``oam``: [``botocore``] This release adds support for sharing
AWS::ApplicationInsights::Application resources.
* api-change:``sagemaker``: [``botocore``] This release allows users to run Selective Execution in
SageMaker Pipelines without SourcePipelineExecutionArn if selected steps do not have any dependent
steps.
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected now supports Review Templates
that allows you to create templates with pre-filled answers for Well-Architected and Custom Lens
best practices.
- from version 1.28.58
* api-change:``bedrock-runtime``: [``botocore``] Add model timeout exception for
InvokeModelWithResponseStream API and update validator for invoke model identifier.
* api-change:``bedrock``: [``botocore``] Provisioned throughput feature with Amazon and third-party
base models, and update validators for model identifier and taggable resource ARNs.
* api-change:``ec2``: [``botocore``] Introducing Amazon EC2 R7iz instances with 3.9 GHz sustained
all-core turbo frequency and deliver up to 20% better performance than previous generation z1d
instances.
* api-change:``managedblockchain``: [``botocore``] Remove Rinkeby as option from Ethereum APIs
* api-change:``rds``: [``botocore``] Adds DefaultCertificateForNewLaunches field in the
DescribeCertificates API response.
* api-change:``sso``: [``botocore``] Fix FIPS Endpoints in aws-us-gov.
* api-change:``sts``: [``botocore``] STS API updates for assumeRole
* api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family
- from version 1.28.57
* api-change:``bedrock-runtime``: [``botocore``] Run Inference: Added support to run the inference
on models. Includes set of APIs for running inference in streaming and non-streaming mode.
* api-change:``bedrock``: [``botocore``] Model Invocation logging added to enable or disable logs
in customer account. Model listing and description support added. Provisioned Throughput feature
added. Custom model support added for creating custom models. Also includes list, and delete
functions for custom model.
* api-change:``budgets``: [``botocore``] Update DescribeBudgets and
DescribeBudgetNotificationsForAccount MaxResults limit to 1000.
* api-change:``ec2``: [``botocore``] Adds support for Customer Managed Key encryption for Amazon
Verified Access resources
* api-change:``iotfleetwise``: [``botocore``] AWS IoT FleetWise now supports encryption through a
customer managed AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs
were added.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Feature Store supports read/write
of records with collection type features.
* api-change:``sagemaker``: [``botocore``] Online store feature groups supports Standard and
InMemory tier storage types for low latency storage for real-time data retrieval. The InMemory tier
supports collection types List, Set, and Vector.
* api-change:``wafv2``: [``botocore``] Correct and improve the documentation for the FieldToMatch
option JA3 fingerprint.
- from version 1.28.56
* api-change:``cognito-idp``: [``botocore``] The UserPoolType Status field is no longer used.
* api-change:``firehose``: [``botocore``] Features : Adding support for new data ingestion source
to Kinesis Firehose - AWS Managed Services Kafka.
* api-change:``iot``: [``botocore``] Added support for IoT Rules Engine Kafka Action Headers
* api-change:``textract``: [``botocore``] This release adds new feature - Layout to Analyze
Document API which can automatically extract layout elements such as titles, paragraphs, headers,
section headers, lists, page numbers, footers, table areas, key-value areas and figure areas and
order the elements as a human would read.
- from version 1.28.55
* api-change:``appintegrations``: [``botocore``] The Amazon AppIntegrations service adds a set of
APIs (in preview) to manage third party applications to be used in Amazon Connect agent workspace.
* api-change:``apprunner``: [``botocore``] This release allows an App Runner customer to specify a
custom source directory to run the build & start command. This change allows App Runner to support
monorepo based repositories
* api-change:``codedeploy``: [``botocore``] CodeDeploy now supports In-place and Blue/Green EC2
deployments with multiple Classic Load Balancers and multiple Target Groups.
* api-change:``connect``: [``botocore``] This release updates a set of Amazon Connect APIs that
provides the ability to integrate third party applications in the Amazon Connect agent workspace.
* api-change:``dynamodb``: [``botocore``] Amazon DynamoDB now supports Incremental Export as an
enhancement to the existing Export Table
* api-change:``ec2``: [``botocore``] The release includes AWS verified access to support FIPs
compliance in North America regions
* api-change:``lakeformation``: [``botocore``] This release adds three new API support
"CreateLakeFormationOptIn", "DeleteLakeFormationOptIn" and "ListLakeFormationOptIns", and also
updates the corresponding documentation.
* api-change:``pinpoint``: [``botocore``] Update documentation for RemoveAttributes to more
accurately reflect its behavior when attributes are deleted.
* api-change:``s3``: [``botocore``] This release adds a new field COMPLETED to the
ReplicationStatus Enum. You can now use this field to validate the replication status of S3 objects
using the AWS SDK.
- from version 1.28.54
* api-change:``amplifyuibuilder``: [``botocore``] Support for generating code that is compatible
with future versions of amplify project dependencies.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] Adds support for sending WebRTC audio to
Amazon Kineses Video Streams.
* api-change:``emr-serverless``: [``botocore``] This release adds support for application-wide
default job configurations.
* api-change:``finspace-data``: [``botocore``] Adding sensitive trait to attributes. Change max
SessionDuration from 720 to 60. Correct "ApiAccess" attribute to "apiAccess" to maintain
consistency between APIs.
* api-change:``quicksight``: [``botocore``] Added ability to tag users upon creation.
* api-change:``ssm``: [``botocore``] This release updates the enum values for ResourceType in SSM
DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output.
* api-change:``wafv2``: [``botocore``] You can now perform an exact match against the web request's
JA3 fingerprint.
- from version 1.28.53
* api-change:``braket``: [``botocore``] This release adds support to view the device queue depth
(the number of queued quantum tasks and hybrid jobs on a device) and queue position for a quantum
task and hybrid job.
* api-change:``dms``: [``botocore``] new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and
Redshift
* api-change:``ec2``: [``botocore``] EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini
computers featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and
uniquely enabled by the AWS Nitro System through high-speed Thunderbolt connections.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``guardduty``: [``botocore``] Add `EKS_CLUSTER_NAME` to filter and sort key.
* api-change:``mediaconvert``: [``botocore``] This release supports the creation of of audio-only
tracks in CMAF output groups.
- from version 1.28.52
* api-change:``appconfig``: [``botocore``] Enabling boto3 paginators for list APIs and adding
documentation around ServiceQuotaExceededException errors
* api-change:``apprunner``: [``botocore``] This release adds improvements for managing App Runner
auto scaling configuration resources. New APIs: UpdateDefaultAutoScalingConfiguration and
ListServicesForAutoScalingConfiguration. Updated API: DeleteAutoScalingConfiguration.
* api-change:``codeartifact``: [``botocore``] Add support for the Swift package format.
* api-change:``kinesisvideo``: [``botocore``] Updated DescribeMediaStorageConfiguration,
StartEdgeConfigurationUpdate, ImageGenerationConfiguration$SamplingInterval, and
UpdateMediaStorageConfiguration to match AWS Docs.
* api-change:``logs``: [``botocore``] Add ClientToken to QueryDefinition CFN Handler in CWL
* api-change:``s3``: [``botocore``] Fix an issue where the SDK can fail to unmarshall response due
to NumberFormatException
* api-change:``servicediscovery``: [``botocore``] Adds a new DiscoverInstancesRevision API and also
adds InstanceRevision field to the DiscoverInstances API response.
* api-change:``sso-oidc``: [``botocore``] Update FIPS endpoints in aws-us-gov.
- from version 1.28.51
* api-change:``ec2``: [``botocore``] This release adds support for C7i, and R7a instance types.
* api-change:``outposts``: [``botocore``] This release adds the InstanceFamilies field to the
ListAssets response.
* api-change:``sagemaker``: [``botocore``] This release adds support for one-time model monitoring
schedules that are executed immediately without delay, explicit data analysis windows for model
monitoring schedules and exclude features attributes to remove features from model monitor analysis.
- from version 1.28.50
* api-change:``discovery``: [``botocore``] Add sensitive protection for customer information
* api-change:``macie2``: [``botocore``] This release changes the default
managedDataIdentifierSelector setting for new classification jobs to RECOMMENDED. By default, new
classification jobs now use the recommended set of managed data identifiers.
* api-change:``workmail``: [``botocore``] This release includes four new APIs UpdateUser,
UpdateGroup, ListGroupsForEntity and DescribeEntity, along with RemoteUsers and some enhancements
to existing APIs.
- from version 1.28.49
* api-change:``appstream``: [``botocore``] This release introduces app block builder, allowing
customers to provision a resource to package applications into an app block
* api-change:``connect``: [``botocore``] New rule type (OnMetricDataUpdate) has been added
* api-change:``datasync``: [``botocore``] Documentation-only updates for AWS DataSync.
* api-change:``sagemaker``: [``botocore``] This release introduces Skip Model Validation for Model
Packages
- from version 1.28.48
* api-change:``appstream``: [``botocore``] This release introduces multi-session fleets, allowing
customers to provision more than one user session on a single fleet instance.
* api-change:``cloudformation``: [``botocore``] Documentation updates for AWS CloudFormation
* api-change:``entityresolution``: [``botocore``] Changed "ResolutionTechniques" and
"MappedInputFields" in workflow and schema mapping operations to be required fields.
* api-change:``lookoutequipment``: [``botocore``] This release adds APIs for the new scheduled
retraining feature.
- from version 1.28.47
* api-change:``cloud9``: [``botocore``] Update to include information on Ubuntu 18 deprecation.
* api-change:``drs``: [``botocore``] Updated existing APIs and added new ones to support using AWS
Elastic Disaster Recovery post-launch actions. Added support for new regions.
* api-change:``firehose``: [``botocore``] DocumentIdOptions has been added for the Amazon
OpenSearch destination.
* api-change:``guardduty``: [``botocore``] Add `managementType` field to ListCoverage API response.
* api-change:``internetmonitor``: [``botocore``] This release updates the Amazon CloudWatch
Internet Monitor API domain name.
* api-change:``ivs-realtime``: [``botocore``] Doc only update that changes description for
ParticipantToken.
* api-change:``simspaceweaver``: [``botocore``] Edited the introductory text for the API reference.
* api-change:``xray``: [``botocore``] Add StartTime field in GetTraceSummaries API response for
each TraceSummary.
- from version 1.28.46
* api-change:``ec2``: [``botocore``] This release adds support for restricting public sharing of
AMIs through AMI Block Public Access
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``kendra``: [``botocore``] Amazon Kendra now supports confidence score buckets for
retrieved passage results using the Retrieve API.
- from version 1.28.45
* api-change:``ecr``: [``botocore``] This release will have ValidationException be thrown from ECR
LifecyclePolicy APIs in regions LifecyclePolicy is not supported, this includes existing Amazon
Dedicated Cloud (ADC) regions. This release will also change Tag: TagValue and Tag: TagKey to
required.
* api-change:``medialive``: [``botocore``] AWS Elemental Link now supports attaching a Link UHD
device to a MediaConnect flow.
* api-change:``quicksight``: [``botocore``] This release launches new updates to QuickSight KPI
visuals - support for sparklines, new templated layout and new targets for conditional formatting
rules.
- from version 1.28.44
* api-change:``fsx``: [``botocore``] Amazon FSx documentation fixes
* api-change:``sagemaker``: [``botocore``] Autopilot APIs will now support holiday featurization
for Timeseries models. The models will now hold holiday metadata and should be able to accommodate
holiday effect during inference.
* api-change:``sso-admin``: [``botocore``] Content updates to IAM Identity Center API for China
Regions.
* api-change:``workspaces``: [``botocore``] A new field "ErrorDetails" will be added to the output
of "DescribeWorkspaceImages" API call. This field provides in-depth details about the error
occurred during image import process. These details include the possible causes of the errors and
troubleshooting information.
- from version 1.28.43
* api-change:``neptunedata``: [``botocore``] Minor changes to send unsigned requests to Neptune
clusters
* api-change:``securityhub``: [``botocore``] Documentation updates for AWS Security Hub
* api-change:``simspaceweaver``: [``botocore``] BucketName and ObjectKey are now required for the
S3Location data type. BucketName is now required for the S3Destination data type.
- from version 1.28.42
* api-change:``appflow``: [``botocore``] Adding OAuth2.0 support for servicenow connector.
* api-change:``ec2``: [``botocore``] This release adds 'outpost' location type to the
DescribeInstanceTypeOfferings API, allowing customers that have been allowlisted for outpost to
query their offerings in the API.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``medialive``: [``botocore``] Adds advanced Output Locking options for Epoch Locking:
Custom Epoch and Jam Sync Time
* api-change:``wafv2``: [``botocore``] The targeted protection level of the Bot Control managed
rule group now provides optional, machine-learning analysis of traffic statistics to detect some
bot-related activity. You can enable or disable the machine learning functionality through the API.
- from version 1.28.41
* api-change:``billingconductor``: [``botocore``] This release adds support for line item filtering
in for the custom line item resource.
* api-change:``cloud9``: [``botocore``] Added support for Ubuntu 22.04 that was not picked up in a
previous Trebuchet request. Doc-only update.
* api-change:``compute-optimizer``: [``botocore``] This release adds support to provide
recommendations for G4dn and P3 instances that use NVIDIA GPUs.
* api-change:``ec2``: [``botocore``] Introducing Amazon EC2 C7gd, M7gd, and R7gd Instances with up
to 3.8 TB of local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton3
processors, delivering up to 25% better performance over Graviton2-based instances.
* api-change:``ecs``: [``botocore``] Documentation only update for Amazon ECS.
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``rds``: [``botocore``] Add support for feature integration with AWS Backup.
* api-change:``sagemaker``: [``botocore``] SageMaker Neo now supports data input shape derivation
for Pytorch 2.0 and XGBoost compilation job for cloud instance targets. You can skip
DataInputConfig field during compilation job creation. You can also access derived information from
model in DescribeCompilationJob response.
* api-change:``vpc-lattice``: [``botocore``] This release adds Lambda event structure version
config support for LAMBDA target groups. It also adds newline support for auth policies.
- from version 1.28.40
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds support for the Voice
Analytics feature for customer-owned KVS streams as part of the Amazon Chime SDK call analytics.
* api-change:``connect``: [``botocore``] Amazon Connect adds the ability to read, create, update,
delete, and list view resources, and adds the ability to read, create, delete, and list view
versions.
* api-change:``identitystore``: [``botocore``] New Identity Store content for China Region launch
* api-change:``neptunedata``: [``botocore``] Removed the descriptive text in the introduction.
- from version 1.28.39
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds support for feature
Voice Enhancement for Call Recording as part of Amazon Chime SDK call analytics.
* api-change:``cloudhsm``: [``botocore``] Deprecating CloudHSM Classic API Service.
* api-change:``connectcampaigns``: [``botocore``] Amazon Connect outbound campaigns has launched
agentless dialing mode which enables customers to make automated outbound calls without agent
engagement. This release updates three of the campaign management API's to support the new
agentless dialing mode and the new dialing capacity field.
* api-change:``connectparticipant``: [``botocore``] Amazon Connect Participant Service adds the
ability to get a view resource using a view token, which is provided in a participant message, with
the release of the DescribeView API.
* api-change:``customer-profiles``: [``botocore``] Adds sensitive trait to various shapes in
Customer Profiles API model.
* api-change:``ecs``: [``botocore``] This release adds support for an account-level setting that
you can use to configure the number of days for AWS Fargate task retirement.
* api-change:``grafana``: [``botocore``] Marking SAML RoleValues attribute as sensitive and
updating VpcConfiguration attributes to match documentation.
* api-change:``health``: [``botocore``] Adds new API DescribeEntityAggregatesForOrganization that
retrieves entity aggregates across your organization. Also adds support for resource status
filtering in DescribeAffectedEntitiesForOrganization, resource status aggregates in the
DescribeEntityAggregates response, and new resource statuses.
* api-change:``ivs``: [``botocore``] Updated "type" description for CreateChannel, UpdateChannel,
Channel, and ChannelSummary.
* api-change:``kafkaconnect``: [``botocore``] Minor model changes for Kafka Connect as well as
endpoint updates.
* api-change:``payment-cryptography-data``: [``botocore``] Make KeyCheckValue field optional when
using asymmetric keys as Key Check Values typically only apply to symmetric keys
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
- from version 1.28.38
* api-change:``appflow``: [``botocore``] Add SAP source connector parallel and pagination feature
* api-change:``apprunner``: [``botocore``] App Runner adds support for Bitbucket. You can now
create App Runner connection that connects to your Bitbucket repositories and deploy App Runner
service with the source code stored in a Bitbucket repository.
* api-change:``auditmanager``: [``botocore``] This release marks some assessment metadata as
sensitive. We added a sensitive trait to the following attributes: assessmentName, emailAddress,
scope, createdBy, lastUpdatedBy, and userName.
* api-change:``cleanrooms``: [``botocore``] This release decouples member abilities in a
collaboration. With this change, the member who can run queries no longer needs to be the same as
the member who can receive results.
* api-change:``datasync``: [``botocore``] AWS DataSync introduces Task Reports, a new feature that
provides detailed reports of data transfer operations for each task execution.
* api-change:``neptunedata``: [``botocore``] Allows customers to execute data plane actions like
bulk loading graphs, issuing graph queries using Gremlin and openCypher directly from the SDK.
* api-change:``network-firewall``: [``botocore``] Network Firewall increasing pagination token
string length
* api-change:``pca-connector-ad``: [``botocore``] The Connector for AD allows you to use a
fully-managed AWS Private CA as a drop-in replacement for your self-managed enterprise CAs without
local agents or proxy servers. Enterprises that use AD to manage Windows environments can reduce
their private certificate authority (CA) costs and complexity.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Canvas adds
IdentityProviderOAuthSettings support for CanvasAppSettings
- from version 1.28.37
* api-change:``cognito-idp``: [``botocore``] Added API example requests and responses for several
operations. Fixed the validation regex for user pools Identity Provider name.
* api-change:``fsx``: [``botocore``] Documentation updates for project quotas.
* api-change:``omics``: [``botocore``] Add RetentionMode support for Runs.
* api-change:``sesv2``: [``botocore``] Adds support for the new Export and Message Insights
features: create, get, list and cancel export jobs; get message insights.
- from version 1.28.36
* api-change:``backup``: [``botocore``] Add support for customizing time zone for backup window in
backup plan rules.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate licensing optimization recommendations for sql server running on EC2 instances.
* api-change:``organizations``: [``botocore``] Documentation updates for permissions and links.
* api-change:``securitylake``: [``botocore``] Remove incorrect regex enforcement on pagination
tokens.
* api-change:``service-quotas``: [``botocore``] Service Quotas now supports viewing the applied
quota value and requesting a quota increase for a specific resource in an AWS account.
* api-change:``workspaces-web``: [``botocore``] WorkSpaces Web now enables Admins to configure
which cookies are synchronized from an end-user's local browser to the in-session browser. In
conjunction with a browser extension, this feature enables enhanced Single-Sign On capability by
reducing the number of times an end-user has to authenticate.
- from version 1.28.35
* api-change:``cloudtrail``: [``botocore``] Add ThrottlingException with error code 429 to handle
CloudTrail Delegated Admin request rate exceeded on organization resources.
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``detective``: [``botocore``] Added protections to interacting with fields containing
customer information.
- from version 1.28.34
* api-change:``ec2``: [``botocore``] Amazon EC2 M7a instances, powered by 4th generation AMD EPYC
processors, deliver up to 50% higher performance compared to M6a instances. Amazon EC2 Hpc7a
instances, powered by 4th Gen AMD EPYC processors, deliver up to 2.5x better performance compared
to Amazon EC2 Hpc6a instances.
* api-change:``glue``: [``botocore``] Added API attributes that help in the monitoring of sessions.
* api-change:``mediaconvert``: [``botocore``] This release includes additional audio channel tags
in Quicktime outputs, support for film grain synthesis for AV1 outputs, ability to create
audio-only FLAC outputs, and ability to specify Amazon S3 destination storage class.
* api-change:``medialive``: [``botocore``] MediaLive now supports passthrough of KLV data to a HLS
output group with a TS container. MediaLive now supports setting an attenuation mode for AC3 audio
when the coding mode is 3/2 LFE. MediaLive now supports specifying whether to include filler NAL
units in RTMP output group settings.
* api-change:``mediatailor``: [``botocore``] Adds new source location AUTODETECT_SIGV4 access type.
* api-change:``quicksight``: [``botocore``] Excel support in Snapshot Export APIs. Removed Required
trait for some insight Computations. Namespace-shared Folders support. Global Filters support.
Table pin Column support.
* api-change:``rds``: [``botocore``] This release updates the supported versions for Percona
XtraBackup in Aurora MySQL.
* api-change:``s3control``: [``botocore``] Updates to endpoint ruleset tests to address Smithy
validation issues and standardize the capitalization of DualStack.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions.
- from version 1.28.33
* api-change:``apigateway``: [``botocore``] This release adds RootResourceId to GetRestApi response.
* api-change:``ec2``: [``botocore``] Marking fields as sensitive on BundleTask and GetPasswordData
* api-change:``polly``: [``botocore``] Amazon Polly adds 1 new voice - Zayd (ar-AE)
- from version 1.28.32
* api-change:``ce``: [``botocore``] This release adds the LastUpdatedDate and LastUsedDate
timestamps to help you manage your cost allocation tags.
* api-change:``globalaccelerator``: [``botocore``] Global Accelerator now supports Client Ip
Preservation for Network Load Balancer endpoints.
* api-change:``rds``: [``botocore``] Adding parameters to CreateCustomDbEngineVersion reserved for
future use.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions. Increases max results per page for ListPolicyStores, ListPolicies, and
ListPolicyTemplates APIs from 20 to 50.
- Update BuildRequires and Requires from setup.py
- Update to 1.28.36:
* api-change:``backup``: [``botocore``] Add support for customizing time zone for backup window in
backup plan rules.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate licensing optimization recommendations for sql server running on EC2 instances.
* api-change:``organizations``: [``botocore``] Documentation updates for permissions and links.
* api-change:``securitylake``: [``botocore``] Remove incorrect regex enforcement on pagination
tokens.
* api-change:``service-quotas``: [``botocore``] Service Quotas now supports viewing the applied
quota value and requesting a quota increase for a specific resource in an AWS account.
* api-change:``workspaces-web``: [``botocore``] WorkSpaces Web now enables Admins to configure
which cookies are synchronized from an end-user's local browser to the in-session browser. In
conjunction with a browser extension, this feature enables enhanced Single-Sign On capability by
reducing the number of times an end-user has to authenticate.
- from version 1.28.35
* api-change:``cloudtrail``: [``botocore``] Add ThrottlingException with error code 429 to handle
CloudTrail Delegated Admin request rate exceeded on organization resources.
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``detective``: [``botocore``] Added protections to interacting with fields containing
customer information.
- from version 1.28.34
* api-change:``ec2``: [``botocore``] Amazon EC2 M7a instances, powered by 4th generation AMD EPYC
processors, deliver up to 50% higher performance compared to M6a instances. Amazon EC2 Hpc7a
instances, powered by 4th Gen AMD EPYC processors, deliver up to 2.5x better performance compared
to Amazon EC2 Hpc6a instances.
* api-change:``glue``: [``botocore``] Added API attributes that help in the monitoring of sessions.
* api-change:``mediaconvert``: [``botocore``] This release includes additional audio channel tags
in Quicktime outputs, support for film grain synthesis for AV1 outputs, ability to create
audio-only FLAC outputs, and ability to specify Amazon S3 destination storage class.
* api-change:``medialive``: [``botocore``] MediaLive now supports passthrough of KLV data to a HLS
output group with a TS container. MediaLive now supports setting an attenuation mode for AC3 audio
when the coding mode is 3/2 LFE. MediaLive now supports specifying whether to include filler NAL
units in RTMP output group settings.
* api-change:``mediatailor``: [``botocore``] Adds new source location AUTODETECT_SIGV4 access type.
* api-change:``quicksight``: [``botocore``] Excel support in Snapshot Export APIs. Removed Required
trait for some insight Computations. Namespace-shared Folders support. Global Filters support.
Table pin Column support.
* api-change:``rds``: [``botocore``] This release updates the supported versions for Percona
XtraBackup in Aurora MySQL.
* api-change:``s3control``: [``botocore``] Updates to endpoint ruleset tests to address Smithy
validation issues and standardize the capitalization of DualStack.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions.
- from version 1.28.33
* api-change:``apigateway``: [``botocore``] This release adds RootResourceId to GetRestApi response.
* api-change:``ec2``: [``botocore``] Marking fields as sensitive on BundleTask and GetPasswordData
* api-change:``polly``: [``botocore``] Amazon Polly adds 1 new voice - Zayd (ar-AE)
- from version 1.28.32
* api-change:``ce``: [``botocore``] This release adds the LastUpdatedDate and LastUsedDate
timestamps to help you manage your cost allocation tags.
* api-change:``globalaccelerator``: [``botocore``] Global Accelerator now supports Client Ip
Preservation for Network Load Balancer endpoints.
* api-change:``rds``: [``botocore``] Adding parameters to CreateCustomDbEngineVersion reserved for
future use.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions. Increases max results per page for ListPolicyStores, ListPolicies, and
ListPolicyTemplates APIs from 20 to 50.
- from version 1.28.31
* api-change:``cloud9``: [``botocore``] Doc only update to add Ubuntu 22.04 as an Image ID option
for Cloud9
* api-change:``ec2``: [``botocore``] The DeleteKeyPair API has been updated to return the keyPairId
when an existing key pair is deleted.
* api-change:``finspace``: [``botocore``] Allow customers to manage outbound traffic from their Kx
Environment when attaching a transit gateway by providing network acl entries. Allow the customer
to choose how they want to update the databases on a cluster allowing updates to possibly be faster
than usual.
* api-change:``rds``: [``botocore``] Adding support for RDS Aurora Global Database Unplanned
Failover
* api-change:``route53domains``: [``botocore``] Fixed typos in description fields
- from version 1.28.30
* api-change:``codecommit``: [``botocore``] Add new ListFileCommitHistory operation to retrieve
commits which introduced changes to a specific file.
* api-change:``securityhub``: [``botocore``] Added Inspector Lambda code Vulnerability section to
ASFF, including GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.
- from version 1.28.29
* api-change:``ec2``: [``botocore``] Adds support for SubnetConfigurations to allow users to select
their own IPv4 and IPv6 addresses for Interface VPC endpoints
* api-change:``gamelift``: [``botocore``] Amazon GameLift updates its instance types support.
- from version 1.28.28
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
- Update BuildRequires and Requires from setup.py
- Update to 1.28.27:
* enhancement:Python: Added provisional Python 3.12 support to Boto3
* enhancement:Python: [``botocore``] Added provisional Python 3.12 support to Botocore
* api-change:``chime-sdk-meetings``: [``botocore``] Updated API documentation to include additional
exceptions.
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``glue``: [``botocore``] AWS Glue Crawlers can now accept SerDe overrides from a
custom csv classifier. The two SerDe options are LazySimpleSerDe and OpenCSVSerDe. In case, the
user wants crawler to do the selection, "None" can be selected for this purpose.
* api-change:``pi``: [``botocore``] AWS Performance Insights for Amazon RDS is launching
Performance Analysis On Demand, a new feature that allows you to analyze database performance
metrics and find out the performance issues. You can now use SDK to create, list, get, delete, and
manage tags of performance analysis reports.
* api-change:``route53domains``: [``botocore``] Provide explanation if CheckDomainTransferability
return false. Provide requestId if a request is already submitted. Add sensitive protection for
customer information
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender now provides
SupportedResponseMIMETypes from DescribeInferenceRecommendationsJob response
- from version 1.28.26
* api-change:``mediapackage``: [``botocore``] Fix SDK logging of certain fields.
* api-change:``omics``: [``botocore``] This release provides support for annotation store
versioning and cross account sharing for Omics Analytics
* api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family
- from version 1.28.25
* api-change:``amplifybackend``: [``botocore``] Adds sensitive trait to required input shapes.
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in July 2023.
* api-change:``ec2``: [``botocore``] Amazon EC2 P5 instances, powered by the latest NVIDIA H100
Tensor Core GPUs, deliver the highest performance in EC2 for deep learning (DL) and HPC
applications. M7i-flex and M7i instances are next-generation general purpose instances powered by
custom 4th Generation Intel Xeon Scalable processors.
* api-change:``quicksight``: [``botocore``] New Authentication method for Account subscription -
IAM Identity Center. Hierarchy layout support, default column width support and related style
properties for pivot table visuals. Non-additive topic field aggregations for Topic API
* api-change:``ses``: [``botocore``] Update ses client to latest version
* api-change:``swf``: [``botocore``] This release adds new API parameters to override workflow task
list for workflow executions.
- from version 1.28.24
* api-change:``cloudtrail``: [``botocore``] Documentation updates for CloudTrail.
* api-change:``connect``: [``botocore``] This release adds APIs to provision agents that are global
/ available in multiple AWS regions and distribute them across these regions by percentage.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``omics``: [``botocore``] This release adds instanceType to GetRunTask & ListRunTasks
responses.
* api-change:``secretsmanager``: [``botocore``] Add additional InvalidRequestException to list of
possible exceptions for ListSecret.
* api-change:``transfer``: [``botocore``] Documentation updates for AW Transfer Family
- from version 1.28.23
* api-change:``chime-sdk-voice``: [``botocore``] Updating CreatePhoneNumberOrder, UpdatePhoneNumber
and BatchUpdatePhoneNumbers APIs, adding phone number name
* api-change:``fsx``: [``botocore``] For FSx for Lustre, add new data repository task type,
RELEASE_DATA_FROM_FILESYSTEM, to release files that have been archived to S3. For FSx for Windows,
enable support for configuring and updating SSD IOPS, and for updating storage type. For FSx for
OpenZFS, add new deployment type, MULTI_AZ_1.
* api-change:``globalaccelerator``: [``botocore``] Documentation update for dualstack EC2 endpoint
support
* api-change:``guardduty``: [``botocore``] Added autoEnable ALL to UpdateOrganizationConfiguration
and DescribeOrganizationConfiguration APIs.
* api-change:``sagemaker``: [``botocore``] This release adds support for cross account access for
SageMaker Model Cards through AWS RAM.
- from version 1.28.22
* api-change:``backup``: [``botocore``] This release introduces a new logically air-gapped vault
(Preview) in AWS Backup that stores immutable backup copies, which are locked by default and
isolated with encryption using AWS owned keys. Logically air-gapped vault (Preview) allows secure
recovery of application data across accounts.
* api-change:``elasticache``: [``botocore``] Added support for cluster mode in online migration and
test migration API
* api-change:``servicecatalog``: [``botocore``] Introduce support for HashiCorp Terraform Cloud in
Service Catalog by addying TERRAFORM_CLOUD product type in CreateProduct and
CreateProvisioningArtifact API.
- from version 1.28.21
* api-change:``detective``: [``botocore``] Updated the email validation regex to be in line with
the TLD name specifications.
* api-change:``ivs-realtime``: [``botocore``] Add QUOTA_EXCEEDED and PUBLISHER_NOT_FOUND to
EventErrorCode for stage health events.
* api-change:``kinesis-video-archived-media``: [``botocore``] This release enables minimum of
Images SamplingInterval to be as low as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``kinesisvideo``: [``botocore``] This release enables minimum of Images
SamplingInterval to be as low as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``rekognition``: [``botocore``] This release adds code snippets for Amazon Rekognition
Custom Labels.
- from version 1.28.20
* api-change:``acm-pca``: [``botocore``] Documentation correction for AWS Private CA
* api-change:``connect``: [``botocore``] Added a new API UpdateRoutingProfileAgentAvailabilityTimer
to update agent availability timer of a routing profile.
* api-change:``datasync``: [``botocore``] Display cloud storage used capacity at a cluster level.
* api-change:``ecs``: [``botocore``] This is a documentation update to address various tickets.
* api-change:``sagemaker``: [``botocore``] Including DataCaptureConfig key in the Amazon Sagemaker
Search's transform job object
- from version 1.28.19
* api-change:``autoscaling``: [``botocore``] Documentation changes related to Amazon EC2 Auto
Scaling APIs.
* api-change:``cloud9``: [``botocore``] Updated the deprecation date for Amazon Linux. Doc only
update.
* api-change:``dms``: [``botocore``] The release makes public API for DMS Schema Conversion feature.
* api-change:``ec2``: [``botocore``] This release adds new parameter isPrimaryIPv6 to allow
assigning an IPv6 address as a primary IPv6 address to a network interface which cannot be changed
to give equivalent functionality available for network interfaces with primary IPv4 address.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker now supports running training jobs on
p5.48xlarge instance types.
- from version 1.28.18
* api-change:``budgets``: [``botocore``] As part of CAE tagging integration we need to update our
budget names regex filter to prevent customers from using "/action/" in their budget names.
* api-change:``cognito-idp``: [``botocore``] New feature that logs Cognito user pool error messages
to CloudWatch logs.
* api-change:``glue``: [``botocore``] This release includes additional Glue Streaming KAKFA SASL
property types.
* api-change:``resiliencehub``: [``botocore``] Drift Detection capability added when applications
policy has moved from a meet to breach state. Customers will be able to exclude operational
recommendations and receive credit in their resilience score. Customers can now add ARH permissions
to an existing or new role.
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender introduces a new API
GetScalingConfigurationRecommendation to recommend auto scaling policies based on completed
Inference Recommender jobs.
- from version 1.28.17
* api-change:``batch``: [``botocore``] This release adds support for price capacity optimized
allocation strategy for Spot Instances.
* api-change:``dms``: [``botocore``] Adding new API describe-engine-versions which provides
information about the lifecycle of a replication instance's version.
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon
CloudWatch Internet Monitor that enables customers to set custom thresholds, for performance and
availability drops, for impact limited to a single city-network to trigger creation of a health
event.
* api-change:``medialive``: [``botocore``] AWS Elemental Link devices now report their Availability
Zone. Link devices now support the ability to change their Availability Zone.
* api-change:``polly``: [``botocore``] Amazon Polly adds new French Belgian voice - Isabelle.
Isabelle is available as Neural voice only.
* api-change:``rds``: [``botocore``] Added support for deleted clusters PiTR.
* api-change:``sagemaker``: [``botocore``] Add Stairs TrafficPattern and FlatInvocations to
RecommendationJobStoppingConditions
- from version 1.28.16
* api-change:``amplifyuibuilder``: [``botocore``] Amplify Studio releases GraphQL support for
codegen job action.
* api-change:``autoscaling``: [``botocore``] You can now configure an instance refresh to set its
status to 'failed' when it detects that a specified CloudWatch alarm has gone into the ALARM state.
You can also choose to roll back the instance refresh automatically when the alarm threshold is met.
* api-change:``cleanrooms``: [``botocore``] This release introduces custom SQL queries - an
expanded set of SQL you can run. This release adds analysis templates, a new resource for storing
pre-defined custom SQL queries ahead of time. This release also adds the Custom analysis rule,
which lets you approve analysis templates for querying.
* api-change:``codestar-connections``: [``botocore``] New integration with the Gitlab provider type.
* api-change:``drs``: [``botocore``] Add support for in-aws right sizing
* api-change:``inspector2``: [``botocore``] This release adds 1 new API: BatchGetFindingDetails to
retrieve enhanced vulnerability intelligence details for findings.
* api-change:``lookoutequipment``: [``botocore``] This release includes new import resource, model
versioning and resource policy features.
* api-change:``omics``: [``botocore``] Add CreationType filter for ListReadSets
* api-change:``rds``: [``botocore``] This release adds support for Aurora MySQL local write
forwarding, which allows for forwarding of write operations from reader DB instances to the writer
DB instance.
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the Israel (Tel Aviv) Region
(il-central-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that
region.
* api-change:``scheduler``: [``botocore``] This release introduces automatic deletion of schedules
in EventBridge Scheduler. If configured, EventBridge Scheduler automatically deletes a schedule
after the schedule has completed its last invocation.
- from version 1.28.15
* enhancement:HTTP: [``botocore``] Move 100-continue behavior to use `HTTPConnections` request
interface.
* api-change:``application-insights``: [``botocore``] This release enable customer to
add/remove/update more than one workload for a component
* api-change:``cloudformation``: [``botocore``] This SDK release is for the feature launch of AWS
CloudFormation RetainExceptOnCreate. It adds a new parameter retainExceptOnCreate in the following
APIs: CreateStack, UpdateStack, RollbackStack, ExecuteChangeSet.
* api-change:``cloudfront``: [``botocore``] Add a new JavaScript runtime version for CloudFront
Functions.
* api-change:``connect``: [``botocore``] This release adds support for new number types.
* api-change:``kafka``: [``botocore``] Amazon MSK has introduced new versions of
ListClusterOperations and DescribeClusterOperation APIs. These v2 APIs provide information and
insights into the ongoing operations of both MSK Provisioned and MSK Serverless clusters.
* api-change:``pinpoint``: [``botocore``] Added support for sending push notifications using the
FCM v1 API with json credentials. Amazon Pinpoint customers can now deliver messages to Android
devices using both FCM v1 API and the legacy FCM/GCM API
- from version 1.28.14
* enhancement:compression: [``botocore``] Adds support for the ``requestcompression`` operation
trait.
* api-change:``sqs``: [``botocore``] Documentation changes related to SQS APIs.
- from version 1.28.13
* api-change:``autoscaling``: [``botocore``] This release updates validation for instance types
used in the AllowedInstanceTypes and ExcludedInstanceTypes parameters of the InstanceRequirements
property of a MixedInstancesPolicy.
* api-change:``ebs``: [``botocore``] SDK and documentation updates for Amazon Elastic Block Store
API
* api-change:``ec2``: [``botocore``] SDK and documentation updates for Amazon Elastic Block Store
APIs
* api-change:``eks``: [``botocore``] Add multiple customer error code to handle customer caused
failure when managing EKS node groups
* api-change:``sagemaker``: [``botocore``] Expose ProfilerConfig attribute in SageMaker Search API
response.
- from version 1.28.12
* api-change:``cloudcontrol``: [``botocore``] Updates the documentation for CreateResource.
* api-change:``entityresolution``: [``botocore``] AWS Entity Resolution can effectively match a
source record from a customer relationship management (CRM) system with a source record from a
marketing system containing campaign information.
* api-change:``glue``: [``botocore``] Release Glue Studio Snowflake Connector Node for SDK/CLI
* api-change:``healthlake``: [``botocore``] Updating the HealthLake service documentation.
* api-change:``managedblockchain-query``: [``botocore``] Amazon Managed Blockchain (AMB) Query
provides serverless access to standardized, multi-blockchain datasets with developer-friendly APIs.
* api-change:``mediaconvert``: [``botocore``] This release includes general updates to user
documentation.
* api-change:``omics``: [``botocore``] The service is renaming as a part of AWS Health.
* api-change:``opensearchserverless``: [``botocore``] This release adds new collection type
VectorSearch.
* api-change:``polly``: [``botocore``] Amazon Polly adds 1 new voice - Lisa (nl-BE)
* api-change:``route53``: [``botocore``] Update that corrects the documents for received feedback.
- from version 1.28.11
* api-change:``billingconductor``: [``botocore``] Added support for Auto-Assocate Billing Groups
for CreateBillingGroup, UpdateBillingGroup, and ListBillingGroups.
* api-change:``customer-profiles``: [``botocore``] Amazon Connect Customer Profiles now supports
rule-based resolution to match and merge similar profiles into unified profiles, helping companies
deliver faster and more personalized customer service by providing access to relevant customer
information for agents and automated experiences.
* api-change:``datasync``: [``botocore``] AWS DataSync now supports Microsoft Azure Blob Storage
locations.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB
* api-change:``ec2``: [``botocore``] This release adds an instance's peak and baseline network
bandwidth as well as the memory sizes of an instance's inference accelerators to
DescribeInstanceTypes.
* api-change:``emr-serverless``: [``botocore``] This release adds support for publishing
application logs to CloudWatch.
* api-change:``lambda``: [``botocore``] Add Python 3.11 (python3.11) support to AWS Lambda
* api-change:``rds``: [``botocore``] This release adds support for monitoring storage optimization
progress on the DescribeDBInstances API.
* api-change:``sagemaker``: [``botocore``] Mark ContentColumn and TargetLabelColumn as required
Targets in TextClassificationJobConfig in CreateAutoMLJobV2API
* api-change:``securityhub``: [``botocore``] Add support for CONTAINS and NOT_CONTAINS comparison
operators for Automation Rules string filters and map filters
* api-change:``sts``: [``botocore``] API updates for the AWS Security Token Service
* api-change:``transfer``: [``botocore``] This release adds support for SFTP Connectors.
* api-change:``wisdom``: [``botocore``] This release added two new data types:
AssistantIntegrationConfiguration, and SessionIntegrationConfiguration to support Wisdom
integration with Amazon Connect Chat
- from version 1.28.10
* api-change:``apigatewayv2``: [``botocore``] Documentation updates for Amazon API Gateway.
* api-change:``ce``: [``botocore``] This release introduces the new API
'GetSavingsPlanPurchaseRecommendationDetails', which retrieves the details for a Savings Plan
recommendation. It also updates the existing API 'GetSavingsPlansPurchaseRecommendation' to include
the recommendation detail ID.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] AWS Media Pipeline compositing
enhancement and Media Insights Pipeline auto language identification.
* api-change:``cloudformation``: [``botocore``] This release supports filtering by DRIFT_STATUS for
existing API ListStackInstances and adds support for a new API ListStackInstanceResourceDrifts.
Customers can now view resource drift information from their StackSet management accounts.
* api-change:``ec2``: [``botocore``] Add "disabled" enum value to SpotInstanceState.
* api-change:``glue``: [``botocore``] Added support for Data Preparation Recipe node in Glue Studio
jobs
* api-change:``quicksight``: [``botocore``] This release launches new Snapshot APIs for CSV and PDF
exports, adds support for info icon for filters and parameters in Exploration APIs, adds modeled
exception to the DeleteAccountCustomization API, and introduces AttributeAggregationFunction's
ability to add UNIQUE_VALUE aggregation in tooltips.
- from version 1.28.9
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Crawler with Apache
Hudi Tables, allowing Crawlers to discover Hudi Tables in S3 and register them in Glue Data Catalog
for query engines to query against.
* api-change:``mediaconvert``: [``botocore``] This release includes improvements to Preserve 444
handling, compatibility of HEVC sources without frame rates, and general improvements to MP4
outputs.
* api-change:``rds``: [``botocore``] Adds support for the DBSystemID parameter of CreateDBInstance
to RDS Custom for Oracle.
* api-change:``workspaces``: [``botocore``] Fixed VolumeEncryptionKey descriptions
- from version 1.28.8
* api-change:``codecatalyst``: [``botocore``] This release adds support for updating and deleting
spaces and projects in Amazon CodeCatalyst. It also adds support for creating, getting, and
deleting source repositories in CodeCatalyst projects.
* api-change:``connectcases``: [``botocore``] This release adds the ability to assign a case to a
queue or user.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``route53resolver``: [``botocore``] This release adds support for Route 53 On
Outposts, a new feature that allows customers to run Route 53 Resolver and Resolver endpoints
locally on their Outposts.
* api-change:``s3``: [``botocore``] Improve performance of S3 clients by simplifying and optimizing
endpoint resolution.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Cross account support for SageMaker
Feature Store
* api-change:``sagemaker``: [``botocore``] Cross account support for SageMaker Feature Store
* api-change:``securitylake``: [``botocore``] Adding support for Tags on Create and Resource
Tagging API.
* api-change:``transcribe``: [``botocore``] Added API argument --toxicity-detection to
startTranscriptionJob API, which allows users to view toxicity scores of submitted audio.
- from version 1.28.7
* enhancement:AWSCRT: [``botocore``] Upgrade awscrt version to 0.16.26
* api-change:``savingsplans``: [``botocore``] Savings Plans endpoints update
- from version 1.28.6
* api-change:``cloudformation``: [``botocore``] SDK and documentation updates for
GetTemplateSummary API (unrecognized resources)
* api-change:``ec2``: [``botocore``] Amazon EC2 documentation updates.
* api-change:``grafana``: [``botocore``] Amazon Managed Grafana now supports grafanaVersion update
for existing workspaces with UpdateWorkspaceConfiguration API. DescribeWorkspaceConfiguration API
additionally returns grafanaVersion. A new ListVersions API lists available versions or, if given a
workspaceId, the versions it can upgrade to.
* api-change:``medical-imaging``: [``botocore``] General Availability (GA) release of AWS Health
Imaging, enabling customers to store, transform, and analyze medical imaging data at petabyte-scale.
* api-change:``ram``: [``botocore``] This release adds support for securely sharing with AWS
service principals.
* api-change:``ssm-sap``: [``botocore``] Added support for SAP Hana High Availability discovery
(primary and secondary nodes) and Backint agent installation with SSM for SAP.
* api-change:``wafv2``: [``botocore``] Added the URI path to the custom aggregation keys that you
can specify for a rate-based rule.
- from version 1.28.5
* api-change:``codeguru-security``: [``botocore``] Documentation updates for CodeGuru Security.
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Update to include Contact Lens
Conversational Analytics Metrics
* api-change:``es``: [``botocore``] Regex Validation on the ElasticSearch Engine Version attribute
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``m2``: [``botocore``] Allows UpdateEnvironment to update the environment to 0 host
capacity. New GetSignedBluinsightsUrl API
* api-change:``snowball``: [``botocore``] Adds support for RACK_5U_C. This is the first AWS Snow
Family device designed to meet U.S. Military Ruggedization Standards (MIL-STD-810H) with 208 vCPU
device in a portable, compact 5U, half-rack width form-factor.
* api-change:``translate``: [``botocore``] Added DOCX word document support to TranslateDocument API
- from version 1.28.4
* api-change:``codeartifact``: [``botocore``] Doc only update for AWS CodeArtifact
* api-change:``docdb``: [``botocore``] Added major version upgrade option in ModifyDBCluster API
* api-change:``ec2``: [``botocore``] Add Nitro TPM support on DescribeInstanceTypes
* api-change:``glue``: [``botocore``] Adding new supported permission type flags to get-unfiltered
endpoints that callers may pass to indicate support for enforcing Lake Formation fine-grained
access control on nested column attributes.
* api-change:``ivs``: [``botocore``] This release provides the flexibility to configure what
renditions or thumbnail qualities to record when creating recording configuration.
* api-change:``lakeformation``: [``botocore``] Adds supports for ReadOnlyAdmins and
AllowFullTableExternalDataAccess. Adds NESTED_PERMISSION and NESTED_CELL_PERMISSION to
SUPPORTED_PERMISSION_TYPES enum. Adds CREATE_LF_TAG on catalog resource and ALTER, DROP, and
GRANT_WITH_LF_TAG_EXPRESSION on LF Tag resource.
- from version 1.28.3
* api-change:``cognito-idp``: [``botocore``] API model updated in Amazon Cognito
* api-change:``connect``: [``botocore``] Add support for deleting Queues and Routing Profiles.
* api-change:``datasync``: [``botocore``] Added LunCount to the response object of
DescribeStorageSystemResourcesResponse, LunCount represents the number of LUNs on a storage system
resource.
* api-change:``dms``: [``botocore``] Enhanced PostgreSQL target endpoint settings for providing
Babelfish support.
* api-change:``ec2``: [``botocore``] This release adds support for the C7gn and Hpc7g instances.
C7gn instances are powered by AWS Graviton3 processors and the fifth-generation AWS Nitro Cards.
Hpc7g instances are powered by AWS Graviton 3E processors and provide up to 200 Gbps network
bandwidth.
* api-change:``fsx``: [``botocore``] Amazon FSx for NetApp ONTAP now supports SnapLock, an ONTAP
feature that enables you to protect your files in a volume by transitioning them to a write once,
read many (WORM) state.
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
(IAM).
* api-change:``mediatailor``: [``botocore``] Adds categories to MediaTailor channel assembly alerts
* api-change:``personalize``: [``botocore``] This release provides ability to customers to change
schema associated with their datasets in Amazon Personalize
* api-change:``proton``: [``botocore``] This release adds support for deployment history for Proton
provisioned resources
* api-change:``s3``: [``botocore``] S3 Inventory now supports Object Access Control List and Object
Owner as available object metadata fields in inventory reports.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Canvas adds WorkspeceSettings support
for CanvasAppSettings
* api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
- Update BuildRequires and Requires from setup.py
- Update to 1.28.2:
* bugfix:s3: [``botocore``] Fix s3 presigned URLs for operations with query components (`#2962
<https://github.com/boto/botocore/issues/2962>`__)
* api-change:``cognito-idp``: [``botocore``] API model updated in Amazon Cognito
- from version 1.28.1
* api-change:``dms``: [``botocore``] Releasing DMS Serverless. Adding support for PostgreSQL 15.x
as source and target endpoint. Adding support for DocDB Elastic Clusters with sharded collections,
PostgreSQL datatype mapping customization and disabling hostname validation of the certificate
authority in Kafka endpoint settings
* api-change:``glue``: [``botocore``] This release enables customers to create new Apache Iceberg
tables and associated metadata in Amazon S3 by using native AWS Glue CreateTable operation.
* api-change:``logs``: [``botocore``] Add CMK encryption support for CloudWatch Logs Insights query
result data
* api-change:``medialive``: [``botocore``] This release enables the use of Thumbnails in AWS
Elemental MediaLive.
* api-change:``mediatailor``: [``botocore``] The AWS Elemental MediaTailor SDK for Channel Assembly
has added support for EXT-X-CUE-OUT and EXT-X-CUE-IN tags to specify ad breaks in HLS outputs,
including support for EXT-OATCLS, EXT-X-ASSET, and EXT-X-CUE-OUT-CONT accessory tags.
- from version 1.28.0
* enhancement:configprovider: [``botocore``] Always use shallow copy of session config value store
for clients
* feature:configuration: [``botocore``] Configure the endpoint URL in the shared configuration file
or via an environment variable for a specific AWS service or all AWS services.
* bugfix:configprovider: [``botocore``] Fix bug when deep copying config value store where
overrides were not preserved
* api-change:``ec2``: [``botocore``] Add Nitro Enclaves support on DescribeInstanceTypes
* api-change:``location``: [``botocore``] This release adds support for authenticating with Amazon
Location Service's Places & Routes APIs with an API Key. Also, with this release developers can
publish tracked device position updates to Amazon EventBridge.
* api-change:``outposts``: [``botocore``] Added paginator support to several APIs. Added the
ISOLATED enum value to AssetState.
* api-change:``quicksight``: [``botocore``] This release includes below three changes: small
multiples axes improvement, field based coloring, removed required trait from Aggregation function
for TopBottomFilter.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for creating DB instances and
creating Aurora global clusters.
- from version 1.27.1
* api-change:``comprehendmedical``: [``botocore``] Update to Amazon Comprehend Medical
documentation.
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Channels filters do not count towards
overall limitation of 100 filter values.
* api-change:``kms``: [``botocore``] Added Dry Run Feature to cryptographic and cross-account
mutating KMS APIs (14 in all). This feature allows users to test their permissions and parameters
before making the actual API call.
* api-change:``mgn``: [``botocore``] This release introduces the Global view feature and new
Replication state APIs.
* api-change:``securityhub``: [``botocore``] Documentation updates for AWS Security Hub
- from version 1.27.0
* feature:Useragent: [``botocore``] Update User-Agent header format
* api-change:``batch``: [``botocore``] This feature allows customers to use AWS Batch with Linux
with ARM64 CPU Architecture and X86_64 CPU Architecture with Windows OS on Fargate Platform.
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender now accepts new fields
SupportedEndpointType and ServerlessConfiguration to support serverless endpoints.
- from version 1.26.165
* api-change:``amp``: [``botocore``] AWS SDK service model generation tool version upgrade.
* api-change:``ecs``: [``botocore``] Added new field "credentialspecs" to the ecs task definition
to support gMSA of windows/linux in both domainless and domain-joined mode
* api-change:``ivs``: [``botocore``] Corrects the HTTP response code in the generated docs for
PutMetadata and DeleteRecordingConfiguration APIs.
* api-change:``mediaconvert``: [``botocore``] This release includes improved color handling of
overlays and general updates to user documentation.
* api-change:``sagemaker``: [``botocore``] This release adds support for rolling deployment in
SageMaker Inference.
* api-change:``transfer``: [``botocore``] Add outbound Basic authentication support to AS2
connectors
* api-change:``verifiedpermissions``: [``botocore``] This release corrects several broken links in
the documentation.
- from version 1.26.164
* api-change:``appstream``: [``botocore``] This release introduces app block builder, allowing
customers to provision a resource to package applications into an app block
* api-change:``chime``: [``botocore``] The Amazon Chime SDK APIs in the Chime namespace are no
longer supported. Customers should use APIs in the dedicated Amazon Chime SDK namespaces:
ChimeSDKIdentity, ChimeSDKMediaPipelines, ChimeSDKMeetings, ChimeSDKMessaging, and ChimeSDKVoice.
* api-change:``cleanrooms``: [``botocore``] This release adds support for the OR operator in RSQL
join match conditions and the ability to control which operators (AND, OR) are allowed in a join
match condition.
* api-change:``dynamodb``: [``botocore``] This release adds ReturnValuesOnConditionCheckFailure
parameter to PutItem, UpdateItem, DeleteItem, ExecuteStatement, BatchExecuteStatement and
ExecuteTransaction APIs. When set to ALL_OLD, API returns a copy of the item as it was when a
conditional write failed
* api-change:``gamelift``: [``botocore``] Amazon GameLift now supports game builds that use the
Amazon Linux 2023 (AL2023) operating system.
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Crawler with Iceberg
Tables, allowing Crawlers to discover Iceberg Tables in S3 and register them in Glue Data Catalog
for query engines to query against.
* api-change:``sagemaker``: [``botocore``] Adding support for timeseries forecasting in the
CreateAutoMLJobV2 API.
- Update BuildRequires and Requires from setup.py
- Update to 1.26.163:
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon
CloudWatch Internet Monitor that enables customers to set custom thresholds, for performance and
availability drops, for triggering when to create a health event.
* api-change:``kinesisanalyticsv2``: [``botocore``] Support for new runtime environment in Kinesis
Data Analytics Studio: Zeppelin-0.10, Apache Flink-1.15
* api-change:``lambda``: [``botocore``] Surface ResourceConflictException in
DeleteEventSourceMapping
* api-change:``omics``: [``botocore``] Add Common Workflow Language (CWL) as a supported language
for Omics workflows
* api-change:``rds``: [``botocore``] Amazon Relational Database Service (RDS) now supports joining
a RDS for SQL Server instance to a self-managed Active Directory.
* api-change:``s3``: [``botocore``] The S3 LISTObjects, ListObjectsV2 and ListObjectVersions API
now supports a new optional header x-amz-optional-object-attributes. If header contains
RestoreStatus as the value, then S3 will include Glacier restore status i.e. isRestoreInProgress
and RestoreExpiryDate in List response.
* api-change:``sagemaker``: [``botocore``] This release adds support for Model Cards Model Registry
integration.
- from version 1.26.162
* bugfix:Parsers: [``botocore``] Fixes datetime parse error handling for out-of-range and negative
timestamps (`#2564 <https://github.com/boto/botocore/issues/2564>`__).
* api-change:``appfabric``: [``botocore``] Initial release of AWS AppFabric for connecting SaaS
applications for better productivity and security.
* api-change:``appflow``: [``botocore``] This release adds support to bypass SSO with the SAPOData
connector when connecting to an SAP instance.
* api-change:``emr-serverless``: [``botocore``] This release adds support to update the release
label of an EMR Serverless application to upgrade it to a different version of Amazon EMR via
UpdateApplication API.
* api-change:``ivs``: [``botocore``] IVS customers can now revoke the viewer session associated
with an auth token, to prevent and stop playback using that token.
* api-change:``kinesisvideo``: [``botocore``] General Availability (GA) release of Kinesis Video
Streams at Edge, enabling customers to provide a configuration for the Kinesis Video Streams
EdgeAgent running on an on-premise IoT device. Customers can now locally record from cameras and
stream videos to the cloud on a configured schedule.
* api-change:``macie2``: [``botocore``] This release adds support for configuring new
classification jobs to use the set of managed data identifiers that we recommend for jobs. For the
managed data identifier selection type (managedDataIdentifierSelector), specify RECOMMENDED.
* api-change:``privatenetworks``: [``botocore``] This release allows Private5G customers to choose
different commitment plans (60-days, 1-year, 3-years) when placing new orders, enables automatic
renewal option for 1-year and 3-years commitments. It also allows customers to update the
commitment plan of an existing radio unit.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Introducing TTL for online store
records for feature groups.
* api-change:``sagemaker``: [``botocore``] Introducing TTL for online store records in feature
groups.
* api-change:``ssm``: [``botocore``] Systems Manager doc-only update for June 2023.
* api-change:``verifiedpermissions``: [``botocore``] This update fixes several broken links to the
Cedar documentation.
- from version 1.26.161
* api-change:``connect``: [``botocore``] This release provides a way to search for existing tags
within an instance. Before tagging a resource, ensure consistency by searching for pre-existing
key:value pairs.
* api-change:``glue``: [``botocore``] Timestamp Starting Position For Kinesis and Kafka Data
Sources in a Glue Streaming Job
* api-change:``guardduty``: [``botocore``] Add support for user.extra.sessionName in Kubernetes
Audit Logs Findings.
* api-change:``iam``: [``botocore``] Support for a new API "GetMFADevice" to present MFA device
metadata such as device certifications
* api-change:``pinpoint``: [``botocore``] Added time zone estimation support for journeys
- from version 1.26.160
* api-change:``devops-guru``: [``botocore``] This release adds support for encryption via customer
managed keys.
* api-change:``fsx``: [``botocore``] Update to Amazon FSx documentation.
* api-change:``rds``: [``botocore``] Documentation improvements for create, describe, and modify DB
clusters and DB instances.
* api-change:``verifiedpermissions``: [``botocore``] Added improved descriptions and new code
samples to SDK documentation.
- from version 1.26.159
* api-change:``chime-sdk-identity``: [``botocore``] AppInstanceBots can be configured to be invoked
or not using the Target or the CHIME.mentions attribute for ChannelMessages
* api-change:``chime-sdk-messaging``: [``botocore``] ChannelMessages can be made visible to sender
and intended recipient rather than all channel members with the target attribute. For example, a
user can send messages to a bot and receive messages back in a group channel without other members
seeing them.
* api-change:``kendra``: [``botocore``] Introducing Amazon Kendra Retrieve API that can be used to
retrieve relevant passages or text excerpts given an input query.
* api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
- from version 1.26.158
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``inspector2``: [``botocore``] This release adds support for Software Bill of
Materials (SBOM) export and the general availability of code scanning for AWS Lambda functions.
* api-change:``mediaconvert``: [``botocore``] This release introduces the bandwidth reduction
filter for the HEVC encoder, increases the limits of outputs per job, and updates support for the
Nagra SDK to version 1.14.7.
* api-change:``mq``: [``botocore``] The Cross Region Disaster Recovery feature allows to replicate
a brokers state from one region to another in order to provide customers with multi-region
resiliency in the event of a regional outage.
* api-change:``sagemaker``: [``botocore``] This release provides support in SageMaker for output
files in training jobs to be uploaded without compression and enable customer to deploy
uncompressed model from S3 to real-time inference Endpoints. In addition, ml.trn1n.32xlarge is
added to supported instance type list in training job.
* api-change:``transfer``: [``botocore``] This release adds a new parameter
StructuredLogDestinations to CreateServer, UpdateServer APIs.
- from version 1.26.157
* api-change:``appflow``: [``botocore``] This release adds new API to reset connector metadata cache
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in May 2023.
* api-change:``ec2``: [``botocore``] Adds support for targeting Dedicated Host allocations by
assetIds in AWS Outposts
* api-change:``lambda``: [``botocore``] This release adds RecursiveInvocationException to the
Invoke API and InvokeWithResponseStream API.
* api-change:``redshift``: [``botocore``] Added support for custom domain names for Redshift
Provisioned clusters. This feature enables customers to create a custom domain name and use ACM to
generate fully secure connections to it.
- from version 1.26.156
* api-change:``cloudformation``: [``botocore``] Specify desired CloudFormation behavior in the
event of ChangeSet execution failure using the CreateChangeSet OnStackFailure parameter
* api-change:``ec2``: [``botocore``] API changes to AWS Verified Access to include data from trust
providers in logs
* api-change:``ecs``: [``botocore``] Documentation only update to address various tickets.
* api-change:``glue``: [``botocore``] This release adds support for creating cross region
table/database resource links
* api-change:``pricing``: [``botocore``] This release updates the PriceListArn regex pattern.
* api-change:``route53domains``: [``botocore``] Update MaxItems upper bound to 1000 for
ListPricesRequest
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Autopilot releases CreateAutoMLJobV2
and DescribeAutoMLJobV2 for Autopilot customers with ImageClassification, TextClassification and
Tabular problem type config support.
- from version 1.26.155
* api-change:``account``: [``botocore``] Improve pagination support for ListRegions
* api-change:``connect``: [``botocore``] Updates the *InstanceStorageConfig APIs to support a new
ResourceType: SCREEN_RECORDINGS to enable screen recording and specify the storage configurations
for publishing the recordings. Also updates DescribeInstance and ListInstances APIs to include
InstanceAccessUrl attribute in the API response.
* api-change:``discovery``: [``botocore``] Add Amazon EC2 instance recommendations export
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
(IAM).
* api-change:``s3``: [``botocore``] This release adds SDK support for request-payer request header
and request-charged response header in the "GetBucketAccelerateConfiguration",
"ListMultipartUploads", "ListObjects", "ListObjectsV2" and "ListObjectVersions" S3 APIs.
- from version 1.26.154
* api-change:``auditmanager``: [``botocore``] This release introduces 2 Audit Manager features: CSV
exports and new manual evidence options. You can now export your evidence finder results in CSV
format. In addition, you can now add manual evidence to a control by entering free-form text or
uploading a file from your browser.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``guardduty``: [``botocore``] Updated descriptions for some APIs.
* api-change:``location``: [``botocore``] Amazon Location Service adds categories to places,
including filtering on those categories in searches. Also, you can now add metadata properties to
your geofences.
- Update BuildRequires and Requires from setup.py
- Update to 1.26.153:
* api-change:``cloudtrail``: [``botocore``] This feature allows users to view dashboards for
CloudTrail Lake event data stores.
* api-change:``codeguru-security``: [``botocore``] Initial release of Amazon CodeGuru Security APIs
* api-change:``drs``: [``botocore``] Added APIs to support network replication and recovery using
AWS Elastic Disaster Recovery.
* api-change:``ec2``: [``botocore``] This release introduces a new feature, EC2 Instance Connect
Endpoint, that enables you to connect to a resource over TCP, without requiring the resource to
have a public IPv4 address.
* api-change:``imagebuilder``: [``botocore``] Change the Image Builder ImagePipeline dateNextRun
field to more accurately describe the data.
* api-change:``lightsail``: [``botocore``] This release adds pagination for the Get Certificates
API operation.
* api-change:``s3``: [``botocore``] Integrate double encryption feature to SDKs.
* api-change:``securityhub``: [``botocore``] Add support for Security Hub Automation Rules
* api-change:``simspaceweaver``: [``botocore``] This release fixes using aws-us-gov ARNs in API
calls and adds documentation for snapshot APIs.
* api-change:``verifiedpermissions``: [``botocore``] GA release of Amazon Verified Permissions.
* api-change:``wafv2``: [``botocore``] You can now detect and block fraudulent account creation
attempts with the new AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule
group AWSManagedRulesACFPRuleSet.
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected now supports Profiles that
help customers prioritize which questions to focus on first by providing a list of prioritized
questions that are better aligned with their business goals and outcomes.
- from version 1.26.152
* api-change:``amplifyuibuilder``: [``botocore``] AWS Amplify UIBuilder is launching Codegen UI, a
new feature that enables you to generate your amplify uibuilder components and forms.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB
* api-change:``dynamodbstreams``: [``botocore``] Update dynamodbstreams client to latest version
* api-change:``fsx``: [``botocore``] Amazon FSx for NetApp ONTAP now supports joining a storage
virtual machine (SVM) to Active Directory after the SVM has been created.
* api-change:``opensearch``: [``botocore``] This release adds support for SkipUnavailable
connection property for cross cluster search
* api-change:``rekognition``: [``botocore``] This release adds support for improved accuracy with
user vector in Amazon Rekognition Face Search. Adds new APIs: AssociateFaces, CreateUser,
DeleteUser, DisassociateFaces, ListUsers, SearchUsers, SearchUsersByImage. Also adds new face
metadata that can be stored: user vector.
* api-change:``sagemaker``: [``botocore``] Sagemaker Neo now supports compilation for inferentia2
(ML_INF2) and Trainium1 (ML_TRN1) as available targets. With these devices, you can run your
workloads at highest performance with lowest cost. inferentia2 (ML_INF2) is available in CMH and
Trainium1 (ML_TRN1) is available in IAD currently
- from version 1.26.151
* api-change:``acm-pca``: [``botocore``] Document-only update to refresh CLI documentation for AWS
Private CA. No change to the service.
* api-change:``connect``: [``botocore``] This release adds search APIs for Prompts, Quick Connects
and Hours of Operations, which can be used to search for those resources within a Connect Instance.
- from version 1.26.150
* api-change:``athena``: [``botocore``] You can now define custom spark properties at start of the
session for use cases like cluster encryption, table formats, and general Spark tuning.
* api-change:``comprehendmedical``: [``botocore``] This release supports a new set of entities and
traits.
* api-change:``payment-cryptography-data``: [``botocore``] Initial release of AWS Payment
Cryptography DataPlane Plane service for performing cryptographic operations typically used during
card payment processing.
* api-change:``payment-cryptography``: [``botocore``] Initial release of AWS Payment Cryptography
Control Plane service for creating and managing cryptographic keys used during card payment
processing.
* api-change:``servicecatalog``: [``botocore``] New parameter added in ServiceCatalog
DescribeProvisioningArtifact api - IncludeProvisioningArtifactParameters. This parameter can be
used to return information about the parameters used to provision the product
* api-change:``timestream-write``: [``botocore``] This release adds the capability for customers to
define how their data should be partitioned, optimizing for certain access patterns. This
definition will take place as a part of the table creation.
- from version 1.26.149
* api-change:``cloudformation``: [``botocore``] AWS CloudFormation StackSets is updating the
deployment experience for all stackset operations to skip suspended AWS accounts during
deployments. StackSets will skip target AWS accounts that are suspended and set the Detailed Status
of the corresponding stack instances as SKIPPED_SUSPENDED_ACCOUNT
* api-change:``customer-profiles``: [``botocore``] This release introduces event stream related
APIs.
* api-change:``directconnect``: [``botocore``] This update corrects the jumbo frames mtu values
from 9100 to 8500 for transit virtual interfaces.
* api-change:``emr-containers``: [``botocore``] EMR on EKS adds support for log rotation of Spark
container logs with EMR-6.11.0 onwards, to the StartJobRun API.
* api-change:``iotdeviceadvisor``: [``botocore``] AWS IoT Core Device Advisor now supports new
Qualification Suite test case list. With this update, customers can more easily create new
qualification test suite with an empty rootGroup input.
* api-change:``logs``: [``botocore``] This change adds support for account level data protection
policies using 3 new APIs, PutAccountPolicy, DeleteAccountPolicy and DescribeAccountPolicy.
DescribeLogGroup API has been modified to indicate if account level policy is applied to the
LogGroup via "inheritedProperties" list in the response.
- from version 1.26.148
* api-change:``connect``: [``botocore``] GetMetricDataV2 API is now available in AWS GovCloud(US)
region.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``iam``: [``botocore``] This release updates the AccountAlias regex pattern with the
same length restrictions enforced by the length constraint.
* api-change:``inspector2``: [``botocore``] Adds new response properties and request parameters for
'last scanned at' on the ListCoverage operation. This feature allows you to search and view the
date of which your resources were last scanned by Inspector.
* api-change:``iot-data``: [``botocore``] Update thing shadow name regex to allow '$' character
* api-change:``iot``: [``botocore``] Adding IoT Device Management Software Package Catalog APIs to
register, store, and report system software packages, along with their versions and metadata in a
centralized location.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``quicksight``: [``botocore``] QuickSight support for pivot table field collapse
state, radar chart range scale and multiple scope options in conditional formatting.
* api-change:``signer``: [``botocore``] AWS Signer is launching Container Image Signing, a new
feature that enables you to sign and verify container images. This feature enables you to validate
that only container images you approve are used in your enterprise.
* api-change:``sqs``: [``botocore``] Amazon SQS adds three new APIs - StartMessageMoveTask,
CancelMessageMoveTask, and ListMessageMoveTasks to automate redriving messages from dead-letter
queues to source queues or a custom destination.
- from version 1.26.147
* api-change:``cloudformation``: [``botocore``] AWS CloudFormation StackSets provides customers
with three new APIs to activate, deactivate, and describe AWS Organizations trusted access which is
needed to get started with service-managed StackSets.
* api-change:``ec2``: [``botocore``] Making InstanceTagAttribute as the required parameter for the
DeregisterInstanceEventNotificationAttributes and RegisterInstanceEventNotificationAttributes APIs.
* api-change:``finspace``: [``botocore``] Releasing new Managed kdb Insights APIs
* api-change:``frauddetector``: [``botocore``] Added new variable types, new DateTime data type,
and new rules engine functions for interacting and working with DateTime data types.
* api-change:``keyspaces``: [``botocore``] This release adds support for MRR GA launch, and
includes multiregion support in create-keyspace, get-keyspace, and list-keyspace.
* api-change:``kms``: [``botocore``] This release includes feature to import customer's asymmetric
(RSA and ECC) and HMAC keys into KMS. It also includes feature to allow customers to specify
number of days to schedule a KMS key deletion as a policy condition key.
* api-change:``lambda``: [``botocore``] Add Ruby 3.2 (ruby3.2) Runtime support to AWS Lambda.
* api-change:``mwaa``: [``botocore``] This release adds ROLLING_BACK and CREATING_SNAPSHOT
environment statuses for Amazon MWAA environments.
- from version 1.26.146
* api-change:``athena``: [``botocore``] This release introduces the DeleteCapacityReservation API
and the ability to manage capacity reservations using CloudFormation
* api-change:``cloudtrail``: [``botocore``] This feature allows users to start and stop event
ingestion on a CloudTrail Lake event data store.
* api-change:``sagemaker``: [``botocore``] This release adds Selective Execution feature that
allows SageMaker Pipelines users to run selected steps in a pipeline.
* api-change:``wafv2``: [``botocore``] Added APIs to describe managed products. The APIs retrieve
information about rule groups that are managed by AWS and by AWS Marketplace sellers.
- from version 1.26.145
* api-change:``alexaforbusiness``: [``botocore``] Alexa for Business has been deprecated and is no
longer supported.
* api-change:``appflow``: [``botocore``] Added ability to select DataTransferApiType for
DescribeConnector and CreateFlow requests when using Async supported connectors. Added
supportedDataTransferType to DescribeConnector/DescribeConnectors/ListConnector response.
* api-change:``customer-profiles``: [``botocore``] This release introduces calculated attribute
related APIs.
* api-change:``ivs``: [``botocore``] API Update for IVS Advanced Channel type
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Autopilot adds support for Parquet file
input to NLP text classification jobs.
* api-change:``wafv2``: [``botocore``] Corrected the information for the header order FieldToMatch
setting
- Update BuildRequires and Requires from setup.py
- update to 1.26.144:
* see https://raw.githubusercontent.com/boto/boto3/1.26.144/CHANGELOG.rst
- Update to 1.26.130:
* api-change:``glue``: [``botocore``] Support large worker types G.4x and G.8x for Glue Spark
* api-change:``guardduty``: [``botocore``] Add AccessDeniedException 403 Error message code to
support 3 Tagging related APIs
* api-change:``iotsitewise``: [``botocore``] Provide support for 20,000 max results for
GetAssetPropertyValueHistory/BatchGetAssetPropertyValueHistory and 15 minute aggregate resolution
for GetAssetPropertyAggregates/BatchGetAssetPropertyAggregates
* api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
- from version 1.26.129
* api-change:``ec2``: [``botocore``] This release adds support the inf2 and trn1n instances. inf2
instances are purpose built for deep learning inference while trn1n instances are powered by AWS
Trainium accelerators and they build on the capabilities of Trainium-powered trn1 instances.
* api-change:``inspector2``: [``botocore``] Amazon Inspector now allows customers to search its
vulnerability intelligence database if any of the Inspector scanning types are activated.
* api-change:``mediatailor``: [``botocore``] This release adds support for AFTER_LIVE_EDGE mode
configuration for avail suppression, and adding a fill-policy setting that sets the avail
suppression to PARTIAL_AVAIL or FULL_AVAIL_ONLY when AFTER_LIVE_EDGE is enabled.
* api-change:``sqs``: [``botocore``] Revert previous SQS protocol change.
- from version 1.26.128
* bugfix:``sqs``: [``botocore``] Rolled back recent change to wire format protocol
- from version 1.26.127
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in April 2023.
* api-change:``connect``: [``botocore``] Remove unused InvalidParameterException from
CreateParticipant API
* api-change:``ecs``: [``botocore``] Documentation update for new error type
NamespaceNotFoundException for CreateCluster and UpdateCluster
* api-change:``network-firewall``: [``botocore``] This release adds support for the Suricata REJECT
option in midstream exception configurations.
* api-change:``opensearch``: [``botocore``] DescribeDomainNodes: A new API that provides
configuration information for nodes part of the domain
* api-change:``quicksight``: [``botocore``] Add support for Topic, Dataset parameters and VPC
* api-change:``rekognition``: [``botocore``] This release adds a new attribute FaceOccluded.
Additionally, you can now select attributes individually (e.g. ["DEFAULT", "FACE_OCCLUDED",
"AGE_RANGE"] instead of ["ALL"]), which can reduce response time.
* api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
* api-change:``sagemaker``: [``botocore``] We added support for ml.inf2 and ml.trn1 family of
instances on Amazon SageMaker for deploying machine learning (ML) models for Real-time and
Asynchronous inference. You can use these instances to achieve high performance at a low cost for
generative artificial intelligence (AI) models.
* api-change:``securityhub``: [``botocore``] Add support for Finding History.
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol.
- from version 1.26.126
* api-change:``appsync``: [``botocore``] Private API support for AWS AppSync. With Private APIs,
you can now create GraphQL APIs that can only be accessed from your Amazon Virtual Private Cloud
("VPC").
* api-change:``ec2``: [``botocore``] Adds an SDK paginator for
GetNetworkInsightsAccessScopeAnalysisFindings
* api-change:``inspector2``: [``botocore``] This feature provides deep inspection for linux based
instance
* api-change:``iottwinmaker``: [``botocore``] This release adds a field for GetScene API to return
error code and message from dependency services.
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall now supports policy level
HOME_NET variable overrides.
* api-change:``opensearch``: [``botocore``] Amazon OpenSearch Service adds the option to deploy a
domain across multiple Availability Zones, with each AZ containing a complete copy of data and with
nodes in one AZ acting as a standby. This option provides 99.99% availability and consistent
performance in the event of infrastructure failure.
* api-change:``wellarchitected``: [``botocore``] This release deepens integration with AWS Service
Catalog AppRegistry to improve workload resource discovery.
- Update BuildRequires and Requires from setup.py
- update to 1.26.125:
* api-change:``appflow``: [``botocore``] This release adds new
API to cancel flow executions.
* api-change:``connect``: [``botocore``] Amazon Connect Service
Rules API update: Added OnContactEvaluationSubmit event
source to support user configuring evaluation form rules.
* api-change:``ecs``: [``botocore``] Documentation only update
to address Amazon ECS tickets.
* api-change:``kendra``: [``botocore``] AWS Kendra now supports
configuring document fields/attributes via the
GetQuerySuggestions API. You can now base query suggestions
on the contents of document fields.
* api-change:``resiliencehub``: [``botocore``] This release
will improve resource level transparency in applications by
discovering previously hidden resources.
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker
Autopilot supports training models with sample weights and
additional objective metrics.
* 1.26.124
* api-change:``compute-optimizer``: [``botocore``] support for
tag filtering within compute optimizer. ability to filter
recommendation results by tag and tag key value pairs.
ability to filter by inferred workload type added.
* api-change:``kms``: [``botocore``] This release makes the
NitroEnclave request parameter Recipient and the response
field for CiphertextForRecipient available in AWS SDKs. It
also adds the regex pattern for CloudHsmClusterId validation.
* 1.26.123
* api-change:``appflow``: [``botocore``] Adds Jwt Support for
Salesforce Credentials.
* api-change:``athena``: [``botocore``] You can now use
capacity reservations on Amazon Athena to run SQL queries on
fully-managed compute capacity.
* api-change:``directconnect``: [``botocore``] This release
corrects the jumbo frames MTU from 9100 to 8500.
* api-change:``efs``: [``botocore``] Update efs client to
latest version
* api-change:``grafana``: [``botocore``] This release adds
support for the grafanaVersion parameter in CreateWorkspace.
* api-change:``iot``: [``botocore``] This release allows AWS
IoT Core users to specify a TLS security policy when creating
and updating AWS IoT Domain Configurations.
* api-change:``rekognition``: [``botocore``] Added support for
aggregating moderation labels by video segment timestamps for
Stored Video Content Moderation APIs and added additional
information about the job to all Stored Video Get API
responses.
* api-change:``simspaceweaver``: [``botocore``] Added a new
CreateSnapshot API. For the StartSimulation API,
SchemaS3Location is now optional, added a new
SnapshotS3Location parameter. For the DescribeSimulation API,
added SNAPSHOT_IN_PROGRESS simulation state, deprecated
SchemaError, added new fields: StartError and
SnapshotS3Location.
* api-change:``wafv2``: [``botocore``] You can now associate a
web ACL with a Verified Access instance.
* api-change:``workspaces``: [``botocore``] Added Windows 11 to
support Microsoft_Office_2019
* api-change:``ec2``: [``botocore``] This release adds support
for AMD SEV-SNP on EC2 instances.
* api-change:``emr-containers``: [``botocore``] This release
adds GetManagedEndpointSessionCredentials, a new API that
allows customers to generate an auth token to connect to a
managed endpoint, enabling features such as self-hosted
Jupyter notebooks for EMR on EKS.
* api-change:``guardduty``: [``botocore``] Added API support to
initiate on-demand malware scan on specific resources.
* api-change:``iotdeviceadvisor``: [``botocore``] AWS IoT Core
Device Advisor now supports MQTT over WebSocket. With this
update, customers can run all three test suites of AWS IoT
Core Device Advisor - qualification, custom, and long
duration tests - using Signature Version 4 for MQTT over
WebSocket.
* api-change:``kafka``: [``botocore``] Amazon MSK has added new
APIs that allows multi-VPC private connectivity and cluster
policy support for Amazon MSK clusters that simplify
connectivity and access between your Apache Kafka clients
hosted in different VPCs and AWS accounts and your Amazon MSK
clusters.
* api-change:``lambda``: [``botocore``] Add Java 17 (java17)
support to AWS Lambda
* api-change:``marketplace-catalog``: [``botocore``] Enabled
Pagination for List Entities and List Change Sets operations
* api-change:``osis``: [``botocore``] Documentation updates for
OpenSearch Ingestion
* api-change:``qldb``: [``botocore``] Documentation updates for
Amazon QLDB
* api-change:``sagemaker``: [``botocore``] Added
ml.p4d.24xlarge and ml.p4de.24xlarge as supported instances
for SageMaker Studio
* api-change:``xray``: [``botocore``] Updated X-Ray
documentation with Resource Policy API descriptions.
* api-change:``osis``: [``botocore``] Initial release for
OpenSearch Ingestion
* api-change:``chime-sdk-messaging``: [``botocore``] Remove non
actionable field from UpdateChannelReadMarker and
DeleteChannelRequest. Add precise exceptions to
DeleteChannel and DeleteStreamingConfigurations error cases.
* api-change:``connect``: [``botocore``] Amazon Connect,
Contact Lens Evaluation API release including ability to
manage forms and to submit contact evaluations.
* api-change:``datasync``: [``botocore``] This release adds 13
new APIs to support AWS DataSync Discovery GA.
* api-change:``ds``: [``botocore``] New field added in AWS
Managed Microsoft AD DescribeSettings response and regex
pattern update for UpdateSettings value. Added length
validation to RemoteDomainName.
* api-change:``pinpoint``: [``botocore``] Adds support for
journey runs and querying journey execution metrics based on
journey runs. Adds execution metrics to campaign activities.
Updates docs for Advanced Quiet Time.
* api-change:``appflow``: [``botocore``] Increased the max
length for RefreshToken and AuthCode from 2048 to 4096.
* api-change:``codecatalyst``: [``botocore``] Documentation
updates for Amazon CodeCatalyst.
* api-change:``ec2``: [``botocore``] API changes to AWS
Verified Access related to identity providers' information.
* api-change:``mediaconvert``: [``botocore``] This release
introduces a noise reduction pre-filter, linear interpolation
deinterlace mode, video pass-through, updated default job
settings, and expanded LC-AAC Stereo audio bitrate ranges.
* api-change:``rekognition``: [``botocore``] Added new status
result to Liveness session status.
* 1.26.118
* api-change:``connect``: [``botocore``] This release adds a
new API CreateParticipant. For Amazon Connect Chat, you can
use this new API to customize chat flow experiences.
* api-change:``ecs``: [``botocore``] Documentation update to
address various Amazon ECS tickets.
* api-change:``fms``: [``botocore``] AWS Firewall Manager adds
support for multiple administrators. You can now delegate
more than one administrator per organization.
* 1.26.117
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This
release adds support for specifying the recording file format
in an S3 recording sink configuration.
* api-change:``chime-sdk-meetings``: [``botocore``] Adds
support for Hindi and Thai languages and additional Amazon
Transcribe parameters to the StartMeetingTranscription API.
* api-change:``chime``: [``botocore``] Adds support for Hindi
and Thai languages and additional Amazon Transcribe
parameters to the StartMeetingTranscription API.
* api-change:``gamelift``: [``botocore``] Amazon GameLift
supports creating Builds for Windows 2016 operating system.
* api-change:``guardduty``: [``botocore``] This release adds
support for the new Lambda Protection feature.
* api-change:``iot``: [``botocore``] Support additional OTA
states in GetOTAUpdate API
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker
Canvas adds ModelRegisterSettings support for
CanvasAppSettings.
* api-change:``snowball``: [``botocore``] Adds support for
Amazon S3 compatible storage. AWS Snow Family customers can
now use Amazon S3 compatible storage on Snowball Edge
devices. Also adds support for V3_5S. This is a refreshed AWS
Snowball Edge Storage Optimized device type with 210TB SSD
(customer usable).
* api-change:``wafv2``: [``botocore``] You can now create
encrypted API keys to use in a client application integration
of the JavaScript CAPTCHA API . You can also retrieve a list
of your API keys and the JavaScript application integration
URL.
* api-change:``comprehend``: [``botocore``] This release
supports native document models for custom classification, in
addition to plain-text models. You train native document
models using documents (PDF, Word, images) in their native
format.
* api-change:``ecs``: [``botocore``] This release supports the
Account Setting "TagResourceAuthorization" that allows for
enhanced Tagging security controls.
* api-change:``ram``: [``botocore``] This release adds support
for customer managed permissions. Customer managed
permissions enable customers to author and manage tailored
permissions for resources shared using RAM.
* api-change:``rds``: [``botocore``] Adds support for the
ImageId parameter of CreateCustomDBEngineVersion to RDS
Custom for Oracle
* api-change:``s3``: [``botocore``] Provides support for "Snow"
Storage class.
* api-change:``s3control``: [``botocore``] Provides support for
overriding endpoint when region is "snow". This will enable
bucket APIs for Amazon S3 Compatible storage on Snow Family
devices.
* api-change:``secretsmanager``: [``botocore``] Documentation
updates for Secrets Manager
- Update to 1.26.115
* api-change:``appflow``: [``botocore``] This release adds a Client Token parameter to the
following AppFlow APIs: Create/Update Connector Profile, Create/Update Flow, Start Flow, Register
Connector, Update Connector Registration. The Client Token parameter allows idempotent operations
for these APIs.
* api-change:``drs``: [``botocore``] Changed existing APIs and added new APIs to support using an
account-level launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB API
* api-change:``emr-serverless``: [``botocore``] The GetJobRun API has been updated to include the
job's billed resource utilization. This utilization shows the aggregate vCPU, memory and storage
that AWS has billed for the job run. The billed resources include a 1-minute minimum usage for
workers, plus additional storage over 20 GB per worker.
* api-change:``internetmonitor``: [``botocore``] This release includes a new configurable value,
TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by
percentage
* api-change:``iotwireless``: [``botocore``] Supports the new feature of LoRaWAN roaming, allows to
configure MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast
group
* api-change:``lambda``: [``botocore``] Add Python 3.10 (python3.10) support to AWS Lambda
- from version 1.26.114
* api-change:``ecs``: [``botocore``] This release supports ephemeral storage for AWS Fargate
Windows containers.
* api-change:``lambda``: [``botocore``] This release adds SnapStart related exceptions to
InvokeWithResponseStream API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: [``botocore``] Doc only update for Refactor Spaces
environments without network bridge feature.
* api-change:``rds``: [``botocore``] This release adds support of modifying the engine mode of
database clusters.
- from version 1.26.113
* api-change:``chime-sdk-voice``: [``botocore``] This release adds tagging support for Voice
Connectors and SIP Media Applications
* api-change:``mediaconnect``: [``botocore``] Gateway is a new feature of AWS Elemental
MediaConnect. Gateway allows the deployment of on-premises resources for the purpose of
transporting live video to and from the AWS Cloud.
- from version 1.26.112
* api-change:``groundstation``: [``botocore``] AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: [``botocore``] Removal of the Ropsten network. The Ethereum
foundation ceased support of Ropsten on December 31st, 2022..
- from version 1.26.111
* api-change:``ecr-public``: [``botocore``] This release will allow using registry alias as
registryId in BatchDeleteImage request.
* api-change:``emr-serverless``: [``botocore``] This release extends GetJobRun API to return job
run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720
minutes if none was specified).
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``iot-data``: [``botocore``] This release adds support for MQTT5 user properties when
calling the AWS IoT GetRetainedMessage API
* api-change:``wafv2``: [``botocore``] For web ACLs that protect CloudFront protections, the
default request body inspection size is now 16 KB, and you can use the new association
configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur
additional costs.
- from version 1.26.110
* api-change:``connect``: [``botocore``] This release adds the ability to configure an agent's
routing profile to receive contacts from multiple channels at the same time via extending the
UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: [``botocore``] This release adds support for enabling FIPS compliance on
Amazon ECS Fargate tasks
* api-change:``marketplace-catalog``: [``botocore``] Added three new APIs to support resource
sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType
field to ListEntities request to let users filter on entities that are shared with them. Increased
max page size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK now supports
conversion of 608 paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: [``botocore``] Remove unexpected API changes.
* api-change:``rekognition``: [``botocore``] This release adds support for Face Liveness APIs in
Amazon Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor
updates to API documentation.
- from version 1.26.109
* api-change:``dlm``: [``botocore``] Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: [``botocore``] This release adds a new parameter
'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB
cluster parameter group while performing restore.
* api-change:``fsx``: [``botocore``] Amazon FSx for Lustre now supports creating data repository
associations on Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: [``botocore``] This release adds a new Lambda InvokeWithResponseStream API
to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to
Function Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: [``botocore``] This release has two changes: adding the OR condition
to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental
RefreshProperties operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: [``botocore``] Update documentation of API descriptions as needed
in support of temporary credentials with IAM identity.
* api-change:``servicecatalog``: [``botocore``] Updates description for property
- from version 1.26.108
* api-change:``cloudformation``: [``botocore``] Including UPDATE_COMPLETE as a failed status for
DeleteStack waiter.
* api-change:``greengrassv2``: [``botocore``] Add support for SUCCEEDED value in
coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.
* api-change:``proton``: [``botocore``] This release adds support for the AWS Proton service sync
feature. Service sync enables managing an AWS Proton service (creating and updating instances) and
all of it's corresponding service instances from a Git repository.
* api-change:``rds``: [``botocore``] Adds and updates the SDK examples
- from version 1.26.107
* api-change:``apprunner``: [``botocore``] App Runner adds support for seven new vCPU and memory
configurations.
* api-change:``config``: [``botocore``] This release adds resourceType enums for types released in
March 2023.
* api-change:``ecs``: [``botocore``] This is a document only updated to add information about
Amazon Elastic Inference (EI).
* api-change:``identitystore``: [``botocore``] Documentation updates for Identity Store CLI command
reference.
* api-change:``ivs-realtime``: [``botocore``] Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall now supports IPv6-only
subnets.
* api-change:``servicecatalog``: [``botocore``] removed incorrect product type value
* api-change:``vpc-lattice``: [``botocore``] This release removes the entities in the API doc model
package for auth policies.
- from version 1.26.106
* api-change:``amplifyuibuilder``: [``botocore``] Support StorageField and custom displays for
data-bound options in form builder. Support non-string operands for predicates in collections.
Support choosing client to get token from.
* api-change:``autoscaling``: [``botocore``] Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: [``botocore``] This release updates the value of MaxResults.
* api-change:``ec2``: [``botocore``] C6in, M6in, M6idn, R6in and R6idn bare metal instances are
powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network
bandwidth.
* api-change:``elastic-inference``: [``botocore``] Updated public documentation for the Describe
and Tagging APIs.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Asynchronous Inference now allows
customer's to receive failure model responses in S3 and receive success/failure model responses in
SNS notifications.
* api-change:``wafv2``: [``botocore``] This release rolls back association config feature for
webACLs that protect CloudFront protections.
- from version 1.26.105
* api-change:``glue``: [``botocore``] Add support for database-level federation
* api-change:``lakeformation``: [``botocore``] Add support for database-level federation
* api-change:``license-manager``: [``botocore``] This release adds grant override options to the
CreateGrantVersion API. These options can be used to specify grant replacement behavior during
grant activation.
* api-change:``mwaa``: [``botocore``] This Amazon MWAA release adds the ability to customize the
Apache Airflow environment by launching a shell script at startup. This shell script is hosted in
your environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and
initializing the Apache Airflow process.
* api-change:``servicecatalog``: [``botocore``] This release introduces Service Catalog support for
Terraform open source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by
the terraform engine to notify the result of the provisioning engine execution. 2. Adds a new
TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: [``botocore``] For web ACLs that protect CloudFront protections, the
default request body inspection size is now 16 KB, and you can use the new association
configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur
additional costs.
- from version 1.26.104
* api-change:``ec2``: [``botocore``] Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon
CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3
buckets as well as CloudWatch Logs.
* api-change:``resiliencehub``: [``botocore``] Adding EKS related documentation for appTemplateBody
* api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] In this release, you can now chose
between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility
when it comes to managing online store data.
* api-change:``sms``: [``botocore``] Deprecating AWS Server Migration Service.
- from version 1.26.103
* api-change:``athena``: [``botocore``] Make DefaultExecutorDpuSize and CoordinatorDpuSize fields
optional in StartSession
* api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling now supports Elastic Load
Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and
DescribeTrafficSources APIs. This release also introduces a new activity status,
"WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.
* api-change:``batch``: [``botocore``] This feature allows Batch on EKS to support configuration of
Pod Labels through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: [``botocore``] This release adds support for HDD EBS volume
types and io2 Block Express. We are also adding support for 61 new instance types and instances
that have non consecutive runtime.
* api-change:``drs``: [``botocore``] Adding a field to the replication configuration APIs to
support the auto replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: [``botocore``] This release adds support for Tunnel Endpoint Lifecycle
control, a new feature that provides Site-to-Site VPN customers with better visibility and control
of their VPN tunnel maintenance updates.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Data Quality, which
helps you evaluate and monitor the quality of your data and includes the API for creating,
deleting, or updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: [``botocore``] Added EKS Runtime Monitoring feature support to existing
detector, finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: [``botocore``] Adds support for new image workflow details and image
vulnerability detection.
* api-change:``ivs``: [``botocore``] Amazon Interactive Video Service (IVS) now offers customers
the ability to configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: [``botocore``] AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall added TLS inspection
configurations to allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: [``botocore``] Amazon SageMaker geospatial capabilities now
supports server-side encryption with customer managed KMS key and SageMaker notebooks with a
SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: [``botocore``] General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected SDK now supports getting
consolidated report metrics and generating a consolidated report PDF.
- from version 1.26.102
* api-change:``opensearchserverless``: [``botocore``] This release includes two new exception types
"ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: [``botocore``] Add support for creating a read replica DB instance from a
Multi-AZ DB cluster.
- from version 1.26.101
* api-change:``iot-data``: [``botocore``] Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: [``botocore``] This release adds 12 new APIs as part of Oncall
Schedule feature release, adds support for a new contact type: ONCALL_SCHEDULE. Check public
documentation for AWS ssm-contacts for more information
* api-change:``ssm-incidents``: [``botocore``] Increased maximum length of "TriggerDetails.rawData"
to 10K characters and "IncidentSummary" to 8K characters.
- from version 1.26.100
* api-change:``athena``: [``botocore``] Enforces a minimal level of encryption for the workgroup
for query and calculation results that are written to Amazon S3. When enabled, workgroup users can
set encryption only to the minimum level set by the administrator or higher when they submit
queries.
* api-change:``chime-sdk-voice``: [``botocore``] Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: [``botocore``] This release introduces support for RelatedContactId in
the StartChatContact API. Interactive message and interactive message response have been added to
the list of supported message content types for this API as well.
* api-change:``connectparticipant``: [``botocore``] This release provides an update to the
SendMessage API to handle interactive message response content-types.
* api-change:``iotwireless``: [``botocore``] Introducing new APIs that enable Sidewalk devices to
communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect
Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and
advanced device management.
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive now supports ID3 tag insertion
for audio only HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: [``botocore``] Fixed some improperly rendered links in SDK
documentation.
* api-change:``securityhub``: [``botocore``] Added new resource detail objects to ASFF, including
resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: [``botocore``] In this release, we started supporting
ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and
ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: [``botocore``] Amazon Connect Voice ID now supports multiple fraudster
watchlists. Every domain has a default watchlist where all existing fraudsters are placed by
default. Custom watchlists may now be created, managed, and evaluated against for known fraudster
detection.
- from version 1.26.99
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``comprehend``: [``botocore``] This release adds a new field (FlywheelArn) to the
EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the
DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job
is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: [``botocore``] Added error code CreateCustomDBEngineVersionFault for when the
create custom engine version for Custom engines fails.
- from version 1.26.98
* api-change:``batch``: [``botocore``] This feature allows Batch to support configuration of
ephemeral storage size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: [``botocore``] AppInstanceBots can be used to add a bot
powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion
for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds Amazon Chime SDK call
analytics. Call analytics include voice analytics, which provides speaker search and voice tone
analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to
generate machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: [``botocore``] ExpirationSettings provides automatic resource
deletion for Channels.
* api-change:``chime-sdk-voice``: [``botocore``] This release adds Amazon Chime SDK call analytics.
Call analytics include voice analytics, which provides speaker search and voice tone analysis.
These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate
machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: [``botocore``] Repository CreationTime is added to the
CreateRepository and ListRepositories API responses.
* api-change:``guardduty``: [``botocore``] Adds AutoEnableOrganizationMembers attribute to
DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: [``botocore``] Initial release of the Amazon Interactive Video
Service RealTime API.
* api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK now supports
passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot adds two new APIs -
CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the
ml.geospatial.interactive instance type.
* api-change:``servicediscovery``: [``botocore``] Reverted the throttling exception
RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to
previous exception specified in the ErrorCode.
* api-change:``textract``: [``botocore``] The AnalyzeDocument - Tables feature adds support for new
elements in the API: table titles, footers, section titles, summary cells/tables, and table type.
- from version 1.26.97
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
(IAM).
* api-change:``iottwinmaker``: [``botocore``] This release adds support of adding metadata when
creating a new scene or updating an existing scene.
* api-change:``networkmanager``: [``botocore``] This release includes an update to
create-transit-gateway-route-table-attachment, showing example usage for
TransitGatewayRouteTableArn.
* api-change:``pipes``: [``botocore``] This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: [``botocore``] This release provides customers with the ability to
import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: [``botocore``] This Patch Manager release supports creating, updating, and
deleting Patch Baselines for AmazonLinux2023, AlmaLinux.
- from version 1.26.96
* api-change:``chime-sdk-messaging``: [``botocore``] Amazon Chime SDK messaging customers can now
manage streaming configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: [``botocore``] GA Release of AWS Clean Rooms, Added Tagging
Functionality
* api-change:``ec2``: [``botocore``] This release adds support for AWS Network Firewall, AWS
PrivateLink, and Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path
destination optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: [``botocore``] Provide support for tagging of data streams and
enabling tag based authorization for property alias
* api-change:``mgn``: [``botocore``] This release introduces the Import and export feature and
expansion of the post-launch actions
- from version 1.26.95
* api-change:``application-autoscaling``: [``botocore``] With this release customers can now tag
their Application Auto Scaling registered targets with key-value pairs and manage IAM permissions
for all the tagged resources centrally.
* api-change:``neptune``: [``botocore``] This release makes following few changes.
db-cluster-identifier is now a required parameter of create-db-instance. describe-db-cluster will
now return PendingModifiedValues and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: [``botocore``] S3 On Outposts added support for endpoint status, and a
failed endpoint reason, if any
* api-change:``workdocs``: [``botocore``] This release adds a new API, SearchResources, which
enable users to search through metadata and content of folders, documents, document versions and
comments in a WorkDocs site.
- from version 1.26.94
* api-change:``billingconductor``: [``botocore``] This release adds a new filter to
ListAccountAssociations API and a new filter to ListBillingGroups API.
* api-change:``config``: [``botocore``] This release adds resourceType enums for types released
from October 2022 through February 2023.
* api-change:``dms``: [``botocore``] S3 setting to create AWS Glue Data Catalog. Oracle setting to
control conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map
boolean from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to
control access of database logs.
- from version 1.26.93
* api-change:``guardduty``: [``botocore``] Updated 9 APIs for feature enablement to reflect
expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS
Protection GA.
* api-change:``resource-explorer-2``: [``botocore``] Documentation updates for APIs.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
- from version 1.26.92
* api-change:``migrationhubstrategy``: [``botocore``] This release adds the binary analysis that
analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern
report without configuring access to the source code.
* api-change:``s3control``: [``botocore``] Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: [``botocore``] Make Create/Get/ListSubscribers APIs return resource
share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake
can be used to track status of UpdateDatalake and DeleteDatalake requests.
- from version 1.26.91
* api-change:``application-autoscaling``: [``botocore``] Application Auto Scaling customers can now
use mathematical functions to customize the metric used with Target Tracking policies within the
policy configuration itself, saving the cost and effort of publishing the customizations as a
separate metric.
* api-change:``dataexchange``: [``botocore``] This release enables data providers to license direct
access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data
Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with
them, without creating or managing copies.
* api-change:``directconnect``: [``botocore``] describe-direct-connect-gateway-associations
includes a new status, updating, indicating that the association is currently in-process of
updating.
* api-change:``ec2``: [``botocore``] This release adds a new DnsOptions key
(PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: [``botocore``] Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: [``botocore``] Adding support for client-side timestamps
- from version 1.26.90
* api-change:``appintegrations``: [``botocore``] Adds FileConfiguration to Amazon AppIntegrations
CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect
from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: [``botocore``] This release updates the documentation regarding
Get/Update DataCellsFilter
* api-change:``s3control``: [``botocore``] Added support for cross-account Multi-Region Access
Points. Added support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: [``botocore``] This release adds tagging support to the following Network
Instance APIs : Instantiate, Update, Terminate.
* api-change:``wisdom``: [``botocore``] This release extends Wisdom CreateKnowledgeBase API to
support SharePoint connector type by removing the @required trait for objectField
- Update BuildRequires and Requires from setup.py
- python-six is not required
- python-botocore
-
- Drop Provides for SLE 15 SP4 and openSUSE Leap 15.4 and later
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371).
- Switch to wheel build
- Update to 1.34.31
* api-change:``datazone``: Add new skipDeletionCheck to DeleteDomain. Add
new skipDeletionCheck to DeleteProject which also automatically deletes
dependent objects
* api-change:``route53``: Update the SDKs for text changes in the APIs.
- From 1.34.30
* api-change:``autoscaling``: EC2 Auto Scaling customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
* api-change:``comprehend``: Comprehend PII analysis now supports Spanish
input documents.
* api-change:``ec2``: EC2 Fleet customers who use attribute based
instance-type selection can now intuitively define their Spot instances
price protection limit as a percentage of the lowest priced On-Demand
instance type.
* api-change:``mwaa``: This release adds MAINTENANCE environment status for
Amazon MWAA environments.
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods.
This provides enhanced error handling, ensuring a more robust experience.
* api-change:``snowball``: Modified description of createaddress to include
direction to add path when providing a JSON file.
- From 1.34.29
* api-change:``connect``: Update list and string length limits for predefined
attributes.
* api-change:``inspector2``: This release adds ECR container image scanning
based on their lastRecordedPullTime.
* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now
provides an API to programmatically delete tuning jobs.
- From 1.34.28
* api-change:``acm-pca``: AWS Private CA now supports an option to omit the
CDP extension from issued certificates, when CRL revocation is enabled.
* api-change:``lightsail``: This release adds support for IPv6-only instance
plans.
- From 1.34.27
* api-change:``ec2``: Introduced a new clientToken request parameter on
CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter
allows idempotent operations on the APIs.
* api-change:``ecs``: Documentation updates for Amazon ECS.
* api-change:``outposts``: DeviceSerialNumber parameter is now optional in
StartConnection API
* api-change:``rds``: This release adds support for Aurora Limitless Database.
* api-change:``storagegateway``: Add DeprecationDate and SoftwareVersion to
response of ListGateways.
- From 1.34.26
* api-change:``inspector2``: This release adds support for CIS scans on EC2
instances.
- From 1.34.25
* enhancement:documentation: Updates the GitHub issue creation link in our
README
- From 1.34.24
* api-change:``appconfigdata``: Fix FIPS Endpoints in aws-us-gov.
* api-change:``cloud9``: Doc-only update around removing AL1 from list of
available AMIs for Cloud9
* api-change:``cloudfront-keyvaluestore``: This release improves upon the
DescribeKeyValueStore API by returning two additional fields, Status of the
KeyValueStore and the FailureReason in case of failures during creation of
KeyValueStore.
* api-change:``connectcases``: This release adds the ability to view audit
history on a case and introduces a new parameter, performedBy, for
CreateCase and UpdateCase API's.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``ecs``: This release adds support for Transport Layer Security
(TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates
privacy and data security for inter-service communications, while
Configurable Timeout allows customized per-request timeout and idle timeout
for Service Connect services.
* api-change:``finspace``: Allow customer to set zip default through command
line arguments.
* api-change:``organizations``: Doc only update for quota increase change
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- Frome 1.34.23
* api-change:``athena``: Introducing new NotebookS3LocationUri parameter to
Athena ImportNotebook API. Payload is no longer required and either Payload
or NotebookS3LocationUri needs to be provided (not both) for a successful
ImportNotebook API call. If both are provided, an InvalidRequestException
will be thrown.
* api-change:``codebuild``: Release CodeBuild Reserved Capacity feature
* api-change:``dynamodb``: This release adds support for including
ApproximateCreationDateTimePrecision configurations in
EnableKinesisStreamingDestination API, adds the same as an optional field
in the response of DescribeKinesisStreamingDestination, and adds support
for a new UpdateKinesisStreamingDestination API.
* api-change:``qconnect``: Increased Quick Response name max length to 100
- From 1.34.22
* api-change:``b2bi``: Increasing TestMapping inputFileContent file size
limit to 5MB and adding file size limit 250KB for TestParsing input file.
This release also includes exposing InternalServerException for Tag APIs.
* api-change:``cloudtrail``: This release adds a new API
ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
* api-change:``connect``: GetMetricDataV2 now supports 3 groupings
* api-change:``drs``: Removed invalid and unnecessary default values.
* api-change:``firehose``: Allow support for Snowflake as a Kinesis Data
Firehose delivery destination.
* api-change:``sagemaker-featurestore-runtime``: Increase BatchGetRecord
limits from 10 items to 100 items
- From 1.34.21
* api-change:``dynamodb``: Updating note for enabling streams for UpdateTable.
* api-change:``keyspaces``: This release adds support for Multi-Region
Replication with provisioned tables, and Keyspaces auto scaling APIs
- From 1.34.20
* api-change:``iot``: Revert release of LogTargetTypes
* api-change:``iotfleetwise``: Updated APIs: SignalNodeType query parameter
has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse
has been extended with attributes field.
* api-change:``macie2``: This release adds support for analyzing Amazon S3
objects that are encrypted using dual-layer server-side encryption with
AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS
details in statistics and metadata about encryption settings for S3 buckets
and objects.
* api-change:``payment-cryptography``: Provide an additional option for key
exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and
ExportKey operations. Added new key usage (type)
TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane
operations with ISO9797 Algorithm 1 MAC calculations.
* api-change:``personalize-runtime``: Documentation updates for Amazon
Personalize
* api-change:``personalize``: Documentation updates for Amazon Personalize.
* api-change:``rekognition``: This release adds ContentType and TaxonomyLevel
attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- From 1.34.19
* api-change:``sagemaker``: This release will have ValidationException thrown
if certain invalid app types are provided. The release will also throw
ValidationException if more than 10 account ids are provided in
VpcOnlyTrustedAccounts.
- From 1.34.18
* api-change:``connect``: Supervisor Barge for Chat is now supported through
the MonitorContact API.
* api-change:``connectparticipant``: Introduce new Supervisor participant role
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
* api-change:``location``: Location SDK documentation update. Added missing
fonts to the MapConfiguration data type. Updated note for the
SubMunicipality property in the place data type.
* api-change:``mwaa``: This Amazon MWAA feature release includes new fields
in CreateWebLoginToken response model. The new fields IamIdentity and
AirflowIdentity will let you match identifications, as the Airflow identity
length is currently hashed to 64 characters.
* api-change:``s3control``: S3 On Outposts team adds dualstack endpoints
support for S3Control and S3Outposts API calls.
* api-change:``supplychain``: This release includes APIs
CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
* api-change:``transfer``: AWS Transfer Family now supports static IP
addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.
- From 1.34.17
* api-change:``ec2``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``ecs``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``events``: Update events client to latest version
* api-change:``iot``: Add ConflictException to Update APIs of AWS IoT
Software Package Catalog
* api-change:``iotfleetwise``: The following dataTypes have been removed:
CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType;
CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason;
CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in
NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
* api-change:``secretsmanager``: Doc only update for Secrets Manager
* api-change:``workspaces``: Added AWS Workspaces RebootWorkspaces API -
Extended Reboot documentation update
- From 1.34.16
* api-change:``connectcampaigns``: Minor pattern updates for Campaign and
Dial Request API fields.
* api-change:``location``: This release adds API support for custom layers
for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
* api-change:``logs``: Add support for account level subscription filter
policies to PutAccountPolicy, DescribeAccountPolicies, and
DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified
with new optional "selectionCriteria" parameter for resource selection.
* api-change:``qconnect``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
* api-change:``redshift-serverless``: Updates to ConfigParameter for RSS
workgroup, removal of use_fips_ssl
* api-change:``route53``: Route53 now supports geoproximity routing in AWS
regions
* api-change:``wisdom``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
- From 1.34.15
* api-change:``codebuild``: Aws CodeBuild now supports new compute type
BUILD_GENERAL1_XLARGE
* api-change:``ec2``: Amazon EC2 R7iz bare metal instances are powered by
custom 4th generation Intel Xeon Scalable processors.
* api-change:``route53resolver``: This release adds support for query type
configuration on firewall rules that enables customers for granular action
(ALLOW, ALERT, BLOCK) by DNS query type.
- From 1.34.14
* api-change:``connect``: Minor trait updates for User APIs
* api-change:``kms``: Documentation updates for AWS Key Management Service
(KMS).
* api-change:``redshift-serverless``: use_fips_ssl and require_ssl parameter
support for Workgroup, UpdateWorkgroup, and CreateWorkgroup
- From 1.34.13
* api-change:``config``: Updated ResourceType enum with new resource types
onboarded by AWS Config in November and December 2023.
* api-change:``docdb``: Adding PerformanceInsightsEnabled and
PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.
* api-change:``ecs``: This release adds support for managed instance draining
which facilitates graceful termination of Amazon ECS instances.
* api-change:``es``: This release adds support for new or existing Amazon
OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``lightsail``: This release adds support to set up an HTTPS
endpoint on an instance.
* api-change:``opensearch``: This release adds support for new or existing
Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``sagemaker``: Adding support for provisioned throughput mode
for SageMaker Feature Groups
* api-change:``servicecatalog``: Added Idempotency token support to Service
Catalog AssociateServiceActionWithProvisioningArtifact,
DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.12
* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API
increase evaluation notes max length to 3072.
* api-change:``mediaconvert``: This release includes video engine updates
including HEVC improvements, support for ingesting VP9 encoded video in
MP4 containers, and support for user-specified 3D LUTs.
- From 1.34.11
* api-change:``apprunner``: AWS App Runner adds Python 3.11 and Node.js 18
runtimes.
* api-change:``location``: This release introduces a new parameter to
bypasses an API key's expiry conditions and delete the key.
* api-change:``quicksight``: Add LinkEntityArn support for different
partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks
API; Add support for New Reader Experience Topics
- From 1.34.10
* api-change:``codestar-connections``: New integration with the GitLab
self-managed provider type.
* api-change:``kinesis-video-archived-media``: NoDataRetentionException
thrown when GetImages requested for a Stream that does not retain data
(that is, has a DataRetentionInHours of 0).
* api-change:``sagemaker``: Amazon SageMaker Studio now supports Docker
access from within app container
- From 1.34.9
* api-change:``emr``: Update emr client to latest version
- From 1.34.8
* api-change:``iam``: Documentation updates for AWS Identity and Access
Management (IAM).
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.7
* api-change:``bedrock-agent``: Adding Claude 2.1 support to Bedrock Agents
* api-change:``glue``: This release adds additional configurations for Query
Session Context on the following APIs: GetUnfilteredTableMetadata,
GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.
* api-change:``lakeformation``: This release adds additional configurations
on GetTemporaryGlueTableCredentials for Query Session Context.
* api-change:``mediaconnect``: This release adds the DescribeSourceMetadata
API. This API can be used to view the stream information of the flow's
source.
* api-change:``networkmonitor``: CloudWatch Network Monitor is a new service
within CloudWatch that will help network administrators and operators
continuously monitor network performance metrics such as round-trip-time
and packet loss between their AWS-hosted applications and their on-premises
locations.
* api-change:``omics``: Provides minor corrections and an updated description
of APIs.
* api-change:``secretsmanager``: Update endpoint rules and examples.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.6
* enhancement:AWSCRT: Update awscrt version to 0.19.19
* api-change:``amp``: This release updates Amazon Managed Service for
Prometheus APIs to support customer managed KMS keys.
* api-change:``appintegrations``: The Amazon AppIntegrations service adds
DeleteApplication API for deleting applications, and updates APIs to
support third party applications reacting to workspace events and make
data requests to Amazon Connect for agent and contact events.
* api-change:``bedrock-agent``: This release introduces Amazon Aurora as a
vector store on Knowledge Bases for Amazon Bedrock
* api-change:``codecommit``: AWS CodeCommit now supports customer managed
keys from AWS Key Management Service. UpdateRepositoryEncryptionKey is
added for updating the key configuration. CreateRepository, GetRepository,
BatchGetRepositories are updated with new input or output parameters.
* api-change:``connect``: Adds APIs to manage User Proficiencies and
Predefined Attributes. Enhances StartOutboundVoiceContact API input.
Introduces SearchContacts API. Enhances DescribeContact API. Adds an API to
update Routing Attributes in QueuePriority and QueueTimeAdjustmentSeconds.
* api-change:``medialive``: MediaLive now supports the ability to configure
the audio that an AWS Elemental Link UHD device produces, when the device
is configured as the source for a flow in AWS Elemental MediaConnect.
* api-change:``neptune-graph``: Adds Waiters for successful creation and
deletion of Graph, Graph Snapshot, Import Task and Private Endpoints for
Neptune Analytics
* api-change:``rds-data``: This release adds support for using RDS Data API
with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``rds``: This release adds support for using RDS Data API with
Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``sagemaker``: Amazon SageMaker Training now provides model
training container access for debugging purposes. Amazon SageMaker Search
now provides the ability to use visibility conditions to limit resource
access to a single domain or multiple domains.
- From 1.34.5
* api-change:``appstream``: This release introduces configurable clipboard,
allowing admins to specify the maximum length of text that can be copied by
the users from their device to the remote session and vice-versa.
* api-change:``eks``: Add support for cluster insights, new EKS capability
that surfaces potentially upgrade impacting issues.
* api-change:``guardduty``: This release 1) introduces a new API:
GetOrganizationStatistics , and 2) adds a new UsageStatisticType
TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API
* api-change:``managedblockchain-query``: Adding Confirmation Status and
Execution Status to GetTransaction Response.
* api-change:``mediatailor``: Adds the ability to configure time shifting on
MediaTailor channels using the TimeShiftConfiguration field
* api-change:``route53``: Amazon Route 53 now supports the Canada West
(Calgary) Region (ca-west-1) for latency records, geoproximity records, and
private DNS for Amazon VPCs in that region.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.4
* api-change:``appsync``: This release adds additional configurations on
GraphQL APIs for limits on query depth, resolver count, and introspection
* api-change:``chime-sdk-meetings``: Add meeting features to specify a
maximum camera resolution, a maximum content sharing resolution, and a
maximum number of attendees for a given meeting.
* api-change:``ec2``: Provision BYOIPv4 address ranges and advertise them by
specifying the network border groups option in Los Angeles, Phoenix and
Dallas AWS Local Zones.
* api-change:``fsx``: Added support for FSx for OpenZFS on-demand data
replication across AWS accounts and/or regions.Added the IncludeShared
attribute for DescribeSnapshots.Added the CopyStrategy attribute for
OpenZFSVolumeConfiguration.
* api-change:``marketplace-catalog``: AWS Marketplace now supports a new API,
BatchDescribeEntities, which returns metadata and content for multiple
entities.
* api-change:``rds``: RDS - The release adds two new APIs:
DescribeDBRecommendations and ModifyDBRecommendation
- From 1.34.3
* api-change:``cognito-idp``: Amazon Cognito now supports trigger versions
that define the fields in the request sent to pre token generation Lambda
triggers.
* api-change:``eks``: Add support for EKS Cluster Access Management.
* api-change:``quicksight``: A docs-only release to add missing entities to
the API reference.
* api-change:``route53resolver``: Add DOH protocols in resolver endpoints.
- From 1.34.2
* api-change:``cloud9``: Updated Cloud9 API documentation for AL2023 release
* api-change:``connect``: Adds relatedContactId field to
StartOutboundVoiceContact API input. Introduces PauseContact API and
ResumeContact API for Task contacts. Adds pause duration, number of pauses,
timestamps for last paused and resumed events to DescribeContact API
response. Adds new Rule type and new Rule action.
* api-change:``connectcases``: Increase number of fields that can be included
in CaseEventIncludedData from 50 to 200
* api-change:``kms``: Documentation updates for AWS Key Management Service
* api-change:``rds``: Updates Amazon RDS documentation by adding code examples
* api-change:``sagemaker``: This release 1) introduces a new API:
DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe
training job API
- From 1.34.1
* api-change:``appstream``: This release includes support for images of
Windows Server 2022 platform.
* api-change:``b2bi``: Documentation updates for AWS B2B Data Interchange
* api-change:``billingconductor``: Billing Conductor is releasing a new API,
GetBillingGroupCostReport, which provides the ability to retrieve/view the
Billing Group Cost Report broken down by attributes for a specific billing
group.
* api-change:``connect``: This release adds support for more granular billing
using tags (key:value pairs)
* api-change:``controltower``: Documentation updates for AWS Control Tower.
* api-change:``firehose``: This release, 1) adds configurable buffering hints
for the Splunk destination, and 2) reduces the minimum configurable
buffering interval for supported destinations
* api-change:``gamelift``: Amazon GameLift adds the ability to add and
update the game properties of active game sessions.
* api-change:``iot``: This release adds the ability to self-manage
certificate signing in AWS IoT Core fleet provisioning using the new
certificate provider resource.
* api-change:``neptune-graph``: This is the initial SDK release for Amazon
Neptune Analytics
* api-change:``opensearch``: Updating documentation for Amazon OpenSearch
Service support for new zero-ETL integration with Amazon S3.
* api-change:``quicksight``: Update Dashboard Links support;
SingleAxisOptions support; Scatterplot Query limit support.
* api-change:``workspaces``: Updated note to ensure customers understand
running modes.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.0
* feature:Python: End of support for Python 3.7
* api-change:``drs``: Adding AgentVersion to SourceServer and
RecoveryInstance structures
- From 1.33.13
* api-change:``imagebuilder``: This release adds the Image Workflows feature
to give more flexibility and control over the image building and testing
process.
* api-change:``location``: This release 1) adds sub-municipality field in
Places API for searching and getting places information, and 2) allows
optimizing route calculation based on expected arrival time.
* api-change:``logs``: This release introduces the StartLiveTail API to tail
ingested logs in near real time.
- From 1.33.12
* api-change:``neptune``: This release adds a new parameter configuration
setting to the Neptune cluster related APIs that can be leveraged to switch
between the underlying supported storage modes.
* api-change:``pinpoint``: This release includes Amazon Pinpoint API
documentation updates pertaining to campaign message sending rate limits.
* api-change:``securityhub``: Added new resource detail objects to ASFF,
including resources for AwsDynamoDbTable, AwsEc2ClientVpnEndpoint,
AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- Update to 1.33.11:
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``ec2``: M2 Mac instances are built on Apple M2 Mac mini computers. I4i instances are
powered by 3rd generation Intel Xeon Scalable processors. C7i compute optimized, M7i general
purpose and R7i memory optimized instances are powered by custom 4th Generation Intel Xeon Scalable
processors.
* api-change:``finspace``: Releasing Scaling Group, Dataview, and Volume APIs
- from version 1.33.10
* api-change:``codedeploy``: This release adds support for two new CodeDeploy features: 1) zonal
deployments for Amazon EC2 in-place deployments, 2) deployments triggered by Auto Scaling group
termination lifecycle hook events.
- from version 1.33.9
* api-change:``backup``: AWS Backup - Features: Add VaultType to the output of
DescribeRecoveryPoint, ListRecoveryPointByBackupVault API and add ResourceType to the input of
ListRestoreJobs API
* api-change:``comprehend``: Documentation updates for Trust and Safety features.
* api-change:``connect``: Releasing Tagging Support for Instance Management APIS
* api-change:``ec2``: Releasing the new cpuManufacturer attribute within the DescribeInstanceTypes
API response which notifies our customers with information on who the Manufacturer is for the
processor attached to the instance, for example: Intel.
* api-change:``payment-cryptography``: AWS Payment Cryptography IPEK feature release
- from version 1.33.8
* api-change:``athena``: Adding IdentityCenter enabled request for interactive query
* api-change:``cleanroomsml``: Updated service title from cleanroomsml to CleanRoomsML.
* api-change:``cloudformation``: Documentation update, December 2023
* api-change:``ec2``: Adds A10G, T4G, and H100 as accelerator name options and Habana as an
accelerator manufacturer option for attribute based selection
- from version 1.33.7
* api-change:``billingconductor``: This release adds the ability to specify a linked account of the
billing group for the custom line item resource.
* api-change:``braket``: This release enhances service support to create quantum tasks and hybrid
jobs associated with Braket Direct Reservations.
* api-change:``cloud9``: This release adds the requirement to include the imageId parameter in the
CreateEnvironmentEC2 API call.
* api-change:``cloudformation``: Including UPDATE_* states as a success status for CreateStack
waiter.
* api-change:``finspace``: Release General Purpose type clusters
* api-change:``medialive``: Adds support for custom color correction on channels using 3D LUT files.
* api-change:``servicecatalog-appregistry``: Documentation-only updates for Dawn
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.33.6
* api-change:``qconnect``: This release adds the PutFeedback API and allows providing feedback
against the specified assistant for the specified target.
* api-change:``rbin``: Added resource identifier in the output and updated error handling.
* api-change:``verifiedpermissions``: Adds description field to PolicyStore API's and namespaces
field to GetSchema.
- from version 1.33.5
* api-change:``arc-zonal-shift``: This release adds a new capability, zonal autoshift. You can
configure zonal autoshift so that AWS shifts traffic for a resource away from an Availability Zone,
on your behalf, when AWS determines that there is an issue that could potentially affect customers
in the Availability Zone.
* api-change:``glue``: Adds observation and analyzer support to the GetDataQualityResult and
BatchGetDataQualityResult APIs.
* api-change:``sagemaker``: This release adds support for 1/ Code Editor, based on Code-OSS, Visual
Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/ JupyterLab, a new
fully managed JupyterLab IDE experience in SageMaker Studio
- from version 1.33.4
* api-change:``marketplace-agreement``: The AWS Marketplace Agreement Service provides an API
interface that helps AWS Marketplace sellers manage their agreements, including listing, filtering,
and viewing details about their agreements.
* api-change:``marketplace-catalog``: This release enhances the ListEntities API to support new
entity type-specific strongly typed filters in the request and entity type-specific strongly typed
summaries in the response.
* api-change:``marketplace-deployment``: AWS Marketplace Deployment is a new service that provides
essential features that facilitate the deployment of software, data, and services procured through
AWS Marketplace.
* api-change:``redshift-serverless``: This release adds the following support for Amazon Redshift
Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3) scheduling
snapshot creation, and 4) restoring tables from a recovery point.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.33.3
* api-change:``application-autoscaling``: Amazon SageMaker customers can now use Application Auto
Scaling to automatically scale the number of Inference Component copies across an endpoint to meet
the varying demand of their workloads.
* api-change:``cleanrooms``: AWS Clean Rooms now provides differential privacy to protect against
user-identification attempts and machine learning modeling to allow two parties to identify similar
users in their data.
* api-change:``cleanroomsml``: Public Preview SDK release of AWS Clean Rooms ML APIs
* api-change:``opensearch``: Launching Amazon OpenSearch Service support for new zero-ETL
integration with Amazon S3. Customers can now manage their direct query data sources to Amazon S3
programatically
* api-change:``opensearchserverless``: Amazon OpenSearch Serverless collections support an
additional attribute called standby-replicas. This allows to specify whether a collection should
have redundancy enabled.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: This release adds following support 1/ Improved SDK tooling for model
deployment. 2/ New Inference Component based features to lower inference costs and latency 3/
SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in Autopilot
* api-change:``sts``: Documentation updates for AWS Security Token Service.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.33.2
* api-change:``accessanalyzer``: This release adds support for external access findings for S3
directory buckets to help you easily identify cross-account access. Updated service API,
documentation, and paginators.
* api-change:``bedrock``: This release adds support for customization types, model life cycle
status and minor versions/aliases for model identifiers.
* api-change:``bedrock-agent``: This release introduces Agents for Amazon Bedrock
* api-change:``bedrock-agent-runtime``: This release introduces Agents for Amazon Bedrock Runtime
* api-change:``bedrock-runtime``: This release adds support for minor versions/aliases for invoke
model identifier.
* api-change:``connect``: Added support for following capabilities: Amazon Connect's in-app, web,
and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics feature. Amazon
Connect Analytics Datalake capability. Capability to configure real time chat rules.
* api-change:``customer-profiles``: This release introduces DetectProfileObjectType API to auto
generate object type mapping.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``qbusiness``: Amazon Q - a generative AI powered application that your employees can
use to ask questions and get answers from knowledge spread across disparate content repositories,
summarize reports, write articles, take actions, and much more - all within their company's
connected content repositories.
* api-change:``qconnect``: Amazon Q in Connect, an LLM-enhanced evolution of Amazon Connect Wisdom.
This release adds generative AI support to Amazon Q Connect QueryAssistant and GetRecommendations
APIs.
* api-change:``s3``: Adds support for S3 Express One Zone.
* api-change:``s3control``: Adds support for S3 Express One Zone, and InvocationSchemaVersion 2.0
for S3 Batch Operations.
- from version 1.33.1
* api-change:``elasticache``: Launching Amazon ElastiCache Serverless that enables you to create a
cache in under a minute without any capacity management. ElastiCache Serverless monitors the
cache's memory, CPU, and network usage and scales both vertically and horizontally to support your
application's requirements.
- from version 1.33.0
* feature:Versioning: With the release of Botocore 1.33.0, Boto3 and Botocore will share the same
version number.
* api-change:``appsync``: This update enables introspection of Aurora cluster databases using the
RDS Data API
* api-change:``b2bi``: This is the initial SDK release for AWS B2B Data Interchange.
* api-change:``backup``: AWS Backup now supports restore testing, a new feature that allows
customers to automate restore testing and validating their backups. Additionally, this release adds
support for EBS Snapshots Archive tier.
* api-change:``controltower``: This release adds the following support: 1. The EnableControl API
can configure controls that are configurable. 2. The GetEnabledControl API shows the configured
parameters on an enabled control. 3. The new UpdateEnabledControl API can change parameters on an
enabled control.
* api-change:``efs``: Update efs client to latest version
* api-change:``fis``: AWS FIS adds support for multi-account experiments & empty target resolution.
This release also introduces the CreateTargetAccountConfiguration API that allows experiments
across multiple AWS accounts, and the ListExperimentResolvedTargets API to list target details.
* api-change:``glue``: add observations support to DQ CodeGen config model + update document for
connectiontypes supported by ConnectorData entities
* api-change:``rds``: Updates Amazon RDS documentation for support for RDS for Db2.
* api-change:``securityhub``: Adds and updates APIs to support central configuration. This feature
allows the Security Hub delegated administrator to configure Security Hub for their entire AWS Org
across multiple regions from a home Region. With this release, findings also include account name
and application metadata.
* api-change:``transcribe``: This release adds support for AWS HealthScribe APIs within Amazon
Transcribe
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.32.7
* api-change:``accessanalyzer``: IAM Access Analyzer now continuously monitors IAM roles and users
in your AWS account or organization to generate findings for unused access. Additionally, IAM
Access Analyzer now provides custom policy checks to validate that IAM policies adhere to your
security standards ahead of deployments.
* api-change:``amp``: This release adds support for the Amazon Managed Service for Prometheus
collector, a fully managed, agentless Prometheus metrics scraping capability.
* api-change:``bcm-data-exports``: Users can create, read, update, delete Exports of billing and
cost management data. Users can get details of Export Executions and details of Tables for
exporting. Tagging support is provided for Exports
* api-change:``cloudtrail``: CloudTrail Lake now supports federating event data stores. giving
users the ability to run queries against their event data using Amazon Athena.
* api-change:``codestar-connections``: This release adds support for the CloudFormation Git sync
feature. Git sync enables updating a CloudFormation stack from a template stored in a Git
repository.
* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and
generate recommendations with customization and discounts preferences.
* api-change:``config``: Support Periodic Recording for Configuration Recorder
* api-change:``controltower``: Add APIs to create and manage a landing zone.
* api-change:``cost-optimization-hub``: This release launches Cost Optimization Hub, a new AWS
Billing and Cost Management feature that helps you consolidate and prioritize cost optimization
recommendations across your AWS Organizations member accounts and AWS Regions, so that you can get
the most out of your AWS spend.
* api-change:``detective``: Added new APIs in Detective to support resource investigations
* api-change:``ecs``: Adds a new 'type' property to the Setting structure. Adds a new
AccountSetting - guardDutyActivate for ECS.
* api-change:``efs``: Update efs client to latest version
* api-change:``eks``: This release adds support for EKS Pod Identity feature. EKS Pod Identity
makes it easy for customers to obtain IAM permissions for the applications running in their EKS
clusters.
* api-change:``eks-auth``: This release adds support for EKS Pod Identity feature. EKS Pod Identity
makes it easy for customers to obtain IAM permissions for their applications running in the EKS
clusters.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``freetier``: This is the initial SDK release for the AWS Free Tier GetFreeTierUsage
API
* api-change:``fsx``: Added support for FSx for ONTAP scale-out file systems and FlexGroup volumes.
Added the HAPairs field and ThroughputCapacityPerHAPair for filesystem. Added
AggregateConfiguration (containing Aggregates and ConstituentsPerAggregate) and SizeInBytes for
volume.
* api-change:``guardduty``: Add support for Runtime Monitoring for ECS and ECS-EC2.
* api-change:``iotfleetwise``: AWS IoT FleetWise introduces new APIs for vision system data, such
as data collected from cameras, radars, and lidars. You can now model and decode complex data types.
* api-change:``lakeformation``: This release adds four new APIs
"DescribeLakeFormationIdentityCenterConfiguration",
"CreateLakeFormationIdentityCenterConfiguration",
"DescribeLakeFormationIdentityCenterConfiguration", and
"DeleteLakeFormationIdentityCenterConfiguration", and also updates the corresponding documentation.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
* api-change:``logs``: Added APIs to Create, Update, Get, List and Delete LogAnomalyDetectors and
List and Update Anomalies in Detector. Added LogGroupClass attribute for LogGroups to classify
loggroup as Standard loggroup with all capabilities or InfrequentAccess loggroup with limited
capabilities.
* api-change:``managedblockchain``: Add optional NetworkType property to Accessor APIs
* api-change:``personalize``: Enables metadata in recommendations, recommendations with themes, and
next best action recommendations
* api-change:``personalize-events``: This release enables PutActions and PutActionInteractions
* api-change:``personalize-runtime``: Enables metadata in recommendations and next best action
recommendations
* api-change:``quicksight``: This release launches new APIs for trusted identity propagation setup
and supports creating datasources using trusted identity propagation as authentication method for
QuickSight accounts configured with IAM Identity Center.
* api-change:``redshift``: This release adds support for multi-data warehouse writes through data
sharing.
* api-change:``repostspace``: Initial release of AWS re:Post Private
* api-change:``s3``: Adding new params - Key and Prefix, to S3 API operations for supporting S3
Access Grants. Note - These updates will not change any of the existing S3 API functionality.
* api-change:``s3control``: Introduce Amazon S3 Access Grants, a new S3 access control feature that
maps identities in directories such as Active Directory, or AWS Identity and Access Management
(IAM) Principals, to datasets in S3.
* api-change:``secretsmanager``: AWS Secrets Manager has released the BatchGetSecretValue API,
which allows customers to fetch up to 20 Secrets with a single request using a list of secret names
or filters.
* api-change:``securityhub``: Adds and updates APIs to support customizable security controls. This
feature allows Security Hub customers to provide custom parameters for security controls. With this
release, findings for controls that support custom parameters will include the parameters used to
generate the findings.
* api-change:``stepfunctions``: Update stepfunctions client to latest version
* api-change:``transcribe``: This release adds support for transcriptions from audio sources in 64
new languages and introduces generative call summarization in Transcribe Call Analytics (Post call)
* api-change:``workspaces``: The release introduces Multi-Region Resilience one-way data
replication that allows you to replicate data from your primary WorkSpace to a standby WorkSpace in
another AWS Region. DescribeWorkspaces now returns the status of data replication.
* api-change:``workspaces-thin-client``: Initial release of Amazon WorkSpaces Thin Client
* enhancement:AWSCRT: Update awscrt version to 0.19.17
- Update to 1.32.6:
* bugfix:sqs: Rolled back recent change to wire format protocol
* api-change:``kinesis``: This release adds support for resource based policies on streams and
consumers.
* api-change:``s3control``: Amazon S3 Batch Operations now manages buckets or prefixes in a single
step.
* api-change:``sagemaker``: This feature adds the end user license agreement status as a model
access configuration parameter.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.32.5
* api-change:``cloudfront``: This release adds support for CloudFront KeyValueStore, a globally
managed key value datastore associated with CloudFront Functions.
* api-change:``cloudfront-keyvaluestore``: This release adds support for CloudFront KeyValueStore,
a globally managed key value datastore associated with CloudFront Functions.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``inspector-scan``: This release adds support for the new Amazon Inspector Scan API.
The new Inspector Scan API can synchronously scan SBOMs adhering to the CycloneDX v1.5 format.
* api-change:``iotsitewise``: Adds 1/ user-defined unique identifier for asset and model metadata,
2/ asset model components, and 3/ query API for asset metadata and telemetry data. Supports 4/
multi variate anomaly detection using Amazon Lookout for Equipment, 5/ warm storage tier, and 6/
buffered ingestion of time series data.
* api-change:``iottwinmaker``: This release adds following support. 1. New APIs for metadata bulk
operations. 2. Modify the component type API to support composite component types - nesting
component types within one another. 3. New list APIs for components and properties. 4. Support the
larger scope digital twin modeling.
* api-change:``s3``: Add support for automatic date based partitioning in S3 Server Access Logs.
- from version 1.32.4
* enhancement:IMDS: Adds a config option to opt out of IMDSv1 fallback
* api-change:``codestar-connections``: This release updates a few CodeStar Connections related APIs.
* api-change:``docdb``: Amazon DocumentDB updates for new cluster storage configuration: Amazon
DocumentDB I/O-Optimized.
* api-change:``ec2``: This release adds support for Security group referencing over Transit
gateways, enabling you to simplify Security group management and control of instance-to-instance
traffic across VPCs that are connected by Transit gateway.
- from version 1.32.3
* api-change:``appmesh``: Change the default value of these fields from 0 to null: MaxConnections,
MaxPendingRequests, MaxRequests, HealthCheckThreshold, PortNumber, and HealthCheckPolicy -> port.
Users are not expected to perceive the change, except that badRequestException is thrown when
required fields missing configured.
* api-change:``athena``: Adding SerivicePreProcessing time metric
* api-change:``cloud9``: A minor doc only update related to changing the date of an API change.
* api-change:``cloudformation``: This release adds a new flag ImportExistingResources to
CreateChangeSet. Specify this parameter on a CREATE- or UPDATE-type change set to import existing
resources with custom names instead of recreating them.
* api-change:``codepipeline``: CodePipeline now supports overriding source revisions to achieve
manual re-deploy of a past revision
* api-change:``codestar-connections``: This release adds support for the CloudFormation Git sync
feature. Git sync enables updating a CloudFormation stack from a template stored in a Git
repository.
* api-change:``connect``: This release adds WISDOM_QUICK_RESPONSES as new IntegrationType of
Connect IntegrationAssociation resource and bug fixes.
* api-change:``dlm``: Added support for SAP HANA in Amazon Data Lifecycle Manager EBS snapshot
lifecycle policies with pre and post scripts.
* api-change:``ec2``: This release adds new features for Amazon VPC IP Address Manager (IPAM)
Allowing a choice between Free and Advanced Tiers, viewing public IP address insights across
regions and in Amazon Cloudwatch, use IPAM to plan your subnet IPs within a VPC and bring your own
autonomous system number to IPAM.
* api-change:``ecr``: Documentation and operational updates for Amazon ECR, adding support for pull
through cache rules for upstream registries that require authentication.
* api-change:``emr``: Update emr client to latest version
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``events``: Update events client to latest version
* api-change:``internetmonitor``: Adds new querying capabilities for running data queries on a
monitor
* api-change:``ivs``: type & defaulting refinement to various range properties
* api-change:``ivschat``: type & defaulting refinement to various range properties
* api-change:``kinesisvideo``: Docs only build to bring up-to-date with public docs.
* api-change:``location``: Remove default value and allow nullable for request parameters having
minimum value larger than zero.
* api-change:``macie``: The macie client has been removed following the deprecation of the service.
* api-change:``medialive``: MediaLive has now added support for per-output static image overlay.
* api-change:``mgn``: Removed invalid and unnecessary default values.
* api-change:``osis``: Add support for enabling a persistent buffer when creating or updating an
OpenSearch Ingestion pipeline. Add tags to Pipeline and PipelineSummary response models.
* api-change:``pipes``: TargetParameters now properly supports
BatchJobParameters.ArrayProperties.Size and BatchJobParameters.RetryStrategy.Attempts being
optional, and EcsTaskParameters.Overrides.EphemeralStorage.SizeInGiB now properly required when
setting EphemeralStorage
* api-change:``rds``: This release adds support for option groups and replica enhancements to
Amazon RDS Custom.
* api-change:``redshift``: Updated SDK for Amazon Redshift, which you can use to configure a
connection with IAM Identity Center to manage access to databases. With these, you can create a
connection through a managed application. You can also change a managed application, delete it, or
get information about an existing one.
* api-change:``redshift-serverless``: Updated SDK for Amazon Redshift Serverless, which provides
the ability to configure a connection with IAM Identity Center to manage user and group access to
databases.
* api-change:``s3``: Removes all default 0 values for numbers and false values for booleans
* api-change:``sso-admin``: Improves support for configuring RefreshToken and TokenExchange grants
on applications.
* api-change:``sso-oidc``: Adding support for `sso-oauth:CreateTokenWithIAM`.
* api-change:``sts``: API updates for the AWS Security Token Service
* api-change:``trustedadvisor``: AWS Trusted Advisor introduces new APIs to enable you to
programmatically access Trusted Advisor best practice checks, recommendations, and prioritized
recommendations. Trusted Advisor APIs enable you to integrate Trusted Advisor with your operational
tools to automate your workloads.
* api-change:``verifiedpermissions``: Adding BatchIsAuthorized API which supports multiple
authorization requests against a PolicyStore
* api-change:``wisdom``: This release adds QuickResponse as a new Wisdom resource and Wisdom APIs
for import, create, read, search, update and delete QuickResponse resources.
- from version 1.32.2
* api-change:``codecatalyst``: This release includes updates to the Dev Environment APIs to include
an optional vpcConnectionName parameter that supports using Dev Environments with Amazon VPC.
* api-change:``dlm``: This release adds support for Amazon Data Lifecycle Manager default policies
for EBS snapshots and EBS-backed AMIs.
* api-change:``ec2``: Enable use of tenant-specific PublicSigningKeyUrl from device trust providers
and onboard jumpcloud as a new device trust provider.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``fsx``: Enables customers to update their PerUnitStorageThroughput on their Lustre
file systems.
* api-change:``glue``: Introduces new column statistics APIs to support statistics generation for
tables within the Glue Data Catalog.
* api-change:``imagebuilder``: This release adds the Image Lifecycle Management feature to automate
the process of deprecating, disabling and deleting outdated images and their associated resources.
* api-change:``iot``: GA release the ability to index and search devices based on their GeoLocation
data. With GeoQueries you can narrow your search to retrieve devices located in the desired
geographic boundary.
* api-change:``ivs-realtime``: This release introduces server side composition and recording for
stages.
* api-change:``kafka``: Added a new API response field which determines if there is an action
required from the customer regarding their cluster.
* api-change:``lambda``: Adds support for logging configuration in Lambda Functions. Customers will
have more control how their function logs are captured and to which cloud watch log group they are
delivered also.
* api-change:``macie2``: This release adds support for configuring Macie to assume an IAM role when
retrieving sample occurrences of sensitive data reported by findings.
* api-change:``mediapackage``: DRM_TOP_LEVEL_COMPACT allows placing content protection elements at
the MPD level and referenced at the AdaptationSet level
* api-change:``pinpoint-sms-voice-v2``: Amazon Pinpoint now offers additional operations as part of
version 2 of the SMS and voice APIs. This release includes 26 new APIs to create and manage phone
number registrations, add verified destination numbers, and request sender IDs.
* api-change:``polly``: Add new engine - long-form - dedicated for longer content, such as news
articles, training materials, or marketing videos.
* api-change:``quicksight``: Custom permission support for QuickSight roles; Three new datasources
STARBURST, TRINO, BIGQUERY; Lenient mode changes the default behavior to allow for exporting and
importing with certain UI allowed errors, Support for permissions and tags export and import.
* api-change:``sagemaker``: Amazon SageMaker Studio now supports Trainium instance types -
trn1.2xlarge, trn1.32xlarge, trn1n.32xlarge.
* api-change:``ssm``: This release introduces the ability to filter automation execution steps
which have parent steps. In addition, runbook variable information is returned by
GetAutomationExecution and parent step information is returned by the
DescribeAutomationStepExecutions API.
* api-change:``ssm-incidents``: Introduces new APIs ListIncidentFindings and
BatchGetIncidentFindings to use findings related to an incident.
* api-change:``sso-admin``: Instances bound to a single AWS account, API operations for managing
instances and applications, and assignments to applications are now supported. Trusted identity
propagation is also supported, with new API operations for managing trusted token issuers and
application grants and scopes.
* api-change:``transfer``: Introduced S3StorageOptions for servers to enable directory listing
optimizations and added Type fields to logical directory mappings.
- from version 1.32.1
* enhancement:Package Size: The botocore .whl file distributed on PyPI now provides compressed
service models to improve total size on disk.
* api-change:``autoscaling``: This release introduces Instance Maintenance Policy, a new EC2 Auto
Scaling capability that allows customers to define whether instances are launched before or after
existing instances are terminated during instance replacement operations.
* api-change:``cloudtrail``: The Lake Repricing feature lets customers configure a BillingMode for
an event data store. The BillingMode determines the cost for ingesting and storing events and the
default and maximum retention period for the event data store.
* api-change:``codecatalyst``: This release adds functionality for retrieving information about
workflows and workflow runs and starting workflow runs in Amazon CodeCatalyst.
* api-change:``ec2``: AWS EBS now supports Snapshot Lock, giving users the ability to lock an EBS
Snapshot to prohibit deletion of the snapshot. This release introduces the LockSnapshot,
UnlockSnapshot & DescribeLockedSnapshots APIs to manage lock configuration for snapshots. The
release also includes the dl2q_24xlarge.
* api-change:``finspace-data``: Adding deprecated trait to APIs in this name space.
* api-change:``finspace``: Adding deprecated trait on Dataset Browser Environment APIs
* api-change:``lambda``: Add Java 21 (java21) support to AWS Lambda
* api-change:``mwaa``: This Amazon MWAA release adds support for customer-managed VPC endpoints.
This lets you choose whether to create, and manage your environment's VPC endpoints, or to have
Amazon MWAA create, and manage them for you.
* api-change:``rds``: Updates Amazon RDS documentation for support for upgrading RDS for MySQL
snapshots from version 5.7 to version 8.0.
* api-change:``redshift``: The custom domain name SDK for Amazon Redshift provisioned clusters is
updated with additional required parameters for modify and delete operations. Additionally, users
can provide domain names with longer top-level domains.
* api-change:``s3control``: Add 5 APIs to create, update, get, list, delete S3 Storage Lens
group(eg. CreateStorageLensGroup), 3 APIs for
tagging(TagResource,UntagResource,ListTagsForResource), and update to StorageLensConfiguration to
allow metrics to be aggregated on Storage Lens groups.
* api-change:``ssm-sap``: Update the default value of MaxResult to 50.
- from version 1.32.0
* feature:ContainerProvider: Added Support for EKS container credentials
* api-change:``backup``: AWS Backup - Features: Provide Job Summary for your backup activity.
* api-change:``cleanrooms``: This feature provides the ability for the collaboration creator to
configure either the member who can run queries or a different member in the collaboration to be
billed for query compute costs.
* api-change:``connect``: Introducing SegmentAttributes parameter for StartChatContact API
* api-change:``glue``: Introduces new storage optimization APIs to support automatic compaction of
Apache Iceberg tables.
* api-change:``iot``: This release introduces new attributes in API CreateSecurityProfile,
UpdateSecurityProfile and DescribeSecurityProfile to support management of Metrics Export for AWS
IoT Device Defender Detect.
* api-change:``lambda``: Add Python 3.12 (python3.12) support to AWS Lambda
* api-change:``mediatailor``: Removed unnecessary default values.
* api-change:``pipes``: Added support (via new LogConfiguration field in CreatePipe and UpdatePipe
APIs) for logging to Amazon CloudWatch Logs, Amazon Simple Storage Service (Amazon S3), and Amazon
Kinesis Data Firehose
* api-change:``resource-explorer-2``: Resource Explorer supports multi-account search. You can now
use Resource Explorer to search and discover resources across AWS accounts within your organization
or organizational unit.
* api-change:``sagemaker``: This release makes Model Registry Inference Specification fields as not
required.
* api-change:``signer``: Documentation updates for AWS Signer
* api-change:``stepfunctions``: Update stepfunctions client to latest version
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.85
* enhancement:AWSCRT: Update awscrt version to 0.19.12
* api-change:``dataexchange``: Removed Required trait for DataSet.OriginDetails.ProductId.
* api-change:``dms``: Added new Db2 LUW Target endpoint with related endpoint settings. New
executeTimeout endpoint setting for mysql endpoint. New ReplicationDeprovisionTime field for
serverless describe-replications.
* api-change:``ec2``: Adds the new EC2 DescribeInstanceTopology API, which you can use to retrieve
the network topology of your running instances on select platform types to determine their relative
proximity to each other.
* api-change:``ecs``: Adds a Client Token parameter to the ECS RunTask API. The Client Token
parameter allows for idempotent RunTask requests.
* api-change:``emr``: Update emr client to latest version
* api-change:``servicecatalog-appregistry``: When the customer associates a resource collection to
their application with this new feature, then a new application tag will be applied to all
supported resources that are part of that collection. This allows customers to more easily find the
application that is associated with those resources.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.84
* enhancement:AWSCRT: Update awscrt version to 0.19.10
* api-change:``controltower``: AWS Control Tower supports tagging for enabled controls. This
release introduces TagResource, UntagResource and ListTagsForResource APIs to manage tags in
existing enabled controls. It updates EnabledControl API to tag resources at creation time.
* api-change:``cur``: This release adds support for tagging and customers can now tag report
definitions. Additionally, ReportStatus is now added to report definition to show when the last
delivered time stamp and if it succeeded or not.
* api-change:``ec2``: EC2 adds API updates to enable ENA Express at instance launch time.
* api-change:``fms``: Adds optimizeUnassociatedWebACL flag to ManagedServiceData, updates
third-party firewall examples, and other minor documentation updates.
* api-change:``marketplace-entitlement``: Update marketplace-entitlement client to latest version
* api-change:``mediaconvert``: This release includes the ability to specify any input source as the
primary input for corresponding follow modes, and allows users to specify fit and fill behaviors
without resizing content.
* api-change:``rds``: Updates Amazon RDS documentation for zero-ETL integrations.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.83
* api-change:``cloudformation``: Added new ConcurrencyMode feature for AWS CloudFormation StackSets
for faster deployments to target accounts.
* api-change:``cloudtrail``: The Insights in Lake feature lets customers enable CloudTrail Insights
on a source CloudTrail Lake event data store and create a destination event data store to collect
Insights events based on unusual management event activity in the source event data store.
* api-change:``comprehend``: This release adds support for toxicity detection and prompt safety
classification.
* api-change:``connect``: This release adds the ability to integrate customer lambda functions with
Connect attachments for scanning and updates the ListIntegrationAssociations API to support
filtering on IntegrationArn.
* api-change:``ec2``: AWS EBS now supports Block Public Access for EBS Snapshots. This release
introduces the EnableSnapshotBlockPublicAccess, DisableSnapshotBlockPublicAccess and
GetSnapshotBlockPublicAccessState APIs to manage account-level public access settings for EBS
Snapshots in an AWS Region.
* api-change:``eks``: Adding EKS Anywhere subscription related operations.
* api-change:``lambda``: Add Custom runtime on Amazon Linux 2023 (provided.al2023) support to AWS
Lambda.
* api-change:``logs``: Update to support new APIs for delivery of logs from AWS services.
* api-change:``omics``: Support UBAM filetype for Omics Storage and make referenceArn optional
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.82
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol and
bug fix.
- from version 1.31.81
* api-change:``connect``: This release clarifies in our public documentation that InstanceId is a
requirement for SearchUsers API requests.
* api-change:``connectcases``: This release adds the ability to add/view comment authors through
CreateRelatedItem and SearchRelatedItems API. For more information see
https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``datasync``: This change allows for 0 length access keys and secret keys for object
storage locations. Users can now pass in empty string credentials.
* api-change:``guardduty``: Added API support for new GuardDuty EKS Audit Log finding types.
* api-change:``lambda``: Add Node 20 (nodejs20.x) support to AWS Lambda.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``omics``: Adding Run UUID and Run Output URI: GetRun and StartRun API response has
two new fields "uuid" and "runOutputUri".
* api-change:``rds``: This Amazon RDS release adds support for patching the OS of an RDS Custom for
Oracle DB instance. You can now upgrade the database or operating system using the
modify-db-instance command.
* api-change:``redshift-serverless``: Added a new parameter in the workgroup that helps you control
your cost for compute resources. This feature provides a ceiling for RPUs that Amazon Redshift
Serverless can scale up to. When automatic compute scaling is required, having a higher value for
MaxRPU can enhance query throughput.
* api-change:``resiliencehub``: AWS Resilience Hub enhances Resiliency Score, providing actionable
recommendations to improve application resilience. Amazon Elastic Kubernetes Service (EKS)
operational recommendations have been added to help improve the resilience posture of your
applications.
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.80
* api-change:``dataexchange``: Updated SendDataSetNotificationRequest Comment to be maximum length
4096.
* api-change:``dlm``: Added support for pre and post scripts in Amazon Data Lifecycle Manager EBS
snapshot lifecycle policies.
* api-change:``rds``: This Amazon RDS release adds support for the multi-tenant configuration. In
this configuration, an RDS DB instance can contain multiple tenant databases. In RDS for Oracle, a
tenant database is a pluggable database (PDB).
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.79
* api-change:``ce``: This release extends the GetReservationPurchaseRecommendation API to support
recommendations for Amazon MemoryDB reservations.
* api-change:``codebuild``: AWS CodeBuild now supports AWS Lambda compute.
* api-change:``connect``: Added new API that allows Amazon Connect Outbound Campaigns to create
contacts in Amazon Connect when ingesting your dial requests.
* api-change:``docdb``: Update the input of CreateDBInstance and ModifyDBInstance to support
setting CA Certificates. Update the output of DescribeDBInstance and DescribeDBEngineVersions to
show current and supported CA certificates.
* api-change:``iam``: Add partitional endpoint for iso-e.
* api-change:``mwaa``: This release adds support for Apache Airflow version 2.7.2. This version
release includes support for deferrable operators and triggers.
* api-change:``polly``: Amazon Polly adds new US English voices - Danielle and Gregory. Danielle
and Gregory are available as Neural voices only.
* api-change:``route53``: Add partitional endpoints for iso-e and iso-f.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.78
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in October 2023.
* api-change:``connect``: Amazon Connect Chat introduces Create Persistent Contact Association API,
allowing customers to choose when to resume previous conversations from previous chats, eliminating
the need to repeat themselves and allowing agents to provide personalized service with access to
entire conversation history.
* api-change:``iotwireless``: Added LoRaWAN version 1.0.4 support
* api-change:``launch-wizard``: AWS Launch Wizard is a service that helps reduce the time it takes
to deploy applications to the cloud while providing a guided deployment experience.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.77
* api-change:``apprunner``: AWS App Runner now supports using dual-stack address type for the
public endpoint of your incoming traffic.
* api-change:``connect``: GetMetricDataV2 API: Update to include new metrics PERCENT_NON_TALK_TIME,
PERCENT_TALK_TIME, PERCENT_TALK_TIME_AGENT, PERCENT_TALK_TIME_CUSTOMER
* api-change:``gamelift``: Amazon GameLift adds support for shared credentials, which allows
applications that are deployed on managed EC2 fleets to interact with other AWS resources.
* api-change:``glue``: This release introduces Google BigQuery Source and Target in AWS Glue
CodeGenConfigurationNode.
* api-change:``network-firewall``: This release introduces the stateless rule analyzer, which
enables you to analyze your stateless rules for asymmetric routing.
* api-change:``quicksight``: This release introduces Float Decimal Type as SubType in QuickSight
SPICE datasets and Custom week start and Custom timezone options in Analysis and Dashboard
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.76
* api-change:``connect``: Adds the BatchGetFlowAssociation API which returns flow associations
(flow-resource) corresponding to the list of resourceArns supplied in the request. This release
also adds IsDefault, LastModifiedRegion and LastModifiedTime fields to the responses of several
Describe and List APIs.
* api-change:``globalaccelerator``: Global Accelerator now support accelerators with cross account
endpoints.
* api-change:``rds``: This release adds support for customized networking resources to Amazon RDS
Custom.
* api-change:``redshift``: Added support for Multi-AZ deployments for Provisioned RA3 clusters that
provide 99.99% SLA availability.
* api-change:``sagemaker``: Support for batch transform input in Model dashboard
- from version 1.31.75
* api-change:``amplify``: Add backend field to CreateBranch and UpdateBranch requests. Add
pagination support for ListApps, ListDomainAssociations, ListBranches, and ListJobs
* api-change:``application-insights``: Automate attaching managed policies
* api-change:``ec2``: Capacity Blocks for ML are a new EC2 purchasing option for reserving GPU
instances on a future date to support short duration machine learning (ML) workloads. Capacity
Blocks automatically place instances close together inside Amazon EC2 UltraClusters for
low-latency, high-throughput networking.
* api-change:``m2``: Added name filter ability for ListDataSets API, added ForceUpdate for Updating
environment and BatchJob submission using S3BatchJobIdentifier
* api-change:``neptunedata``: Minor change to not retry CancelledByUserException
* api-change:``translate``: Added support for Brevity translation settings feature.
- from version 1.31.74
* api-change:``connect``: This release adds InstanceId field for phone number APIs.
* api-change:``dataexchange``: We added a new API action: SendDataSetNotification.
* api-change:``datasync``: Platform version changes to support AL1 deprecation initiative.
* api-change:``finspace``: Introducing new API UpdateKxClusterCodeConfiguration, introducing new
cache types for clusters and introducing new deployment modes for updating clusters.
* api-change:``mediapackagev2``: This feature allows customers to create a combination of manifest
filtering, startover and time delay configuration that applies to all egress requests by default.
* api-change:``rds``: This release launches the CreateIntegration, DeleteIntegration, and
DescribeIntegrations APIs to manage zero-ETL Integrations.
* api-change:``redshift-serverless``: Added support for custom domain names for Amazon Redshift
Serverless workgroups. This feature enables customers to create a custom domain name and use ACM to
generate fully secure connections to it.
* api-change:``resiliencehub``: Introduced the ability to filter applications by their last
assessment date and time and have included metrics for the application's estimated workload
Recovery Time Objective (RTO) and estimated workload Recovery Point Objective (RPO).
* api-change:``s3outposts``: Updated ListOutpostsWithS3 API response to include S3OutpostArn for
use with AWS RAM.
* api-change:``wisdom``: This release added necessary API documents on creating a Wisdom knowledge
base to integrate with S3.
- from version 1.31.73
* api-change:``emr``: Update emr client to latest version
* api-change:``neptune``: Update TdeCredentialPassword type to SensitiveString
* api-change:``pinpoint``: Updated documentation to describe the case insensitivity for EndpointIds.
* api-change:``redshift``: added support to create a dual stack cluster
* api-change:``wafv2``: Updates the descriptions for the calls that manage web ACL associations, to
provide information for customer-managed IAM policies.
- from version 1.31.72
* api-change:``appstream``: This release introduces multi-session fleets, allowing customers to
provision more than one user session on a single fleet instance.
* api-change:``ec2``: Launching GetSecurityGroupsForVpc API. This API gets security groups that can
be associated by the AWS account making the request with network interfaces in the specified VPC.
* api-change:``network-firewall``: Network Firewall now supports inspection of outbound SSL/TLS
traffic.
* api-change:``opensearch``: You can specify ipv4 or dualstack IPAddressType for cluster endpoints.
If you specify IPAddressType as dualstack, the new endpoint will be visible under the 'EndpointV2'
parameter and will support IPv4 and IPv6 requests. Whereas, the 'Endpoint' will continue to serve
IPv4 requests.
* api-change:``redshift``: Add Redshift APIs GetResourcePolicy, DeleteResourcePolicy,
PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift Zero-ETL integration
feature, which can be used to control data ingress into Redshift namespace, and view inbound
integrations.
* api-change:``sagemaker``: Amazon Sagemaker Autopilot now supports Text Generation jobs.
* api-change:``sns``: Message Archiving and Replay is now supported in Amazon SNS for FIFO topics.
* api-change:``ssm-sap``: AWS Systems Manager for SAP added support for registration and discovery
of SAP ABAP applications
* api-change:``transfer``: No API changes from previous release. This release migrated the model to
Smithy keeping all features unchanged.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.71
* enhancement:Configuration: Adds client context params support to ``Config``.
* api-change:``connectcases``: Increase maximum length of CommentBody to 3000, and increase maximum
length of StringValue to 1500
* api-change:``groundstation``: This release will allow KMS alias names to be used when creating
Mission Profiles
* api-change:``iam``: Updates to GetAccessKeyLastUsed action to replace NoSuchEntity error with
AccessDeniedException error.
- from version 1.31.70
* api-change:``codepipeline``: Add ability to trigger pipelines from git tags, define variables at
pipeline level and new pipeline type V2.
* api-change:``ec2``: This release updates the documentation for InstanceInterruptionBehavior and
HibernationOptionsRequest to more accurately describe the behavior of these two parameters when
using Spot hibernation.
* api-change:``eks``: Added support for Cluster Subnet and Security Group mutability.
* api-change:``iam``: Add the partitional endpoint for IAM in iso-f.
* api-change:``migrationhub-config``: This release introduces DeleteHomeRegionControl API that
customers can use to delete the Migration Hub Home Region configuration
* api-change:``migrationhubstrategy``: This release introduces multi-data-source feature in
Migration Hub Strategy Recommendations. This feature now supports vCenter as a data source to fetch
inventory in addition to ADS and Import from file workflow that is currently supported with MHSR
collector.
* api-change:``opensearchserverless``: This release includes the following new APIs:
CreateLifecyclePolicy, UpdateLifecyclePolicy, BatchGetLifecyclePolicy, DeleteLifecyclePolicy,
ListLifecyclePolicies and BatchGetEffectiveLifecyclePolicy to support the data lifecycle management
feature.
- from version 1.31.69
* api-change:``marketplacecommerceanalytics``: The StartSupportDataExport operation has been
deprecated as part of the Product Support Connection deprecation. As of December 2022, Product
Support Connection is no longer supported.
* api-change:``networkmanager``: This release adds API support for Tunnel-less Connect (NoEncap
Protocol) for AWS Cloud WAN
* api-change:``redshift-serverless``: This release adds support for customers to see the patch
version and workgroup version in Amazon Redshift Serverless.
* api-change:``rekognition``: Amazon Rekognition introduces StartMediaAnalysisJob,
GetMediaAnalysisJob, and ListMediaAnalysisJobs operations to run a bulk analysis of images with a
Detect Moderation model.
- from version 1.31.68
* api-change:``appconfig``: Update KmsKeyIdentifier constraints to support AWS KMS multi-Region
keys.
* api-change:``appintegrations``: Updated ScheduleConfig to be an optional input to
CreateDataIntegration to support event driven downloading of files from sources such as Amazon s3
using Amazon Connect AppIntegrations.
* api-change:``connect``: This release adds support for updating phone number metadata, such as
phone number description.
* api-change:``discovery``: This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``medical-imaging``: Updates on documentation links
* api-change:``ssm``: This release introduces a new API: DeleteOpsItem. This allows deletion of an
OpsItem.
- from version 1.31.67
* api-change:``gamesparks``: The gamesparks client has been removed following the deprecation of
the service.
* api-change:``ec2``: Amazon EC2 C7a instances, powered by 4th generation AMD EPYC processors, are
ideal for high performance, compute-intensive workloads such as high performance computing. Amazon
EC2 R7i instances are next-generation memory optimized and powered by custom 4th Generation Intel
Xeon Scalable processors.
* api-change:``managedblockchain-query``: This release adds support for Ethereum Sepolia network
* api-change:``neptunedata``: Doc changes to add IAM action mappings for the data actions.
* api-change:``omics``: This change enables customers to retrieve failure reasons with detailed
status messages for their failed runs
* api-change:``opensearch``: Added Cluster Administrative options for node restart, opensearch
process restart and opensearch dashboard restart for Multi-AZ without standby domains
* api-change:``quicksight``: This release adds the following: 1) Trino and Starburst Database
Connectors 2) Custom total for tables and pivot tables 3) Enable restricted folders 4) Add rolling
dates for time equality filters 5) Refine DataPathValue and introduce DataPathType 6) Add
SeriesType to ReferenceLineDataConfiguration
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
* api-change:``servicecatalog``: Introduce support for EXTERNAL product and provisioning artifact
type in CreateProduct and CreateProvisioningArtifact APIs.
* api-change:``verifiedpermissions``: Improving Amazon Verified Permissions Create experience
* api-change:``workspaces``: Documentation updates for WorkSpaces
- from version 1.31.66
* api-change:``cloud9``: Update to imageId parameter behavior and dates updated.
* api-change:``dynamodb``: Updating descriptions for several APIs.
* api-change:``kendra``: Changes for a new feature in Amazon Kendra's Query API to Collapse/Expand
query results
* api-change:``rds``: This release adds support for upgrading the storage file system configuration
on the DB instance using a blue/green deployment or a read replica.
* api-change:``wisdom``: This release adds an max limit of 25 recommendation ids for
NotifyRecommendationsReceived API.
- from version 1.31.65
* api-change:``codepipeline``: Add retryMode ALL_ACTIONS to RetryStageExecution API that retries a
failed stage starting from first action in the stage
* api-change:``discovery``: This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``ecs``: Documentation only updates to address Amazon ECS tickets.
* api-change:``globalaccelerator``: Fixed error where ListCustomRoutingEndpointGroups did not have
a paginator
* api-change:``guardduty``: Add domainWithSuffix finding field to dnsRequestAction
* api-change:``kafka``: AWS Managed Streaming for Kafka is launching MSK Replicator, a new feature
that enables customers to reliably replicate data across Amazon MSK clusters in same or different
AWS regions. You can now use SDK to create, list, describe, delete, update, and manage tags of MSK
Replicators.
* api-change:``route53-recovery-cluster``: Adds Owner field to ListRoutingControls API.
* api-change:``route53-recovery-control-config``: Adds permissions for GetResourcePolicy to support
returning details about AWS Resource Access Manager resource policies for shared resources.
- from version 1.31.64
* api-change:``cloudformation``: SDK and documentation updates for UpdateReplacePolicy
* api-change:``drs``: Updated exsiting API to allow AWS Elastic Disaster Recovery support of
launching recovery into existing EC2 instances.
* api-change:``entityresolution``: This launch expands our matching techniques to include
provider-based matching to help customer match, link, and enhance records with minimal data
movement. With data service providers, we have removed the need for customers to build bespoke
integrations,.
* api-change:``managedblockchain-query``: This release introduces two new APIs: GetAssetContract
and ListAssetContracts. This release also adds support for Bitcoin Testnet.
* api-change:``mediapackagev2``: This release allows customers to manage MediaPackage v2 resource
using CloudFormation.
* api-change:``opensearch``: This release allows customers to list and associate optional plugin
packages with compatible Amazon OpenSearch Service clusters for enhanced functionality.
* api-change:``redshift-serverless``: Added support for managing credentials of serverless
namespace admin using AWS Secrets Manager.
* api-change:``redshift``: Added support for managing credentials of provisioned cluster admin
using AWS Secrets Manager.
* api-change:``sesv2``: This release provides enhanced visibility into your SES identity
verification status. This will offer you more actionable insights, enabling you to promptly address
any verification-related issues.
* api-change:``transfer``: Documentation updates for AWS Transfer Family
* api-change:``xray``: This releases enhances GetTraceSummaries API to support new TimeRangeType
Service to query trace summaries by segment end time.
- from version 1.31.63
* api-change:``auditmanager``: This release introduces a new limit to the awsAccounts parameter.
When you create or update an assessment, there is now a limit of 200 AWS accounts that can be
specified in the assessment scope.
* api-change:``autoscaling``: Update the NotificationMetadata field to only allow visible ascii
characters. Add paginators to DescribeInstanceRefreshes, DescribeLoadBalancers, and
DescribeLoadBalancerTargetGroups
* api-change:``config``: Add enums for resource types supported by Config
* api-change:``controltower``: Added new EnabledControl resource details to ListEnabledControls API
and added new GetEnabledControl API.
* api-change:``customer-profiles``: Adds sensitive trait to various shapes in Customer Profiles
Calculated Attribute API model.
* api-change:``ec2``: This release adds Ubuntu Pro as a supported platform for On-Demand Capacity
Reservations and adds support for setting an Amazon Machine Image (AMI) to disabled state.
Disabling the AMI makes it private if it was previously shared, and prevents new EC2 instance
launches from it.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``glue``: Extending version control support to GitLab and Bitbucket from AWSGlue
* api-change:``inspector2``: Add MacOs ec2 platform support
* api-change:``ivs-realtime``: Update GetParticipant to return additional metadata.
* api-change:``lambda``: Adds support for Lambda functions to access Dual-Stack subnets over IPv6,
via an opt-in flag in CreateFunction and UpdateFunctionConfiguration APIs
* api-change:``location``: This release adds endpoint updates for all AWS Location resource
operations.
* api-change:``machinelearning``: This release marks Password field as sensitive
* api-change:``pricing``: Documentation updates for Price List
* api-change:``rds``: This release adds support for adding a dedicated log volume to open-source
RDS instances.
* api-change:``rekognition``: Amazon Rekognition introduces support for Custom Moderation. This
allows the enhancement of accuracy for detect moderation labels operations by creating custom
adapters tuned on customer data.
* api-change:``sagemaker``: Amazon SageMaker Canvas adds KendraSettings and DirectDeploySettings
support for CanvasAppSettings
* api-change:``textract``: This release adds 9 new APIs for adapter and adapter version management,
3 new APIs for tagging, and updates AnalyzeDocument and StartDocumentAnalysis API parameters for
using adapters.
* api-change:``transcribe``: This release is to enable m4a format to customers
* api-change:``workspaces``: Updated the CreateWorkspaces action documentation to clarify that the
PCoIP protocol is only available for Windows bundles.
- from version 1.31.62
* enhancement:Dependencies: Add support for urllib3 2.0 for Python 3.10+
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``fsx``: After performing steps to repair the Active Directory configuration of a file
system, use this action to initiate the process of attempting to recover to the file system.
* api-change:``marketplace-catalog``: This release adds support for Document type as an alternative
for stringified JSON for StartChangeSet, DescribeChangeSet and DescribeEntity APIs
* api-change:``quicksight``: NullOption in FilterListConfiguration; Dataset schema/table max length
increased; Support total placement for pivot table visual; Lenient mode relaxes the validation to
create resources with definition; Data sources can be added to folders; Redshift data sources
support IAM Role-based authentication
* api-change:``transfer``: This release updates the max character limit of
PreAuthenticationLoginBanner and PostAuthenticationLoginBanner to 4096 characters
- Update to 1.31.61:
* api-change:``omics``: Add Etag Support for Omics Storage in ListReadSets and GetReadSetMetadata
API
* api-change:``rds``: Updates Amazon RDS documentation for corrections and minor improvements.
* api-change:``route53``: Add hostedzonetype filter to ListHostedZones API.
* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for
AwsEventsEventbus, AwsEventsEndpoint, AwsDmsEndpoint, AwsDmsReplicationTask,
AwsDmsReplicationInstance, AwsRoute53HostedZone, and AwsMskCluster
* api-change:``storagegateway``: Add SoftwareVersion to response of DescribeGatewayInformation.
* api-change:``workspaces``: This release introduces Manage applications. This feature allows users
to manage their WorkSpaces applications by associating or disassociating their WorkSpaces with
applications. The DescribeWorkspaces API will now additionally return OperatingSystemName in its
responses.
- from version 1.31.60
* api-change:``appconfig``: AWS AppConfig introduces KMS customer-managed key (CMK) encryption
support for data saved to AppConfig's hosted configuration store.
* api-change:``datazone``: Initial release of Amazon DataZone
* api-change:``mediatailor``: Updates DescribeVodSource to include a list of ad break opportunities
in the response
* api-change:``mgn``: This release includes the following new APIs: ListConnectors,
CreateConnector, UpdateConnector, DeleteConnector and UpdateSourceServer to support the source
action framework feature.
* api-change:``sagemaker``: Adding support for AdditionalS3DataSource, a data source used for
training or inference that is in addition to the input dataset or model data.
- from version 1.31.59
* api-change:``connect``: GetMetricDataV2 API: Update to include new metrics CONTACTS_RESOLVED_IN_X
, AVG_HOLD_TIME_ALL_CONTACTS , AVG_RESOLUTION_TIME , ABANDONMENT_RATE ,
AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS with added features: Interval Period, TimeZone, Negate
MetricFilters, Extended date time range.
* api-change:``location``: Amazon Location Service adds support for bounding polygon queries.
Additionally, the GeofenceCount field has been added to the DescribeGeofenceCollection API response.
* api-change:``mediaconvert``: This release adds the ability to replace video frames without
modifying the audio essence.
* api-change:``oam``: This release adds support for sharing AWS::ApplicationInsights::Application
resources.
* api-change:``sagemaker``: This release allows users to run Selective Execution in SageMaker
Pipelines without SourcePipelineExecutionArn if selected steps do not have any dependent steps.
* api-change:``wellarchitected``: AWS Well-Architected now supports Review Templates that allows
you to create templates with pre-filled answers for Well-Architected and Custom Lens best practices.
- from version 1.31.58
* api-change:``bedrock``: Provisioned throughput feature with Amazon and third-party base models,
and update validators for model identifier and taggable resource ARNs.
* api-change:``bedrock-runtime``: Add model timeout exception for InvokeModelWithResponseStream API
and update validator for invoke model identifier.
* api-change:``ec2``: Introducing Amazon EC2 R7iz instances with 3.9 GHz sustained all-core turbo
frequency and deliver up to 20% better performance than previous generation z1d instances.
* api-change:``managedblockchain``: Remove Rinkeby as option from Ethereum APIs
* api-change:``rds``: Adds DefaultCertificateForNewLaunches field in the DescribeCertificates API
response.
* api-change:``sso``: Fix FIPS Endpoints in aws-us-gov.
* api-change:``sts``: STS API updates for assumeRole
* api-change:``transfer``: Documentation updates for AWS Transfer Family
- from version 1.31.57
* api-change:``bedrock-runtime``: Run Inference: Added support to run the inference on models.
Includes set of APIs for running inference in streaming and non-streaming mode.
* api-change:``bedrock``: Model Invocation logging added to enable or disable logs in customer
account. Model listing and description support added. Provisioned Throughput feature added. Custom
model support added for creating custom models. Also includes list, and delete functions for custom
model.
* api-change:``budgets``: Update DescribeBudgets and DescribeBudgetNotificationsForAccount
MaxResults limit to 1000.
* api-change:``ec2``: Adds support for Customer Managed Key encryption for Amazon Verified Access
resources
* api-change:``iotfleetwise``: AWS IoT FleetWise now supports encryption through a customer managed
AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs were added.
* api-change:``sagemaker-featurestore-runtime``: Feature Store supports read/write of records with
collection type features.
* api-change:``sagemaker``: Online store feature groups supports Standard and InMemory tier storage
types for low latency storage for real-time data retrieval. The InMemory tier supports collection
types List, Set, and Vector.
* api-change:``wafv2``: Correct and improve the documentation for the FieldToMatch option JA3
fingerprint.
- from version 1.31.56
* api-change:``cognito-idp``: The UserPoolType Status field is no longer used.
* api-change:``firehose``: Features : Adding support for new data ingestion source to Kinesis
Firehose - AWS Managed Services Kafka.
* api-change:``iot``: Added support for IoT Rules Engine Kafka Action Headers
* api-change:``textract``: This release adds new feature - Layout to Analyze Document API which can
automatically extract layout elements such as titles, paragraphs, headers, section headers, lists,
page numbers, footers, table areas, key-value areas and figure areas and order the elements as a
human would read.
- from version 1.31.55
* api-change:``appintegrations``: The Amazon AppIntegrations service adds a set of APIs (in
preview) to manage third party applications to be used in Amazon Connect agent workspace.
* api-change:``apprunner``: This release allows an App Runner customer to specify a custom source
directory to run the build & start command. This change allows App Runner to support monorepo based
repositories
* api-change:``codedeploy``: CodeDeploy now supports In-place and Blue/Green EC2 deployments with
multiple Classic Load Balancers and multiple Target Groups.
* api-change:``connect``: This release updates a set of Amazon Connect APIs that provides the
ability to integrate third party applications in the Amazon Connect agent workspace.
* api-change:``dynamodb``: Amazon DynamoDB now supports Incremental Export as an enhancement to the
existing Export Table
* api-change:``ec2``: The release includes AWS verified access to support FIPs compliance in North
America regions
* api-change:``lakeformation``: This release adds three new API support "CreateLakeFormationOptIn",
"DeleteLakeFormationOptIn" and "ListLakeFormationOptIns", and also updates the corresponding
documentation.
* api-change:``pinpoint``: Update documentation for RemoveAttributes to more accurately reflect its
behavior when attributes are deleted.
* api-change:``s3``: This release adds a new field COMPLETED to the ReplicationStatus Enum. You can
now use this field to validate the replication status of S3 objects using the AWS SDK.
- from version 1.31.54
* api-change:``amplifyuibuilder``: Support for generating code that is compatible with future
versions of amplify project dependencies.
* api-change:``chime-sdk-media-pipelines``: Adds support for sending WebRTC audio to Amazon Kineses
Video Streams.
* api-change:``emr-serverless``: This release adds support for application-wide default job
configurations.
* api-change:``finspace-data``: Adding sensitive trait to attributes. Change max SessionDuration
from 720 to 60. Correct "ApiAccess" attribute to "apiAccess" to maintain consistency between APIs.
* api-change:``quicksight``: Added ability to tag users upon creation.
* api-change:``ssm``: This release updates the enum values for ResourceType in SSM
DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output.
* api-change:``wafv2``: You can now perform an exact match against the web request's JA3
fingerprint.
- from version 1.31.53
* api-change:``braket``: This release adds support to view the device queue depth (the number of
queued quantum tasks and hybrid jobs on a device) and queue position for a quantum task and hybrid
job.
* api-change:``dms``: new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and Redshift
* api-change:``ec2``: EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini computers
featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and uniquely
enabled by the AWS Nitro System through high-speed Thunderbolt connections.
* api-change:``efs``: Update efs client to latest version
* api-change:``guardduty``: Add `EKS_CLUSTER_NAME` to filter and sort key.
* api-change:``mediaconvert``: This release supports the creation of of audio-only tracks in CMAF
output groups.
- from version 1.31.52
* api-change:``appconfig``: Enabling boto3 paginators for list APIs and adding documentation around
ServiceQuotaExceededException errors
* api-change:``apprunner``: This release adds improvements for managing App Runner auto scaling
configuration resources. New APIs: UpdateDefaultAutoScalingConfiguration and
ListServicesForAutoScalingConfiguration. Updated API: DeleteAutoScalingConfiguration.
* api-change:``codeartifact``: Add support for the Swift package format.
* api-change:``kinesisvideo``: Updated DescribeMediaStorageConfiguration,
StartEdgeConfigurationUpdate, ImageGenerationConfiguration$SamplingInterval, and
UpdateMediaStorageConfiguration to match AWS Docs.
* api-change:``logs``: Add ClientToken to QueryDefinition CFN Handler in CWL
* api-change:``s3``: Fix an issue where the SDK can fail to unmarshall response due to
NumberFormatException
* api-change:``servicediscovery``: Adds a new DiscoverInstancesRevision API and also adds
InstanceRevision field to the DiscoverInstances API response.
* api-change:``sso-oidc``: Update FIPS endpoints in aws-us-gov.
- from version 1.31.51
* api-change:``ec2``: This release adds support for C7i, and R7a instance types.
* api-change:``outposts``: This release adds the InstanceFamilies field to the ListAssets response.
* api-change:``sagemaker``: This release adds support for one-time model monitoring schedules that
are executed immediately without delay, explicit data analysis windows for model monitoring
schedules and exclude features attributes to remove features from model monitor analysis.
- from version 1.31.50
* api-change:``discovery``: Add sensitive protection for customer information
* api-change:``macie2``: This release changes the default managedDataIdentifierSelector setting for
new classification jobs to RECOMMENDED. By default, new classification jobs now use the recommended
set of managed data identifiers.
* api-change:``workmail``: This release includes four new APIs UpdateUser, UpdateGroup,
ListGroupsForEntity and DescribeEntity, along with RemoteUsers and some enhancements to existing
APIs.
- from version 1.31.49
* api-change:``appstream``: This release introduces app block builder, allowing customers to
provision a resource to package applications into an app block
* api-change:``connect``: New rule type (OnMetricDataUpdate) has been added
* api-change:``datasync``: Documentation-only updates for AWS DataSync.
* api-change:``sagemaker``: This release introduces Skip Model Validation for Model Packages
- from version 1.31.48
* api-change:``appstream``: This release introduces multi-session fleets, allowing customers to
provision more than one user session on a single fleet instance.
* api-change:``cloudformation``: Documentation updates for AWS CloudFormation
* api-change:``entityresolution``: Changed "ResolutionTechniques" and "MappedInputFields" in
workflow and schema mapping operations to be required fields.
* api-change:``lookoutequipment``: This release adds APIs for the new scheduled retraining feature.
- from version 1.31.47
* api-change:``cloud9``: Update to include information on Ubuntu 18 deprecation.
* api-change:``drs``: Updated existing APIs and added new ones to support using AWS Elastic
Disaster Recovery post-launch actions. Added support for new regions.
* api-change:``firehose``: DocumentIdOptions has been added for the Amazon OpenSearch destination.
* api-change:``guardduty``: Add `managementType` field to ListCoverage API response.
* api-change:``internetmonitor``: This release updates the Amazon CloudWatch Internet Monitor API
domain name.
* api-change:``ivs-realtime``: Doc only update that changes description for ParticipantToken.
* api-change:``simspaceweaver``: Edited the introductory text for the API reference.
* api-change:``xray``: Add StartTime field in GetTraceSummaries API response for each TraceSummary.
- from version 1.31.46
* api-change:``ec2``: This release adds support for restricting public sharing of AMIs through AMI
Block Public Access
* api-change:``events``: Update events client to latest version
* api-change:``kendra``: Amazon Kendra now supports confidence score buckets for retrieved passage
results using the Retrieve API.
- from version 1.31.45
* api-change:``ecr``: This release will have ValidationException be thrown from ECR LifecyclePolicy
APIs in regions LifecyclePolicy is not supported, this includes existing Amazon Dedicated Cloud
(ADC) regions. This release will also change Tag: TagValue and Tag: TagKey to required.
* api-change:``medialive``: AWS Elemental Link now supports attaching a Link UHD device to a
MediaConnect flow.
* api-change:``quicksight``: This release launches new updates to QuickSight KPI visuals - support
for sparklines, new templated layout and new targets for conditional formatting rules.
- from version 1.31.44
* api-change:``fsx``: Amazon FSx documentation fixes
* api-change:``sagemaker``: Autopilot APIs will now support holiday featurization for Timeseries
models. The models will now hold holiday metadata and should be able to accommodate holiday effect
during inference.
* api-change:``sso-admin``: Content updates to IAM Identity Center API for China Regions.
* api-change:``workspaces``: A new field "ErrorDetails" will be added to the output of
"DescribeWorkspaceImages" API call. This field provides in-depth details about the error occurred
during image import process. These details include the possible causes of the errors and
troubleshooting information.
- from version 1.31.43
* api-change:``neptunedata``: Minor changes to send unsigned requests to Neptune clusters
* api-change:``securityhub``: Documentation updates for AWS Security Hub
* api-change:``simspaceweaver``: BucketName and ObjectKey are now required for the S3Location data
type. BucketName is now required for the S3Destination data type.
- from version 1.31.42
* api-change:``appflow``: Adding OAuth2.0 support for servicenow connector.
* api-change:``ec2``: This release adds 'outpost' location type to the
DescribeInstanceTypeOfferings API, allowing customers that have been allowlisted for outpost to
query their offerings in the API.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``medialive``: Adds advanced Output Locking options for Epoch Locking: Custom Epoch
and Jam Sync Time
* api-change:``wafv2``: The targeted protection level of the Bot Control managed rule group now
provides optional, machine-learning analysis of traffic statistics to detect some bot-related
activity. You can enable or disable the machine learning functionality through the API.
- from version 1.31.41
* api-change:``billingconductor``: This release adds support for line item filtering in for the
custom line item resource.
* api-change:``cloud9``: Added support for Ubuntu 22.04 that was not picked up in a previous
Trebuchet request. Doc-only update.
* api-change:``compute-optimizer``: This release adds support to provide recommendations for G4dn
and P3 instances that use NVIDIA GPUs.
* api-change:``ec2``: Introducing Amazon EC2 C7gd, M7gd, and R7gd Instances with up to 3.8 TB of
local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton3 processors,
delivering up to 25% better performance over Graviton2-based instances.
* api-change:``ecs``: Documentation only update for Amazon ECS.
* api-change:``events``: Update events client to latest version
* api-change:``rds``: Add support for feature integration with AWS Backup.
* api-change:``sagemaker``: SageMaker Neo now supports data input shape derivation for Pytorch 2.0
and XGBoost compilation job for cloud instance targets. You can skip DataInputConfig field during
compilation job creation. You can also access derived information from model in
DescribeCompilationJob response.
* api-change:``vpc-lattice``: This release adds Lambda event structure version config support for
LAMBDA target groups. It also adds newline support for auth policies.
- from version 1.31.40
* api-change:``chime-sdk-media-pipelines``: This release adds support for the Voice Analytics
feature for customer-owned KVS streams as part of the Amazon Chime SDK call analytics.
* api-change:``connect``: Amazon Connect adds the ability to read, create, update, delete, and list
view resources, and adds the ability to read, create, delete, and list view versions.
* api-change:``identitystore``: New Identity Store content for China Region launch
* api-change:``neptunedata``: Removed the descriptive text in the introduction.
- from version 1.31.39
* api-change:``chime-sdk-media-pipelines``: This release adds support for feature Voice Enhancement
for Call Recording as part of Amazon Chime SDK call analytics.
* api-change:``cloudhsm``: Deprecating CloudHSM Classic API Service.
* api-change:``connectcampaigns``: Amazon Connect outbound campaigns has launched agentless dialing
mode which enables customers to make automated outbound calls without agent engagement. This
release updates three of the campaign management API's to support the new agentless dialing mode
and the new dialing capacity field.
* api-change:``connectparticipant``: Amazon Connect Participant Service adds the ability to get a
view resource using a view token, which is provided in a participant message, with the release of
the DescribeView API.
* api-change:``customer-profiles``: Adds sensitive trait to various shapes in Customer Profiles API
model.
* api-change:``ecs``: This release adds support for an account-level setting that you can use to
configure the number of days for AWS Fargate task retirement.
* api-change:``grafana``: Marking SAML RoleValues attribute as sensitive and updating
VpcConfiguration attributes to match documentation.
* api-change:``health``: Adds new API DescribeEntityAggregatesForOrganization that retrieves entity
aggregates across your organization. Also adds support for resource status filtering in
DescribeAffectedEntitiesForOrganization, resource status aggregates in the DescribeEntityAggregates
response, and new resource statuses.
* api-change:``ivs``: Updated "type" description for CreateChannel, UpdateChannel, Channel, and
ChannelSummary.
* api-change:``kafkaconnect``: Minor model changes for Kafka Connect as well as endpoint updates.
* api-change:``payment-cryptography-data``: Make KeyCheckValue field optional when using asymmetric
keys as Key Check Values typically only apply to symmetric keys
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
- from version 1.31.38
* api-change:``appflow``: Add SAP source connector parallel and pagination feature
* api-change:``apprunner``: App Runner adds support for Bitbucket. You can now create App Runner
connection that connects to your Bitbucket repositories and deploy App Runner service with the
source code stored in a Bitbucket repository.
* api-change:``auditmanager``: This release marks some assessment metadata as sensitive. We added a
sensitive trait to the following attributes: assessmentName, emailAddress, scope, createdBy,
lastUpdatedBy, and userName.
* api-change:``cleanrooms``: This release decouples member abilities in a collaboration. With this
change, the member who can run queries no longer needs to be the same as the member who can receive
results.
* api-change:``datasync``: AWS DataSync introduces Task Reports, a new feature that provides
detailed reports of data transfer operations for each task execution.
* api-change:``neptunedata``: Allows customers to execute data plane actions like bulk loading
graphs, issuing graph queries using Gremlin and openCypher directly from the SDK.
* api-change:``network-firewall``: Network Firewall increasing pagination token string length
* api-change:``pca-connector-ad``: The Connector for AD allows you to use a fully-managed AWS
Private CA as a drop-in replacement for your self-managed enterprise CAs without local agents or
proxy servers. Enterprises that use AD to manage Windows environments can reduce their private
certificate authority (CA) costs and complexity.
* api-change:``sagemaker``: Amazon SageMaker Canvas adds IdentityProviderOAuthSettings support for
CanvasAppSettings
- from version 1.31.37
* api-change:``cognito-idp``: Added API example requests and responses for several operations.
Fixed the validation regex for user pools Identity Provider name.
* api-change:``fsx``: Documentation updates for project quotas.
* api-change:``omics``: Add RetentionMode support for Runs.
* api-change:``sesv2``: Adds support for the new Export and Message Insights features: create, get,
list and cancel export jobs; get message insights.
- Update to 1.31.36:
* api-change:``backup``: Add support for customizing time zone for backup window in backup plan
rules.
* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and
generate licensing optimization recommendations for sql server running on EC2 instances.
* api-change:``organizations``: Documentation updates for permissions and links.
* api-change:``securitylake``: Remove incorrect regex enforcement on pagination tokens.
* api-change:``service-quotas``: Service Quotas now supports viewing the applied quota value and
requesting a quota increase for a specific resource in an AWS account.
* api-change:``workspaces-web``: WorkSpaces Web now enables Admins to configure which cookies are
synchronized from an end-user's local browser to the in-session browser. In conjunction with a
browser extension, this feature enables enhanced Single-Sign On capability by reducing the number
of times an end-user has to authenticate.
- from version 1.31.35
* api-change:``cloudtrail``: Add ThrottlingException with error code 429 to handle CloudTrail
Delegated Admin request rate exceeded on organization resources.
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``detective``: Added protections to interacting with fields containing customer
information.
- from version 1.31.34
* api-change:``ec2``: Amazon EC2 M7a instances, powered by 4th generation AMD EPYC processors,
deliver up to 50% higher performance compared to M6a instances. Amazon EC2 Hpc7a instances, powered
by 4th Gen AMD EPYC processors, deliver up to 2.5x better performance compared to Amazon EC2 Hpc6a
instances.
* api-change:``glue``: Added API attributes that help in the monitoring of sessions.
* api-change:``mediaconvert``: This release includes additional audio channel tags in Quicktime
outputs, support for film grain synthesis for AV1 outputs, ability to create audio-only FLAC
outputs, and ability to specify Amazon S3 destination storage class.
* api-change:``medialive``: MediaLive now supports passthrough of KLV data to a HLS output group
with a TS container. MediaLive now supports setting an attenuation mode for AC3 audio when the
coding mode is 3/2 LFE. MediaLive now supports specifying whether to include filler NAL units in
RTMP output group settings.
* api-change:``mediatailor``: Adds new source location AUTODETECT_SIGV4 access type.
* api-change:``quicksight``: Excel support in Snapshot Export APIs. Removed Required trait for some
insight Computations. Namespace-shared Folders support. Global Filters support. Table pin Column
support.
* api-change:``rds``: This release updates the supported versions for Percona XtraBackup in Aurora
MySQL.
* api-change:``s3control``: Updates to endpoint ruleset tests to address Smithy validation issues
and standardize the capitalization of DualStack.
* api-change:``verifiedpermissions``: Documentation updates for Amazon Verified Permissions.
- from version 1.31.33
* api-change:``apigateway``: This release adds RootResourceId to GetRestApi response.
* api-change:``ec2``: Marking fields as sensitive on BundleTask and GetPasswordData
* api-change:``polly``: Amazon Polly adds 1 new voice - Zayd (ar-AE)
- from version 1.31.32
* api-change:``ce``: This release adds the LastUpdatedDate and LastUsedDate timestamps to help you
manage your cost allocation tags.
* api-change:``globalaccelerator``: Global Accelerator now supports Client Ip Preservation for
Network Load Balancer endpoints.
* api-change:``rds``: Adding parameters to CreateCustomDbEngineVersion reserved for future use.
* api-change:``verifiedpermissions``: Documentation updates for Amazon Verified Permissions.
Increases max results per page for ListPolicyStores, ListPolicies, and ListPolicyTemplates APIs
from 20 to 50.
- from version 1.31.31
* api-change:``cloud9``: Doc only update to add Ubuntu 22.04 as an Image ID option for Cloud9
* api-change:``ec2``: The DeleteKeyPair API has been updated to return the keyPairId when an
existing key pair is deleted.
* api-change:``finspace``: Allow customers to manage outbound traffic from their Kx Environment
when attaching a transit gateway by providing network acl entries. Allow the customer to choose how
they want to update the databases on a cluster allowing updates to possibly be faster than usual.
* api-change:``rds``: Adding support for RDS Aurora Global Database Unplanned Failover
* api-change:``route53domains``: Fixed typos in description fields
- from version 1.31.30
* api-change:``codecommit``: Add new ListFileCommitHistory operation to retrieve commits which
introduced changes to a specific file.
* api-change:``securityhub``: Added Inspector Lambda code Vulnerability section to ASFF, including
GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.
- from version 1.31.29
* api-change:``ec2``: Adds support for SubnetConfigurations to allow users to select their own IPv4
and IPv6 addresses for Interface VPC endpoints
* api-change:``gamelift``: Amazon GameLift updates its instance types support.
- from version 1.31.28
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``lexv2-models``: Update lexv2-models client to latest version
- Update to 1.31.27:
* enhancement:Python: Added provisional Python 3.12 support to Botocore
* api-change:``chime-sdk-meetings``: Updated API documentation to include additional exceptions.
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``glue``: AWS Glue Crawlers can now accept SerDe overrides from a custom csv
classifier. The two SerDe options are LazySimpleSerDe and OpenCSVSerDe. In case, the user wants
crawler to do the selection, "None" can be selected for this purpose.
* api-change:``pi``: AWS Performance Insights for Amazon RDS is launching Performance Analysis On
Demand, a new feature that allows you to analyze database performance metrics and find out the
performance issues. You can now use SDK to create, list, get, delete, and manage tags of
performance analysis reports.
* api-change:``route53domains``: Provide explanation if CheckDomainTransferability return false.
Provide requestId if a request is already submitted. Add sensitive protection for customer
information
* api-change:``sagemaker``: SageMaker Inference Recommender now provides SupportedResponseMIMETypes
from DescribeInferenceRecommendationsJob response
- from version 1.31.26
* api-change:``mediapackage``: Fix SDK logging of certain fields.
* api-change:``omics``: This release provides support for annotation store versioning and cross
account sharing for Omics Analytics
* api-change:``transfer``: Documentation updates for AWS Transfer Family
- from version 1.31.25
* api-change:``amplifybackend``: Adds sensitive trait to required input shapes.
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in July 2023.
* api-change:``ec2``: Amazon EC2 P5 instances, powered by the latest NVIDIA H100 Tensor Core GPUs,
deliver the highest performance in EC2 for deep learning (DL) and HPC applications. M7i-flex and
M7i instances are next-generation general purpose instances powered by custom 4th Generation Intel
Xeon Scalable processors.
* api-change:``quicksight``: New Authentication method for Account subscription - IAM Identity
Center. Hierarchy layout support, default column width support and related style properties for
pivot table visuals. Non-additive topic field aggregations for Topic API
* api-change:``ses``: Update ses client to latest version
* api-change:``swf``: This release adds new API parameters to override workflow task list for
workflow executions.
- from version 1.31.24
* api-change:``cloudtrail``: Documentation updates for CloudTrail.
* api-change:``connect``: This release adds APIs to provision agents that are global / available in
multiple AWS regions and distribute them across these regions by percentage.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``omics``: This release adds instanceType to GetRunTask & ListRunTasks responses.
* api-change:``secretsmanager``: Add additional InvalidRequestException to list of possible
exceptions for ListSecret.
* api-change:``transfer``: Documentation updates for AW Transfer Family
- from version 1.31.23
* api-change:``chime-sdk-voice``: Updating CreatePhoneNumberOrder, UpdatePhoneNumber and
BatchUpdatePhoneNumbers APIs, adding phone number name
* api-change:``fsx``: For FSx for Lustre, add new data repository task type,
RELEASE_DATA_FROM_FILESYSTEM, to release files that have been archived to S3. For FSx for Windows,
enable support for configuring and updating SSD IOPS, and for updating storage type. For FSx for
OpenZFS, add new deployment type, MULTI_AZ_1.
* api-change:``globalaccelerator``: Documentation update for dualstack EC2 endpoint support
* api-change:``guardduty``: Added autoEnable ALL to UpdateOrganizationConfiguration and
DescribeOrganizationConfiguration APIs.
* api-change:``sagemaker``: This release adds support for cross account access for SageMaker Model
Cards through AWS RAM.
- from version 1.31.22
* api-change:``backup``: This release introduces a new logically air-gapped vault (Preview) in AWS
Backup that stores immutable backup copies, which are locked by default and isolated with
encryption using AWS owned keys. Logically air-gapped vault (Preview) allows secure recovery of
application data across accounts.
* api-change:``elasticache``: Added support for cluster mode in online migration and test migration
API
* api-change:``servicecatalog``: Introduce support for HashiCorp Terraform Cloud in Service Catalog
by addying TERRAFORM_CLOUD product type in CreateProduct and CreateProvisioningArtifact API.
- from version 1.31.21
* api-change:``detective``: Updated the email validation regex to be in line with the TLD name
specifications.
* api-change:``ivs-realtime``: Add QUOTA_EXCEEDED and PUBLISHER_NOT_FOUND to EventErrorCode for
stage health events.
* api-change:``kinesis-video-archived-media``: This release enables minimum of Images
SamplingInterval to be as low as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``kinesisvideo``: This release enables minimum of Images SamplingInterval to be as low
as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``rekognition``: This release adds code snippets for Amazon Rekognition Custom Labels.
- from version 1.31.20
* api-change:``acm-pca``: Documentation correction for AWS Private CA
* api-change:``connect``: Added a new API UpdateRoutingProfileAgentAvailabilityTimer to update
agent availability timer of a routing profile.
* api-change:``datasync``: Display cloud storage used capacity at a cluster level.
* api-change:``ecs``: This is a documentation update to address various tickets.
* api-change:``sagemaker``: Including DataCaptureConfig key in the Amazon Sagemaker Search's
transform job object
- from version 1.31.19
* api-change:``autoscaling``: Documentation changes related to Amazon EC2 Auto Scaling APIs.
* api-change:``cloud9``: Updated the deprecation date for Amazon Linux. Doc only update.
* api-change:``dms``: The release makes public API for DMS Schema Conversion feature.
* api-change:``ec2``: This release adds new parameter isPrimaryIPv6 to allow assigning an IPv6
address as a primary IPv6 address to a network interface which cannot be changed to give equivalent
functionality available for network interfaces with primary IPv4 address.
* api-change:``sagemaker``: Amazon SageMaker now supports running training jobs on p5.48xlarge
instance types.
- from version 1.31.18
* api-change:``budgets``: As part of CAE tagging integration we need to update our budget names
regex filter to prevent customers from using "/action/" in their budget names.
* api-change:``cognito-idp``: New feature that logs Cognito user pool error messages to CloudWatch
logs.
* api-change:``glue``: This release includes additional Glue Streaming KAKFA SASL property types.
* api-change:``resiliencehub``: Drift Detection capability added when applications policy has moved
from a meet to breach state. Customers will be able to exclude operational recommendations and
receive credit in their resilience score. Customers can now add ARH permissions to an existing or
new role.
* api-change:``sagemaker``: SageMaker Inference Recommender introduces a new API
GetScalingConfigurationRecommendation to recommend auto scaling policies based on completed
Inference Recommender jobs.
- from version 1.31.17
* api-change:``batch``: This release adds support for price capacity optimized allocation strategy
for Spot Instances.
* api-change:``dms``: Adding new API describe-engine-versions which provides information about the
lifecycle of a replication instance's version.
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet
Monitor that enables customers to set custom thresholds, for performance and availability drops,
for impact limited to a single city-network to trigger creation of a health event.
* api-change:``medialive``: AWS Elemental Link devices now report their Availability Zone. Link
devices now support the ability to change their Availability Zone.
* api-change:``polly``: Amazon Polly adds new French Belgian voice - Isabelle. Isabelle is
available as Neural voice only.
* api-change:``rds``: Added support for deleted clusters PiTR.
* api-change:``sagemaker``: Add Stairs TrafficPattern and FlatInvocations to
RecommendationJobStoppingConditions
- from version 1.31.16
* api-change:``amplifyuibuilder``: Amplify Studio releases GraphQL support for codegen job action.
* api-change:``autoscaling``: You can now configure an instance refresh to set its status to
'failed' when it detects that a specified CloudWatch alarm has gone into the ALARM state. You can
also choose to roll back the instance refresh automatically when the alarm threshold is met.
* api-change:``cleanrooms``: This release introduces custom SQL queries - an expanded set of SQL
you can run. This release adds analysis templates, a new resource for storing pre-defined custom
SQL queries ahead of time. This release also adds the Custom analysis rule, which lets you approve
analysis templates for querying.
* api-change:``codestar-connections``: New integration with the Gitlab provider type.
* api-change:``drs``: Add support for in-aws right sizing
* api-change:``inspector2``: This release adds 1 new API: BatchGetFindingDetails to retrieve
enhanced vulnerability intelligence details for findings.
* api-change:``lookoutequipment``: This release includes new import resource, model versioning and
resource policy features.
* api-change:``omics``: Add CreationType filter for ListReadSets
* api-change:``rds``: This release adds support for Aurora MySQL local write forwarding, which
allows for forwarding of write operations from reader DB instances to the writer DB instance.
* api-change:``route53``: Amazon Route 53 now supports the Israel (Tel Aviv) Region (il-central-1)
for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.
* api-change:``scheduler``: This release introduces automatic deletion of schedules in EventBridge
Scheduler. If configured, EventBridge Scheduler automatically deletes a schedule after the schedule
has completed its last invocation.
- from version 1.31.15
* enhancement:HTTP: Move 100-continue behavior to use `HTTPConnections` request interface.
* api-change:``application-insights``: This release enable customer to add/remove/update more than
one workload for a component
* api-change:``cloudformation``: This SDK release is for the feature launch of AWS CloudFormation
RetainExceptOnCreate. It adds a new parameter retainExceptOnCreate in the following APIs:
CreateStack, UpdateStack, RollbackStack, ExecuteChangeSet.
* api-change:``cloudfront``: Add a new JavaScript runtime version for CloudFront Functions.
* api-change:``connect``: This release adds support for new number types.
* api-change:``kafka``: Amazon MSK has introduced new versions of ListClusterOperations and
DescribeClusterOperation APIs. These v2 APIs provide information and insights into the ongoing
operations of both MSK Provisioned and MSK Serverless clusters.
* api-change:``pinpoint``: Added support for sending push notifications using the FCM v1 API with
json credentials. Amazon Pinpoint customers can now deliver messages to Android devices using both
FCM v1 API and the legacy FCM/GCM API
- from version 1.31.14
* enhancement:compression: Adds support for the ``requestcompression`` operation trait.
* api-change:``sqs``: Documentation changes related to SQS APIs.
- from version 1.31.13
* api-change:``autoscaling``: This release updates validation for instance types used in the
AllowedInstanceTypes and ExcludedInstanceTypes parameters of the InstanceRequirements property of a
MixedInstancesPolicy.
* api-change:``ebs``: SDK and documentation updates for Amazon Elastic Block Store API
* api-change:``ec2``: SDK and documentation updates for Amazon Elastic Block Store APIs
* api-change:``eks``: Add multiple customer error code to handle customer caused failure when
managing EKS node groups
* api-change:``sagemaker``: Expose ProfilerConfig attribute in SageMaker Search API response.
- from version 1.31.12
* api-change:``cloudcontrol``: Updates the documentation for CreateResource.
* api-change:``entityresolution``: AWS Entity Resolution can effectively match a source record from
a customer relationship management (CRM) system with a source record from a marketing system
containing campaign information.
* api-change:``glue``: Release Glue Studio Snowflake Connector Node for SDK/CLI
* api-change:``healthlake``: Updating the HealthLake service documentation.
* api-change:``managedblockchain-query``: Amazon Managed Blockchain (AMB) Query provides serverless
access to standardized, multi-blockchain datasets with developer-friendly APIs.
* api-change:``mediaconvert``: This release includes general updates to user documentation.
* api-change:``omics``: The service is renaming as a part of AWS Health.
* api-change:``opensearchserverless``: This release adds new collection type VectorSearch.
* api-change:``polly``: Amazon Polly adds 1 new voice - Lisa (nl-BE)
* api-change:``route53``: Update that corrects the documents for received feedback.
- from version 1.31.11
* api-change:``billingconductor``: Added support for Auto-Assocate Billing Groups for
CreateBillingGroup, UpdateBillingGroup, and ListBillingGroups.
* api-change:``customer-profiles``: Amazon Connect Customer Profiles now supports rule-based
resolution to match and merge similar profiles into unified profiles, helping companies deliver
faster and more personalized customer service by providing access to relevant customer information
for agents and automated experiences.
* api-change:``datasync``: AWS DataSync now supports Microsoft Azure Blob Storage locations.
* api-change:``dynamodb``: Documentation updates for DynamoDB
* api-change:``ec2``: This release adds an instance's peak and baseline network bandwidth as well
as the memory sizes of an instance's inference accelerators to DescribeInstanceTypes.
* api-change:``emr-serverless``: This release adds support for publishing application logs to
CloudWatch.
* api-change:``lambda``: Add Python 3.11 (python3.11) support to AWS Lambda
* api-change:``rds``: This release adds support for monitoring storage optimization progress on the
DescribeDBInstances API.
* api-change:``sagemaker``: Mark ContentColumn and TargetLabelColumn as required Targets in
TextClassificationJobConfig in CreateAutoMLJobV2API
* api-change:``securityhub``: Add support for CONTAINS and NOT_CONTAINS comparison operators for
Automation Rules string filters and map filters
* api-change:``sts``: API updates for the AWS Security Token Service
* api-change:``transfer``: This release adds support for SFTP Connectors.
* api-change:``wisdom``: This release added two new data types: AssistantIntegrationConfiguration,
and SessionIntegrationConfiguration to support Wisdom integration with Amazon Connect Chat
- from version 1.31.10
* api-change:``apigatewayv2``: Documentation updates for Amazon API Gateway.
* api-change:``ce``: This release introduces the new API
'GetSavingsPlanPurchaseRecommendationDetails', which retrieves the details for a Savings Plan
recommendation. It also updates the existing API 'GetSavingsPlansPurchaseRecommendation' to include
the recommendation detail ID.
* api-change:``chime-sdk-media-pipelines``: AWS Media Pipeline compositing enhancement and Media
Insights Pipeline auto language identification.
* api-change:``cloudformation``: This release supports filtering by DRIFT_STATUS for existing API
ListStackInstances and adds support for a new API ListStackInstanceResourceDrifts. Customers can
now view resource drift information from their StackSet management accounts.
* api-change:``ec2``: Add "disabled" enum value to SpotInstanceState.
* api-change:``glue``: Added support for Data Preparation Recipe node in Glue Studio jobs
* api-change:``quicksight``: This release launches new Snapshot APIs for CSV and PDF exports, adds
support for info icon for filters and parameters in Exploration APIs, adds modeled exception to the
DeleteAccountCustomization API, and introduces AttributeAggregationFunction's ability to add
UNIQUE_VALUE aggregation in tooltips.
- from version 1.31.9
* api-change:``glue``: This release adds support for AWS Glue Crawler with Apache Hudi Tables,
allowing Crawlers to discover Hudi Tables in S3 and register them in Glue Data Catalog for query
engines to query against.
* api-change:``mediaconvert``: This release includes improvements to Preserve 444 handling,
compatibility of HEVC sources without frame rates, and general improvements to MP4 outputs.
* api-change:``rds``: Adds support for the DBSystemID parameter of CreateDBInstance to RDS Custom
for Oracle.
* api-change:``workspaces``: Fixed VolumeEncryptionKey descriptions
- from version 1.31.8
* api-change:``codecatalyst``: This release adds support for updating and deleting spaces and
projects in Amazon CodeCatalyst. It also adds support for creating, getting, and deleting source
repositories in CodeCatalyst projects.
* api-change:``connectcases``: This release adds the ability to assign a case to a queue or user.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``route53resolver``: This release adds support for Route 53 On Outposts, a new feature
that allows customers to run Route 53 Resolver and Resolver endpoints locally on their Outposts.
* api-change:``s3``: Improve performance of S3 clients by simplifying and optimizing endpoint
resolution.
* api-change:``sagemaker-featurestore-runtime``: Cross account support for SageMaker Feature Store
* api-change:``sagemaker``: Cross account support for SageMaker Feature Store
* api-change:``securitylake``: Adding support for Tags on Create and Resource Tagging API.
* api-change:``transcribe``: Added API argument --toxicity-detection to startTranscriptionJob API,
which allows users to view toxicity scores of submitted audio.
- from version 1.31.7
* enhancement:AWSCRT: Upgrade awscrt version to 0.16.26
* api-change:``savingsplans``: Savings Plans endpoints update
- from version 1.31.6
* api-change:``cloudformation``: SDK and documentation updates for GetTemplateSummary API
(unrecognized resources)
* api-change:``ec2``: Amazon EC2 documentation updates.
* api-change:``grafana``: Amazon Managed Grafana now supports grafanaVersion update for existing
workspaces with UpdateWorkspaceConfiguration API. DescribeWorkspaceConfiguration API additionally
returns grafanaVersion. A new ListVersions API lists available versions or, if given a workspaceId,
the versions it can upgrade to.
* api-change:``medical-imaging``: General Availability (GA) release of AWS Health Imaging, enabling
customers to store, transform, and analyze medical imaging data at petabyte-scale.
* api-change:``ram``: This release adds support for securely sharing with AWS service principals.
* api-change:``ssm-sap``: Added support for SAP Hana High Availability discovery (primary and
secondary nodes) and Backint agent installation with SSM for SAP.
* api-change:``wafv2``: Added the URI path to the custom aggregation keys that you can specify for
a rate-based rule.
- from version 1.31.5
* api-change:``codeguru-security``: Documentation updates for CodeGuru Security.
* api-change:``connect``: GetMetricDataV2 API: Update to include Contact Lens Conversational
Analytics Metrics
* api-change:``es``: Regex Validation on the ElasticSearch Engine Version attribute
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``m2``: Allows UpdateEnvironment to update the environment to 0 host capacity. New
GetSignedBluinsightsUrl API
* api-change:``snowball``: Adds support for RACK_5U_C. This is the first AWS Snow Family device
designed to meet U.S. Military Ruggedization Standards (MIL-STD-810H) with 208 vCPU device in a
portable, compact 5U, half-rack width form-factor.
* api-change:``translate``: Added DOCX word document support to TranslateDocument API
- from version 1.31.4
* api-change:``codeartifact``: Doc only update for AWS CodeArtifact
* api-change:``docdb``: Added major version upgrade option in ModifyDBCluster API
* api-change:``ec2``: Add Nitro TPM support on DescribeInstanceTypes
* api-change:``glue``: Adding new supported permission type flags to get-unfiltered endpoints that
callers may pass to indicate support for enforcing Lake Formation fine-grained access control on
nested column attributes.
* api-change:``ivs``: This release provides the flexibility to configure what renditions or
thumbnail qualities to record when creating recording configuration.
* api-change:``lakeformation``: Adds supports for ReadOnlyAdmins and
AllowFullTableExternalDataAccess. Adds NESTED_PERMISSION and NESTED_CELL_PERMISSION to
SUPPORTED_PERMISSION_TYPES enum. Adds CREATE_LF_TAG on catalog resource and ALTER, DROP, and
GRANT_WITH_LF_TAG_EXPRESSION on LF Tag resource.
- from version 1.31.3
* api-change:``cognito-idp``: API model updated in Amazon Cognito
* api-change:``connect``: Add support for deleting Queues and Routing Profiles.
* api-change:``datasync``: Added LunCount to the response object of
DescribeStorageSystemResourcesResponse, LunCount represents the number of LUNs on a storage system
resource.
* api-change:``dms``: Enhanced PostgreSQL target endpoint settings for providing Babelfish support.
* api-change:``ec2``: This release adds support for the C7gn and Hpc7g instances. C7gn instances
are powered by AWS Graviton3 processors and the fifth-generation AWS Nitro Cards. Hpc7g instances
are powered by AWS Graviton 3E processors and provide up to 200 Gbps network bandwidth.
* api-change:``fsx``: Amazon FSx for NetApp ONTAP now supports SnapLock, an ONTAP feature that
enables you to protect your files in a volume by transitioning them to a write once, read many
(WORM) state.
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``mediatailor``: Adds categories to MediaTailor channel assembly alerts
* api-change:``personalize``: This release provides ability to customers to change schema
associated with their datasets in Amazon Personalize
* api-change:``proton``: This release adds support for deployment history for Proton provisioned
resources
* api-change:``s3``: S3 Inventory now supports Object Access Control List and Object Owner as
available object metadata fields in inventory reports.
* api-change:``sagemaker``: Amazon SageMaker Canvas adds WorkspeceSettings support for
CanvasAppSettings
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
- Update to 1.31.2:
* bugfix:s3: Fix s3 presigned URLs for operations with query components (`#2962
<https://github.com/boto/botocore/issues/2962>`__)
* api-change:``cognito-idp``: API model updated in Amazon Cognito
- from version 1.31.1
* api-change:``dms``: Releasing DMS Serverless. Adding support for PostgreSQL 15.x as source and
target endpoint. Adding support for DocDB Elastic Clusters with sharded collections, PostgreSQL
datatype mapping customization and disabling hostname validation of the certificate authority in
Kafka endpoint settings
* api-change:``glue``: This release enables customers to create new Apache Iceberg tables and
associated metadata in Amazon S3 by using native AWS Glue CreateTable operation.
* api-change:``logs``: Add CMK encryption support for CloudWatch Logs Insights query result data
* api-change:``medialive``: This release enables the use of Thumbnails in AWS Elemental MediaLive.
* api-change:``mediatailor``: The AWS Elemental MediaTailor SDK for Channel Assembly has added
support for EXT-X-CUE-OUT and EXT-X-CUE-IN tags to specify ad breaks in HLS outputs, including
support for EXT-OATCLS, EXT-X-ASSET, and EXT-X-CUE-OUT-CONT accessory tags.
- from version 1.31.0
* api-change:``ec2``: Add Nitro Enclaves support on DescribeInstanceTypes
* api-change:``location``: This release adds support for authenticating with Amazon Location
Service's Places & Routes APIs with an API Key. Also, with this release developers can publish
tracked device position updates to Amazon EventBridge.
* api-change:``outposts``: Added paginator support to several APIs. Added the ISOLATED enum value
to AssetState.
* api-change:``quicksight``: This release includes below three changes: small multiples axes
improvement, field based coloring, removed required trait from Aggregation function for
TopBottomFilter.
* api-change:``rds``: Updates Amazon RDS documentation for creating DB instances and creating
Aurora global clusters.
* bugfix:configprovider: Fix bug when deep copying config value store where overrides were not
preserved
* enhancement:configprovider: Always use shallow copy of session config value store for clients
* feature:configuration: Configure the endpoint URL in the shared configuration file or via an
environment variable for a specific AWS service or all AWS services.
- from version 1.30.1
* api-change:``comprehendmedical``: Update to Amazon Comprehend Medical documentation.
* api-change:``connect``: GetMetricDataV2 API: Channels filters do not count towards overall
limitation of 100 filter values.
* api-change:``kms``: Added Dry Run Feature to cryptographic and cross-account mutating KMS APIs
(14 in all). This feature allows users to test their permissions and parameters before making the
actual API call.
* api-change:``mgn``: This release introduces the Global view feature and new Replication state
APIs.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- from version 1.30.0
* feature:Useragent: Update User-Agent header format
* api-change:``batch``: This feature allows customers to use AWS Batch with Linux with ARM64 CPU
Architecture and X86_64 CPU Architecture with Windows OS on Fargate Platform.
* api-change:``sagemaker``: SageMaker Inference Recommender now accepts new fields
SupportedEndpointType and ServerlessConfiguration to support serverless endpoints.
- from version 1.29.165
* api-change:``amp``: AWS SDK service model generation tool version upgrade.
* api-change:``ecs``: Added new field "credentialspecs" to the ecs task definition to support gMSA
of windows/linux in both domainless and domain-joined mode
* api-change:``ivs``: Corrects the HTTP response code in the generated docs for PutMetadata and
DeleteRecordingConfiguration APIs.
* api-change:``mediaconvert``: This release includes improved color handling of overlays and
general updates to user documentation.
* api-change:``sagemaker``: This release adds support for rolling deployment in SageMaker Inference.
* api-change:``transfer``: Add outbound Basic authentication support to AS2 connectors
* api-change:``verifiedpermissions``: This release corrects several broken links in the
documentation.
- from version 1.29.164
* api-change:``appstream``: This release introduces app block builder, allowing customers to
provision a resource to package applications into an app block
* api-change:``chime``: The Amazon Chime SDK APIs in the Chime namespace are no longer supported.
Customers should use APIs in the dedicated Amazon Chime SDK namespaces: ChimeSDKIdentity,
ChimeSDKMediaPipelines, ChimeSDKMeetings, ChimeSDKMessaging, and ChimeSDKVoice.
* api-change:``cleanrooms``: This release adds support for the OR operator in RSQL join match
conditions and the ability to control which operators (AND, OR) are allowed in a join match
condition.
* api-change:``dynamodb``: This release adds ReturnValuesOnConditionCheckFailure parameter to
PutItem, UpdateItem, DeleteItem, ExecuteStatement, BatchExecuteStatement and ExecuteTransaction
APIs. When set to ALL_OLD, API returns a copy of the item as it was when a conditional write failed
* api-change:``gamelift``: Amazon GameLift now supports game builds that use the Amazon Linux 2023
(AL2023) operating system.
* api-change:``glue``: This release adds support for AWS Glue Crawler with Iceberg Tables, allowing
Crawlers to discover Iceberg Tables in S3 and register them in Glue Data Catalog for query engines
to query against.
* api-change:``sagemaker``: Adding support for timeseries forecasting in the CreateAutoMLJobV2 API.
- Update 1.29.163:
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet
Monitor that enables customers to set custom thresholds, for performance and availability drops,
for triggering when to create a health event.
* api-change:``kinesisanalyticsv2``: Support for new runtime environment in Kinesis Data Analytics
Studio: Zeppelin-0.10, Apache Flink-1.15
* api-change:``lambda``: Surface ResourceConflictException in DeleteEventSourceMapping
* api-change:``omics``: Add Common Workflow Language (CWL) as a supported language for Omics
workflows
* api-change:``rds``: Amazon Relational Database Service (RDS) now supports joining a RDS for SQL
Server instance to a self-managed Active Directory.
* api-change:``s3``: The S3 LISTObjects, ListObjectsV2 and ListObjectVersions API now supports a
new optional header x-amz-optional-object-attributes. If header contains RestoreStatus as the
value, then S3 will include Glacier restore status i.e. isRestoreInProgress and RestoreExpiryDate
in List response.
* api-change:``sagemaker``: This release adds support for Model Cards Model Registry integration.
- from version 1.29.162
* bugfix:Parsers: Fixes datetime parse error handling for out-of-range and negative timestamps
(`#2564 <https://github.com/boto/botocore/issues/2564>`__).
* api-change:``appfabric``: Initial release of AWS AppFabric for connecting SaaS applications for
better productivity and security.
* api-change:``appflow``: This release adds support to bypass SSO with the SAPOData connector when
connecting to an SAP instance.
* api-change:``emr-serverless``: This release adds support to update the release label of an EMR
Serverless application to upgrade it to a different version of Amazon EMR via UpdateApplication API.
* api-change:``ivs``: IVS customers can now revoke the viewer session associated with an auth
token, to prevent and stop playback using that token.
* api-change:``kinesisvideo``: General Availability (GA) release of Kinesis Video Streams at Edge,
enabling customers to provide a configuration for the Kinesis Video Streams EdgeAgent running on an
on-premise IoT device. Customers can now locally record from cameras and stream videos to the cloud
on a configured schedule.
* api-change:``macie2``: This release adds support for configuring new classification jobs to use
the set of managed data identifiers that we recommend for jobs. For the managed data identifier
selection type (managedDataIdentifierSelector), specify RECOMMENDED.
* api-change:``privatenetworks``: This release allows Private5G customers to choose different
commitment plans (60-days, 1-year, 3-years) when placing new orders, enables automatic renewal
option for 1-year and 3-years commitments. It also allows customers to update the commitment plan
of an existing radio unit.
* api-change:``sagemaker-featurestore-runtime``: Introducing TTL for online store records for
feature groups.
* api-change:``sagemaker``: Introducing TTL for online store records in feature groups.
* api-change:``ssm``: Systems Manager doc-only update for June 2023.
* api-change:``verifiedpermissions``: This update fixes several broken links to the Cedar
documentation.
- from version 1.29.161
* api-change:``connect``: This release provides a way to search for existing tags within an
instance. Before tagging a resource, ensure consistency by searching for pre-existing key:value
pairs.
* api-change:``glue``: Timestamp Starting Position For Kinesis and Kafka Data Sources in a Glue
Streaming Job
* api-change:``guardduty``: Add support for user.extra.sessionName in Kubernetes Audit Logs
Findings.
* api-change:``iam``: Support for a new API "GetMFADevice" to present MFA device metadata such as
device certifications
* api-change:``pinpoint``: Added time zone estimation support for journeys
- from version 1.29.160
* api-change:``devops-guru``: This release adds support for encryption via customer managed keys.
* api-change:``fsx``: Update to Amazon FSx documentation.
* api-change:``rds``: Documentation improvements for create, describe, and modify DB clusters and
DB instances.
* api-change:``verifiedpermissions``: Added improved descriptions and new code samples to SDK
documentation.
- from version 1.29.159
* api-change:``chime-sdk-identity``: AppInstanceBots can be configured to be invoked or not using
the Target or the CHIME.mentions attribute for ChannelMessages
* api-change:``chime-sdk-messaging``: ChannelMessages can be made visible to sender and intended
recipient rather than all channel members with the target attribute. For example, a user can send
messages to a bot and receive messages back in a group channel without other members seeing them.
* api-change:``kendra``: Introducing Amazon Kendra Retrieve API that can be used to retrieve
relevant passages or text excerpts given an input query.
* api-change:``stepfunctions``: Update stepfunctions client to latest version
- from version 1.29.158
* api-change:``dynamodb``: Documentation updates for DynamoDB
* api-change:``emr``: Update emr client to latest version
* api-change:``inspector2``: This release adds support for Software Bill of Materials (SBOM) export
and the general availability of code scanning for AWS Lambda functions.
* api-change:``mediaconvert``: This release introduces the bandwidth reduction filter for the HEVC
encoder, increases the limits of outputs per job, and updates support for the Nagra SDK to version
- from version 1.14.7.
* api-change:``mq``: The Cross Region Disaster Recovery feature allows to replicate a brokers state
from one region to another in order to provide customers with multi-region resiliency in the event
of a regional outage.
* api-change:``sagemaker``: This release provides support in SageMaker for output files in training
jobs to be uploaded without compression and enable customer to deploy uncompressed model from S3 to
real-time inference Endpoints. In addition, ml.trn1n.32xlarge is added to supported instance type
list in training job.
* api-change:``transfer``: This release adds a new parameter StructuredLogDestinations to
CreateServer, UpdateServer APIs.
- from version 1.29.157
* api-change:``appflow``: This release adds new API to reset connector metadata cache
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in May 2023.
* api-change:``ec2``: Adds support for targeting Dedicated Host allocations by assetIds in AWS
Outposts
* api-change:``lambda``: This release adds RecursiveInvocationException to the Invoke API and
InvokeWithResponseStream API.
* api-change:``redshift``: Added support for custom domain names for Redshift Provisioned clusters.
This feature enables customers to create a custom domain name and use ACM to generate fully secure
connections to it.
- from version 1.29.156
* api-change:``cloudformation``: Specify desired CloudFormation behavior in the event of ChangeSet
execution failure using the CreateChangeSet OnStackFailure parameter
* api-change:``ec2``: API changes to AWS Verified Access to include data from trust providers in
logs
* api-change:``ecs``: Documentation only update to address various tickets.
* api-change:``glue``: This release adds support for creating cross region table/database resource
links
* api-change:``pricing``: This release updates the PriceListArn regex pattern.
* api-change:``route53domains``: Update MaxItems upper bound to 1000 for ListPricesRequest
* api-change:``sagemaker``: Amazon Sagemaker Autopilot releases CreateAutoMLJobV2 and
DescribeAutoMLJobV2 for Autopilot customers with ImageClassification, TextClassification and
Tabular problem type config support.
- from version 1.29.155
* api-change:``account``: Improve pagination support for ListRegions
* api-change:``connect``: Updates the *InstanceStorageConfig APIs to support a new ResourceType:
SCREEN_RECORDINGS to enable screen recording and specify the storage configurations for publishing
the recordings. Also updates DescribeInstance and ListInstances APIs to include InstanceAccessUrl
attribute in the API response.
* api-change:``discovery``: Add Amazon EC2 instance recommendations export
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``s3``: This release adds SDK support for request-payer request header and
request-charged response header in the "GetBucketAccelerateConfiguration", "ListMultipartUploads",
"ListObjects", "ListObjectsV2" and "ListObjectVersions" S3 APIs.
- from version 1.29.154
* api-change:``auditmanager``: This release introduces 2 Audit Manager features: CSV exports and
new manual evidence options. You can now export your evidence finder results in CSV format. In
addition, you can now add manual evidence to a control by entering free-form text or uploading a
file from your browser.
* api-change:``efs``: Update efs client to latest version
* api-change:``guardduty``: Updated descriptions for some APIs.
* api-change:``location``: Amazon Location Service adds categories to places, including filtering
on those categories in searches. Also, you can now add metadata properties to your geofences.
- Add _constraints to avoid OOM in %check
- Update 1.29.153:
* api-change:``cloudtrail``: This feature allows users to view dashboards for CloudTrail Lake event
data stores.
* api-change:``codeguru-security``: Initial release of Amazon CodeGuru Security APIs
* api-change:``drs``: Added APIs to support network replication and recovery using AWS Elastic
Disaster Recovery.
* api-change:``ec2``: This release introduces a new feature, EC2 Instance Connect Endpoint, that
enables you to connect to a resource over TCP, without requiring the resource to have a public IPv4
address.
* api-change:``imagebuilder``: Change the Image Builder ImagePipeline dateNextRun field to more
accurately describe the data.
* api-change:``lightsail``: This release adds pagination for the Get Certificates API operation.
* api-change:``s3``: Integrate double encryption feature to SDKs.
* api-change:``securityhub``: Add support for Security Hub Automation Rules
* api-change:``simspaceweaver``: This release fixes using aws-us-gov ARNs in API calls and adds
documentation for snapshot APIs.
* api-change:``verifiedpermissions``: GA release of Amazon Verified Permissions.
* api-change:``wafv2``: You can now detect and block fraudulent account creation attempts with the
new AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group
AWSManagedRulesACFPRuleSet.
* api-change:``wellarchitected``: AWS Well-Architected now supports Profiles that help customers
prioritize which questions to focus on first by providing a list of prioritized questions that are
better aligned with their business goals and outcomes.
- from version 1.29.152
* api-change:``amplifyuibuilder``: AWS Amplify UIBuilder is launching Codegen UI, a new feature
that enables you to generate your amplify uibuilder components and forms.
* api-change:``dynamodb``: Documentation updates for DynamoDB
* api-change:``dynamodbstreams``: Update dynamodbstreams client to latest version
* api-change:``fsx``: Amazon FSx for NetApp ONTAP now supports joining a storage virtual machine
(SVM) to Active Directory after the SVM has been created.
* api-change:``opensearch``: This release adds support for SkipUnavailable connection property for
cross cluster search
* api-change:``rekognition``: This release adds support for improved accuracy with user vector in
Amazon Rekognition Face Search. Adds new APIs: AssociateFaces, CreateUser, DeleteUser,
DisassociateFaces, ListUsers, SearchUsers, SearchUsersByImage. Also adds new face metadata that can
be stored: user vector.
* api-change:``sagemaker``: Sagemaker Neo now supports compilation for inferentia2 (ML_INF2) and
Trainium1 (ML_TRN1) as available targets. With these devices, you can run your workloads at highest
performance with lowest cost. inferentia2 (ML_INF2) is available in CMH and Trainium1 (ML_TRN1) is
available in IAD currently
- from version 1.29.151
* api-change:``acm-pca``: Document-only update to refresh CLI documentation for AWS Private CA. No
change to the service.
* api-change:``connect``: This release adds search APIs for Prompts, Quick Connects and Hours of
Operations, which can be used to search for those resources within a Connect Instance.
- from version 1.29.150
* api-change:``athena``: You can now define custom spark properties at start of the session for use
cases like cluster encryption, table formats, and general Spark tuning.
* api-change:``comprehendmedical``: This release supports a new set of entities and traits.
* api-change:``payment-cryptography-data``: Initial release of AWS Payment Cryptography DataPlane
Plane service for performing cryptographic operations typically used during card payment processing.
* api-change:``payment-cryptography``: Initial release of AWS Payment Cryptography Control Plane
service for creating and managing cryptographic keys used during card payment processing.
* api-change:``servicecatalog``: New parameter added in ServiceCatalog DescribeProvisioningArtifact
api - IncludeProvisioningArtifactParameters. This parameter can be used to return information about
the parameters used to provision the product
* api-change:``timestream-write``: This release adds the capability for customers to define how
their data should be partitioned, optimizing for certain access patterns. This definition will take
place as a part of the table creation.
- from version 1.29.149
* api-change:``cloudformation``: AWS CloudFormation StackSets is updating the deployment experience
for all stackset operations to skip suspended AWS accounts during deployments. StackSets will skip
target AWS accounts that are suspended and set the Detailed Status of the corresponding stack
instances as SKIPPED_SUSPENDED_ACCOUNT
* api-change:``customer-profiles``: This release introduces event stream related APIs.
* api-change:``directconnect``: This update corrects the jumbo frames mtu values from 9100 to 8500
for transit virtual interfaces.
* api-change:``emr-containers``: EMR on EKS adds support for log rotation of Spark container logs
with EMR-6.11.0 onwards, to the StartJobRun API.
* api-change:``iotdeviceadvisor``: AWS IoT Core Device Advisor now supports new Qualification Suite
test case list. With this update, customers can more easily create new qualification test suite
with an empty rootGroup input.
* api-change:``logs``: This change adds support for account level data protection policies using 3
new APIs, PutAccountPolicy, DeleteAccountPolicy and DescribeAccountPolicy. DescribeLogGroup API has
been modified to indicate if account level policy is applied to the LogGroup via
"inheritedProperties" list in the response.
- from version 1.29.148
* api-change:``connect``: GetMetricDataV2 API is now available in AWS GovCloud(US) region.
* api-change:``emr``: Update emr client to latest version
* api-change:``iam``: This release updates the AccountAlias regex pattern with the same length
restrictions enforced by the length constraint.
* api-change:``inspector2``: Adds new response properties and request parameters for 'last scanned
at' on the ListCoverage operation. This feature allows you to search and view the date of which
your resources were last scanned by Inspector.
* api-change:``iot-data``: Update thing shadow name regex to allow '$' character
* api-change:``iot``: Adding IoT Device Management Software Package Catalog APIs to register,
store, and report system software packages, along with their versions and metadata in a centralized
location.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``quicksight``: QuickSight support for pivot table field collapse state, radar chart
range scale and multiple scope options in conditional formatting.
* api-change:``signer``: AWS Signer is launching Container Image Signing, a new feature that
enables you to sign and verify container images. This feature enables you to validate that only
container images you approve are used in your enterprise.
* api-change:``sqs``: Amazon SQS adds three new APIs - StartMessageMoveTask, CancelMessageMoveTask,
and ListMessageMoveTasks to automate redriving messages from dead-letter queues to source queues or
a custom destination.
- from version 1.29.147
* api-change:``cloudformation``: AWS CloudFormation StackSets provides customers with three new
APIs to activate, deactivate, and describe AWS Organizations trusted access which is needed to get
started with service-managed StackSets.
* api-change:``ec2``: Making InstanceTagAttribute as the required parameter for the
DeregisterInstanceEventNotificationAttributes and RegisterInstanceEventNotificationAttributes APIs.
* api-change:``finspace``: Releasing new Managed kdb Insights APIs
* api-change:``frauddetector``: Added new variable types, new DateTime data type, and new rules
engine functions for interacting and working with DateTime data types.
* api-change:``keyspaces``: This release adds support for MRR GA launch, and includes multiregion
support in create-keyspace, get-keyspace, and list-keyspace.
* api-change:``kms``: This release includes feature to import customer's asymmetric (RSA and ECC)
and HMAC keys into KMS. It also includes feature to allow customers to specify number of days to
schedule a KMS key deletion as a policy condition key.
* api-change:``lambda``: Add Ruby 3.2 (ruby3.2) Runtime support to AWS Lambda.
* api-change:``mwaa``: This release adds ROLLING_BACK and CREATING_SNAPSHOT environment statuses
for Amazon MWAA environments.
- from version 1.29.146
* api-change:``athena``: This release introduces the DeleteCapacityReservation API and the ability
to manage capacity reservations using CloudFormation
* api-change:``cloudtrail``: This feature allows users to start and stop event ingestion on a
CloudTrail Lake event data store.
* api-change:``sagemaker``: This release adds Selective Execution feature that allows SageMaker
Pipelines users to run selected steps in a pipeline.
* api-change:``wafv2``: Added APIs to describe managed products. The APIs retrieve information
about rule groups that are managed by AWS and by AWS Marketplace sellers.
- from version 1.29.145
* api-change:``alexaforbusiness``: Alexa for Business has been deprecated and is no longer
supported.
* api-change:``appflow``: Added ability to select DataTransferApiType for DescribeConnector and
CreateFlow requests when using Async supported connectors. Added supportedDataTransferType to
DescribeConnector/DescribeConnectors/ListConnector response.
* api-change:``customer-profiles``: This release introduces calculated attribute related APIs.
* api-change:``ivs``: API Update for IVS Advanced Channel type
* api-change:``sagemaker``: Amazon Sagemaker Autopilot adds support for Parquet file input to NLP
text classification jobs.
* api-change:``wafv2``: Corrected the information for the header order FieldToMatch setting
- update to 1.29.144:
* see https://raw.githubusercontent.com/boto/botocore/1.29.144/CHANGELOG.rst
- use vendored urllib3/requests to avoid conflicts with
urllib3 2.x and requests
- Update 1.29.130:
* api-change:``glue``: Support large worker types G.4x and G.8x for Glue Spark
* api-change:``guardduty``: Add AccessDeniedException 403 Error message code to support 3 Tagging
related APIs
* api-change:``iotsitewise``: Provide support for 20,000 max results for
GetAssetPropertyValueHistory/BatchGetAssetPropertyValueHistory and 15 minute aggregate resolution
for GetAssetPropertyAggregates/BatchGetAssetPropertyAggregates
* api-change:``sts``: Documentation updates for AWS Security Token Service.
- from version 1.29.129
* api-change:``ec2``: This release adds support the inf2 and trn1n instances. inf2 instances are
purpose built for deep learning inference while trn1n instances are powered by AWS Trainium
accelerators and they build on the capabilities of Trainium-powered trn1 instances.
* api-change:``inspector2``: Amazon Inspector now allows customers to search its vulnerability
intelligence database if any of the Inspector scanning types are activated.
* api-change:``mediatailor``: This release adds support for AFTER_LIVE_EDGE mode configuration for
avail suppression, and adding a fill-policy setting that sets the avail suppression to
PARTIAL_AVAIL or FULL_AVAIL_ONLY when AFTER_LIVE_EDGE is enabled.
* api-change:``sqs``: Revert previous SQS protocol change.
- from version 1.29.128
* bugfix:``sqs``: Rolled back recent change to wire format protocol
- from version 1.29.127
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in April 2023.
* api-change:``connect``: Remove unused InvalidParameterException from CreateParticipant API
* api-change:``ecs``: Documentation update for new error type NamespaceNotFoundException for
CreateCluster and UpdateCluster
* api-change:``network-firewall``: This release adds support for the Suricata REJECT option in
midstream exception configurations.
* api-change:``opensearch``: DescribeDomainNodes: A new API that provides configuration information
for nodes part of the domain
* api-change:``quicksight``: Add support for Topic, Dataset parameters and VPC
* api-change:``rekognition``: This release adds a new attribute FaceOccluded. Additionally, you can
now select attributes individually (e.g. ["DEFAULT", "FACE_OCCLUDED", "AGE_RANGE"] instead of
["ALL"]), which can reduce response time.
* api-change:``s3``: Documentation updates for Amazon S3
* api-change:``sagemaker``: We added support for ml.inf2 and ml.trn1 family of instances on Amazon
SageMaker for deploying machine learning (ML) models for Real-time and Asynchronous inference. You
can use these instances to achieve high performance at a low cost for generative artificial
intelligence (AI) models.
* api-change:``securityhub``: Add support for Finding History.
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol.
- from version 1.29.126
* api-change:``appsync``: Private API support for AWS AppSync. With Private APIs, you can now
create GraphQL APIs that can only be accessed from your Amazon Virtual Private Cloud ("VPC").
* api-change:``ec2``: Adds an SDK paginator for GetNetworkInsightsAccessScopeAnalysisFindings
* api-change:``inspector2``: This feature provides deep inspection for linux based instance
* api-change:``iottwinmaker``: This release adds a field for GetScene API to return error code and
message from dependency services.
* api-change:``network-firewall``: AWS Network Firewall now supports policy level HOME_NET variable
overrides.
* api-change:``opensearch``: Amazon OpenSearch Service adds the option to deploy a domain across
multiple Availability Zones, with each AZ containing a complete copy of data and with nodes in one
AZ acting as a standby. This option provides 99.99% availability and consistent performance in the
event of infrastructure failure.
* api-change:``wellarchitected``: This release deepens integration with AWS Service Catalog
AppRegistry to improve workload resource discovery.
- update to 1.29.125:
* api-change:``appflow``: This release adds new API to cancel
flow executions.
* api-change:``connect``: Amazon Connect Service Rules API update:
Added OnContactEvaluationSubmit event source to support user
configuring evaluation form rules.
* api-change:``ecs``: Documentation only update to address Amazon
ECS tickets.
* api-change:``kendra``: AWS Kendra now supports configuring
document fields/attributes via the GetQuerySuggestions API.
You can now base query suggestions on the contents of document
fields.
* api-change:``resiliencehub``: This release will improve resource
level transparency in applications by discovering previously
hidden resources.
* api-change:``sagemaker``: Amazon Sagemaker Autopilot supports
training models with sample weights and additional objective
metrics.
* api-change:``compute-optimizer``: support for tag filtering within
compute optimizer. ability to filter recommendation results by tag
and tag key value pairs. ability to filter by inferred workload
type added.
* api-change:``kms``: This release makes the NitroEnclave request
parameter Recipient and the response field for CiphertextForRecipient
available in AWS SDKs. It also adds the regex pattern for
CloudHsmClusterId validation.
* api-change:``appflow``: Adds Jwt Support for Salesforce Credentials.
* api-change:``athena``: You can now use capacity reservations on
Amazon Athena to run SQL queries on fully-managed compute capacity.
* api-change:``directconnect``: This release corrects the jumbo frames
MTU from 9100 to 8500.
* api-change:``efs``: Update efs client to latest version
* api-change:``grafana``: This release adds support for the
grafanaVersion parameter in CreateWorkspace.
* api-change:``iot``: This release allows AWS IoT Core users to
specify a TLS security policy when creating and updating AWS IoT
Domain Configurations.
* api-change:``rekognition``: Added support for aggregating moderation
labels by video segment timestamps for Stored Video Content Moderation
APIs and added additional information about the job to all Stored
Video Get API responses.
* api-change:``simspaceweaver``: Added a new CreateSnapshot API. For
the StartSimulation API, SchemaS3Location is now optional, added
a new SnapshotS3Location parameter. For the DescribeSimulation
API, added SNAPSHOT_IN_PROGRESS simulation state, deprecated
SchemaError, added new fields: StartError and SnapshotS3Location.
* api-change:``wafv2``: You can now associate a web ACL with a
Verified Access instance.
* api-change:``workspaces``: Added Windows 11 to support
Microsoft_Office_2019
* api-change:``ec2``: This release adds support for AMD SEV-SNP on EC2
instances.
* api-change:``emr-containers``: This release adds
GetManagedEndpointSessionCredentials, a new API that allows customers to
generate an auth token to connect to a managed endpoint, enabling features
such as self-hosted Jupyter notebooks for EMR on EKS.
* api-change:``guardduty``: Added API support to initiate on-demand malware
scan on specific resources.
* api-change:``iotdeviceadvisor``: AWS IoT Core Device Advisor now supports
MQTT over WebSocket. With this update, customers can run all three test
suites of AWS IoT Core Device Advisor - qualification, custom, and long
duration tests - using Signature Version 4 for MQTT over WebSocket.
* api-change:``kafka``: Amazon MSK has added new APIs that allows
multi-VPC private connectivity and cluster policy support for
Amazon MSK clusters that simplify connectivity and access between
your Apache Kafka clients hosted in different VPCs and AWS accounts
and your Amazon MSK clusters.
* api-change:``lambda``: Add Java 17 (java17) support to AWS Lambda
* api-change:``marketplace-catalog``: Enabled Pagination for List
Entities and List Change Sets operations
* api-change:``osis``: Documentation updates for OpenSearch Ingestion
* api-change:``qldb``: Documentation updates for Amazon QLDB
* api-change:``sagemaker``: Added ml.p4d.24xlarge and ml.p4de.24xlarge
as supported instances for SageMaker Studio
* api-change:``xray``: Updated X-Ray documentation with Resource Policy API descriptions.
* api-change:``osis``: Initial release for OpenSearch Ingestion
* api-change:``chime-sdk-messaging``: Remove non actionable field
from UpdateChannelReadMarker and DeleteChannelRequest.
Add precise exceptions to DeleteChannel and
DeleteStreamingConfigurations error cases.
* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API
release including ability to manage forms and to submit contact
evaluations.
* api-change:``datasync``: This release adds 13 new APIs to support
AWS DataSync Discovery GA.
* api-change:``ds``: New field added in AWS Managed Microsoft AD
DescribeSettings response and regex pattern update for
UpdateSettings value. Added length validation to RemoteDomainName.
* api-change:``pinpoint``: Adds support for journey runs and
querying journey execution metrics based on journey runs.
Adds execution metrics to campaign activities. Updates docs
for Advanced Quiet Time.
* api-change:``appflow``: Increased the max length for RefreshToken
and AuthCode from 2048 to 4096.
* api-change:``codecatalyst``: Documentation updates for Amazon
CodeCatalyst.
* api-change:``ec2``: API changes to AWS Verified Access related to
identity providers' information.
* api-change:``mediaconvert``: This release introduces a noise
reduction pre-filter, linear interpolation deinterlace mode,
video pass-through, updated default job settings, and expanded
LC-AAC Stereo audio bitrate ranges.
* api-change:``rekognition``: Added new status result to Liveness
session status.
* api-change:``connect``: This release adds a new API CreateParticipant.
For Amazon Connect Chat, you can use this new API to customize
chat flow experiences.
* api-change:``ecs``: Documentation update to address various
Amazon ECS tickets.
* api-change:``fms``: AWS Firewall Manager adds support for multiple
administrators. You can now delegate more than one administrator
per organization.
* api-change:``chime-sdk-media-pipelines``: This release adds support
for specifying the recording file format in an S3 recording sink
configuration.
* api-change:``chime-sdk-meetings``: Adds support for Hindi and Thai
languages and additional Amazon Transcribe parameters to the
StartMeetingTranscription API.
* api-change:``chime``: Adds support for Hindi and Thai languages
and additional Amazon Transcribe parameters to the
StartMeetingTranscription API.
* api-change:``gamelift``: Amazon GameLift supports creating Builds
for Windows 2016 operating system.
* api-change:``guardduty``: This release adds support for the new
Lambda Protection feature.
* api-change:``iot``: Support additional OTA states in
GetOTAUpdate API
* api-change:``sagemaker``: Amazon SageMaker Canvas adds
ModelRegisterSettings support for CanvasAppSettings.
* api-change:``snowball``: Adds support for Amazon S3 compatible
storage. AWS Snow Family customers can now use Amazon S3
compatible storage on Snowball Edge devices. Also adds
support for V3_5S. This is a refreshed AWS Snowball
Edge Storage Optimized device type with 210TB SSD (customer usable).
* api-change:``wafv2``: You can now create encrypted API keys to use
in a client application integration of the JavaScript
CAPTCHA API . You can also retrieve a list of your API keys
and the JavaScript application integration URL.
* api-change:``comprehend``: This release supports native document
models for custom classification, in addition to plain-text models.
You train native document models using documents (PDF, Word, images)
in their native format.
* api-change:``ecs``: This release supports the Account Setting
"TagResourceAuthorization" that allows for enhanced Tagging
security controls.
* api-change:``ram``: This release adds support for customer
managed permissions. Customer managed permissions enable customers
to author and manage tailored permissions for resources shared
using RAM.
* api-change:``rds``: Adds support for the ImageId parameter of
CreateCustomDBEngineVersion to RDS Custom for Oracle
* api-change:``s3``: Provides support for "Snow" Storage class.
* api-change:``s3control``: Provides support for overriding endpoint
when region is "snow". This will enable bucket APIs for Amazon S3
Compatible storage on Snow Family devices.
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
- Update to 1.29.115
* api-change:``appflow``: This release adds a Client Token parameter to the following AppFlow APIs:
Create/Update Connector Profile, Create/Update Flow, Start Flow, Register Connector, Update
Connector Registration. The Client Token parameter allows idempotent operations for these APIs.
* api-change:``drs``: Changed existing APIs and added new APIs to support using an account-level
launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: Documentation updates for DynamoDB API
* api-change:``emr-serverless``: The GetJobRun API has been updated to include the job's billed
resource utilization. This utilization shows the aggregate vCPU, memory and storage that AWS has
billed for the job run. The billed resources include a 1-minute minimum usage for workers, plus
additional storage over 20 GB per worker.
* api-change:``internetmonitor``: This release includes a new configurable value,
TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by
percentage
* api-change:``iotwireless``: Supports the new feature of LoRaWAN roaming, allows to configure
MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast group
* api-change:``lambda``: Add Python 3.10 (python3.10) support to AWS Lambda
- from version 1.29.114
* api-change:``ecs``: This release supports ephemeral storage for AWS Fargate Windows containers.
* api-change:``lambda``: This release adds SnapStart related exceptions to InvokeWithResponseStream
API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: Doc only update for Refactor Spaces environments
without network bridge feature.
* api-change:``rds``: This release adds support of modifying the engine mode of database clusters.
- from version 1.29.113
* api-change:``chime-sdk-voice``: This release adds tagging support for Voice Connectors and SIP
Media Applications
* api-change:``mediaconnect``: Gateway is a new feature of AWS Elemental MediaConnect. Gateway
allows the deployment of on-premises resources for the purpose of transporting live video to and
from the AWS Cloud.
- from version 1.29.112
* api-change:``groundstation``: AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: Removal of the Ropsten network. The Ethereum foundation ceased
support of Ropsten on December 31st, 2022..
- from version 1.29.111
* api-change:``ecr-public``: This release will allow using registry alias as registryId in
BatchDeleteImage request.
* api-change:``emr-serverless``: This release extends GetJobRun API to return job run timeout
(executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if
none was specified).
* api-change:``events``: Update events client to latest version
* api-change:``iot-data``: This release adds support for MQTT5 user properties when calling the AWS
IoT GetRetainedMessage API
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body
inspection size is now 16 KB, and you can use the new association configuration to increase the
inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
- from version 1.29.110
* api-change:``connect``: This release adds the ability to configure an agent's routing profile to
receive contacts from multiple channels at the same time via extending the
UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: This release adds support for enabling FIPS compliance on Amazon ECS Fargate
tasks
* api-change:``marketplace-catalog``: Added three new APIs to support resource sharing:
GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType field to
ListEntities request to let users filter on entities that are shared with them. Increased max page
size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports conversion of 608
paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: Remove unexpected API changes.
* api-change:``rekognition``: This release adds support for Face Liveness APIs in Amazon
Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor
updates to API documentation.
- from version 1.29.109
* api-change:``dlm``: Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: This release adds a new parameter 'DBClusterParameterGroupName' to
'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while
performing restore.
* api-change:``fsx``: Amazon FSx for Lustre now supports creating data repository associations on
Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: This release adds a new Lambda InvokeWithResponseStream API to support
streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function
Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: This release has two changes: adding the OR condition to tag-based RLS
rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties
operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: Update documentation of API descriptions as needed in support of
temporary credentials with IAM identity.
* api-change:``servicecatalog``: Updates description for property
- from version 1.29.108
* api-change:``cloudformation``: Including UPDATE_COMPLETE as a failed status for DeleteStack
waiter.
* api-change:``greengrassv2``: Add support for SUCCEEDED value in coreDeviceExecutionStatus field.
Documentation updates for Greengrass V2.
* api-change:``proton``: This release adds support for the AWS Proton service sync feature. Service
sync enables managing an AWS Proton service (creating and updating instances) and all of it's
corresponding service instances from a Git repository.
* api-change:``rds``: Adds and updates the SDK examples
- from version 1.29.107
* api-change:``apprunner``: App Runner adds support for seven new vCPU and memory configurations.
* api-change:``config``: This release adds resourceType enums for types released in March 2023.
* api-change:``ecs``: This is a document only updated to add information about Amazon Elastic
Inference (EI).
* api-change:``identitystore``: Documentation updates for Identity Store CLI command reference.
* api-change:``ivs-realtime``: Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: AWS Network Firewall now supports IPv6-only subnets.
* api-change:``servicecatalog``: removed incorrect product type value
* api-change:``vpc-lattice``: This release removes the entities in the API doc model package for
auth policies.
- from version 1.29.106
* api-change:``amplifyuibuilder``: Support StorageField and custom displays for data-bound options
in form builder. Support non-string operands for predicates in collections. Support choosing client
to get token from.
* api-change:``autoscaling``: Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: This release updates the value of MaxResults.
* api-change:``ec2``: C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd
Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth.
* api-change:``elastic-inference``: Updated public documentation for the Describe and Tagging APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: Amazon SageMaker Asynchronous Inference now allows customer's to
receive failure model responses in S3 and receive success/failure model responses in SNS
notifications.
* api-change:``wafv2``: This release rolls back association config feature for webACLs that protect
CloudFront protections.
- from version 1.29.105
* api-change:``glue``: Add support for database-level federation
* api-change:``lakeformation``: Add support for database-level federation
* api-change:``license-manager``: This release adds grant override options to the
CreateGrantVersion API. These options can be used to specify grant replacement behavior during
grant activation.
* api-change:``mwaa``: This Amazon MWAA release adds the ability to customize the Apache Airflow
environment by launching a shell script at startup. This shell script is hosted in your
environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and
initializing the Apache Airflow process.
* api-change:``servicecatalog``: This release introduces Service Catalog support for Terraform open
source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by the terraform
engine to notify the result of the provisioning engine execution. 2. Adds a new
TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body
inspection size is now 16 KB, and you can use the new association configuration to increase the
inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
- from version 1.29.104
* api-change:``ec2``: Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet
Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as
CloudWatch Logs.
* api-change:``resiliencehub``: Adding EKS related documentation for appTemplateBody
* api-change:``s3``: Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: In this release, you can now chose between soft
delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it
comes to managing online store data.
* api-change:``sms``: Deprecating AWS Server Migration Service.
- from version 1.29.103
* api-change:``athena``: Make DefaultExecutorDpuSize and CoordinatorDpuSize fields optional in
StartSession
* api-change:``autoscaling``: Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic
sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This
release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to
the DescribeScalingActivities API.
* api-change:``batch``: This feature allows Batch on EKS to support configuration of Pod Labels
through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: This release adds support for HDD EBS volume types and io2
Block Express. We are also adding support for 61 new instance types and instances that have non
consecutive runtime.
* api-change:``drs``: Adding a field to the replication configuration APIs to support the auto
replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: This release adds support for Tunnel Endpoint Lifecycle control, a new
feature that provides Site-to-Site VPN customers with better visibility and control of their VPN
tunnel maintenance updates.
* api-change:``emr``: Update emr client to latest version
* api-change:``glue``: This release adds support for AWS Glue Data Quality, which helps you
evaluate and monitor the quality of your data and includes the API for creating, deleting, or
updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: Added EKS Runtime Monitoring feature support to existing detector,
finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: Adds support for new image workflow details and image vulnerability
detection.
* api-change:``ivs``: Amazon Interactive Video Service (IVS) now offers customers the ability to
configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: AWS Network Firewall added TLS inspection configurations to
allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: Amazon SageMaker geospatial capabilities now supports
server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker
geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: AWS Well-Architected SDK now supports getting consolidated report
metrics and generating a consolidated report PDF.
- from version 1.29.102
* api-change:``opensearchserverless``: This release includes two new exception types
"ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: Add support for creating a read replica DB instance from a Multi-AZ DB
cluster.
- from version 1.29.101
* api-change:``iot-data``: Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: This release adds 12 new APIs as part of Oncall Schedule feature
release, adds support for a new contact type: ONCALL_SCHEDULE. Check public documentation for AWS
ssm-contacts for more information
* api-change:``ssm-incidents``: Increased maximum length of "TriggerDetails.rawData" to 10K
characters and "IncidentSummary" to 8K characters.
- from version 1.29.100
* api-change:``athena``: Enforces a minimal level of encryption for the workgroup for query and
calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption
only to the minimum level set by the administrator or higher when they submit queries.
* api-change:``chime-sdk-voice``: Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: This release introduces support for RelatedContactId in the
StartChatContact API. Interactive message and interactive message response have been added to the
list of supported message content types for this API as well.
* api-change:``connectparticipant``: This release provides an update to the SendMessage API to
handle interactive message response content-types.
* api-change:``iotwireless``: Introducing new APIs that enable Sidewalk devices to communicate with
AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices
with other AWS IoT Services, creating possibilities for seamless integration and advanced device
management.
* api-change:``medialive``: AWS Elemental MediaLive now supports ID3 tag insertion for audio only
HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: Fixed some improperly rendered links in SDK documentation.
* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for
AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: In this release, we started supporting ARN in
applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and
ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: Amazon Connect Voice ID now supports multiple fraudster watchlists.
Every domain has a default watchlist where all existing fraudsters are placed by default. Custom
watchlists may now be created, managed, and evaluated against for known fraudster detection.
- from version 1.29.99
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``comprehend``: This release adds a new field (FlywheelArn) to the
EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the
DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job
is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: Added error code CreateCustomDBEngineVersionFault for when the create custom
engine version for Custom engines fails.
- from version 1.29.98
* api-change:``batch``: This feature allows Batch to support configuration of ephemeral storage
size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: AppInstanceBots can be used to add a bot powered by Amazon Lex
to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: This release adds Amazon Chime SDK call analytics. Call
analytics include voice analytics, which provides speaker search and voice tone analysis. These
capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate
machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: ExpirationSettings provides automatic resource deletion for
Channels.
* api-change:``chime-sdk-voice``: This release adds Amazon Chime SDK call analytics. Call analytics
include voice analytics, which provides speaker search and voice tone analysis. These capabilities
can be used with Amazon Transcribe and Transcribe Call Analytics to generate
machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: Repository CreationTime is added to the CreateRepository and
ListRepositories API responses.
* api-change:``guardduty``: Adds AutoEnableOrganizationMembers attribute to
DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: Initial release of the Amazon Interactive Video Service RealTime API.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports passthrough of ID3v2
tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and
DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive
instance type.
* api-change:``servicediscovery``: Reverted the throttling exception RequestLimitExceeded for AWS
Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the
ErrorCode.
* api-change:``textract``: The AnalyzeDocument - Tables feature adds support for new elements in
the API: table titles, footers, section titles, summary cells/tables, and table type.
- from version 1.29.97
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``iottwinmaker``: This release adds support of adding metadata when creating a new
scene or updating an existing scene.
* api-change:``networkmanager``: This release includes an update to
create-transit-gateway-route-table-attachment, showing example usage for
TransitGatewayRouteTableArn.
* api-change:``pipes``: This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: This release provides customers with the ability to import
resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: This Patch Manager release supports creating, updating, and deleting Patch
Baselines for AmazonLinux2023, AlmaLinux.
- from version 1.29.96
* api-change:``chime-sdk-messaging``: Amazon Chime SDK messaging customers can now manage streaming
configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: GA Release of AWS Clean Rooms, Added Tagging Functionality
* api-change:``ec2``: This release adds support for AWS Network Firewall, AWS PrivateLink, and
Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path destination
optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: Provide support for tagging of data streams and enabling tag based
authorization for property alias
* api-change:``mgn``: This release introduces the Import and export feature and expansion of the
post-launch actions
- from version 1.29.95
* api-change:``application-autoscaling``: With this release customers can now tag their Application
Auto Scaling registered targets with key-value pairs and manage IAM permissions for all the tagged
resources centrally.
* api-change:``neptune``: This release makes following few changes. db-cluster-identifier is now a
required parameter of create-db-instance. describe-db-cluster will now return PendingModifiedValues
and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: S3 On Outposts added support for endpoint status, and a failed
endpoint reason, if any
* api-change:``workdocs``: This release adds a new API, SearchResources, which enable users to
search through metadata and content of folders, documents, document versions and comments in a
WorkDocs site.
- from version 1.29.94
* api-change:``billingconductor``: This release adds a new filter to ListAccountAssociations API
and a new filter to ListBillingGroups API.
* api-change:``config``: This release adds resourceType enums for types released from October 2022
through February 2023.
* api-change:``dms``: S3 setting to create AWS Glue Data Catalog. Oracle setting to control
conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map boolean
from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to control
access of database logs.
- from version 1.29.93
* api-change:``guardduty``: Updated 9 APIs for feature enablement to reflect expansion of GuardDuty
to features. Added new APIs and updated existing APIs to support RDS Protection GA.
* api-change:``resource-explorer-2``: Documentation updates for APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
- from version 1.29.92
* api-change:``migrationhubstrategy``: This release adds the binary analysis that analyzes IIS
application DLLs on Windows and Java applications on Linux to provide anti-pattern report without
configuring access to the source code.
* api-change:``s3control``: Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: Make Create/Get/ListSubscribers APIs return resource share ARN and
name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to
track status of UpdateDatalake and DeleteDatalake requests.
- from version 1.29.91
* api-change:``application-autoscaling``: Application Auto Scaling customers can now use
mathematical functions to customize the metric used with Target Tracking policies within the policy
configuration itself, saving the cost and effort of publishing the customizations as a separate
metric.
* api-change:``dataexchange``: This release enables data providers to license direct access to S3
objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange.
Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them,
without creating or managing copies.
* api-change:``directconnect``: describe-direct-connect-gateway-associations includes a new status,
updating, indicating that the association is currently in-process of updating.
* api-change:``ec2``: This release adds a new DnsOptions key
(PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: Adding support for client-side timestamps
- from version 1.29.90
* api-change:``appintegrations``: Adds FileConfiguration to Amazon AppIntegrations
CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect
from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: This release updates the documentation regarding Get/Update
DataCellsFilter
* api-change:``s3control``: Added support for cross-account Multi-Region Access Points. Added
support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: This release adds tagging support to the following Network Instance APIs :
Instantiate, Update, Terminate.
* api-change:``wisdom``: This release extends Wisdom CreateKnowledgeBase API to support SharePoint
connector type by removing the @required trait for objectField
- python-six is not required
- python-colorama
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- update to 0.4.6:
* https://github.com/tartley/colorama/pull/139 Add alternative to 'init()',
called 'just_fix_windows_console'. This fixes many longstanding problems
with 'init', such as working incorrectly on modern Windows terminals, and
wonkiness when init gets called multiple times. The intention is that it
just makes all Windows terminals treat ANSI the same way as other terminals
do. Many thanks the njsmith for fixing our messes.
* https://github.com/tartley/colorama/pull/352 Support Windows 10's ANSI/VT
console. This didn't exist when Colorama was created, and avoiding us
causing havok there is long overdue. Thanks to segeviner for the initial
approach, and to njsmith for getting it merged.
* https://github.com/tartley/colorama/pull/338 Internal overhaul of package
metadata declaration, which abolishes our use of the now heavily
discouraged setuptools (and hence setup.py, setup.cfg and MANIFEST.in), in
favor of hatchling (and hence pyproject.toml), generously contributed by
ofek (author of hatchling). This includes dropping support Python3.5 and
3.6, which are EOL, and were already dropped from setuptools, so this
should not affect our users.
* https://github.com/tartley/colorama/pull/353 Attention to detail award to
LqdBcnAtWork for a spelling fix in demo06
- update to 0.4.5:
* Catch a racy ValueError that could occur on exit.
* Create README-hacking.md, for Colorama contributors.
* Tweak some README unicode characters that don't render correctly on PyPI.
* Fix some tests that were failing on some operating systems.
* Add support for Python 3.9.
* Add support for PyPy3.
* Add support for pickling with the ``dill`` module.
- python-mock is actually not required for build
- python-docutils
-
- add sle15_python_module_pythons (jsc#PED-68)
- Update single spec from Factory
- Refactor pygments-2.14.patch to not use distutils.
- Delete sphix-6.0.0.patch
- Add pygments-2.14.patch
- The patch is related to pygments not Sphinx and the patch is updated to make
it conditional so it work with older versions of pygments, shp#docutils#201
- Add sphinx-6.0.0.patch to fix tests for new version of sphinx.
- Release 0.19 (2022-07-05)
- General
- Dropped support for Python 2.7, 3.5, and 3.6. and removed
compatibility hacks from code and tests.
- Code cleanup, check PEP 8 conformity with flake8
(exceptions in file tox.ini).
- New module. Support for python -m docutils. Also used for
the docutils console script entry point.
- Let Publisher.publish() print info and prompt
when waiting for input from a terminal (cf.
https://clig.dev/#interactivity).
- Respect "input_encoding_error_handler" setting when opening
a source.
- New function error_string() obsoletes
utils.error_reporting.ErrorString.
- Class ErrorOutput moved here from utils/error_reporting.
- Use "utf-8-sig" instead of Python's default encoding if the
"input_encoding" setting is None.
- Fix error when reading of UTF-16 encoded source without
trailing newline.
- Aliases "markdown" and "commonmark" point to
"commonmark_wrapper".
- Alias for the "myst" parser
(https://pypi.org/project/myst-docutils).
- Use absolute module names in _parser_aliases instead
of two import attempts. (Keeps details if the
recommonmark_wrapper.py module raises an ImportError.)
- Prepend parser name to ImportError if importing a parser
class fails.
- New module for parsing CommonMark input. Selects a
locally installed 3rd-party parser (pycmark, myst, or
recommonmark).
- Raise ImportError, if import of the upstream parser
module fails. If called from an "include" directive, the
system-message now has source/line info.
- Adapt to and test with "recommonmark" versions 0.6.0 and
0.7.1.
- Update PEP base URL (fixes bug #445), use "https:" scheme
in RFC base URL.
- Add reporter to Directive class attributes.
- parser_name() keeps details if converting ImportError to
ValueError.
- Don't use mutable default values for function
arguments. Fixes bug #430.
- Fix bug #435: invalid references in problematic nodes with
report_level=4.
- decode_path() returns str instance instead of
nodes.reprunicode.
- Add deprecation warning.
- Add "html writers" to config_section_dependencies. Fixes
bug #443.
- Write table column widths with 3 digits precision. Fixes
bug #444.
- Add space before "charset" meta tag closing sequence.
- Remove class value "controls" from an image node with video
content after converting it to a "control" attribute of the
<video> tag.
- Wrap groups of footnotes in an <aside> for easier styling.
- Use "https:" scheme in "python_home" URL default.
- Fix links in template.txt.
- New "docutils" console script entry point. Fixes bug #447.
- Always encode the log file "alltests.out" using 'utf-8'.
- exception_data() now returns None if no exception was
raised.
- recommonmark_wrapper only imported if upstream parser is
present.
- Fix bug #436: Null char valid in CSV since Python 3.11.
- Allow 3rd-party drop-in components for reader and parser,
too.
- Fix help output.
- Actual code moved to docutils.__main__.py.
- Options -h and --help print short usage message.
- Release 0.18.1 (2021-11-23)
- Node.traverse() returns a list again to restore backwards
compatibility. Fixes bug #431.
- New method Node.findall(): like Node.traverse() but returns
an iterator. Obsoletes Node.traverse().
- Fix behaviour of get_stylesheet_list(): do not look up
stylesheets given as "stylesheet" setting. Cf. bug #434.
- Fix handling of footnote_backlinks==False (report Alan G
Isaac).
- Fix typo (bug #432).
- Fix spurious output with Windows (bug #350).
- Fix a false positive (bug #434).
- Release 0.18 (2021-10-26)
- mark as provisional (will switch from using "optparse" to
"argparse").
- remove hack for the now obsolete "mod_python" Apache
module.
- new function get_default_settings()
- Don't change a list while looping over it (in
document.set_name_id_map()). Thanks to Mickey Endito.
- Test and update to work with recommonmark version
0.6.0. Still provisional.
- Unfortunately, recommonmark is no longer maintained.
- Fix bug #424 Wrong circular inclusion detection. Use a
"magic" comment instead of line numbers to keep a log of
recursive inclusions.
- Use a "magic" comment to update the log of recursive
inclusions.
- New option `image_loading`_. Support "lazy" loading of
images. Obsoletes "embed_images".
- Fix spelling of option "detailed".
- Read settings from standard configuration files.
- Release 0.18b1 (2021-10-05)
- The default value for the "auto_id_prefix" setting changed to
"%": auto-generated IDs use the tag name as prefix.
- Make meta a standard Docutils doctree node. Writers may
ignore "meta" nodes if they are not supported by the output
format.
- document.make_id(): Do not strip leading number and hyphen
characters from name if the id_prefix setting is non-empty.
- Node.traverse() returns an iterator instead of a list.
- Removed. (Meta directive moved to misc.py.)
- Meta directive class (moved from html.py) inserts meta
(instead of pending) nodes.
- Add class option to Raw directive.
- Unify behaviour of "widths" option: check that the length of
an integer list equals the number of table columns also for
the "table" directive.
- Fork from elyxer and remove code that is not required for
math conversion.
- Scale variable sized operators and big delimiters with CSS
- Support more commands, fix mapping of commands to Unicode
characters (cf. LaTeX syntax for mathematics).
- Fix bug #244 Wrong subscript/superscript order.
- Don't use <tt> element (deprecated in HTML5).
- Use STIX fonts if available.
- Fix source location (line number) for attribution
elements. Patch by Mickey Endito.
- Add line, source, and rawsource internal attributes for
blockquote elements. Patch by Mickey Endito.
- Skip system_messages when propagating targets. Fixes bug
[#425].
- Removed unique_combinations() (obsoleted by
itertools.combinations()).
- Major update (fixes and support for additional commands and
symbols). Fixes bug #407.
- Write footnote brackets and field term colons to HTML, so
that they are present also without CSS and when copying
text. Adapt minimal.css.
- Use semantic tags <aside> for footnote text, topics,
admonitions, and system-messages and <nav> for the table of
contents. Use <div> for citations.
- Only specify table column widths, if the "widths" option
is set and is not "auto" (fixes bug #426). The table_style
setting "colwidths-grid" restores the current default.
- Use ARIA roles to enable accessible HTML for abstract,
dedication, the table of contents, footnote, references,
footnotes, citations, and backlinks.
- Use "aria-level" attribute instead of invalid tags <h7>,
<h8>, ... for headings of deeply nested sections.
- Do not set classes "compound-first", "compound-middle",
or "compound-last" to elements nested in a compound. Use
class value "backrefs" instead of "fn-backref" for a span of
back-references.
- Do not write class values handled by the HTML writer
("colwidths-auto", "colwidths-given", "colwidths-grid") to
the output.
- Move space character between section number and heading into
"sectnum" span.
- Removed attribute HTMLTranslator.topic_classes
- Items of a definition list with class argument "details" are
converted to details disclosure elements.
- Overwrite methods in _html_base.HTMLTranslator that use
HTML5 tags (details, aside, nav, ...) and attributes (role,
aria-level).
- The setting legacy_class_functions now defaults to
"False". Adapt stylesheets modifying \DUadmonition and/or
\DUtitle.
- Apply patch #181 "Fix tocdepth when chapter/part in use" by
John Thorvald Wodder II.
- Fix newlines after/before ids_to_labels() (cf. patch #183).
- Refactor/revise ToC writing.
- Don't add \phantomsection to labels in math-blocks.
- Improve spacing and allow customization of Docutils-generated
table of contents.
- New algorithm for table column widths. Fixes bug #422. New
configuration setting legacy_column_widths.
- Table.set_table_style() arguments changed.
- Only write "continued on next page..." if it fits without
making the table columns wider.
- Table width option overrides conflicting "auto" column
widths.
- Fix excessive padding above sidebar titles.
- Fix option "detailed" under Python 2.7.
- Remove IE 6 compatibility workarounds iepngfix.htc and
blank.gif (fixes bug #169).
- Fix: double quotes need to be escaped on macro
invocation. Done everywhere.
- update to 0.17.1:
* Fix bug #406 (MathML translation of ``\mathbf``).
* Open "docutils.sty" with encoding set to "utf8".
* Provide fallbacks for parser config settings
to facilitate programmatic use.
* Installing with ``setup.py`` now requires ``setuptools``.
Alternatively, install with `pip`_ (or "manually").
* Use importlib.import_module() to programmatically import modules.
* Fix bug #385: Import of language modules.
* Arabic mappings by Shahin.
* Fixes in Korean translation by Shinjo Park.
* Fix error when copying `system_message` node
* Make the sidebar's "title" argument optional
* Make "meta" elements available for "latex" and "odt".
* Prevent infinite inclusion loops.
* Move non-essential styling to ``plain.css``.
* Support "captionbelow" class value for tables.
* Display code line numbers as pseudo-elements which are skipped
when copying text from code blocks. Solves feature request #32.
* Support numbered figures.
* New optional style that adapts to different screen sizes.
* Fix #394 fix missing new line after rubric.
* Patch #168 fix crashing on empty citation (by Takeshi KOMIYA).
* Fix #126 manpage title with spaces.
* Fix #380 commandline option problem in sphinx.
* Fix/improve metadata handling:
fix "keyword" splitting,
allow generic fields (stored as "Custom Properties").
__ docs/user/config.html#detailled
* Run python3 test like python2 against source not the build/-directory
* New generic command line front end that allows the free selection of
reader, parser, and writer components.
- remove pygments25.patch (upstream)
- In a world with more than one python 3 flavor, provide "docutils"
with the default python3 provider.
gh#openSUSE/python-rpm-macros#66
- Fix the condition to really generate the direct binaries
- Remove %python3_only and use full alternatives.
- Add patch to fix build with pygments 2.4 and newer:
* pygments25.patch
- Update to 0.16:
- Dropped support for Python 2.6, 3.3 and 3.4
- Docutils now supports Python 2.7 and Python 3.5+ natively
(without conversion by ``2to3``).
- Keep `backslash escapes`__ in the document tree. Backslash characters in
text are be represented by NULL characters in the ``text`` attribute of
Doctree nodes and removed in the writing stage by the node's
``astext()`` method.
- Remove merged patch fix_tests_38.patch
- Add fix_tests_38.patch to overcome failing
test_writers.test_odt.DocutilsOdtTestCase with Python 3.8.
Also, failed as shp#docutils#161.
- Skip the tests for the flavors not being built
- update to version 0.15.2
* Docutils 0.14.x is the last version supporting Python 2.4, 2.5,
3.1, and 3.2.
* reStructured text: Allow embedded colons in field list field
names (before, tokens like :this:example: were considered ordinary text).
* Fixed a bug with the "trim" options of the "unicode" directive.
- Add multibuild in order to avoid buildcycle with Pillow and friends
- Add optional build dependencies Pillow, Pygments and roman,
causing 16 additonal test methods to run
- Add Recommends for Pillow, Pygments and roman
- Use %license
- Simplify test invocation
- Remove unnecessary node BR
- Remove superfluous devel dependency for noarch package
- python-paramiko
-
- Update to 3.4.0: (CVE-2023-48795, bsc#1218168)
* Transport grew a new packetizer_class kwarg for overriding the
packet-handler class used internally.
* Address CVE 2023-48795 (aka the "Terrapin Attack", a vulnerability found
in the SSH protocol re: treatment of packet sequence numbers) as follows:
+ The vulnerability only impacts encrypt-then-MAC digest algorithms in
tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko
currently only implements hmac-sha2-(256|512)-etm in tandem with
AES-CBC.
+ As the fix for the vulnerability requires both ends of the connection
to cooperate, the below changes will only take effect when the remote
end is OpenSSH >= 9.6 (or equivalent, such as Paramiko in server mode,
as of this patch version) and configured to use the new
"strict kex" mode.
+ Paramiko will now raise an SSHException subclass (MessageOrderError)
when protocol messages are received in unexpected order. This includes
situations like receiving MSG_DEBUG or MSG_IGNORE during initial key
exchange, which are no longer allowed during strict mode.
+ Key (re)negotiation -- i.e. MSG_NEWKEYS, whenever it is encountered --
now resets packet sequence numbers. (This should be invisible to users
during normal operation, only causing exceptions if the exploit is
encountered, which will usually result in, again, MessageOrderError.)
+ Sequence number rollover will now raise SSHException if it occurs
during initial key exchange (regardless of strict mode status).
* Tweak ext-info-(c|s) detection during KEXINIT protocol phase; the
original implementation made assumptions based on an OpenSSH
implementation detail.
- Add patch use-64-bit-maxsize-everywhere.patch:
* Use the 64-bit value of sys.maxsize.
- refresh remove-icecream-dep.patch
- update to 3.3.1
detailed changelog: https://www.paramiko.org/changelog.html#
- Delete paramiko-pr1665-remove-pytest-relaxed.patch
- Add remove-icecream-dep.patch
- Update to 3.1.0:
* [Feature] #2173: Accept single tabs as field separators (in
addition to single spaces) in
<paramiko.hostkeys.HostKeyEntry.from_line> for parity with
OpenSSH’s KnownHosts parser. Patched by Alex Chavkin.
* [Feature] #2013: (solving #2009, plus others) Add an explicit
channel_timeout keyword argument to
paramiko.client.SSHClient.connect, allowing users to configure the
previously-hardcoded default value of 3600 seconds. Thanks to
@VakarisZ and @ilija-lazoroski for the report and patch, with
credit to Mike Salvatore for patch review.
* [Support] #2178: Apply codespell to the codebase, which found a
lot of very old minor spelling mistakes in docstrings. Also
modernize many instances of *largs vs *args and **kwarg vs
* *kwargs. Patch courtesy of Yaroslav Halchenko, with review from
Brian Skinn.
- 3.0.0:
* [Bug]: A handful of lower-level classes (notably
paramiko.message.Message and paramiko.pkey.PKey) previously
returned bytes objects from their implementation of __str__, even
under Python 3; and there was never any __bytes__ method.
* These issues have been fixed by renaming __str__ to __bytes__ and
relying on Python’s default “stringification returns the output of
__repr__” behavior re: any real attempts to str() such objects.
* [Bug] #2165: Streamline some redundant (and costly) byte
conversion calls in the packetizer and the core SFTP module. This
should lead to some SFTP speedups at the very least. Thanks to
Alex Gaynor for the patch.
* [Bug] #2110: Remove some unnecessary __repr__ calls when handling
bytes-vs-str conversions. This was apparently doing a lot of
unintentional data processing, which adds up in some use cases –
such as SFTP transfers, which may now be significantly faster.
Kudos to Shuhua Zhong for catch & patch.
* [Support]: Drop support for Python versions less than 3.6,
including Python 2. So long and thanks for all the fish!
* [Support]: Remove the now irrelevant paramiko.py3compat module.
* [Support]: paramiko.common.asbytes has been moved to
paramiko.util.asbytes.
* [Support]: PKey.__cmp__ has been removed. Ordering-oriented
comparison of key files is unlikely to have ever made sense (the
old implementation attempted to order by the hashes of the key
material) and so we have not bothered setting up __lt__ and
friends at this time. The class continues to have its original
__eq__ untouched.
* [Support]: The behavior of private key classes’ (ie anything
inheriting from PKey) private key writing methods used to perform
a manual, extra chmod call after writing. This hasn’t been
strictly necessary since the mid 2.x release line (when key
writing started giving the mode argument to os.open), and has now
been removed entirely.
* This should only be observable if you were mocking Paramiko’s
system calls during your own testing, or similar.
* [Support] #732: (also re: #630) SSHConfig used to straight-up
delete the proxycommand key from config lookup results when the
source config said ProxyCommand none. This has been altered to
preserve the key and give it the Python value None, thus making
the Python representation more in line with the source config
file.
* [Support]: paramiko.util.retry_on_signal (and any internal uses of
same, and also any internal retries of EINTR on eg socket
operations) has been removed. As of Python 3.5, per PEP 475, this
functionality (and retrying EINTR generally) is now part of the
standard library.
- python-python-dateutil
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- update to 2.8.2:
- Updated tzdata version to 2021a. (gh pr #1128)
- Fixed a bug in the parser where non-``ValueError`` exceptions would be raised
during exception handling; this would happen, for example, if an
``IllegalMonthError`` was raised in ``dateutil`` code. Fixed by Mark Bailey.
(gh issue #981, pr #987).
- Fixed the custom ``repr`` for ``dateutil.parser.ParserError``, which was not
defined due to an indentation error. (gh issue #991, gh pr #993)
- Fixed a bug that caused ``b'`` prefixes to appear in parse_isodate exception
messages. Reported and fixed by Paul Brown (@pawl) (gh pr #1122)
- Make ``isoparse`` raise when trying to parse times with inconsistent use of
`:` separator. Reported and fixed by @mariocj89 (gh pr #1125).
- Fixed ``tz.gettz()`` not returning local time when passed an empty string.
Reported by @labrys (gh issues #925, #926). Fixed by @ffe4 (gh pr #1024)
* Documentation changes
* Simplified handling of bytes and bytearray in ``_parser._timelex``.
- python-rsa
-
- add sle15_python_module_pythons (jsc#PED-68)
- python-s3transfer
-
- Drop Provides for SLE 15 SP4 and openSUSE Leap 15.4 and later
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371).
- Switch to wheel build
- Update to 0.10.0
* feature:``s3``: Added CRT support for S3 Express One Zone
- From 0.9.0
* feature:Python: End of support for Python 3.7
- Update 0.8.2
* bugfix:Subscribers: Added caching for Subscribers to improve
throughput by up to 24% in high volume transfer
- from version 0.8.1
* enhancement:``s3``: Added support for defaulting checksums
to CRC32 for s3express.
- from version 0.8.0
* enhancement:``crt``: Automatically configure CRC32 checksums for
uploads and checksum validation for downloads through the CRT
transfer manager.
* feature:``crt``: S3transfer now supports a wider range of CRT
functionality for uploads to improve throughput in the CLI/Boto3.
* enhancement:``Botocore``: S3Transfer now requires Botocore >=1.32.7
* enhancement:``crt``: Update ``target_throughput`` defaults. If not
configured, s3transfer will use the AWS CRT to attempt to determine
a recommended target throughput to use based on the system. If there
is no recommended throughput, s3transfer now falls back to ten
gigabits per second.
* enhancement:``crt``: Add support for uploading and downloading file-like
objects using CRT transfer manager. It supports both seekable and
non-seekable file-like objects.
- Update BuildRequires and Requires from setup.py
- Update to 0.7.0
* feature:``SSE-C``: Pass SSECustomer* arguments to
CompleteMultipartUpload for upload operations
- Update to 0.6.2
* enhancement:Python: Added provisional Python 3.12
support to s3transfer
- Update to 0.6.1
* bugfix:copy: Added support for ``ChecksumAlgorithm``
when uploading copy data in parts
- drop no-bundled-packages.patch to allow unpinning urllib3
boo#1211830
- pin to urllib3 1.x
- release-notes-sles
-
- 15.4.20240119 (tracked in bsc#933411)
- Added sysctl_net_core_bpf_jit_limit to kernel parameter changes
(jsc#DOCTEAM-1245)
- Added note about sched parameter deprecation (bsc#1216929)
- Added note about set-hostname deprecation (bsc#1215156)
- Changed wording of bsc#1201266
- Added note about Xen Dom0 suspend/resume (bsc#1210490)
- rpm-ndb
-
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
- runc
-
[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.13. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.12>.
- Rebase patches:
* 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
* 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
* 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Backport <https://github.com/opencontainers/runc/pull/3931> to fix a
performance issue when running lots of containers, caused by system getting
too many mount notifications. bsc#1214960
+ 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch
- Add upstream patch <https://github.com/opencontainers/runc/pull/4219> to
properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
+ 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
+ 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
+ 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Update to runc v1.1.12. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.12>. bsc#1218894
* This release fixes a container breakout vulnerability (CVE-2024-21626). For
more details, see the upstream security advisory:
<https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
* Remove upstreamed patches:
- CVE-2024-21626.patch
* Update runc.keyring to match upstream changes.
- scap-security-guide
-
- updated to 0.1.73 (jsc#ECO-3319)
- CMP 2417: Implement PCI-DSS v4.0 outline for OpenShift (#11651)
- Update all RHEL ANSSI BP028 profiles to be aligned with configuration recommendations version 2.0
- Generate rule references from control files (#11540)
- Initial implementation of STIG V1R1 profile for Ubuntu 22.04 LTS (#11820)
- updated to 0.1.72 (jsc#ECO-3319)
- ANSSI BP 028 profile for debian12 (#11368)
- Building on Windows (#11406)
- Control for BSI APP.4.4 (#11342)
- update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
- various fixes to SLE profiles
- add openeuler to -redhat package
- removed ssg-fix-journald.patch: fixed upstream
- updated to 0.1.71 (jsc#ECO-3319)
- Add RHEL 9 STIG
- Add support for Debian 12
- Update PCI-DSS profile for RHEL
- lots of bugfixes and improvements for SLE
- removed left over file
0001-Revert-fix-aide-remediations-add-crontabs.patch upstreamed in 0.1.69
- sed
-
- 0001-sed-set-correct-umask-on-temporary-files.patch
Fix for bsc#1221218
- 000release-packages:sle-module-basesystem-release
-
n/a
- 000release-packages:sle-module-containers-release
-
n/a
- 000release-packages:sle-module-desktop-applications-release
-
n/a
- 000release-packages:sle-module-development-tools-release
-
n/a
- 000release-packages:sle-module-public-cloud-release
-
n/a
- 000release-packages:sle-module-server-applications-release
-
n/a
- sudo
-
- Fix NOPASSWD issue introduced by patches for CVE-2023-42465
[bsc#1221151, bsc#1221134]
* Update sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
* Enable running regression selftests during build time.
- Security fix: [bsc#1219026, bsc#1220389, CVE-2023-42465]
* Try to make sudo less vulnerable to ROWHAMMER attacks.
* Add sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
- supportutils-plugin-suse-public-cloud
-
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
+ Remove duplicate data collection for the plugin itself
+ Collect archive metering data when available
+ Query billing flavor status
- supportutils
-
- Changes in version 3.1.30
+ Added -V key:value pair option (bsc#1222021, PED-8211)
+ Avoid getting duplicate kernel verifications in boot.text (pr#193)
+ Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082)
+ Includes container log timestamps (pr#197)
- Changes to version 3.1.29
+ Extended scaling for performance (bsc#1214713)
+ Fixed kdumptool output error (bsc#1218632)
+ Corrected podman ID errors (bsc#1218812)
+ Duplicate non root podman entries removed (bsc#1218814)
+ Corrected get_sles_ver for SLE Micro (bsc#1219241)
+ Check nvidida-persistenced state (bsc#1219639)
- Additional changes in version 3.1.28
+ ipset - List entries for all sets
+ ipvsadm - Inspect the virtual server table (pr#185)
+ Correctly detects Xen Dom0 (bsc#1218201)
+ Fixed smart disk error (bsc#1218282)
- Changes in version 3.1.28
+ Inhibit the conversion of port numbers to port names for network files (cherry picked from commit 55f5f716638fb15e3eb1315443949ed98723d250)
+ powerpc: collect rtas_errd.log and lp_diag.log files (pr#175)
+ Get list of pam.d file (cherry picked from commit eaf35c77fd4bc039fd7e3d779ec1c2c6521283e2)
+ Remove supportutils requires for util-linux-systemd and kmod (bsc#1193173)
+ Added missing klp information to kernel-livepatch.txt (bsc#1216390)
+ Fixed plugins creating empty files when using supportconfig.rc (bsc#1216388)
+ Provides long listing for /etc/sssd/sssd.conf (bsc#1211547)
+ Optimize lsof usage (bsc#1183663)
+ Added mokutil commands for secureboot (pr#179)
+ Collects chrony or ntp as needed (bsc#1196293)
- Changes in version 3.1.27
+ Fixed podman display issue (bsc#1217287)
+ Added nvme-stas configuration to nvme.txt (bsc#1216049)
+ Added timed command to fs-files.txt (bsc#1216827)
+ Collects zypp history file issue#166 (bsc#1216522)
+ Changed -x OPTION to really be exclude only (issue#146)
+ Collect HA related rpm package versions in ha.txt (pr#169)
- suse-build-key
-
- added missing ; in shell script (bsc#1227681)
- Added new keys of the SLE Micro 6.0 / SLES 16 series, and auto import
them. (bsc#1227429)
gpg-pubkey-09d9ea69-645b99ce.asc: Main SLE Micro 6/SLES 16 key
gpg-pubkey-73f03759-626bd414.asc: Backup SLE Micro 6/SLES 16 key.
- Switch container key to be default RSA 4096bit. (jsc#PED-2777)
- run rpm commands in import script only when libzypp is not
active. bsc#1219189 bsc#1219123
- run import script also in %posttrans section, but only when
libzypp is not active. bsc#1219189 bsc#1219123
- systemd-default-settings
-
- Import 0.10
5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)
- Import 0.9
bb859bf user@.service: Disable controllers by default (jsc#PED-2276)
- The usage of drop-ins is now the official way for configuring systemd and its
various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
"feature" has been abandoned.
- Import 0.8
f34372f User priority '26' for SLE-Micro
c8b6f0a Revert "Convert more drop-ins into early ones"
- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
6b8dde1 Convert more drop-ins into early ones
- systemd-presets-branding-SLE
-
- Enable sysctl-logger (jsc#PED-5024)
- systemd-presets-common-SUSE
-
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked
(bsc#1200731 ltc#198485 https://github.com/ibm-power-utilities/powerpc-utils/pull/84)
Support both the old and new service to avoid complex version interdependency.
- systemd-rpm-macros
-
- Bump version to 15
- Order packages that requires systemd after systemd-sysvcompat when this part
of the transaction (bsc#1217964)
systemd-sysvcompat has been introduced recently and contains the compatibility
scripts used to support SysV init scripts. Make sure that the packages ordered
after systemd are also ordered after systemd-sysvcompat so theirs rpm
scriptlets can still rely on the compat scripts.
On distributions where systemd-sysvcompat doesn't exist, the new ordering
constraint should be a nop.
- timezone
-
- update to 2024a:
* Kazakhstan unifies on UTC+5. This affects Asia/Almaty and
Asia/Qostanay which together represent the eastern portion of the
country that will transition from UTC+6 on 2024-03-01 at 00:00 to
join the western portion. (Thanks to Zhanbolat Raimbekov.)
* Palestine springs forward a week later than previously predicted
in 2024 and 2025. (Thanks to Heba Hamad.) Change spring-forward
predictions to the second Saturday after Ramadan, not the first;
this also affects other predictions starting in 2039.
* Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
not 00:00. (Thanks to Đoàn Trần Công Danh.)
* From 1947 through 1949, Toronto's transitions occurred at 02:00
not 00:00. (Thanks to Chris Walton.)
* In 1911 Miquelon adopted standard time on June 15, not May 15.
* The FROM and TO columns of Rule lines can no longer be "minimum"
or an abbreviation of "minimum", because TZif files do not support
DST rules that extend into the indefinite past - although these
rules were supported when TZif files had only 32-bit data, this
stopped working when 64-bit TZif files were introduced in 1995.
This should not be a problem for realistic data, since DST was
first used in the 20th century. As a transition aid, FROM columns
like "minimum" are now diagnosed and then treated as if they were
the year 1900; this should suffice for TZif files on old systems
with only 32-bit time_t, and it is more compatible with bugs in
2023c-and-earlier localtime.c. (Problem reported by Yoshito
Umaoka.)
* localtime and related functions no longer mishandle some
timestamps that occur about 400 years after a switch to a time
zone with a DST schedule. In 2023d data this problem was visible
for some timestamps in November 2422, November 2822, etc. in
America/Ciudad_Juarez. (Problem reported by Gilmore Davidson.)
* strftime %s now uses tm_gmtoff if available. (Problem and draft
patch reported by Dag-Erling Smørgrav.)
* The strftime man page documents which struct tm members affect
which conversion specs, and that tzset is called. (Problems
reported by Robert Elz and Steve Summit.)
- update to 2023d:
* Ittoqqortoormiit, Greenland changes time zones on
2024-03-31.
* Vostok, Antarctica changed time zones on 2023-12-18.
* Casey, Antarctica changed time zones five times since
2020.
* Code and data fixes for Palestine timestamps starting in
2072.
* A new data file zonenow.tab for timestamps starting now.
* Fix predictions for DST transitions in Palestine in
2072-2075, correcting a typo introduced in 2023a.
* Vostok, Antarctica changed to +05 on 2023-12-18. It had
been at +07 (not +06) for years.
* Change data for Casey, Antarctica to agree with
timeanddate.com, by adding five time zone changes since 2020.
Casey is now at +08 instead of +11.
* Much of Greenland, represented by America/Nuuk, changed
its standard time from -03 to -02 on 2023-03-25, not on
2023-10-28.
* localtime.c no longer mishandles TZif files that contain
a single transition into a DST regime. Previously,
it incorrectly assumed DST was in effect before the transition
too.
* tzselect no longer creates temporary files.
* tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL,
PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles
regular expressions of the form /X{2,}/.
* ISO 6709 coordinates when using an awk that lacks the
GNU extension of newlines in -v option-arguments.
* Non UTF-8 locales when using an iconv command that
lacks the GNU //TRANSLIT extension.
* zic no longer mishandles data for Palestine after the
year 2075.
- Refresh tzdata-china.diff
- util-linux-systemd
-
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- Add upstream patch
more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch
bsc#1220117 - L3-Question: Processes not cleaned up after failed SSH session are using up 100% CPU
- Add upstream patch
util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
bsc#1207987 gh#util-linux/util-linux@1d98827edde4
- vim
-
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330
- Updated to version 9.1 with patch level 0111, fixes the following security problems
* Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
* Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
* Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
* Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
* Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
* Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
* Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
* Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
* Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
* Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111
- wget
-
- Fix mishandled semicolons in the userinfo subcomponent could lead to an
insecure behavior in which data that was supposed to be in the userinfo
subcomponent is misinterpreted to be part of the host subcomponent.
[bsc#1226419, CVE-2024-38428, properly-re-implement-userinfo-parsing.patch]
- wicked
-
- Update to version 0.6.76
- compat-suse: warn user and create missing parent config of
infiniband children (gh#openSUSE/wicked#1027)
- client: fix origin in loaded xml-config with obsolete port
references but missing port interface config, causing a
no-carrier of master (bsc#1226125)
- ipv6: fix setup on ipv6.disable=1 kernel cmdline (bsc#1225976)
- wireless: add frequency-list in station mode (jsc#PED-8715)
- client: fix crash while hierarchy traversing due to loop in
e.g. systemd-nspawn containers (bsc#1226664)
- man: add supported bonding options to ifcfg-bonding(5) man page
(gh#openSUSE/wicked#1021)
- arputil: Document minimal interval for getopts (gh#openSUSE/wicked#1019)
- man: (re)generate man pages from md sources (gh#openSUSE/wicked#1018)
- client: warn on interface wait time reached (gh#openSUSE/wicked#1017)
- compat-suse: fix dummy type detection from ifname to not cause
conflicts with e.g. correct vlan config on dummy0.42 interfaces
(gh#openSUSE/wicked#1016)
- compat-suse: fix infiniband and infiniband child type detection
from ifname (gh#openSUSE/wicked#1015)
- Removed patches included in the source archive:
[- 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
[- 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- arp: increase arp-send retry value to avoid address configuration
failure due to ENOBUF reported by kernel while duplicate address
detection with underlying bonding in 802.3ad mode reporting link
"up & running" too early (bsc#1218668, gh#openSUSE/wicked#1020,
gh#openSUSE/wicked#1022).
[+ 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- client: fix ifreload to pull UP ports/links again when the config
of their master/lower changed (bsc#1224100,gh#openSUSE/wicked#1014).
[+ 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
- Update to version 0.6.75:
- cleanup: fix ni_fsm_state_t enum-int-mismatch warnings
- cleanup: fix overflow warnings in a socket testcase on i586
- ifcheck: report new and deleted configs as changed (bsc#1218926)
- man: improve ARP configuration options in the wicked-config.5
- bond: add ports when master is UP to avoid port MTU revert (bsc#1219108)
- cleanup: fix interface dependencies and shutdown order (bsc#1205604)
- Remove port arrays from bond,team,bridge,ovs-bridge (redundant)
and consistently use config and state info attached to the port
interface as in rtnetlink(7).
- Cleanup ifcfg parsing, schema configuration and service properties
- Migrate ports in xml config and policies already applied in nanny
- Remove "missed config" generation from finite state machine, which
is completed while parsing the config or while xml config migration.
- Issue a warning when "lower" interface (e.g. eth0) config is missed
while parsing config depending on it (e.g. eth0.42 vlan).
- Resolve ovs master to the effective bridge in config and wickedd
- Implement netif-check-state require checks using system relations
from wickedd/kernel instead of config relations for ifdown and add
linkDown and deleteDevice checks to all master and lower references.
- Add a `wicked <ifup|ifdown|ifreload> --dry-run …` option to show the
system/config interface hierarchies as notice with +/- marked
interfaces to setup and/or shutdown.
- Removed patches included in the source archive:
[- 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
[- 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
[- 0003-move-all-attribute-definitions-to-compiler-h.patch]
[- 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
[- 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
- client: do not convert sec to msec twice (bsc#1222105)
[+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
- addrconf: fix fallback-lease drop (bsc#1220996)
[+ 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
- extensions/nbft: use upstream `nvme nbft show` (bsc#1221358)
[+ 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
- hide secrets in debug log (bsc#1221194)
[+ 0003-move-all-attribute-definitions-to-compiler-h.patch]
[+ 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
- update to version 0.6.74
+ team: add new options like link_watch_policy (jsc#PED-7183)
+ Fix memory leaks in dbus variant destroy and fsm free (gh#openSUSE/wicked#1001)
+ xpath: allow underscore in node identifier (gh#openSUSE/wicked#999)
+ vxlan: don't format unknown rtnl attrs (bsc#1219751)
- removed patches included in the source archive:
[- 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
[- 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
[- 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
[- 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
[- 0005-duid-fix-comment-for-v6time.patch]
[- 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
[- 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
[- 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
[- 0001-fix_arp_notify_loop_and_burst_sending.patch]
- ifreload: VLAN changes require device deletion (bsc#1218927)
[+ 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
- ifcheck: fix config changed check (bsc#1218926)
[+ 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
- client: fix exit code for no-carrier status (bsc#1219265)
[+ 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
- dhcp6: omit the SO_REUSEPORT option (bsc#1215692)
[+ 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
- duid: fix comment for v6time
(https://github.com/openSUSE/wicked/pull/989)
[+ 0005-duid-fix-comment-for-v6time.patch]
- rtnl: fix peer address parsing for non ptp-interfaces
(https://github.com/openSUSE/wicked/pull/987,
https://github.com/openSUSE/wicked/pull/988)
[+ 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
[+ 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
- system-updater: Parse updater format from XML configuration to
ensure install calls can run.
(https://github.com/openSUSE/wicked/pull/985)
[+ 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
- xen
-
- Update to Xen 4.16.6 security bug fix release (bsc#1027519)
xen-4.16.6-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
- Dropped patches contained in new tarball
64e5b4ac-x86-AMD-extend-Zenbleed-check.patch
64e6459b-revert-VMX-sanitize-rIP-before-reentering.patch
64eef7e9-x86-reporting-spurious-i8259-interrupts.patch
64f71f50-Arm-handle-cache-flush-at-top.patch
65087000-x86-spec-ctrl-SPEC_CTRL_EXIT_TO_XEN-confusion.patch
65087001-x86-spec-ctrl-fold-DO_SPEC_CTRL_EXIT_TO_XEN.patch
65087002-x86-spec-ctrl-SPEC_CTRL-ENTRY-EXIT-asm-macros.patch
65087003-x86-spec-ctrl-SPEC_CTRL-ENTER-EXIT-comments.patch
65087004-x86-entry-restore_all_xen-stack_end.patch
65087005-x86-entry-track-IST-ness-of-entry.patch
65087006-x86-spec-ctrl-VERW-on-IST-exit-to-Xen.patch
65087007-x86-AMD-Zen-1-2-predicates.patch
65087008-x86-spec-ctrl-Zen1-DIV-leakage.patch
650abbfe-x86-shadow-defer-PV-top-level-release.patch
65263470-AMD-IOMMU-flush-TLB-when-flushing-DTE.patch
65263471-libfsimage-xfs-remove-dead-code.patch
65263472-libfsimage-xfs-amend-mask32lo.patch
65263473-libfsimage-xfs-sanity-check-superblock.patch
65263474-libfsimage-xfs-compile-time-check.patch
65263475-pygrub-remove-unnecessary-hypercall.patch
65263476-pygrub-small-refactors.patch
65263477-pygrub-open-output-files-earlier.patch
65263478-libfsimage-function-to-preload-plugins.patch
65263479-pygrub-deprivilege.patch
6526347a-libxl-allow-bootloader-restricted-mode.patch
6526347b-libxl-limit-bootloader-when-restricted.patch
6526347c-SVM-fix-AMD-DR-MASK-context-switch-asymmetry.patch
6526347d-x86-PV-auditing-of-guest-breakpoints.patch
65536847-AMD-IOMMU-correct-level-for-quarantine-pt.patch
65536848-x86-spec-ctrl-remove-conditional-IRQs-on-ness.patch
xsa440.patch
xsa449.patch
xsa451.patch
xsa452-1.patch
xsa452-2.patch
xsa452-3.patch
xsa452-4.patch
xsa452-5.patch
xsa452-6.patch
xsa452-7.patch
xsa453-1.patch
xsa453-2.patch
xsa453-3.patch
xsa453-4.patch
xsa453-5.patch
xsa453-6.patch
xsa453-7.patch
xsa453-8.patch
xsa454-1.patch
xsa454-2.patch
- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
Sampling (XSA-452)
xsa452-1.patch
xsa452-2.patch
xsa452-3.patch
xsa452-4.patch
xsa452-5.patch
xsa452-6.patch
xsa452-7.patch
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
Race Conditions (XSA-453)
xsa453-1.patch
xsa453-2.patch
xsa453-3.patch
xsa453-4.patch
xsa453-5.patch
xsa453-6.patch
xsa453-7.patch
xsa453-8.patch
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
exceptions from emulation stubs (XSA-451)
xsa451.patch
- xfsprogs
-
- xfs_copy: don't use cached buffer reads until after libxfs_mount
(bsc#1227150)
- Add xfsprogs-xfs_copy-don-t-use-cached-buffer-reads-until-after-l.patch
- yast2-http-server
-
- bsc#1218943
- followup of previous fix - fixed internal issue which caused
Server modules not to be displayed at all.
- 4.4.3
- yast2-network
-
- Guard secret attributes against leaking to the log (bsc#1221194)
- 4.4.60
- yast2-packager
-
- Reimplemented the hardcoded product mapping to support also the
migration from SLE_HPC to SLES SP6+ (with the HPC module)
(bsc#1220567)
- 4.4.35
- Do not fail when the installation URL contains a space
(bsc#1201816)
- 4.4.34
- yast2-registration
-
- Set the new product mapping when upgrading SLE_HPC to SLES SP6+
(with the HPC module), use the old product mapping when upgrading
from SLE_HPC-SP3 to SLE_HPC-SP4 (bsc#1220567)
- 4.4.24
- yast2-users
-
- Add a missing require in the auto client (bsc#1219422).
- 4.4.16
- zypper
-
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- BuildRequires: libzypp-devel >= 17.33.0.
- Delay zypp lock until command options are parsed (bsc#1223766)
- version 1.14.73
- Unify message format(fixes #485)
- version 1.14.72
- switch cmake build type to RelWithDebInfo
- modernize spec file (remove Authors section, use proper macros,
remove redundant clean section, don't mark man pages as doc)
- switch to -O2 -fvisibility=hidden -fpie:
* PIC is not needed as no shared lib is built
* fstack-protector-strong is default on modern dists and would
be downgraded by fstack-protector
* default visibility hidden allows better optimisation
* O2 is reducing inlining bloat
- > 18% reduced binary size
- remove procps requires (was only for ZMD which is dropped)
(jsc#PED-8153)
- Do not try to refresh repo metadata as non-root user
(bsc#1222086)
Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
list them.
- Don't print 'reboot required' message if download-only or
dry-run (fixes #529)
Instead point out that a reboot would be required if the option
was not used.
- Resepect zypper.conf option `showAlias` search commands
(bsc#1221963)
Repository::asUserString (or Repository::label) respects the
zypper.conf option, while name/alias return the property.
- version 1.14.71
- dup: New option --remove-orphaned to remove all orphaned
packages in dup (bsc#1221525)
- version 1.14.70
- info,summary: Support VendorSupportOption flag
VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires: libzypp-devel >= 17.32.0.
API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
The problem description() is one rule out possibly many in
completeProblemInfo() the solver has chosen to represent the
problem. So either description or completeProblemInfo should be
printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
first one (bsc#1218171)
- version 1.14.69