- aws-cli
-
- Update to 1.44.17
* api-change:``bedrock``: This change will increase TestCase guardContent input size from 1024 to
2028 characters and PolicyBuildDocumentDescription from 2000 to 4000 characters
* api-change:``datazone``: Adds support for IAM role subscriptions to Glue table listings via
CreateSubscriptionRequest API. Also adds owningIamPrincipalArn filter to List APIs and
subscriptionGrantCreationMode parameter to subscription target APIs for controlling grant creation
behavior.
- from version 1.44.16
* api-change:``billing``: Cost Categories filtering support to BillingView data filter expressions
through the new costCategories parameter, enabling users to filter billing views by AWS Cost
Categories for more granular cost management and allocation.
* api-change:``iot-managed-integrations``: This release introduces WiFi Simple Setup (WSS) enabling
device provisioning via barcode scanning with automated network discovery, authentication, and
credential provisioning. Additionally, it introduces 2P Device Capability Rediscovery for updating
hub-managed device capabilities post-onboarding.
* api-change:``sagemaker``: Added ultraServerType to the UltraServerInfo structure to support
server type identification for SageMaker HyperPod
* enhancement:``s3``: Adds new parameter ``--case-conflict`` that configures how case conflicts are
handled on case-insensitive filesystems
- from version 1.44.15
* api-change:``bedrock-agentcore-control``: Adds optional field "view" to GetMemory API input to
give customers control over whether CMK encrypted data such as strategy decryption or override
prompts is returned or not.
* api-change:``cloudfront``: Added EntityLimitExceeded exception handling to the following API
operations AssociateDistributionWebACL, AssociateDistributionTenantWebACL,
UpdateDistributionWithStagingConfig
* api-change:``glue``: Adding MaterializedViews task run APIs
* api-change:``medialive``: MediaPackage v2 output groups in MediaLive can now accept one
additional destination for single pipeline channels and up to two additional destinations for
standard channels. MediaPackage v2 destinations now support sending to cross region MediaPackage
channels.
* api-change:``transcribe``: Adds waiters to Amazon Transcribe.
- from version 1.44.14
* api-change:``workspaces``: Add StateMessage and ProgressPercentage fields to
DescribeCustomWorkspaceImageImport API response.
- from version 1.44.13
* api-change:``ce``: This release updates existing reservation recommendations API to support
deployment model.
* api-change:``emr-serverless``: Added support for enabling disk encryption using customer managed
AWS KMS keys to CreateApplication, UpdateApplication and StartJobRun APIs.
- from version 1.44.12
* api-change:``cleanroomsml``: AWS Clean Rooms ML now supports advanced Spark configurations to
optimize SQL performance when creating an MLInputChannel or an audience generation job.
- from version 1.44.11
* bugfix:``s3``: Reverts addition of ``--case-conflict`` feature which caused a performance
regression when copying from S3 to large local directories
- from version 1.44.10
* api-change:``cleanrooms``: Added support for publishing detailed metrics to CloudWatch for
operational monitoring of collaborations, including query performance and resource utilization.
* api-change:``identitystore``: This change introduces "Roles" attribute for User entities
supported by AWS Identity Store SDK.
- from version 1.44.9
* api-change:``connect``: Adds support for searching global contacts using the ActiveRegions
filter, and pagination support for ListSecurityProfileFlowModules and ListEntitySecurityProfiles.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``kafkaconnect``: This change sets the KafkaConnect GovCloud FIPS and FIPS DualStack
endpoints to use kafkaconnect instead of kafkaconnect-fips as the service name. This is done to
match the Kafka endpoints.
- from version 1.44.8
* api-change:``connect``: Changes for Contact for Global Search
* api-change:``quicksight``: This release adds support for quick users to be able to perform role
upgrades on their own. Additionally it allows admins to make this feature admin or auto approval
along with new self upgrade capability that can be restricted by Admins.
- from version 1.44.7
* api-change:``medialive``: AWS Elemental MediaLive now supports Pipeline Locking using Video
Alignment as well as linked single pipeline channels to enable cross-channel and cross-region
Pipeline Locking workflows.
- from version 1.44.6
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``geo-places``: Adds support for InferredSecondaryAddress place type, Designator in
SecondaryAddressComponent and Heading in ReverseGeocode.
* api-change:``pinpoint-sms-voice-v2``: This release adds support for the Registration Reviewer
feature, which provides generative AI feedback on a phone number or sender ID registration to
ensure completeness before sending to downstream (carrier) review.
* api-change:``s3``: Add additional validation to Outpost bucket names.
* enhancement:``s3``: Adds new parameter ``--case-conflict`` that configures how case conflicts are
handled on case-insensitive filesystems
- from version 1.44.5
* api-change:``config``: Added supported resourceTypes for Config from July to November 2025
* api-change:``ec2``: Adds support for linkedGroupId on the CreatePlacementGroup and
DescribePlacementGroups APIs. The linkedGroupId parameter is reserved for future use.
* api-change:``guardduty``: Make accountIds a required field in GetRemainingFreeTrialDays API to
reflect service behavior.
* api-change:``pcs``: Change API Reference Documentation for default Mode in Accounting and
SlurmRest
- from version 1.44.4
* api-change:``arc-region-switch``: Automatic Plan Execution Reports allow customers to maintain a
concise record of their Region switch Plan executions. This enables customer SREs and leadership
to have a clear view of their recovery posture based on the generated reports for their Plan
executions.
* api-change:``connect``: Adding support for Custom Metrics and Pre-Defined Attributes to
GetCurrentMetricData API.
* api-change:``emr-serverless``: Added JobLevelCostAllocationConfiguration field to enable cost
allocation reporting at the job level, providing more granular visibility into EMR Serverless
charges
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``iot``: This release adds event-based logging feature that enables granular event
logging controls for AWS IoT logs.
* api-change:``qbusiness``: It is a internal bug fix for region expansion
* api-change:``wickr``: AWS Wickr now provides a suite of admin APIs to allow you to
programmatically manage secure communication for Wickr networks at scale. These APIs enable you to
automate administrative workflows including user lifecycle management, network configuration, and
security group administration.
* api-change:``workspaces-web``: Add support for WebAuthn under user settings.
- from version 1.44.3
* api-change:``appstream``: Added support for new operating systems (1) Ubuntu 24.04 Pro LTS on
Elastic fleets, and (2) Microsoft Server 2025 on Always-On and On-Demand fleets
* api-change:``arc-region-switch``: New API to list Route 53 health checks created by ARC region
switch for a plan in a specific AWS Region using the Region switch Regional data plane.
* api-change:``artifact``: Add support for ListReportVersions API for the calling AWS account.
* api-change:``bedrock-agentcore-control``: Feature to support header exchanges between Bedrock
AgentCore Gateway Targets and client, along with propagating query parameter to the configured
targets.
* api-change:``bedrock-data-automation``: Blueprint Optimization (BPO) is a new Amazon Bedrock Data
Automation (BDA) capability that improves blueprint inference accuracy using example content assets
and ground truth data. BPO works by generating better instructions for fields in the Blueprint
using provided data.
* api-change:``cleanrooms``: Adding support for collaboration change requests requiring an approval
workflow. Adding support for change requests that grant or revoke results receiver ability and
modifying auto approved change types in an existing collaboration.
* api-change:``ec2``: This release adds AvailabilityZoneId support for CreateFleet, ModifyFleet,
DescribeFleets, RequestSpotFleet, ModifySpotFleetRequests and DescribeSpotFleetRequests APIs.
* api-change:``ecr``: Adds support for ECR Create On Push
* api-change:``ecs``: Adding support for Event Windows via a new ECS account setting
"fargateEventWindows". When enabled, ECS Fargate will use the configured event window for patching
tasks. Introducing "CapacityOptionType" for CreateCapacityProvider API, allowing support for Spot
capacity for ECS Managed Instances.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``iot``: This release adds message batching for the IoT Rules Engine HTTP action.
* api-change:``opensearch``: Amazon OpenSearch Service adds support for warm nodes, enabling new
multi-tier architecture.
* api-change:``sesv2``: Amazon SES introduces Email Validation feature which checks email addresses
for syntax errors, domain validity, and risky addresses to help maintain deliverability and protect
sender reputation. SES also adds resource tagging and ABAC support for EmailTemplates and
CustomVerificationEmailTemplates.
* api-change:``ssm-sap``: Added "Stopping" for the HANA Database Status.
* enhancement:cloudtrail: Fixed performance issue in cloudtrail validate-logs command by scoping S3
digest file listing to the trail's region instead of processing digest files from all regions.
- from version 1.44.2
* api-change:``gameliftstreams``: Added new stream group operation parameters for scale-on-demand
capacity with automatic prewarming. Added new Gen6 stream classes based on the EC2 G6 instance
family. Added new StartStreamSession parameter for exposure of real-time performance stats to
clients.
* api-change:``guardduty``: Add support for dbiResourceId in finding.
* api-change:``inspector-scan``: Adds an additional OutputFormat
* api-change:``kafkaconnect``: Support dual-stack network connectivity for connectors via
NetworkType field.
* api-change:``mediaconvert``: Adds support for tile encoding in HEVC and audio for video overlays.
* api-change:``mediapackagev2``: This release adds support for SPEKE V2 content key encryption in
MediaPackage v2 Origin Endpoints.
* api-change:``payment-cryptography``: Support for AS2805 standard. Modifications to import-key
and export-key to support AS2805 variants.
* api-change:``payment-cryptography-data``: Support for AS2805 standard. New API
GenerateAs2805KekValidation and changes to translate pin, GenerateMac and VerifyMac to support
AS2805 key variants.
* api-change:``sagemaker``: Adding the newly launched p6-b300.48xlarge ec2 instance support in
Sagemaker(Hyperpod,Training and Sceptor)
- from version 1.44.1
* api-change:``iot``: Add support for dynamic payloads in IoT Device Management Commands
* api-change:``timestream-influxdb``: This release adds support for rebooting InfluxDB DbInstances
and DbClusters
- from version 1.44.0
* api-change:``bedrock-agentcore-control``: This release updates broken links for AgentCore Policy
APIs in the AWS CLI and SDK resources.
* api-change:``connect``: Amazon Connect now supports outbound WhatsApp contacts via the Send
message block or StartOutboundChatContact API. Send proactive messages for surveys, reminders, and
updates. Offer customers the option to switch to WhatsApp while in queue, eliminating hold time.
* api-change:``ec2``: EC2 Capacity Manager now supports SpotTotalCount, SpotTotalInterruptions and
SpotInterruptionRate metrics for both vCPU and instance units.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``entityresolution``: Support Customer Profiles Integration for AWS Entity Resolution
* api-change:``glacier``: Documentation updates for Amazon Glacier's maintenance mode
* api-change:``health``: Updating Health API endpoint generation for dualstack only regions
* api-change:``logs``: This release allows you to import your historical CloudTrail Lake data into
CloudWatch with a few steps, enabling you to easily consolidate operational, security, and
compliance data in one place.
* api-change:``mediatailor``: Added support for Ad Decision Server Configuration enabling HTTP POST
requests with custom bodies, headers, GZIP compression, and dynamic variables. No changes required
for existing GET request configurations.
* api-change:``route53resolver``: Adds support for enabling detailed metrics on Route 53 Resolver
endpoints using RniEnhancedMetricsEnabled and TargetNameServerMetricsEnabled in the
CreateResolverEndpoint and UpdateResolverEndpoint APIs, providing enhanced visibility into Resolver
endpoint and target name server performance.
* api-change:``s3``: This release adds support for the new optional field 'LifecycleExpirationDate'
in S3 Inventory configurations.
* api-change:``service-quotas``: Add support for SQ Dashboard Api
* feature:Migration: Implement a ``--v2-debug`` flag and ``AWS_CLI_UPGRADE_DEBUG_MODE`` environment
variable that detects breaking changes for AWS CLI v2 for entered commands.
- from version 1.43.15
* api-change:``bcm-recommended-actions``: Added new freetier action types to RecommendedAction.type.
* api-change:``connect``: Amazon Connect now offers automated post-chat surveys triggered when
customers end conversations. This captures timely feedback while experience is fresh, using either
a no-code form builder or Amazon Lex-powered interactive surveys.
* api-change:``datasync``: Adds Enhanced mode support for NFS and SMB locations. SMB credentials
are now managed via Secrets Manager, and may be encrypted with service or customer managed keys.
Increases AgentArns maximum count to 8 (max 4 per TaskMode). Adds folder counters to
DescribeTaskExecution for Enhanced mode tasks.
* api-change:``workspaces-web``: Adds support for portal branding customization, enabling
administrators to personalize end-user portals with custom assets.
- from version 1.43.14
* api-change:``lambda``: Add Dotnet 10 (dotnet10) support to AWS Lambda.
* api-change:``organizations``: Add support for policy operations on the NETWORK SECURITY DIRECTOR
POLICY policy type.
* api-change:``quicksight``: This release adds new GetIdentityContext API, Dashboard customization
options for tables and pivot tables, Visual styling options- borders and decals, map
GeocodingPreferences, KeyPairCredentials for DataSourceCredentials. Snapshot APIs now support
registered users. Parameters limit increased to 400
* api-change:``secretsmanager``: Add SortBy parameter to ListSecrets
* api-change:``sesv2``: Update GetEmailIdentity and CreateEmailIdentity response to include
SigningHostedZone in DkimAttributes. Updated PutEmailIdentityDkimSigningAttributes Response to
include SigningHostedZone.
- from version 1.43.13
* api-change:``bedrock``: Automated Reasoning checks in Amazon Bedrock Guardrails is capable of
generating policy scenarios to validate policies. The
GetAutomatedReasoningPolicyBuildWorkflowResultAssets API now adds POLICY SCENARIO asset type,
allowing customers to retrieve scenarios generated by the build workflow.
* api-change:``billingconductor``: Launch itemized custom line item and service line item filter
* api-change:``cloudwatch``: This release introduces two additional protocols AWS JSON 1.1 and
Smithy RPC v2 CBOR, replacing the currently utilized one, AWSQuery. AWS SDKs will prioritize the
protocol that is the most performant for each language.
* api-change:``odb``: The following APIs now return CloudExadataInfrastructureArn and OdbNetworkArn
fields for improved resource identification and AWS service integration - GetCloudVmCluster,
ListCloudVmClusters, GetCloudAutonomousVmCluster, and ListCloudAutonomousVmClusters.
* api-change:``opensearch``: The CreateApplication API now supports an optional kms key arn
parameter to allow customers to specify a CMK for application encryption.
* api-change:``partnercentral-selling``: Adds support for the new Project.AwsPartition field on
Opportunity and AWS Opportunity Summary. Use this field to specify the AWS partition where the
opportunity will be deployed.
* api-change:``signer``: Adds support for Signer GetRevocationStatus with updated endpoints
- Refresh ac_relax-depends.patch
- Update Requires from setup.py
- Update to 1.43.12
* api-change:``account``: This release adds a new API (GetGovCloudAccountInformation) used to
retrieve information about a linked GovCloud account from the standard AWS partition.
* api-change:``appsync``: Update Event API to require EventConfig parameter in creation and update
requests.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``guardduty``: Adding support for Ec2LaunchTemplate Version field
* api-change:``ivs-realtime``: Token Exchange introduces seamless token exchange capabilities for
IVS RTX, enabling customers to upgrade or downgrade token capabilities and update token attributes
within the IVS client SDK without forcing clients to disconnect and reconnect.
* api-change:``mgn``: Added parameters encryption, IPv4/IPv6 protocol configuration, and enhanced
tagging support for replication operations.
* api-change:``route53``: Amazon Route 53 now supports the EU (Germany) Region (eusc-de-east-1) for
latency records, geoproximity records, and private DNS for Amazon VPCs in that region
- from version 1.43.11
* api-change:``ce``: Add support for Cost Category resource associations including filtering by
resource type on ListCostCategoryDefinitions and new ListCostCategoryResourceAssociations API.
* api-change:``ec2``: Amazon EC2 P6-B300 instances provide 8x NVIDIA Blackwell Ultra GPUs with 2.1
TB high bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps dedicated ENA throughput, and 4 TB
of system memory. Amazon EC2 C8a instances are powered by 5th Gen AMD EPYC processors with a
maximum frequency of 4.5 GHz.
* api-change:``identitystore``: Updating AWS Identity Store APIs to support Attribute Extensions
capability, with the first release adding Enterprise Attributes. This launch aligns Identity Store
APIs with SCIM for enterprise attributes, reducing cases when customers are forced to use SCIM due
to lack of SigV4 API support.
* api-change:``partnercentral-selling``: Deal Sizing Service for AI-based deal size estimation with
AWS service-level breakdown, supporting Expansion and Migration deals across Technology, and
Reseller partner cohorts, including Pricing Calculator AddOn for MAP deals and funding incentives.
* api-change:``rds``: Adding support for tagging RDS Instance/Cluster Automated Backups
* api-change:``redshift-serverless``: Added GetIdentityCenterAuthToken API to retrieve encrypted
authentication tokens for Identity Center integrated serverless workgroups. This API enables
programmatic access to secure Identity Center tokens with proper error handling and parameter
validation across supported SDK languages.
* api-change:``rolesanywhere``: Increases certificate string length for trust anchor source data to
support ML-DSA certificates.
* api-change:``sesv2``: Update Mail Manager Archive ARN validation
- from version 1.43.10
* api-change:``ecs``: Updating stop-task API to encapsulate containers with custom stop signal
* api-change:``iam``: Adding the ExpirationTime attribute to the delegation request resource.
* api-change:``inspector2``: This release adds a new ScanStatus called "Unsupported Code
Artifacts". This ScanStatus will be returned when a Lambda function was not code scanned because it
has unsupported code artifacts.
* api-change:``partnercentral-account``: Adding Verification API's to Partner Central Account SDK.
* api-change:``sesv2``: Updating the desired url for `PutEmailIdentityDkimSigningAttributes` from
v1 to v2
- from version 1.43.9
* api-change:``lambda``: Add DisallowedByVpcEncryptionControl to the LastUpdateStatusReasonCode and
StateReasonCode enums to represent failures caused by VPC Encryption Controls.
- from version 1.43.8
* api-change:``bedrock``: Adding support in Amazon Bedrock to customize models with reinforcement
fine-tuning (RFT) and support for updating the existing Custom Model Deployments.
* api-change:``sagemaker``: Introduces Serverless training: A fully managed compute infrastructure
that abstracts away all infrastructure complexity, allowing you to focus purely on model
development.
Added AI model customization assets used to train, refine, and evaluate custom models during the
model customization process.
- from version 1.43.7
* api-change:``bedrock``: Adds the audioDataDeliveryEnabled boolean field to the Model Invocation
Logging Configuration.
* api-change:``bedrock-agentcore``: Support for AgentCore Evaluations and Episodic memory strategy
for AgentCore Memory.
* api-change:``bedrock-agentcore-control``: Supports AgentCore Evaluations, Policy, Episodic Memory
Strategy, Resource Based Policy for Runtime and Gateway APIs, API Gateway Rest API Targets and
enhances JWT authorizer.
* api-change:``bedrock-runtime``: Adds support for Audio Blocks and Streaming Image Output plus new
Stop Reasons of malformed_model_output and malformed_tool_use.
* api-change:``ce``: This release updates existing Savings Plans Purchase Analyzer and
Recommendations APIs to support Database Savings Plans.
* api-change:``datazone``: Amazon DataZone now supports exporting Catalog datasets as Amazon S3
tables, and provides automatic business glossary term suggestions for data assets.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``fsx``: S3 Access Points support for FSx for NetApp ONTAP
* api-change:``guardduty``: Adding support for extended threat detection for Amazon EC2 and Amazon
ECS. Adding support for wild card suppression rules.
* api-change:``lambda``: Launching Lambda durable functions - a new feature to build reliable
multi-step applications and AI workflows natively within the Lambda developer experience.
* api-change:``logs``: CloudWatch Logs adds managed S3 Tables integration to access logs using
other analytical tools, as well as facets and field indexing to simplify log analytics in
CloudWatch Logs Insights.
* api-change:``nova-act``: Initial release of Nova Act SDK. The Nova Act service enables customers
to build and manage fleets of agents for automating production UI workflows with high reliability,
fastest time-to-value, and ease of implementation at scale.
* api-change:``observabilityadmin``: CloudWatch Observability Admin adds pipelines configuration
for third party log ingestion and transformation of all logs ingested, integration of CloudWatch
logs with S3 Tables, and AWS account or organization level enablement for 7 AWS services.
* api-change:``opensearch``: GPU-acceleration helps you build large-scale vector databases faster
and more efficiently. You can enable this feature on new OpenSearch domains and OpenSearch
Serverless collections. This feature uses GPU-acceleration to reduce the time needed to index data
into vector indexes.
* api-change:``opensearchserverless``: GPU-acceleration helps you build large-scale vector
databases faster and more efficiently. You can enable this feature on new OpenSearch domains and
OpenSearch Serverless collections. This feature uses GPU-acceleration to reduce the time needed to
index data into vector indexes.
* api-change:``rds``: RDS Oracle and SQL Server: Add support for adding, modifying, and removing
additional storage volumes, offering up to 256TiB storage; RDS SQL Server: Support Developer
Edition via custom engine versions for development and testing purposes; M7i/R7i instances with
Optimize CPU for cost savings.
* api-change:``s3``: New S3 Storage Class FSX_ONTAP
* api-change:``s3control``: Add support for S3 Storage Lens Advanced Performance Metrics, Expanded
Prefixes metrics report, and export to S3 Tables.
* api-change:``s3tables``: Add storage class, replication, and table record expiration features to
S3 Tables.
* api-change:``s3vectors``: Amazon S3 Vectors provides cost-effective, elastic, and durable vector
storage for queries based on semantic meaning and similarity.
* api-change:``sagemaker``: Added support for serverless MLflow Apps.
Added support for new HubContentTypes (DataSet and JsonDoc) in Private Hub for AI model
customization assets, enabling tracking and management of training datasets and evaluators (reward
functions/prompts) throughout the ML lifecycle.
* api-change:``savingsplans``: Added support for Amazon Database Savings Plans
* api-change:``securityhub``: ITSM enhancements: DRYRUN mode for testing ticket creation,
ServiceNow now uses AWS Secrets Manager for credentials, ConnectorRegistrationsV2 renamed to
RegisterConnectorV2, added ServiceQuotaExceededException error, and ConnectorStatus visibility in
CreateConnectorV2.
- from version 1.43.6
* api-change:``appintegrations``: This release adds support for MCP servers via the ApplicationType
field, allowing customers to register their Bedrock AgentCore gateways as third party applications.
* api-change:``bedrock-agent``: Support audio and video ingestion on Bedrock Knowledge Bases.
* api-change:``bedrock-agent-runtime``: Support audio and video content retrieval on Bedrock
Knowledge Bases.
* api-change:``cleanrooms``: AWS Clean Rooms now supports privacy-enhancing synthetic dataset
generation for custom ML training.
* api-change:``cleanroomsml``: AWS Clean Rooms ML now supports privacy-enhancing synthetic dataset
generation for custom ML training.
* api-change:``connect``: This is a combined re:Invent release for Amazon Connect.
* api-change:``connectcampaignsv2``: This release added support for new WhatsApp channel and
Journey type outbound campaign
* api-change:``connectparticipant``: Amazon Connect now supports message processing that intercepts
and processes chat messages before they reach any participant.
* api-change:``customer-profiles``: This release introduces, CRUD APIs for the DomainObjectType and
Recommender resources, APIs to offer statistical insights on Object Type Attributes, Changes to
SegmentDefinition APIs to support SQL queries to create Segments, and Changes to Domain APIs to
support Data Store.
* api-change:``eks``: This release adds support for EKS Capabilities
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``glue``: feature: Glue: Add support for Iceberg materialized view in Glue Data
Catalog, including updated CreateTable API to support materialized views and new APIs for managing
data refresh for materialized views.
feature: Glue: Add support for Iceberg table encryption keys and struct field defaults.
* api-change:``lambda``: Launching Lambda Managed Instances - a new feature to run Lambda on EC2.
* api-change:``lexv2-models``: Adds support for speech-to-speech models for human-like, adaptive,
and expressive voice interactions. Also adds support for speech model preference, allowing
customers to select which speech model they want to use for speech-to-text requests.
* api-change:``marketplace-agreement``: This release supports 1/multi-product transactions via
offer sets. DescribeAgreement and SearchAgreements APIs now return offer set IDs. SearchAgreements
also supports filtering by offer set ID and 2/variable payment pricing terms will be returned
through GetAgreementTerms.
* api-change:``marketplace-catalog``: This release introduces offer set entity in AWS Marketplace
Catalog API to enable multi-product transaction. Offer set enables sellers to group multiple
private offers into a single-click purchase experience, simplifying procurement for customers
purchasing multi-product solutions.
* api-change:``partnercentral-account``: Initial GA launch of Partner Central Account
* api-change:``partnercentral-benefits``: Initial GA launch of Partner Central Benefits
* api-change:``partnercentral-selling``: New Features:
Lead Management APIs for capturing and nurturing leads
Lead invitation support for partner collaboration
Lead-to-opportunity conversion operations
AWS Marketplace OfferSets support for opportunities
* api-change:``personalize``: This release adds support for includedDatasetColumns and
performIncrementalUpdate in solution APIs, and rankingInfluence in campaign and batch inference
APIs.
* api-change:``qconnect``: New AIAgent types: Orchestration for ModelContextProtocol tool
integration, CaseSummary for Amazon Connect Case summaries, NoteTaker for Agent Assistance notes.
Added ListSpans and Retrieve APIs. Enhanced Q in Connect AssistantAssociationType to support Bring
Your Own Bedrock Knowledge Bases.
* api-change:``route53globalresolver``: Add SDK for Amazon Route 53 Global Resolver, a fully
managed DNS resolver service that offers broad DNS-filtering security controls.
- from version 1.43.5
* api-change:``bedrock-runtime``: Bedrock Runtime Reserved Service Support
* api-change:``compute-optimizer``: Compute Optimizer now identifies idle NAT Gateway resources for
cost optimization based on traffic patterns and backup configuration analysis. Access
recommendations via the GetIdleRecommendations API.
* api-change:``cost-optimization-hub``: This release enables AWS Cost Optimization Hub to show cost
optimization recommendations for NAT Gateway.
- from version 1.43.4
* api-change:``ec2``: This release adds support to view Network firewall proxy appliances attached
to an existing NAT Gateway via DescribeNatGateways API NatGatewayAttachedAppliance structure.
* api-change:``network-firewall``: Network Firewall release of the Proxy feature.
* api-change:``organizations``: Add support for policy operations on the S3_POLICY and
BEDROCK_POLICY policy type.
* api-change:``route53``: Adds support for new route53 feature: accelerated recovery.
- Refresh ac_relax-depends.patch
- Update Requires from setup.py
- Update to 1.43.3
* api-change:``cloudfront``: Add TrustStore, ConnectionFunction APIs to CloudFront SDK
* api-change:``logs``: New CloudWatch Logs feature - LogGroup Deletion Protection, a capability
that allows customers to safeguard their critical CloudWatch log groups from accidental or
unintended deletion.
- from version 1.43.2
* api-change:``apigateway``: API Gateway supports VPC link V2 for REST APIs.
* api-change:``athena``: Introduces Spark workgroup features including log persistence,
S3/CloudWatch delivery, UI and History Server APIs, and SparkConnect 3.5.6 support. Adds DPU usage
limits at workgroup and query levels as well as DPU usage tracking for Capacity Reservation queries
to optimize performance and costs.
* api-change:``bedrock``: Add support to automatically enforce safeguards across accounts within an
AWS Organization.
* api-change:``bedrock-agentcore-control``: Support for agentcore gateway interceptor
configurations and NONE authorizer type
* api-change:``bedrock-data-automation-runtime``: Adding new fields to GetDataAutomationStatus:
jobSubmissionTime, jobCompletionTime, and jobDurationInSeconds
* api-change:``bedrock-runtime``: Add support to automatically enforce safeguards across accounts
within an AWS Organization.
* api-change:``cloudformation``: Adds the DependsOn field to the AutoDeployment configuration
parameter for CreateStackSet, UpdateStackSet, and DescribeStackSet APIs, allowing users to set and
read auto-deployment dependencies between StackSets
* api-change:``compute-optimizer-automation``: Initial release of AWS Compute Optimizer Automation.
Create automation rules to implement recommended actions on a recurring schedule based on your
specified criteria. Supported actions include: snapshot and delete unattached EBS volumes and
upgrade volume types to the latest generation.
* api-change:``connect``: New APIs to support aliases and versions for ContactFlowModule. Updated
ContactFlowModule APIs to support custom blocks.
* api-change:``controltower``: The manifest field is now optional for the AWS Control Tower
CreateLandingZone and UpdateLandingZone APIs for Landing Zone version 4.0
* api-change:``ec2``: This release adds a new capability to create and manage interruptible EC2
Capacity Reservations.
* api-change:``ecr``: Add support for ECR managed signing
* api-change:``eks``: Adds support for controlPlaneScalingConfig on EKS Clusters.
* api-change:``elbv2``: This release adds the health check log feature in ALB, allowing customers
to send detailed target health check log data directly to their designated Amazon S3 bucket.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``invoicing``: Added the CreateProcurementPortalPreference,
GetProcurementPortalPreference, PutProcurementPortalPreference,
UpdateProcurementPortalPreferenceStatus, ListProcurementPortalPreferences and
DeleteProcurementPortalPreference APIs for procurement portal preference management.
* api-change:``kinesisvideo``: This release adds support for Tiered Storage
* api-change:``kms``: Support for on-demand rotation of AWS KMS Multi-Region keys with imported key
material
* api-change:``lambda``: Launching Enhanced Error Handling and ESM Grouping capabilities for Kafka
ESMs
* api-change:``lexv2-models``: Adds support for Intent Disambiguation, allowing resolution of
ambiguous user inputs when multiple intents match by presenting clarifying questions to users. Also
adds Speech Detection Sensitivity configuration for optimizing voice activity detection sensitivity
levels in various noise environments.
* api-change:``mailmanager``: Add support for resources in the aws-eusc partition.
* api-change:``marketplace-entitlement``: Endpoint update for new region
* api-change:``mediapackagev2``: Adds support for excluding session key tags from HLS multivariant
playlists
* api-change:``meteringmarketplace``: Endpoint update for new region
* api-change:``odb``: Adds AssociateIamRoleToResource and DisassociateIamRoleFromResource APIs for
managing IAM roles. Enhances CreateOdbNetwork and UpdateOdbNetwork APIs with KMS, STS, and
cross-region S3 parameters. Adds OCI identity domain support to InitializeService API.
* api-change:``organizations``: Add support for policy operations on the UPGRADE_ROLLOUT_POLICY
policy type.
* api-change:``qconnect``: This release introduces two new messaging channel subtypes: Push,
WhatsApp, under MessageTemplate which is a resource in Amazon Q in Connect.
* api-change:``quicksight``: Amazon Quick Suite now supports QuickChat as an embedding type when
calling the GenerateEmbedUrlForRegisteredUser API, enabling developers to embed conversational AI
agents directly into their applications.
* api-change:``rds``: Add support for Upgrade Rollout Order
* api-change:``redshift``: Added support for Amazon Redshift Federated Permissions and AWS IAM
Identity Center trusted identity propagation.
* api-change:``redshift-serverless``: Added UpdateLakehouseConfiguration API to manage Amazon
Redshift Federated Permissions and AWS IAM Identity Center trusted identity propagation for
namespaces.
* api-change:``sagemaker``: Enhanced SageMaker HyperPod instance groups with support for
MinInstanceCount, CapacityRequirements (Spot/On-Demand), and KubernetesConfig (labels and taints).
Also Added speculative decoding and MaxInstanceCount for model optimization jobs.
* api-change:``security-ir``: Add ListInvestigations and SendFeedback APIs to support SecurityIR AI
agents
* api-change:``sesv2``: Added support for new SES regions - Asia Pacific (Malaysia) and Canada
(Calgary)
* api-change:``transfer``: Adds support for creating Webapps accessible from a VPC.
- from version 1.43.1
* api-change:``application-signals``: Amazon CloudWatch Application Signals now supports
un-instrumented services discovery, cross-account views, and change history, helping SRE and DevOps
teams monitor and troubleshoot their large-scale distributed applications.
* api-change:``autoscaling``: This release adds support for three new features: 1) Image ID
overrides in mixed instances policy, 2) Replace Root Volume - a new strategy for Instance Refresh,
and 3) Instance Lifecycle Policy for enhanced instance lifecycle management.
* api-change:``bedrock-agentcore``: Bedrock AgentCore Memory release for redriving memory
extraction jobs (StartMemoryExtractionJob and ListMemoryExtractionJob)
* api-change:``bedrock-data-automation``: Added support for Synchronous project type and PII
Detection and Redaction
* api-change:``bedrock-data-automation-runtime``: Bedrock Data Automation Runtime Sync API
* api-change:``braket``: Add support for Braket spending limits.
* api-change:``budgets``: Add BillingViewHealthStatusException to DescribeBudgetPerformanceHistory
and ServiceQuotaExceededException to UpdateBudget for improved error handling with Billing Views.
* api-change:``cloudfront``: This release adds support for bring your own IP (BYOIP) to
CloudFront's CreateAnycastIpList API through an optional IpamCidrConfigs field.
* api-change:``cloudtrail``: AWS launches CloudTrail aggregated events to simplify monitoring of
data events at scale. This feature delivers both granular and summarized data events for resources
like S3/Lambda, helping security teams identify patterns without custom aggregation logic.
* api-change:``connect``: Add optional ability to exclude users from send notification actions for
Contact Lens Rules.
* api-change:``datasync``: The partition value "aws-eusc" is now permitted for ARN (Amazon Resource
Name) fields.
* api-change:``devicefarm``: Add support for environment variables and an IAM execution role.
* api-change:``dms``: Added support for customer-managed KMS key (CMK) for encryption for import
private key certificate. Additionally added Amazon SageMaker Lakehouse endpoint used for zero-ETL
integrations with data warehouses.
* api-change:``dsql``: Added clusterVpcEndpoint field to GetVpcEndpointServiceName API response,
returning the VPC connection endpoint for the cluster
* api-change:``ec2``: This release adds support for multiple features including: VPC Encryption
Control for the status of traffic flow; S2S VPN BGP Logging; TGW Flexible Costs; IPAM allocation of
static IPs from IPAM pools to CF Anycast IP lists used on CloudFront distribution; and EBS Volume
Integration with Recycle Bin
* api-change:``ecs``: Launching Amazon ECS Express Mode - a new feature that enables developers to
quickly launch highly available, scalable containerized applications with a single command.
* api-change:``elbv2``: This release adds the target optimizer feature in ALB, enabling strict
concurrency enforcement on targets.
* api-change:``emr``: Add support for configuring S3 destination for step logs on a per-step basis.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``glue``: Added FunctionType parameter to Glue GetuserDefinedFunctions.
* api-change:``imagebuilder``: EC2 Image Builder now enables the distribution of existing AMIs,
retry distribution, and define distribution workflows. It also supports automatic versioning for
recipes and components, allowing automatic version increments and dynamic referencing in pipelines.
* api-change:``kinesis``: Kinesis Data Streams now supports up to 50 Enhance Fan-out consumers for
On-demand Advantage Streams. On-demand Standard and Provisioned streams will continue with the
existing limit of 20 consumers for Enhanced Fan-out.
* api-change:``lakeformation``: Added ServiceIntegrations as a request parameter for
CreateLakeFormationIdentityCenterConfigurationRequest and
UpdateLakeFormationIdentityCenterConfigurationRequest and response parameter for
DescribeLakeFormationIdentityCenterConfigurationResponse
* api-change:``license-manager``: Added cross-account resource aggregation via license asset groups
and expiry tracking for Self-Managed Licenses. Extended Org-Wide View to Self-Managed Licenses,
added reporting for license asset groups, and removed Athena/Glue dependencies for cross-account
resource discovery in commercial regions.
* api-change:``networkmanager``: This release adds support for Cloud WAN Routing Policy providing
customers sophisticated routing controls to better manage their global networks
* api-change:``organizations``: Added new APIs for Billing Transfer, new policy type
INSPECTOR_POLICY, and allow an account to transfer between organizations
* api-change:``quicksight``: Introducing comprehensive theme styling controls. New features include
border customization (radius, width, color), flexible padding controls, background styling for
cards and sheets, centralized typography management, and visual-level override support across
layouts.
* api-change:``rbin``: Add support for EBS volume in Recycle Bin
* api-change:``rds``: Add support for VPC Encryption Controls.
* api-change:``redshift-data``: Increasing the length limit of Statement Name from 500 to 2048.
* api-change:``s3``: Enable / Disable ABAC on a general purpose bucket.
* api-change:``sagemaker``: Added training plan support for inference endpoints. Added HyperPod
task governance with accelerator partition-based quota allocation. Added BatchRebootClusterNodes
and BatchReplaceClusterNodes APIs. Updated ListClusterNodes to include privateDnsHostName.
* api-change:``securityhub``: Release Findings and Resources Trends APIs- GetFindingsTrendsV2 and
GetResourcesTrendsV2. This supports time-series aggregated counts with composite filtering for
1-year of historical data analysis of Findings and Resources.
- from version 1.43.0
* api-change:``apigateway``: API Gateway now supports response streaming and new security policies
for REST APIs and custom domain names.
* api-change:``apigatewayv2``: Support for API Gateway portals and portal products.
* api-change:``backup``: Amazon GuardDuty Malware Protection now supports AWS Backup, extending
malware detection capabilities to EC2, EBS, and S3 backups.
* api-change:``bcm-pricing-calculator``: Add GroupSharingPreference,
CostCategoryGroupSharingPreferenceArn, and CostCategoryGroupSharingPreferenceEffectiveDate to Bill
Estimate. Add GroupSharingPreference and CostCategoryGroupSharingPreferenceArn to Bill Scenario.
* api-change:``bedrock-runtime``: This release includes support for Search Results.
* api-change:``billing``: Added name filtering support to ListBillingViews API through the new
names parameter to efficiently filter billing views by name.
* api-change:``billingconductor``: This release adds support for Billing Transfers, enabling
management of billing transfers with billing groups on AWS Billing Conductor.
* api-change:``ce``: Add support for COST_CATEGORY, TAG, and LINKED_ACCOUNT AWS managed cost
anomaly detection monitors
* api-change:``cloudtrail``: AWS CloudTrail now supports Insights for data events, expanding beyond
management events to automatically detect unusual activity on data plane operations.
* api-change:``connectcampaignsv2``: This release added support for ring timer configuration for
campaign calls.
* api-change:``cost-optimization-hub``: Release ListEfficiencyMetrics API
* api-change:``datazone``: Amazon DataZone now supports business metadata (readme and metadata
forms) at the individual attribute (column) level, a new rule type for glossary terms, and the
ability to update the owner of the root domain unit.
* api-change:``dynamodb``: Extended Global Secondary Index (GSI) composite keys to support up to 8
attributes.
* api-change:``ec2``: This launch adds support for two new features: Regional NAT Gateway and IPAM
Policies. IPAM policies offers customers central control for public IPv4 assignments across AWS
services. Regional NAT is a single NAT Gateway that automatically expands across AZs in a VPC to
maintain high availability.
* api-change:``ecr``: Add support for ECR archival storage class and Inspector org policy for
scanning
* api-change:``ecs``: Added support for Amazon ECS Managed Instances infrastructure optimization
configuration.
* api-change:``emr``: Add CloudWatch Logs integration for Spark driver, executor and step logs
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``fsx``: Adding File Server Resource Manager configuration to FSx Windows
* api-change:``guardduty``: Add support for scanning and viewing scan results for backup resource
types
* api-change:``health``: Adds actionability and personas properties to Health events exposed
through DescribeEvents, DescribeEventsForOrganization, DescribeEventDetails, and DescribeEventTypes
APIs. Adds filtering by actionabilities and personas in EventFilter, OrganizationEventFilter,
EventTypeFilter.
* api-change:``iam``: Added the EnableOutboundWebIdentityFederation,
DisableOutboundWebIdentityFederation and GetOutboundWebIdentityFederationInfo APIs for the IAM
outbound federation feature.
* api-change:``inspector2``: This release introduces BLOCKED_BY_ORGANIZATION_POLICY error code and
IMAGE_ARCHIVED scanStatusReason. BLOCKED_BY_ORGANIZATION_POLICY error code is returned when an
operation is blocked by an AWS Organizations policy. IMAGE_ARCHIVED scanStatusReason is returned
when an Image is archived in ECR.
* api-change:``invoicing``: Add support for adding Billing transfers in Invoice configuration
* api-change:``lambda``: Added support for creating and invoking Tenant Isolated functions in AWS
Lambda APIs.
* api-change:``logs``: Adding support for ocsf version 1.5, add optional parameter MappingVersion
* api-change:``mediaconnect``: This release adds support for global routing in AWS Elemental
MediaConnect. You can now use router inputs and router outputs to manage global video and audio
routing workflows both within the AWS-Cloud and over the public internet.
* api-change:``medialive``: MediaLive is adding support for MediaConnect Router by supporting a new
input type called MEDIACONNECT_ROUTER. This new input type will provide seamless encrypted
transport between MediaConnect Router and your MediaLive channel.
* api-change:``network-firewall``: Partner Managed Rulegroup feature support
* api-change:``networkflowmonitor``: Added new enum value (AWS::EKS::Cluster) for type field under
MonitorLocalResource
* api-change:``partnercentral-channel``: Initial GA launch of Partner Central Channel
* api-change:``route53``: Add dual-stack endpoint support for Route53
* api-change:``rum``: CloudWatch RUM now supports mobile application monitoring for Android and iOS
platforms
* api-change:``s3``: Adds support for blocking SSE-C writes to general purpose buckets.
* api-change:``sagemaker``: Added support for enhanced metrics for SageMaker AI Endpoints. This
features provides Utilization Metrics at instance and container granularity and also provides easy
configuration of metric publish frequency from 10 sec -> 5 mins
* api-change:``secretsmanager``: Adds support to create, update, retrieve, rotate, and delete
managed external secrets.
* api-change:``signin``: AWS Sign-In manages authentication for AWS services. This service provides
secure authentication flows for accessing AWS resources from the console and developer tools. This
release adds the CreateOAuth2Token API, which can be used to fetch OAuth2 access tokens and refresh
tokens from Sign-In.
* api-change:``stepfunctions``: Adds support to TestState for mocked results and exceptions, along
with additional inspection data.
* api-change:``sts``: IAM now supports outbound identity federation via the STS GetWebIdentityToken
API, enabling AWS workloads to securely authenticate with external services using short-lived JSON
Web Tokens.
* feature:credentials: Adds support for the login credential provider, allowing users to use AWS
Management Console credentials for authentication.
- from version 1.42.76
* api-change:``autoscaling``: This release adds the new LaunchInstances API, which can launch
instances synchronously in an AutoScaling group. The API also returns instances info and launch
error back immediately.
* api-change:``backup``: AWS Backup now supports a low-cost warm storage tier for Amazon S3 backup
data.
* api-change:``bedrock-runtime``: Amazon Bedrock Runtime Service Tier Support Launch
* api-change:``cloudformation``: New CloudFormation DescribeEvents API with operation ID tracking
and failure filtering capabilities to quickly identify root causes of deployment failures. Also, a
DeploymentMode parameter for the CreateChangeSet API that enables creation of drift-aware change
sets for safe drift management.
* api-change:``connect``: This release added support for ring timer configuration for campaign
calls.
* api-change:``ec2``: AWS Site-to-Site VPN now supports VPN Concentrator, a new feature that
enables customers to connect multiple low-bandwidth sites connections through a single attachment,
simplifying multi-site connectivity for distributed enterprises.
* api-change:``iam``: Added the AssociateDelegationRequest, GetDelegationRequest,
AcceptDelegationRequest, RejectDelegatonRequest, ListDelegationRequests, UpdateDelegationRequest,
SendDelegationToken and GetHumanReadableSummary APIs for the IAM temporary delegation feature.
* api-change:``kafka``: Amazon MSK adds three new APIs, ListTopics, DescribeTopic, and
DescribeTopicPartitions for viewing Kafka topics in your MSK clusters.
* api-change:``logs``: CloudWatch Logs updates: Added capability to setup a recurring schedule for
log insights queries. Logs introduced Scheduled Queries (managed through
Create/Update/Get/Delete/List/History Scheduled Query APIs). For more information, see CloudWatch
Logs API documentation.
* api-change:``resourcegroupstaggingapi``: Add support for new ListRequiredTags API used to
retrieve the required tags specified in a customer's effective tag policy.
* api-change:``storagegateway``: Adds support for European Sovereign Cloud ARNs in Storage Gateway
API parameters.
* api-change:``wafv2``: AssociateWebACL, UpdateWebACL and PutLoggingConfiguration will now throw
WAFFeatureNotIncludedInPricingPlanException when the request contains a feature that is not
included in the CloudFront pricing plan of the WebACL.
- from version 1.42.75
* api-change:``appstream``: Adding support for additional instances and extended storage
* api-change:``backup``: AWS Backup now supports specifying a logically air-gapped backup vault as
a primary backup target in backup plans and on-demand backup jobs.
* api-change:``bedrock``: Automated Reasoning checks in Amazon Bedrock Guardrails now automatically
generate Q&A tests for new Automated Reasoning policies. The
GetAutomatedReasoningPolicyBuildWorkflowResultAssets API adds GENERATED_TEST_CASES asset type,
allowing customers to retrieve tests generated by the build workflow.
* api-change:``devicefarm``: This release adds support for interacting with devices during a remote
access session using the remoteDriverEndpoint interface
* api-change:``dms``: This release introduces the SAP ASE(Sybase) Data Provider for AWS Data
Migration Service (DMS). In addition, DMS Schema Conversion now supports this provider, enabling
customers to migrate SAP ASE(Sybase) databases to Amazon RDS for PostgreSQL or Aurora PostgreSQL
seamlessly.
* api-change:``ec2``: This release introduces new APIs: DescribeInstanceSqlHaStates,
DescribeInstanceSqlHaHistoryStates, EnableInstanceSqlHaStandbyDetections and
DisableInstanceSqlHaStandbyDetections on Amazon EC2, allowing customers to enroll and monitor SQL
Server licensing fee savings for their SQL HA EC2 instances.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``glue``: Amazon Glue Releasing 2 the new API ListIntegrationResourceProperties and
DeleteIntegrationResourceProperty along with minor improvement on existing API(s).
* api-change:``guardduty``: Add S3 On-Demand Object Scanning
* api-change:``lexv2-models``: Adds support for LLM as Primary, allowing usage of LLMs as the
default NLU system.
* api-change:``medialive``: Adds configurations for spatial/temporal adaptive quantization in AV1
codec, and conversion to HLG output color space in H265 codec.
* api-change:``mediapackagev2``: Add support for SCTE messages in Segment file output
* api-change:``mwaa-serverless``: Amazon MWAA now offers serverless deployment, eliminating
operational overhead while optimizing costs. The service supports YAML and Python-based workflows,
with 80+ AWS Operators. It provides isolated execution, IAM permissions, and automatic scaling with
pay-per-use pricing.
* api-change:``opensearch``: This release adds index operation APIs to support Automatic Semantic
Enrichment feature
* api-change:``pcs``: Added support for the managed Slurm REST API endpoint
* api-change:``route53resolver``: Adding DICTIONARY_DGA to dns-threat-protection as a new enum
type. Customers can now set rules for dictionary dga protection
- from version 1.42.74
* api-change:``datazone``: Adds support for granting read and write access to Amazon S3 general
purpose buckets using CreateSubscriptionRequest and AcceptSubscriptionRequest APIs. Also adds
search filters for SSOUser and SSOGroup to ListSubscriptions APIs and deprecates "sortBy" parameter
for ListSubscriptions APIs.
* api-change:``ec2``: This release adds AvailabilityZoneId support for
CreateInstanceConnectEndpoint, DescribeInstanceConnectEndpoints, and DeleteInstanceConnectEndpoint
APIs.
* api-change:``imagebuilder``: EC2 Image Builder now supports invoking Lambda functions and
executing Step Functions state machine through image workflows.
* api-change:``medialive``: Removed all the value constraint (min/max) for the shape definitions
(e.g. integerMin0Max3600) on the C2j models to get rid of the need to request an exemption from the
SDK team whenever a shape definition (e.g. integerMin0Max3600) is changed.
- from version 1.42.73
* api-change:``cloudformation``: CloudFormation now supports GetHookResult API with annotations to
retrieve structured compliance check results and remediation guidance for each evaluated resource,
replacing the previous single-message limitation with detailed validation outcomes.
* api-change:``controlcatalog``: Added support for related control mappings with new
RELATED_CONTROL mapping type in ListControlMappings API.
* api-change:``ec2``: Added support for new accelerator types ("media") and accelerator names
("L4", "L40s", "GAUDI_HL_205", "INFERENTIA2", "TRAINIUM", "TRAINIUM2", "U30") in Attributes Based
Instance Type Selection for launched instance types.
* api-change:``ecr``: Add Amazon ECR FIPS PrivateLink endpoint support
* api-change:``elbv2``: QUIC and TCP_QUIC protocol support for Network Load Balancer (NLB). This
capability enables customers to forward QUIC traffic to their targets with ultra-low latency while
maintaining session stickiness using QUIC Connection IDs.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``iotwireless``: Integration of Device Location with Amazon Sidewalk network for
Amazon Sidewalk enabled devices
* api-change:``mediaconvert``: Lowers minimum duration for black video generator. Adds support for
embedding and signing C2PA content credentials in DASH and CMAF HLS outputs.
* api-change:``rds``: Updated endpoint and service metadata
* api-change:``sagemaker``: Added support for minor version upgrades and AWS Identity Center
integration for SageMaker Hadron Partner Apps, enabling automated version management and IdC
group-based access control.
* api-change:``workspaces-web``: Support for managing web content filtering for defining, tracking
and regulating type of content accessed with WorkSpaces Secure Browser as part of browser settings.
- from version 1.42.72
* api-change:``amp``: Add VPC source configuration support enabling Amazon Managed Service for
Prometheus Collector to collect metrics from MSK clusters.
* api-change:``connect``: Updated Authentication Profile APIs to add support for automatic logout
on user inactivity
* api-change:``dms``: Added support of SQL statements creation, metadata model discovery and
selection rules transformation.
* api-change:``ec2``: Adds complete AMI ancestry tracing from immediate parent through each
preceding generation back to the root AMI
* api-change:``elbv2``: This release expands ALB Authentication to support JWT verification and
adds support for a new JWT validation action in listener rule.
* api-change:``redshift``: Added GetIdentityCenterAuthToken API to retrieve encrypted
authentication tokens for Identity Center integrated applications. This API enables programmatic
access to secure Identity Center tokens with proper error handling and parameter validation across
supported SDK languages.
* api-change:``s3tables``: Adds support for request metrics metrics APIs for S3 Tables
* api-change:``sagemaker``: Add support for trn2.3xlarge instance type for SageMaker Hyperpod
- from version 1.42.71
* api-change:``batch``: Documentation-only update: update API and doc descriptions per EKS
ImageType default value switch from AL2 to AL2023.
* api-change:``bedrock-data-automation``: Added support for Language Expansion feature for BDA
Audio modality.
* api-change:``ec2``: AWS Site-to-Site VPN now supports VPN connections with up to 5 Gbps bandwidth
per tunnel, a 4x improvement from existing limit of 1.25 Gbps.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``medical-imaging``: Added new fields in existing APIs.
* api-change:``rtbfabric``: Added LogSettings and LinkAttribute fields to external links
* api-change:``security-ir``: Added support for configuring communication preferences as well as
clearly displaying case comment author identities.
- from version 1.42.70
* api-change:``acm-pca``: Private Certificate Authority service now supports ML-DSA key algorithms.
* api-change:``appstream``: AWS Appstream support for IPv6
* api-change:``backup``: AWS Backup supports backups of Amazon EKS clusters, including Kubernetes
cluster state and persistent storage attached to the EKS cluster via a persistent volume claim (EBS
volumes, EFS file systems, and S3 buckets).
* api-change:``braket``: Adds ExperimentalCapabilities field to CreateQuantumTask request and
GetQuantumTask response objects. Enables use of experimental software capabilities when creating
quantum tasks.
* api-change:``datazone``: Remove trackingServerName from DataZone Connection MLflowProperties
* api-change:``dsql``: Cluster endpoint added to CreateCluster and GetCluster API responses
* api-change:``ec2``: Amazon EC2 Fleet customers can now filter instance types based on
encryption-in-transit support using Attribute-Based Instance Type Selection (ABIS), eliminating the
manual effort of identifying and selecting compatible instance types for security-sensitive
workloads.
* api-change:``guardduty``: Include tags filed in CreatePublishingDestinationRequest and
DescribePublishingDestinationResponse.
* api-change:``iam``: Added CreateDelegationRequest API, which is not available for general use at
this time.
* api-change:``invoicing``: Added new invoicing get-invoice-pdf API Operation
* api-change:``kafka``: Amazon MSK now supports intelligent rebalancing for MSK Express brokers.
* api-change:``sts``: Added GetDelegatedAccessToken API, which is not available for general use at
this time.
* api-change:``verifiedpermissions``: Amazon Verified Permissions / Features : Adds support for
entity Cedar tags.
* api-change:``wafv2``: AWS WAF now supports CLOUDWATCH_TELEMETRY_RULE_MANAGED as a LogScope
option, enabling automated logging configuration through Amazon CloudWatch Logs for telemetry data
collection and analysis.
- from version 1.42.69
* api-change:``controltower``: Added Parent Identifier support to ListEnabledControls and
GetEnabledControl API. Implemented RemediationType support for Landing Zone operations:
CreateLandingZone, UpdateLandingZone and GetLandingZone APIs
* api-change:``ec2``: Adds PrivateDnsPreference and PrivateDnsSpecifiedDomains to control private
DNS resolution for resource and service network VPC endpoints and
IpamScopeExternalAuthorityConfiguration to integrate Amazon VPC IPAM with a third-party IPAM service
* api-change:``kms``: Added support for new ECC_NIST_EDWARDS25519 AWS KMS key spec
* api-change:``opensearch``: This release introduces the Default Application feature, allowing
users to set, change, or unset a preferred OpenSearch UI application on a per-region basis for a
streamlined and consistent user experience.
* api-change:``vpc-lattice``: Amazon VPC Lattice now supports custom domain name for resource
configurations
- from version 1.42.68
* api-change:``accessanalyzer``: New field totalActiveErrors added to getFindingsStatistics
response.
* api-change:``backup``: AWS Backup now supports customer-managed keys (CMK) for logically
air-gapped vaults, enabling customers to maintain full control over their encryption key lifecycle.
This feature helps organizations meet specific internal governance requirements or external
regulatory compliance standards.
* api-change:``connect``: Added support for Conditional Questions in Evaluation Forms. Introduced
Auto Evaluation capability for Evaluation Forms and Contact Evaluations. Added new API operations:
SearchEvaluationForms and SearchContactEvaluations.
* api-change:``ec2``: Add Amazon EC2 R8a instance types
* api-change:``gamelift``: Amazon GameLift Servers now supports game builds that use the Windows
2022 operating system.
* api-change:``identitystore``: IdentityStore API: added new KMSExceptionReason fields to the
Exception object; added multiple new fields to the User APIs - UserStatus, Birthdate, Website and
Photos; added multiple new metadata fields for User, Groups and Membership APIs - CreatedAt,
CreatedBy, UpdatedAt and UpdatedBy.
* api-change:``quicksight``: Support for New Data Prep Experience
* api-change:``s3tables``: Adds support for tagging APIs for S3 Tables
* api-change:``s3vectors``: Amazon S3 Vectors provides cost-effective, elastic, and durable vector
storage for queries based on semantic meaning and similarity.
* api-change:``sagemaker``: Added NodeProvisioningMode parameter to UpdateCluster API to determine
how instance provisioning is handled during cluster operations; in Continuous mode. Added VpcId
field in UpdateDomain request for SageMaker Unified Studio domains with no VPC to add a customer
VPC.
* api-change:``ssm``: Provides NoLongerSupportedException error message
- from version 1.42.67
* api-change:``cloudfront``: This release adds new and updated API operations. You can now use the
IpAddressType field to specify either ipv4 or dualstack for your Anycast static IP list. You can
also enable cross-account resource sharing to share your VPC origins with other AWS accounts
* api-change:``datazone``: Added support for Project Resource Tags
* api-change:``ec2``: This release adds AvailabilityZoneId support for
DescribeFastSnapshotRestores, DisableFastSnapshotRestores, and EnableFastSnapshotRestores APIs.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``fsx``: Amazon FSx now enables secure management of Active Directory credentials
through AWS Secrets Manager integration. Customers can use Secret ARNs instead of direct
credentials when joining resources to Active Directory domains.
* api-change:``groundstation``: Introduce CreateDataflowEndpointGroupV2 action
* api-change:``s3``: Launch IPv6 dual-stack support for S3 Express
* api-change:``sagemaker``: Add new fields in SageMaker Hyperpod DescribeCluster API response:
TargetStateCount, SoftwareUpdateStatus and ActiveSoftwareDeploymentConfig to provide AMI update
progress visibility .
- from version 1.42.66
* api-change:``pinpoint-sms-voice-v2``: This release adds support for the CarrierLookup API, which
returns information about a destination phone number including if the number is valid, the carrier,
and more.
- from version 1.42.65
* api-change:``bedrock-agentcore-control``: Adds support for direct code deploy with
CreateAgentRuntime and UpdateAgentRuntime
* api-change:``budgets``: Fix the AWS Budgets endpoint for the aws-eusc partition.
* api-change:``ec2``: Add Amazon EC2 trn2.3xlarge instance type.
* api-change:``ecs``: Documentation-only update for LINEAR and CANARY deployment strategies.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``kinesis``: Adds support for MinimumThroughputBillingCommitment with new
UpdateAccountSettings API. Adds support to configure warm throughput for on-demand streams in new
UpdateStreamWarmThroughput API and existing CreateStream API and UpdateStreamMode API.
- from version 1.42.64
* api-change:``connectcases``: Added two new case rule types: Parent Child Field Options (restricts
child field options based on parent field value) and Hidden (controls child field visibility based
on parent field value). Both enable dynamic field behavior within templates.
* api-change:``ec2``: Amazon VPC IP Address Manager (IPAM) now supports automated prefix list
management, allowing you to create rules that automatically populate customer-managed prefix lists
with CIDRs from your IPAM pools or AWS resources based on tags, Regions, or other criteria.
* api-change:``emr``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``fms``: Update endpoint ruleset parameters casing
* api-change:``fsx``: Update endpoint ruleset parameters casing
* api-change:``health``: Update endpoint ruleset parameters casing
* api-change:``kinesis``: Update endpoint ruleset parameters casing
* api-change:``lambda``: Add Python3.14 (python3.14) and Java 25 (java25) support to AWS Lambda
* api-change:``logs``: Update endpoint ruleset parameters casing
* api-change:``marketplace-catalog``: Update endpoint ruleset parameters casing
* api-change:``mediaconvert``: Adds SlowPalPitchCorrection to audio pitch correction settings.
Enables opacity for VideoOverlays. Adds REMUX_ALL option to enable multi-rendition passthrough to
VideoSelector for allow listed accounts.
* api-change:``omics``: Added WDL_LENIENT engine type that enables implicit typecasting of variable
values to its compatible declared types
* api-change:``payment-cryptography``: Allow additional characters in the CertificateSubject for
GetCertificateSigningRequest API.
* api-change:``redshift``: Update endpoint ruleset parameters casing
* api-change:``resourcegroupstaggingapi``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Allow update of platform identifier via UpdateNotebookInstance
operation.
* api-change:``savingsplans``: Add dual-stack endpoint support for Savings Plans
* api-change:``snowball``: Update endpoint ruleset parameters casing
* api-change:``ssm-quicksetup``: Update endpoint ruleset parameters casing
* api-change:``textract``: Update endpoint ruleset parameters casing
* api-change:``waf``: Update endpoint ruleset parameters casing
- from version 1.42.63
* api-change:``amp``: Add Anomaly Detection APIs for Amazon Managed Prometheus
* api-change:``apigateway``: Update endpoint ruleset parameters casing
* api-change:``appconfig``: Update endpoint ruleset parameters casing
* api-change:``appflow``: Update endpoint ruleset parameters casing
* api-change:``applicationcostprofiler``: Update endpoint ruleset parameters casing
* api-change:``appmesh``: Update endpoint ruleset parameters casing
* api-change:``appsync``: Update endpoint ruleset parameters casing
* api-change:``artifact``: Update endpoint ruleset parameters casing
* api-change:``auditmanager``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agent``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agentcore-control``: Web-Bot-Auth support for AgentCore Browser tool to help
reduce captcha challenges.
* api-change:``chime``: Update endpoint ruleset parameters casing
* api-change:``cleanrooms``: Added support for advanced Spark configurations to optimize SQL
performance
* api-change:``cloudcontrol``: Update endpoint ruleset parameters casing
* api-change:``clouddirectory``: Update endpoint ruleset parameters casing
* api-change:``cloudsearch``: Update endpoint ruleset parameters casing
* api-change:``cloudwatch``: Update endpoint ruleset parameters casing
* api-change:``codecatalyst``: Update endpoint ruleset parameters casing
* api-change:``codecommit``: Update endpoint ruleset parameters casing
* api-change:``codedeploy``: Update endpoint ruleset parameters casing
* api-change:``cognito-sync``: Update endpoint ruleset parameters casing
* api-change:``compute-optimizer``: Update endpoint ruleset parameters casing
* api-change:``connectcases``: Update endpoint ruleset parameters casing
* api-change:``deadline``: Update endpoint ruleset parameters casing
* api-change:``devops-guru``: Update endpoint ruleset parameters casing
* api-change:``docdb``: Adding FailoverState and TagList to GlobalCluster and SynchronizationStatus
to GlobalClusterMember.
* api-change:``ecs``: Amazon ECS Service Connect now supports Envoy access logs, providing deeper
observability into request-level traffic patterns and service interactions.
* api-change:``eks-auth``: Update endpoint ruleset parameters casing
* api-change:``elasticache``: Update endpoint ruleset parameters casing
* api-change:``emr-serverless``: This release adds the capability to enable User Background
Sessions for customers running Trusted Identity Propagation enabled Interactive Sessions on EMR
Serverless Applications.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``firehose``: Update endpoint ruleset parameters casing
* api-change:``frauddetector``: Update endpoint ruleset parameters casing
* api-change:``geo-places``: Update endpoint ruleset parameters casing
* api-change:``glue``: This release adds the capability to enable User Background Sessions for
customers running Trusted Identity Propagation enabled Interactive Sessions on AWS Glue.
* api-change:``greengrassv2``: Update endpoint ruleset parameters casing
* api-change:``iotevents-data``: Update endpoint ruleset parameters casing
* api-change:``iot-managed-integrations``: Add a new GetManagedThingCertificate API to expose Iot
ManagedIntegrations (MI) device certificate, and add "-" support for name, properties, actions
and events in the CapabilityReportCapability object.
* api-change:``keyspacesstreams``: Update endpoint ruleset parameters casing
* api-change:``kms``: Add cross account VPC endpoint service connectivity support to CustomKeyStore.
* api-change:``license-manager-linux-subscriptions``: Update endpoint ruleset parameters casing
* api-change:``marketplace-reporting``: Update endpoint ruleset parameters casing
* api-change:``neptune``: Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: RTB Fabric documentation update.
* api-change:``s3outposts``: Update endpoint ruleset parameters casing
* api-change:``sagemaker-runtime``: Update endpoint ruleset parameters casing
* api-change:``schemas``: Update endpoint ruleset parameters casing
* api-change:``serverlessrepo``: Update endpoint ruleset parameters casing
* api-change:``servicecatalog``: Update endpoint ruleset parameters casing
* api-change:``sso``: Update endpoint ruleset parameters casing
* api-change:``sts``: Update endpoint ruleset parameters casing
- from version 1.42.62
* api-change:``bedrock-runtime``: Add support for system tool and web citation response.
- from version 1.42.61
* api-change:``apigatewayv2``: Update endpoint ruleset parameters casing
* api-change:``application-signals``: Added support for CloudWatch Synthetics Canary resources in
ListAuditFindings API. This enhancement allows customers to retrieve audit findings specifically
for CloudWatch Synthetics canaries and enables service-canary correlation analysis.
* api-change:``backupsearch``: Update endpoint ruleset parameters casing
* api-change:``bcm-pricing-calculator``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agent-runtime``: Update endpoint ruleset parameters casing
* api-change:``bedrock-runtime``: Update endpoint ruleset parameters casing
* api-change:``cleanroomsml``: Update endpoint ruleset parameters casing
* api-change:``cloud9``: Update endpoint ruleset parameters casing
* api-change:``cloudsearchdomain``: Update endpoint ruleset parameters casing
* api-change:``codeconnections``: Update endpoint ruleset parameters casing
* api-change:``codeguru-security``: Update endpoint ruleset parameters casing
* api-change:``detective``: Update endpoint ruleset parameters casing
* api-change:``ec2``: This released the DescribeCapacityReservationTopology API.
* api-change:``ecs``: Amazon ECS supports native linear and canary service deployments, allowing
you to shift traffic in increments for more control.
* api-change:``efs``: Update endpoint ruleset parameters casing
* api-change:``elastictranscoder``: Update endpoint ruleset parameters casing
* api-change:``emr-containers``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``gameliftstreams``: Add stream group expiration date and expired status
* api-change:``glacier``: Update endpoint ruleset parameters casing
* api-change:``groundstation``: Enable use of AzEl ephemerides
* api-change:``inspector-scan``: Update endpoint ruleset parameters casing
* api-change:``kafkaconnect``: Update endpoint ruleset parameters casing
* api-change:``kendra``: Update endpoint ruleset parameters casing
* api-change:``kinesisvideo``: Update endpoint ruleset parameters casing
* api-change:``lambda``: Added SerializedRequestEntityTooLargeException to Lambda Invoke API
* api-change:``marketplace-deployment``: Update endpoint ruleset parameters casing
* api-change:``mediapackage-vod``: Update endpoint ruleset parameters casing
* api-change:``migrationhuborchestrator``: Update endpoint ruleset parameters casing
* api-change:``notifications``: Update endpoint ruleset parameters casing
* api-change:``opensearch``: Update endpoint ruleset parameters casing
* api-change:``organizations``: Added Account State field to the ListDelegatedAdministrators API
response.
* api-change:``partnercentral-selling``: Update endpoint ruleset parameters casing
* api-change:``pipes``: Update endpoint ruleset parameters casing
* api-change:``ram``: Update endpoint ruleset parameters casing
* api-change:``resource-groups``: Update endpoint ruleset parameters casing
* api-change:``s3``: Amazon Simple Storage Service / Features: Add conditional writes in CopyObject
on destination key to prevent unintended object modifications.
* api-change:``s3control``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Amazon SageMaker now supports deleting training and processing jobs in
a terminal status.
* api-change:``sagemaker-featurestore-runtime``: Update endpoint ruleset parameters casing
* api-change:``security-ir``: Update endpoint ruleset parameters casing
* api-change:``servicecatalog-appregistry``: Update endpoint ruleset parameters casing
* api-change:``sqs``: Update endpoint ruleset parameters casing
* api-change:``support-app``: Update endpoint ruleset parameters casing
* api-change:``taxsettings``: Update endpoint ruleset parameters casing
* api-change:``trustedadvisor``: Update endpoint ruleset parameters casing
* api-change:``workspaces``: Added IPv6 address support for WorkSpaces using Dual-Stack subnets
* api-change:``workspaces-instances``: Update endpoint ruleset parameters casing
* api-change:``xray``: Update endpoint ruleset parameters casing
- from version 1.42.60
* api-change:``accessanalyzer``: Update endpoint ruleset parameters casing
* api-change:``aiops``: Update endpoint ruleset parameters casing
* api-change:``athena``: Update endpoint ruleset parameters casing
* api-change:``backup-gateway``: Update endpoint ruleset parameters casing
* api-change:``bedrock-data-automation``: Update endpoint ruleset parameters casing
* api-change:``braket``: Update endpoint ruleset parameters casing
* api-change:``ce``: Updated endpoint for eusc-de-east-1 region.
* api-change:``chime-sdk-identity``: Update endpoint ruleset parameters casing
* api-change:``chime-sdk-media-pipelines``: Update endpoint ruleset parameters casing
* api-change:``codeartifact``: Update endpoint ruleset parameters casing
* api-change:``codeguruprofiler``: Update endpoint ruleset parameters casing
* api-change:``cognito-idp``: Update endpoint ruleset parameters casing
* api-change:``comprehend``: Update endpoint ruleset parameters casing
* api-change:``connectcampaigns``: Update endpoint ruleset parameters casing
* api-change:``controltower``: Update endpoint ruleset parameters casing
* api-change:``cost-optimization-hub``: Update endpoint ruleset parameters casing
* api-change:``dax``: Update endpoint ruleset parameters casing
* api-change:``elasticbeanstalk``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``entityresolution``: Update endpoint ruleset parameters casing
* api-change:``forecast``: Update endpoint ruleset parameters casing
* api-change:``greengrass``: Update endpoint ruleset parameters casing
* api-change:``iam``: Fixed missing SummaryMap keys in GetAccountSummary response that were being
filtered out during deserialization in AWS Java SDK v2
* api-change:``invoicing``: Update endpoint ruleset parameters casing
* api-change:``kinesis``: Adds support for record sizes up to 10MiB and introduces new
UpdateMaxRecordSize API to modify stream record size limits. Adds record size parameters to
existing CreateStream and DescribeStreamSummary APIs for request and response payloads respectively.
* api-change:``launch-wizard``: Update endpoint ruleset parameters casing
* api-change:``lex-runtime``: Update endpoint ruleset parameters casing
* api-change:``managedblockchain``: Update endpoint ruleset parameters casing
* api-change:``mturk``: Update endpoint ruleset parameters casing
* api-change:``neptune-graph``: Update endpoint ruleset parameters casing
* api-change:``outposts``: Update endpoint ruleset parameters casing
* api-change:``pinpoint``: Update endpoint ruleset parameters casing
* api-change:``rbin``: Update endpoint ruleset parameters casing
* api-change:``rds-data``: Update endpoint ruleset parameters casing
* api-change:``redshift-serverless``: Update endpoint ruleset parameters casing
* api-change:``rekognition``: Update endpoint ruleset parameters casing
* api-change:``repostspace``: Update endpoint ruleset parameters casing
* api-change:``route53profiles``: Update endpoint ruleset parameters casing
* api-change:``route53resolver``: Update endpoint ruleset parameters casing
* api-change:``s3vectors``: Update endpoint ruleset parameters casing
* api-change:``scheduler``: Update endpoint ruleset parameters casing
* api-change:``secretsmanager``: Update endpoint ruleset parameters casing
* api-change:``ses``: Update endpoint ruleset parameters casing
* api-change:``shield``: Update endpoint ruleset parameters casing
* api-change:``simspaceweaver``: Update endpoint ruleset parameters casing
* api-change:``socialmessaging``: Update endpoint ruleset parameters casing
* api-change:``ssm-sap``: Update endpoint ruleset parameters casing
* api-change:``sso-admin``: Update endpoint ruleset parameters casing
* api-change:``stepfunctions``: Update endpoint ruleset parameters casing
* api-change:``waf-regional``: Update endpoint ruleset parameters casing
* api-change:``workmailmessageflow``: Update endpoint ruleset parameters casing
- from version 1.42.59
* api-change:``acm``: Update endpoint ruleset parameters casing
* api-change:``amplifyuibuilder``: Update endpoint ruleset parameters casing
* api-change:``application-signals``: Update endpoint ruleset parameters casing
* api-change:``billing``: Update endpoint ruleset parameters casing
* api-change:``budgets``: Update endpoint ruleset parameters casing
* api-change:``chime-sdk-messaging``: Update endpoint ruleset parameters casing
* api-change:``cloudtrail``: Update endpoint ruleset parameters casing
* api-change:``codepipeline``: Update endpoint ruleset parameters casing
* api-change:``datapipeline``: Update endpoint ruleset parameters casing
* api-change:``datazone``: This release adds support for MLflow connections Creation in DataZone
* api-change:``docdb``: Update endpoint ruleset parameters casing
* api-change:``dynamodbstreams``: Update endpoint ruleset parameters casing
* api-change:``eks``: Update endpoint ruleset parameters casing
* api-change:``elb``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``evs``: Update endpoint ruleset parameters casing
* api-change:``fis``: Update endpoint ruleset parameters casing
* api-change:``gameliftstreams``: Add status reasons for TERMINATED stream sessions
* api-change:``geo-maps``: Added support for optional AdditionalFeatures parameter in the V2
GetTile API.
* api-change:``inspector``: Update endpoint ruleset parameters casing
* api-change:``iot-managed-integrations``: Update endpoint ruleset parameters casing
* api-change:``iotwireless``: Update endpoint ruleset parameters casing
* api-change:``kinesisanalytics``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-signaling``: Update endpoint ruleset parameters casing
* api-change:``location``: Added support for mobile app restrictions in Amazon Location API keys.
* api-change:``lookoutvision``: Update endpoint ruleset parameters casing
* api-change:``mediapackage``: Update endpoint ruleset parameters casing
* api-change:``mediastore``: Update endpoint ruleset parameters casing
* api-change:``mediastore-data``: Update endpoint ruleset parameters casing
* api-change:``migrationhubstrategy``: Update endpoint ruleset parameters casing
* api-change:``mq``: Update endpoint ruleset parameters casing
* api-change:``panorama``: Update endpoint ruleset parameters casing
* api-change:``payment-cryptography``: Update endpoint ruleset parameters casing
* api-change:``payment-cryptography-data``: Update endpoint ruleset parameters casing
* api-change:``pca-connector-ad``: Update endpoint ruleset parameters casing
* api-change:``qbusiness``: Update endpoint ruleset parameters casing
* api-change:``robomaker``: Update endpoint ruleset parameters casing
* api-change:``route53domains``: Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: Add support for custom rate limits.
* api-change:``s3tables``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Added inference components model data caching feature
* api-change:``sagemaker-metrics``: Update endpoint ruleset parameters casing
* api-change:``securityhub``: Release 3 layer filter support in GetFindingsV2,
GetFindingStatisticsV2, GetResourcesV2,GetResourcesStatisticsV2, AutomationRule V2 APIs. Update
filter casing in GetResourcesV2, GetResourcesStatisticsV2 APIs. Add new filters in GetFindingsV2,
GetFindingStatisticsV2, AutomationRule V2 APIs.
* api-change:``servicediscovery``: Update endpoint ruleset parameters casing
* api-change:``snow-device-management``: Update endpoint ruleset parameters casing
* api-change:``sso-oidc``: Update endpoint ruleset parameters casing
* api-change:``supplychain``: Update endpoint ruleset parameters casing
* api-change:``translate``: Update endpoint ruleset parameters casing
* api-change:``verifiedpermissions``: Update endpoint ruleset parameters casing
* api-change:``vpc-lattice``: Update endpoint ruleset parameters casing
* api-change:``wisdom``: Update endpoint ruleset parameters casing
* api-change:``workspaces-thin-client``: Update endpoint ruleset parameters casing
- from version 1.42.58
* api-change:``account``: Update endpoint ruleset parameters casing
* api-change:``application-autoscaling``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agentcore``: Fixing the service documentation name
* api-change:``bedrock-agentcore-control``: Fixing the service documentation name
* api-change:``chime-sdk-voice``: Update endpoint ruleset parameters casing
* api-change:``cloudtrail-data``: Update endpoint ruleset parameters casing
* api-change:``codebuild``: Update endpoint ruleset parameters casing
* api-change:``codestar-connections``: Update endpoint ruleset parameters casing
* api-change:``config``: Update endpoint ruleset parameters casing
* api-change:``connect-contact-lens``: Update endpoint ruleset parameters casing
* api-change:``cur``: Update endpoint ruleset parameters casing
* api-change:``discovery``: Update endpoint ruleset parameters casing
* api-change:``dms``: Update endpoint ruleset parameters casing
* api-change:``docdb-elastic``: Update endpoint ruleset parameters casing
* api-change:``drs``: Update endpoint ruleset parameters casing
* api-change:``dsql``: Add support for resource-based policies for Aurora DSQL clusters. This will
enable you to implement Block Public Access (BPA) which will help restrict access to your Aurora
DSQL public or VPC endpoints.
* api-change:``ebs``: Update endpoint ruleset parameters casing
* api-change:``ecr``: Update endpoint ruleset parameters casing
* api-change:``ecr-public``: Update endpoint ruleset parameters casing
* api-change:``healthlake``: Update endpoint ruleset parameters casing
* api-change:``internetmonitor``: Update endpoint ruleset parameters casing
* api-change:``iotevents``: Update endpoint ruleset parameters casing
* api-change:``iot-jobs-data``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-archived-media``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-webrtc-storage``: Update endpoint ruleset parameters casing
* api-change:``lambda``: Add NodeJs 24 (nodejs24.x) support to AWS Lambda.
* api-change:``macie2``: Update endpoint ruleset parameters casing
* api-change:``managedblockchain-query``: Update endpoint ruleset parameters casing
* api-change:``marketplacecommerceanalytics``: Update endpoint ruleset parameters casing
* api-change:``mediatailor``: Update endpoint ruleset parameters casing
* api-change:``mgh``: Update endpoint ruleset parameters casing
* api-change:``mgn``: Update endpoint ruleset parameters casing
* api-change:``mpa``: Update endpoint ruleset parameters casing
* api-change:``neptunedata``: Update endpoint ruleset parameters casing
* api-change:``networkmonitor``: Update endpoint ruleset parameters casing
* api-change:``odb``: Doc-only update that removes duplicate values from descriptions of ODB
peering APIs.
* api-change:``omics``: Update endpoint ruleset parameters casing
* api-change:``opensearchserverless``: Update endpoint ruleset parameters casing
* api-change:``pca-connector-scep``: Update endpoint ruleset parameters casing
* api-change:``personalize-events``: Update endpoint ruleset parameters casing
* api-change:``pinpoint-email``: Update endpoint ruleset parameters casing
* api-change:``resiliencehub``: Update endpoint ruleset parameters casing
* api-change:``rum``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Update endpoint ruleset parameters casing
* api-change:``sagemaker-edge``: Update endpoint ruleset parameters casing
* api-change:``savingsplans``: Update endpoint ruleset parameters casing
* api-change:``securitylake``: Update endpoint ruleset parameters casing
* api-change:``sesv2``: Update endpoint ruleset parameters casing
* api-change:``storagegateway``: Update endpoint ruleset parameters casing
* api-change:``synthetics``: Update endpoint ruleset parameters casing
- from version 1.42.57
* api-change:``appfabric``: Update endpoint ruleset parameters casing
* api-change:``autoscaling``: Update endpoint ruleset parameters casing
* api-change:``b2bi``: Update endpoint ruleset parameters casing
* api-change:``bcm-dashboards``: Update endpoint ruleset parameters casing
* api-change:``ce``: Update endpoint ruleset parameters casing
* api-change:``chatbot``: Update endpoint ruleset parameters casing
* api-change:``cloudformation``: Update endpoint ruleset parameters casing
* api-change:``cloudhsm``: Update endpoint ruleset parameters casing
* api-change:``cloudhsmv2``: Update endpoint ruleset parameters casing
* api-change:``codeguru-reviewer``: Update endpoint ruleset parameters casing
* api-change:``cognito-identity``: Update endpoint ruleset parameters casing
* api-change:``comprehendmedical``: Update endpoint ruleset parameters casing
* api-change:``connect``: This release added support for email address alias configuration and
outbound campaign preview mode.
* api-change:``connectcampaignsv2``: Updated Amazon Connect Outbound Campaigns V2 SDK to support
Preview Outbound Mode
* api-change:``connectparticipant``: Update endpoint ruleset parameters casing
* api-change:``devicefarm``: This release adds support for optionally including an app as part of a
CreateRemoteAccessSession request
* api-change:``directconnect``: Update endpoint ruleset parameters casing
* api-change:``ds-data``: Update endpoint ruleset parameters casing
* api-change:``ec2``: This release adds AvailabilityZoneId support for CreateNetworkInterface and
DescribeNetworkInterfaces APIs.
* api-change:``ec2-instance-connect``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``forecastquery``: Update endpoint ruleset parameters casing
* api-change:``iam``: Updated OIDC and SAML apis to reject multiple simultaneous requests to change
a unique object.
* api-change:``inspector2``: Update endpoint ruleset parameters casing
* api-change:``iot``: Update endpoint ruleset parameters casing
* api-change:``iotanalytics``: Update endpoint ruleset parameters casing
* api-change:``iotfleetwise``: Update endpoint ruleset parameters casing
* api-change:``iotsecuretunneling``: Update endpoint ruleset parameters casing
* api-change:``iotsitewise``: Update endpoint ruleset parameters casing
* api-change:``ivschat``: Update endpoint ruleset parameters casing
* api-change:``kinesisanalyticsv2``: Update endpoint ruleset parameters casing
* api-change:``lexv2-models``: Update endpoint ruleset parameters casing
* api-change:``mailmanager``: Update endpoint ruleset parameters casing
* api-change:``marketplace-agreement``: Update endpoint ruleset parameters casing
* api-change:``medialive``: Add 3 API operations for fetching alerts: ListAlerts (Channels),
ListClusterAlerts (MediaLive Anywhere), and ListMultiplexAlerts
* api-change:``mwaa``: Update endpoint ruleset parameters casing
* api-change:``notificationscontacts``: Update endpoint ruleset parameters casing
* api-change:``oam``: Update endpoint ruleset parameters casing
* api-change:``pcs``: Update endpoint ruleset parameters casing
* api-change:``pinpoint-sms-voice-v2``: Update endpoint ruleset parameters casing
* api-change:``redshift-data``: Update endpoint ruleset parameters casing
* api-change:``route53``: Amazon Route 53 now supports the ISOB West Region for private DNS for
Amazon VPCs and cloudwatch healthchecks.
* api-change:``route53-recovery-cluster``: Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: Update for general availability of AWS RTB Fabric service.
* api-change:``sagemaker-a2i-runtime``: Update endpoint ruleset parameters casing
* api-change:``sns``: Update endpoint ruleset parameters casing
* api-change:``ssm-incidents``: Update endpoint ruleset parameters casing
* api-change:``workdocs``: Update endpoint ruleset parameters casing
* api-change:``workmail``: Update endpoint ruleset parameters casing
* api-change:``workspaces``: Update endpoint ruleset parameters casing
- from version 1.42.56
* api-change:``dynamodb``: Add AccountID based endpoint metric to endpoint rules.
* api-change:``emr``: Added RECONFIGURING to the InstanceFleetState convenience enum.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``mediaconvert``: This release adds the ability to set resolution for the black video
generator and also adds the StartJobsQuery and GetJobsQueryResults APIs which allow asynchronous
search of job history using new filters.
* api-change:``meteringmarketplace``: Added ClientToken parameter to MeterUsage API for specifying
idempotent requests.
* enhancement:timestamps: Add ``wire`` as a valid value for ``cli_timestamp_format``.
- from version 1.42.55
* api-change:``amp``: Update endpoint ruleset parameters casing
* api-change:``amplifybackend``: Update endpoint ruleset parameters casing
* api-change:``appconfigdata``: Update endpoint ruleset parameters casing
* api-change:``appintegrations``: Update endpoint ruleset parameters casing
* api-change:``application-insights``: Update endpoint ruleset parameters casing
* api-change:``arc-zonal-shift``: Update endpoint ruleset parameters casing
* api-change:``bcm-recommended-actions``: Update endpoint ruleset parameters casing
* api-change:``bedrock-data-automation-runtime``: Update endpoint ruleset parameters casing
* api-change:``chime-sdk-meetings``: Update endpoint ruleset parameters casing
* api-change:``cloudfront``: Update endpoint ruleset parameters casing
* api-change:``cloudfront-keyvaluestore``: Update endpoint ruleset parameters casing
* api-change:``codestar-notifications``: Update endpoint ruleset parameters casing
* api-change:``controlcatalog``: Update endpoint ruleset parameters casing
* api-change:``datasync``: Update endpoint ruleset parameters casing
* api-change:``ds``: Update endpoint ruleset parameters casing
* api-change:``dsql``: Update endpoint ruleset parameters casing
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``es``: Update endpoint ruleset parameters casing
* api-change:``events``: Update endpoint ruleset parameters casing
* api-change:``evidently``: Update endpoint ruleset parameters casing
* api-change:``finspace``: Update endpoint ruleset parameters casing
* api-change:``finspace-data``: Update endpoint ruleset parameters casing
* api-change:``gameliftstreams``: Updates documentation to clarify valid application binaries for
an Amazon GameLift Streams application and provide descriptions of stream session error status
reasons
* api-change:``geo-maps``: Added support for optional style parameters in maps, including Terrain,
ContourDensity, Traffic, and TravelModes.
* api-change:``imagebuilder``: Update endpoint ruleset parameters casing
* api-change:``iot-data``: Update endpoint ruleset parameters casing
* api-change:``iotdeviceadvisor``: Update endpoint ruleset parameters casing
* api-change:``iotthingsgraph``: Update endpoint ruleset parameters casing
* api-change:``iottwinmaker``: Update endpoint ruleset parameters casing
* api-change:``kendra-ranking``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-media``: Update endpoint ruleset parameters casing
* api-change:``lakeformation``: Update endpoint ruleset parameters casing
* api-change:``license-manager``: Update endpoint ruleset parameters casing
* api-change:``license-manager-user-subscriptions``: Update endpoint ruleset parameters casing
* api-change:``marketplace-catalog``: The ListEntities API now supports two new CAPI filters:
DeliveryOptionTypes for SaaS products and CompatibleAWSServices for Container products.
* api-change:``mediaconnect``: Update endpoint ruleset parameters casing
* api-change:``migration-hub-refactor-spaces``: Update endpoint ruleset parameters casing
* api-change:``network-firewall``: Update endpoint ruleset parameters casing
* api-change:``networkmanager``: Update endpoint ruleset parameters casing
* api-change:``organizations``: Update endpoint ruleset parameters casing
* api-change:``pi``: Update endpoint ruleset parameters casing
* api-change:``qapps``: Update endpoint ruleset parameters casing
* api-change:``rolesanywhere``: Update endpoint ruleset parameters casing
* api-change:``route53-recovery-readiness``: Update endpoint ruleset parameters casing
* api-change:``sagemaker-geospatial``: Update endpoint ruleset parameters casing
* api-change:``signer``: Update endpoint ruleset parameters casing
* api-change:``swf``: Releasing minor endpoint updates.
* api-change:``timestream-write``: Update endpoint ruleset parameters casing
* api-change:``tnb``: Update endpoint ruleset parameters casing
* api-change:``wellarchitected``: Update endpoint ruleset parameters casing
- from version 1.42.54
* api-change:``acm-pca``: Update endpoint ruleset parameters casing
* api-change:``amplify``: Update endpoint ruleset parameters casing
* api-change:``apigatewaymanagementapi``: Update endpoint ruleset parameters casing
* api-change:``apprunner``: Update endpoint ruleset parameters casing
* api-change:``apptest``: Update endpoint ruleset parameters casing
* api-change:``autoscaling-plans``: Updated FIPS endpoints for US GovCloud regions
* api-change:``batch``: Update endpoint ruleset parameters casing
* api-change:``bcm-data-exports``: Update endpoint ruleset parameters casing
* api-change:``billingconductor``: New feature: service flat CLI and first AWS managed pricing plan
(BasicPricingPlan)
* api-change:``customer-profiles``: Update endpoint ruleset parameters casing
* api-change:``databrew``: Update endpoint ruleset parameters casing
* api-change:``dataexchange``: Update endpoint ruleset parameters casing
* api-change:``dlm``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules command to latest version
* api-change:``freetier``: Update endpoint ruleset parameters casing
* api-change:``gamelift``: Update endpoint ruleset parameters casing
* api-change:``geo-routes``: Update endpoint ruleset parameters casing
* api-change:``globalaccelerator``: Update endpoint ruleset parameters casing
* api-change:``grafana``: Update endpoint ruleset parameters casing
* api-change:``identitystore``: Update endpoint ruleset parameters casing
* api-change:``ivs``: Update endpoint ruleset parameters casing
* api-change:``ivs-realtime``: Update endpoint ruleset parameters casing
* api-change:``kafka``: Update endpoint ruleset parameters casing
* api-change:``keyspaces``: Update endpoint ruleset parameters casing
* api-change:``kms``: Update endpoint ruleset parameters casing
* api-change:``lex-models``: Update endpoint ruleset parameters casing
* api-change:``lexv2-runtime``: Update endpoint ruleset parameters casing
* api-change:``lookoutequipment``: Update endpoint ruleset parameters casing
* api-change:``m2``: Update endpoint ruleset parameters casing
* api-change:``machinelearning``: Update endpoint ruleset parameters casing
* api-change:``marketplace-entitlement``: Update endpoint ruleset parameters casing
* api-change:``mediapackagev2``: Update endpoint ruleset parameters casing
* api-change:``medical-imaging``: Update endpoint ruleset parameters casing
* api-change:``memorydb``: Update endpoint ruleset parameters casing
* api-change:``migrationhub-config``: Update endpoint ruleset parameters casing
* api-change:``networkflowmonitor``: Update endpoint ruleset parameters casing
* api-change:``osis``: Update endpoint ruleset parameters casing
* api-change:``personalize``: Update endpoint ruleset parameters casing
* api-change:``personalize-runtime``: Update endpoint ruleset parameters casing
* api-change:``pinpoint-sms-voice``: Update endpoint ruleset parameters casing
* api-change:``polly``: Update endpoint ruleset parameters casing
* api-change:``pricing``: Update endpoint ruleset parameters casing
* api-change:``qldb``: Update endpoint ruleset parameters casing
* api-change:``qldb-session``: Update endpoint ruleset parameters casing
* api-change:``route53-recovery-control-config``: Update endpoint ruleset parameters casing
* api-change:``ssm``: Update endpoint ruleset parameters casing
* api-change:``ssm-contacts``: Update endpoint ruleset parameters casing
* api-change:``ssm-guiconnect``: Update endpoint ruleset parameters casing
* api-change:``timestream-query``: Update endpoint ruleset parameters casing
* api-change:``voice-id``: Update endpoint ruleset parameters casing
* api-change:``workspaces-web``: Update endpoint ruleset parameters casing
- from version 1.42.53
* api-change:``bedrock``: Amazon Bedrock Automated Reasoning Policy now offers enhanced AWS KMS
integration. The CreateAutomatedReasoningPolicy API includes a new kmsKeyId field, allowing
customers to specify their preferred KMS key for encryption, improving control and compliance with
AWS encryption mandates.
* api-change:``docdb``: Add support for NetworkType field in CreateDbCluster, ModifyDbCluster,
RestoreDbClusterFromSnapshot and RestoreDbClusterToPointInTime for DocumentDB.
* api-change:``ec2``: Introducing EC2 Capacity Manager for monitoring and analyzing capacity usage
across On-Demand Instances, Spot Instances, and Capacity Reservations.
* api-change:``elbv2``: This release expands Listener Rule Conditions to support RegexValues and
adds support for a new Transforms field in Listener Rules.
* api-change:``guardduty``: Added default pagination value for ListMalwareProtectionPlans API and
updated UpdateFindingsFeedback API
* api-change:``lightsail``: Add support for manage Lightsail Bucket CORS configuration
* api-change:``timestream-influxdb``: This release adds support for creating and managing InfluxDB
3 Core and Enterprise DbClusters.
- from version 1.42.52
* api-change:``appstream``: This release introduces support for Microsoft license included
applications streaming.
* api-change:``backup``: The AWS Backup job attribute extension enhancement helps customers better
understand the plan that initiated each job, and the properties of the resource each job creates.
* api-change:``connect``: SDK release for TaskTemplateInfo in Contact for DescribeContact response.
* api-change:``datazone``: Support creating scoped and trustedIdentityPropagation enabled
connections.
* api-change:``ec2``: This release adds support for creating instant, point-in-time copies of EBS
volumes within the same Availability Zone
* api-change:``transcribe``: Move UntagResource API body member to query parameter
* api-change:``transfer``: SFTP connectors now support routing connections via customers' VPC. This
enables connections to remote servers that are only accessible in a customer's VPC environment, and
to servers that are accessible over the internet but need connections coming from an IP address in
a customer VPC's CIDR range.
- from version 1.42.51
* api-change:``bedrock-agentcore``: Updated InvokeAgentRuntime API to accept account id optionally
and added CompleteResourceTokenAuth API.
* api-change:``bedrock-agentcore-control``: Updated http status code in control plane apis of
agentcore runtime, tools and identity. Additional included provider types for AgentCore Identity
* api-change:``ec2``: Release Amazon EC2 c8i, c8i-flex, m8a, and r8gb
* api-change:``observabilityadmin``: CloudWatch Observability Admin adds the ability to enable
Resource tags for telemetry in a customer account. The release introduces new APIs to enable,
disable and describe the status of Resource tags for telemetry feature. This new capability
simplifies monitoring AWS resources using tags.
- Refresh ac_relax-depends.patch
- Update Requires from setup.py
- curl
-
- Security fix: [bsc#1256105, CVE-2025-14017]
* call ldap_init() before setting the options
* Add patch curl-CVE-2025-14017.patch
- Security fixes:
* [bsc#1255731, CVE-2025-14524] if redirected, require permission to use bearer
* [bsc#1255734, CVE-2025-15224] require private key or user-agent for public key auth
* [bsc#1255732, CVE-2025-14819] toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache
* [bsc#1255733, CVE-2025-15079] set both knownhosts options to the same file
* Add patches:
- curl-CVE-2025-14524.patch
- curl-CVE-2025-15224.patch
- curl-CVE-2025-14819.patch
- curl-CVE-2025-15079.patch
- docker
-
- Places a hard cap on the amount of mechanisms that can be specified and
encoded in the payload. (bsc#1253904, CVE-2025-58181)
* 0007-CVE-2025-58181-fix-vendor-crypto-ssh.patch
- glib2
-
- Add CVE fixes:
+ glib2-CVE-2026-1484.patch (bsc#1257355 CVE-2026-1484
glgo#GNOME/glib!4979).
+ glib2-CVE-2026-1485.patch (bsc#1257354 CVE-2026-1485
glgo#GNOME/glib!4981).
+ glib2-CVE-2026-1489.patch (bsc#1257353 CVE-2026-1489
glgo#GNOME/glib!4984).
- Add glib2-CVE-2026-0988.patch: fix a potential integer overflow
in g_buffered_input_stream_peek (bsc#1257049 CVE-2026-0988
glgo#GNOME/glib#3851).
- gpg2
-
- Security fix [bsc#1256389] (gpg.fail/filename)
* Added gnupg-accepts-path-separators-literal-data.patch
* GnuPG Accepts Path Separators and Path Traversals in Literal Data
- kernel-default
-
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP
allocations (bsc#1254447 bsc#1253087).
- commit e548905
- Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792)
- commit c1cfc1c
- README.BRANCH : remove Vasilis from maintainers
- commit 6c4df64
- Update patches.suse/drm-amd-display-Fix-vs-typos.patch
(git-fixes CVE-2024-26661 bsc#1222323).
- Update
patches.suse/drm-stm-ltdc-fix-late-dereference-check.patch
(git-fixes CVE-2023-53714 bsc#1254465).
- Update
patches.suse/x86-tdx-Zero-out-the-missing-RSI-in-TDX_HYPERCALL-macro.patch
(git-fixes CVE-2023-52874 bsc#1225049).
- commit 699197b
- Update
patches.suse/USB-gadget-Fix-obscure-lockdep-violation-for-udc_mut.patch
(CVE-2022-49980 bsc#1245110 CVE-2022-49943 bsc#1244904).
- Update
patches.suse/USB-gadget-bcm63xx_udc-fix-memory-leak-with-using-de.patch
(git-fixes CVE-2023-53412 bsc#1254462).
- Update
patches.suse/USB-gadget-lpc32xx_udc-fix-memory-leak-with-using-de.patch
(git-fixes CVE-2023-53418 bsc#1254464).
- Update
patches.suse/USB-gadget-pxa27x_udc-fix-memory-leak-with-using-deb.patch
(git-fixes CVE-2023-53407 bsc#1253028).
- Update
patches.suse/USB-sl811-fix-memory-leak-with-using-debugfs_lookup.patch
(git-fixes CVE-2023-53417 bsc#1254463).
- Update patches.suse/arm64-set-UXN-on-swapper-page-tables.patch
(git-fixes CVE-2022-50232 bsc#1244758).
- Update
patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-ext.patch
(bsc#1249158 CVE-2025-21658 bsc#1236208).
- Update
patches.suse/ip-Fix-data-races-around-sysctl_ip_fwd_use_pmtu.patch
(CVE-2025-40139 bsc#1253409 CVE-2022-49604 bsc#1238414).
- Update
patches.suse/ipv4-use-RCU-protection-in-__ip_rt_update_pmtu.patch
(CVE-2025-40139 bsc#1253409 CVE-2025-21766 bsc#1238754).
- Update
patches.suse/ipv6-use-RCU-protection-in-ip6_default_advmss.patch
(CVE-2025-40139 bsc#1253409 CVE-2025-21765 bsc#1237906).
- Update
patches.suse/mm-zswap-fix-missing-folio-cleanup-in-writeback-race-path.patch
(CVE-2023-53178 bsc#1249827 git-fix CVE-2024-26832 bsc#1223007).
- Update
patches.suse/ndisc-extend-RCU-protection-in-ndisc_send_skb.patch
(CVE-2025-40139 bsc#1253409 CVE-2025-21760 bsc#1238763).
- Update
patches.suse/ndisc-use-RCU-protection-in-ndisc_alloc_skb.patch
(CVE-2025-40139 bsc#1253409 CVE-2025-21764 bsc#1237885).
- Update
patches.suse/net-sched-ets-use-old-nbands-while-purging-unused-classes.patch
(git-fixes CVE-2025-38684 bsc#1249156).
- Update
patches.suse/netfilter-nft_set_hash-unaligned-atomic-read-on-struct-nft.patch
(CVE-2023-52923 bsc#1236104 CVE-2024-54031 bsc#1235905).
- Update
patches.suse/netfilter-nft_set_rbtree-skip-end-interval-element-from-gc.patch
(CVE-2023-52923 bsc#1236104 CVE-2024-26581 bsc#1220144).
- Update
patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elements-in-.patch
(CVE-2023-52923 bsc#1236104 CVE-2023-52433 bsc#1220137).
- Update patches.suse/perf-core-Exit-early-on-perf_mmap-fail.patch
(CVE-2025-38563 bsc#1248306 dependency CVE-2025-38565
bsc#1248377).
- Update
patches.suse/udf-fix-uninit-value-use-in-udf_get_fileshortad.patch
(bsc#1252785 CVE-2025-40044 CVE-2024-50143 bsc#1233038).
- commit 5e5b6b9
- macvlan: fix possible UAF in macvlan_forward_source()
(CVE-2026-23001 bsc#1257232).
- net: hns3: add VLAN id validation before using (CVE-2025-71112
bsc#1256726).
- commit 270e8e5
- net/sched: sch_qfq: do not free existing class in
qfq_change_class() (CVE-2026-22999 bsc#1257236).
- commit 16a63b9
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- net: hv_netvsc: reject RSS hash key programming without RX
indirection table (bsc#1257473).
- commit 7602440
- ipv6: BUG() in pskb_expand_head() as part of
calipso_skbuff_setattr() (CVE-2025-71085 bsc#1256623).
- commit 3ba0df8
- usbnet: Prevents free active kevent (CVE-2025-68312
bsc#1255171).
- commit ee0ab3e
- tcp: correct handling of extreme memory squeeze (bsc#1254767).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- net: tcp: send zero-window ACK when no memory (bsc#1254767).
- commit 56442cc
- page_pool: Fix use-after-free in page_pool_recycle_in_ring
(CVE-2025-38129 bsc#1245723).
- page_pool: fix inconsistency for page_pool_ring_lock()
(CVE-2025-38129 bsc#1245723).
- commit ef250c6
- libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116 bsc#1256744).
- commit b9dec39
- libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285 bsc#1255401).
- commit 9d4582b
- libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (CVE-2025-68284 bsc#1255377).
- commit f157995
- x86: make page fault handling disable interrupts properly
(git-fixes).
- commit a7abb9b
- virtio-net: ensure the received length does not exceed allocated
size (CVE-2025-38375 bsc#1247177).
- commit 6145535
- iommu: disable SVA when CONFIG_X86 is set (CVE-2025-71089
bsc#1256612).
- commit 35b67db
- kABI: Fixup for struct mrp_applicant (CVE-2022-50697
bsc#1255594).
- commit 74302bd
- mrp: introduce active flags to prevent UAF when applicant uninit
(CVE-2022-50697 bsc#1255594).
- commit d693c1a
- mptcp: fix a race in mptcp_pm_del_add_timer() (CVE-2025-40257
bsc#1254842).
- commit a01d7e7
- sched/fair: Don't balance task to its current running CPU (CVE-2023-53215 bsc#1250397)
- commit 7fb66be
- Update config files.
- commit c148a7f
- x86/vmscape: Add old Intel CPUs to affected list (bsc#1247483
CVE-2025-40300).
- commit 91334cf
- x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483
CVE-2025-40300).
- commit 11b7dad
- x86/bugs: Move cpu_bugs_smt_update() down (bsc#1247483
CVE-2025-40300).
- commit 3528146
- x86/vmscape: Enable the mitigation (bsc#1247483 CVE-2025-40300).
- commit ee7811b
- x86/vmscape: Add conditional IBPB mitigation (bsc#1247483
CVE-2025-40300).
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
- commit 1f9199e
- x86/vmscape: Enumerate VMSCAPE bug (bsc#1247483 CVE-2025-40300).
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
- commit 31c0293
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token
in gss_read_proxy_verf (CVE-2025-71120 bsc#1256779).
- commit 23da597
- Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483
CVE-2025-40300).
- commit bfa3e0c
- Revert "ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582"
This reverts commit 0a793b204bae9d28b0237e47341a7f495d54ca68.
Regarding bsc#1256582 comment #7: Since the CVE score is below 7,
we should not backport this fix to the 5.14-LTSS branch.
- commit 64134c9
- ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582
CVE-2025-68771).
- commit 0a793b2
- kABI: Fix X86_FEATURE_BHI_CTRL and X86_FEATURE_IPRED_CTRL overlap (bsc#1253702)
Due to an oversight the aforementioned features were overlapping in
their definition, since the latter is defined via :
[#]define X86_FEATURE_IPRED_CTRL KVM_X86_FEATURE(CPUID_7_2_EDX, 1)
but CPUID_7_2_EDX was wronlgy defined due to kvm_only_cpuid_leafs
not being adjusted to account for the extended caps. This resulted in
both feature names to be matched by the X86_FEATURE_BHI_CTRL rule in
__feature_translate resulted in the alias. This in turn has a snowball
effect in downstream logic which expects different features to have
different definitions.
Fix it by adjusting kvm_only_cpuid_leafs to account for our kABI fixes.
- commit 6ef085a
- crypto: lzo - Fix compression buffer overrun (CVE-2025-38068 bsc#1245210)
- commit f5ce243
- wifi: rtw88: fix the 'para' buffer size to avoid reading out
of bounds (CVE-2025-38159 bsc#1245751).
- commit 626f7b2
- ipvs: fix ipv4 null-ptr-deref in route error path
(CVE-2025-68813 bsc#1256641).
- commit c310c4c
- netfilter: ebtables: fix table blob use-after-free
(CVE-2023-54243 bsc#1255908).
- commit 1e66c31
- gtp: Fix use-after-free in __gtp_encap_destroy() (CVE-2023-54142
bsc#1256095).
- commit 7ec7480
- ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (CVE-2025-68183 bsc#1255251).
- commit 889d597
- fuse: fix livelock in synchronous file put from fuseblk workers (CVE-2025-40220 bsc#1254520).
- commit 9f0195c
- mm: hugetlb: fix UAF in hugetlb_handle_userfault (CVE-2022-50630
bsc#1254785).
- commit d39687e
- Delete
patches.suse/net-mana-Switch-to-page-pool-for-jumbo-frames.patch.
- Delete
patches.suse/net-mana-Use-page-pool-fragments-for-RX-buffers-inst.patch.
Drop mana page-pool patches as page-pool isn't new enough (bsc#1255107)
- commit e4c8100
- Update
patches.suse/0001-net-nsh-Use-correct-mac_offset-to-unwind-gso-skb-in-.patch
(CVE-2024-36933 bsc#1225832 CVE-2023-54114 bsc#1256150).
- Update
patches.suse/0250-dm-verity-loadpin-Only-trust-verity-targets-with-enforcement.patch
(jsc#PED-2765 CVE-2022-50621 bsc#1254786).
- Update
patches.suse/Bluetooth-ISO-fix-iso_conn-related-locking-and-valid.patch
(git-fixes CVE-2023-54164 bsc#1256071).
- Update
patches.suse/Bluetooth-hci_sync-Avoid-use-after-free-in-dbg-for-h-a2bcd2b.patch
(git-fixes CVE-2023-53828 bsc#1254623).
- Update
patches.suse/Bluetooth-hci_sync-Avoid-use-after-free-in-dbg-for-h.patch
(git-fixes CVE-2023-54210 bsc#1255955).
- Update
patches.suse/Bluetooth-use-hdev-workqueue-when-queuing-hdev-cmd-n.patch
(jsc#PED-1407 CVE-2022-50833 bsc#1256218).
- Update
patches.suse/af_unix-Fix-data-races-around-sk-sk_shutdown.patch-e1d09c2c
(bsc#1226846 CVE-2023-54226 bsc#1255841).
- Update patches.suse/arm64-mm-fix-VA-range-sanity-check.patch
(git-fixes CVE-2023-53989 bsc#1256302).
- Update
patches.suse/arm64-set-__exception_irq_entry-with-__irq_entry-as-a-default.patch
(git-fixes CVE-2023-54322 bsc#1255763).
- Update
patches.suse/autofs-fix-memory-leak-of-waitqueues-in-autofs_catat.patch
(git-fixes CVE-2023-54134 bsc#1256106).
- Update
patches.suse/bcache-fixup-btree_cache_wait-list-damage-f085.patch
(git-fixes CVE-2023-54293 bsc#1255801).
- Update
patches.suse/blk-cgroup-dropping-parent-refcount-after-pd_free_fn-is-done.patch
(bsc#1224573 CVE-2023-54107 bsc#1256359).
- Update
patches.suse/bnxt_en-fix-memory-leak-in-bnxt_nvm_test.patch
(jsc#PED-1495 CVE-2022-50723 bsc#1255946).
- Update
patches.suse/bpf-Prevent-decl_tag-from-being-referenced-in-func_p.patch
(git-fixes CVE-2022-50883 bsc#1256128).
- Update
patches.suse/bpf-prevent-decl_tag-from-being-referenced-in-func_p.patch
(git-fixes CVE-2022-50862 bsc#1256166).
- Update
patches.suse/devlink-hold-region-lock-when-flushing-snapshots.patch
(git-fixes CVE-2022-50712 bsc#1255745).
- Update
patches.suse/dm-don-t-attempt-to-queue-IO-under-RCU-protection-a9ce.patch
(git-fixes CVE-2023-53860 bsc#1254626).
- Update
patches.suse/dm-flakey-don-t-corrupt-the-zero-page-f507.patch
(git-fixes CVE-2023-54317 bsc#1255771).
- Update
patches.suse/dm-flakey-fix-a-crash-with-invalid-table-line-98db.patch
(git-fixes CVE-2023-53786 bsc#1254916).
- Update
patches.suse/drm-amd-display-fix-FCLK-pstate-change-underflow.patch
(bsc#1206843 CVE-2023-53780 bsc#1254911).
- Update
patches.suse/drm-amd-display-fix-mapping-to-non-allocated-address.patch
(bsc#1206843 CVE-2023-53753 bsc#1254910).
- Update
patches.suse/drm-amd-display-populate-subvp-cmd-info-only-for-the.patch
(git-fixes CVE-2023-53806 bsc#1254979).
- Update
patches.suse/drm-amdkfd-Fix-kernel-warning-during-topology-setup.patch
(git-fixes CVE-2023-54144 bsc#1256088).
- Update patches.suse/drm-amdkfd-fix-potential-kgd_mem-UAFs.patch
(git-fixes CVE-2023-53816 bsc#1254958).
- Update
patches.suse/drm-bridge-it6505-Initialize-AUX-channel-in-it6505_i.patch
(git-fixes CVE-2022-50847 bsc#1256198).
- Update
patches.suse/drm-fbdev-generic-prohibit-potential-out-of-bounds-a.patch
(git-fixes CVE-2023-54116 bsc#1256352).
- Update
patches.suse/drm-i915-Fix-NULL-ptr-deref-by-checking-new_crtc_sta.patch
(git-fixes CVE-2023-53833 bsc#1254681).
- Update
patches.suse/drm-msm-a6xx-Fix-kvzalloc-vs-state_kcalloc-usage.patch
(git-fixes CVE-2022-50867 bsc#1256164).
- Update
patches.suse/drm-msm-fix-NULL-deref-on-irq-uninstall.patch
(git-fixes CVE-2023-54138 bsc#1256101).
- Update
patches.suse/drm-msm-fix-workqueue-leak-on-bind-errors.patch
(git-fixes CVE-2023-53849 bsc#1254651).
- Update
patches.suse/drm-mxsfb-Disable-overlay-plane-in-mxsfb_plane_overl.patch
(git-fixes CVE-2023-53864 bsc#1254754).
- Update
patches.suse/drm-rockchip-dw_hdmi-cleanup-drm-encoder-during-unbi.patch
(git-fixes CVE-2023-54047 bsc#1256398).
- Update
patches.suse/drm-ttm-Don-t-leak-a-resource-on-eviction-error.patch
(git-fixes CVE-2023-54254 bsc#1255890).
- Update
patches.suse/drm-vmwgfx-Fix-memory-leak-in-vmw_mksstat_add_ioctl.patch
(git-fixes CVE-2022-50667 bsc#1254684).
- Update
patches.suse/erofs-stop-parsing-non-compact-HEAD-index-if-clusterofs-is-invalid.patch
(git-fixes CVE-2023-54132 bsc#1256103).
- Update
patches.suse/exfat-use-kvmalloc_array-kvfree-instead-of-kmalloc_array-kfree.patch
(git-fixes CVE-2023-54194 bsc#1255974).
- Update
patches.suse/fs-drop-peer-group-ids-under-namespace-lock.patch
(git-fixes CVE-2023-54128 bsc#1256112).
- Update
patches.suse/i2c-xiic-xiic_xfer-Fix-runtime-PM-leak-on-error-path.patch
(git-fixes CVE-2023-54175 bsc#1255998).
- Update
patches.suse/ice-set-tx_tstamps-when-creating-new-Tx-rings-via-et.patch
(jsc#PED-376 CVE-2022-50710 bsc#1255561).
- Update
patches.suse/igb-clean-up-in-all-error-paths-when-enabling-SR-IOV.patch
(jsc#PED-370 CVE-2023-54070 bsc#1256364).
- Update
patches.suse/io_uring-fix-memory-leak-when-removing-provided-buff.patch
(git-fixes CVE-2023-54041 bsc#1255532).
- Update
patches.suse/io_uring-rw-defer-fsnotify-calls-to-task-context.patch
(git-fixes CVE-2022-50705 bsc#1255596).
- Update
patches.suse/iommu-amd-Add-a-length-limitation-for-the-ivrs_acpih.patch
(git-fixes CVE-2023-54057 bsc#1256381).
- Update
patches.suse/iommu-sprd-Release-dma-buffer-to-avoid-memory-leak.patch
(git-fixes CVE-2023-53801 bsc#1254922).
- Update
patches.suse/md-raid5-cache-fix-a-deadlock-in-r5l_exit_log-a705.patch
(git-fixes CVE-2023-53848 bsc#1254753).
- Update
patches.suse/mlx5-fix-skb-leak-while-fifo-resync-and-push.patch
(jsc#PED-1549 CVE-2023-54238 bsc#1255916).
- Update
patches.suse/net-mlx5-fix-potential-memory-leak-in-mlx5e_init_rep.patch
(git-fixes CVE-2023-54106 bsc#1256358).
- Update
patches.suse/net-mlx5e-Don-t-clone-flow-post-action-attributes-se.patch
(jsc#PED-1549 CVE-2023-54262 bsc#1255881).
- Update
patches.suse/net-mlx5e-Move-representor-neigh-cleanup-to-profile-.patch
(git-fixes CVE-2023-54148 bsc#1256084).
- Update
patches.suse/net-mlx5e-Use-correct-encap-attribute-during-invalid.patch
(jsc#PED-1549 CVE-2023-54074 bsc#1256363).
- Update
patches.suse/net-mlx5e-fix-memory-leak-in-mlx5e_ptp_open.patch
(git-fixes CVE-2023-54169 bsc#1256050).
- Update
patches.suse/net-sched-taprio-Limit-TCA_TAPRIO_ATTR_SCHED_CYCLE_T.patch
(bsc#1226797 CVE-2023-54251 bsc#1255888).
- Update
patches.suse/net-stream-purge-sk_error_queue-in-sk_stream_kill_qu.patch
(git-fixes CVE-2022-50838 bsc#1256214).
- Update
patches.suse/nvme-multipath-fix-lockdep-WARN-due-to-partition-sca.patch
(git-fixes bsc#1233640 CVE-2024-53093 CVE-2025-68218
bsc#1255245).
- Update
patches.suse/platform-x86-amd-pmc-Fix-memory-leak-in-amd_pmc_stb_.patch
(bsc#1210644 CVE-2023-54320 bsc#1255761).
- Update
patches.suse/powerpc-pseries-Rework-lppaca_shared_proc-to-avoid-D.patch
(bsc#1194869 CVE-2023-54267 bsc#1255899).
- Update
patches.suse/powerpc-pseries-fix-possible-memory-leak-in-ibmebus_.patch
(bsc#1194869 CVE-2023-54017 bsc#1255605).
- Update
patches.suse/scsi-mpi3mr-Fix-missing-mrioc-evtack_cmds-initialization.patch
(git-fixes CVE-2023-54234 bsc#1255920).
- Update
patches.suse/scsi-pm8001-Fix-running_req-for-internal-abort-commands.patch
(jsc#PED-1559 CVE-2022-50818 bsc#1256239).
- Update
patches.suse/scsi-smartpqi-Correct-device-removal-for-multi-actua.patch
(bsc#1207315 CVE-2022-50768 bsc#1256309).
- Update
patches.suse/spmi-Add-a-check-for-remove-callback-when-removing-a.patch
(git-fixes CVE-2023-54044 bsc#1256294).
- Update
patches.suse/vdpa-vp_vdpa-fix-kfree-a-wrong-pointer-in-vp_vdpa_re.patch
(git-fixes CVE-2022-50873 bsc#1256144).
- Update patches.suse/vhost-vdpa-fix-an-iotlb-memory-leak.patch
(jsc#PED-1549 CVE-2022-50738 bsc#1256111).
- Update
patches.suse/virt-coco-sev-guest-Double-buffer-messages.patch
(jsc#PED-7167 CVE-2023-53769 bsc#1254601).
- Update
patches.suse/wifi-ath11k-fix-failed-to-find-the-peer-with-peer_id.patch
(bsc#1206451 CVE-2022-50665 bsc#1254685).
- Update
patches.suse/wifi-ath11k-fix-registration-of-6Ghz-only-phy-withou.patch
(git-fixes CVE-2023-54229 bsc#1255924).
- Update
patches.suse/wifi-mt76-mt7921e-fix-rmmod-crash-in-driver-reload-t.patch
(bsc#1209980 CVE-2022-50714 bsc#1255747).
- Update
patches.suse/wifi-mt76-mt7921s-fix-slab-out-of-bounds-access-in-s.patch
(bsc#1209980 CVE-2022-50701 bsc#1255635).
- commit 3030cef
- Update
patches.suse/0016-md-raid5-Remove-unnecessary-bio_put-in-raid5_read_on.patch
(git-fixes CVE-2022-50752 bsc#1256204).
- Update patches.suse/0045-dm-clone-Fix-UAF-in-clone_dtr.patch
(git-fixes CVE-2022-50843 bsc#1256203).
- Update
patches.suse/0047-dm-integrity-Fix-UAF-in-dm_integrity_dtr.patch
(git-fixes CVE-2022-50889 bsc#1256056).
- Update
patches.suse/ACPI-EC-Fix-oops-when-removing-custom-query-handlers.patch
(git-fixes CVE-2023-54244 bsc#1255909).
- Update
patches.suse/ACPICA-ACPICA-check-null-return-of-ACPI_ALLOCATE_ZER.patch
(git-fixes CVE-2023-54010 bsc#1256326).
- Update
patches.suse/ALSA-firewire-digi00x-prevent-potential-use-after-fr.patch
(git-fixes CVE-2023-54084 bsc#1256223).
- Update
patches.suse/ALSA-hda-ca0132-fixup-buffer-overrun-at-tuning_ctl_s.patch
(git-fixes CVE-2023-53788 bsc#1254917).
- Update
patches.suse/ALSA-line6-fix-stack-overflow-in-line6_midi_transmit.patch
(git-fixes CVE-2022-50719 bsc#1255939).
- Update
patches.suse/ALSA-mts64-fix-possible-null-ptr-defer-in-snd_mts64_.patch
(git-fixes CVE-2022-50773 bsc#1256245).
- Update
patches.suse/ALSA-pcm-Fix-potential-data-race-at-PCM-memory-alloc.patch
(git-fixes CVE-2023-54072 bsc#1256291).
- Update
patches.suse/ARM-OMAP2-Fix-memory-leak-in-realtime_counter_init.patch
(git-fixes CVE-2022-50872 bsc#1256157).
- Update
patches.suse/ARM-zynq-Fix-refcount-leak-in-zynq_early_slcr_init.patch
(git-fixes CVE-2023-53818 bsc#1254714).
- Update
patches.suse/ASoC-codecs-tx-macro-Fix-for-KASAN-slab-out-of-bound.patch
(git-fixes CVE-2023-54245 bsc#1255912).
- Update
patches.suse/ASoC-codecs-wcd-mbhc-v2-fix-resource-leaks-on-compon.patch
(git-fixes CVE-2023-53842 bsc#1254690).
- Update
patches.suse/ASoC-da7219-Fix-an-error-handling-path-in-da7219_reg.patch
(git-fixes CVE-2022-50698 bsc#1255608).
- Update
patches.suse/ASoC-pxa-fix-null-pointer-dereference-in-filter.patch
(git-fixes CVE-2022-50866 bsc#1256162).
- Update
patches.suse/ASoC-soc-compress-Reposition-and-add-pcm_mutex.patch
(git-fixes CVE-2023-53866 bsc#1255060).
- Update
patches.suse/Bluetooth-Fix-race-condition-in-hidp_session_thread.patch
(git-fixes CVE-2023-54120 bsc#1256133).
- Update
patches.suse/Bluetooth-L2CAP-Fix-potential-user-after-free.patch
(git-fixes CVE-2023-54214 bsc#1255954).
- Update
patches.suse/Bluetooth-L2CAP-Fix-use-after-free-in-l2cap_disconne.patch
(git-fixes CVE-2023-53827 bsc#1255049).
- Update
patches.suse/FS-JFS-Check-for-read-only-mounted-filesystem-in-txBegin.patch
(git-fixes CVE-2023-53766 bsc#1255005).
- Update
patches.suse/HSI-omap_ssi-Fix-refcount-leak-in-ssi_probe.patch
(git-fixes CVE-2022-50641 bsc#1254614).
- Update
patches.suse/KVM-Destroy-target-device-if-coalesced-MMIO-unregistration-fails.patch
(git-fixes CVE-2023-54024 bsc#1255609).
- Update
patches.suse/KVM-s390-pv-fix-index-value-of-replaced-ASCE.patch
(git-fixes bsc#1213867 CVE-2023-54092 bsc#1256370).
- Update
patches.suse/NFSD-Finish-converting-the-NFSv2-GETACL-result-encod.patch
(git-fixes CVE-2022-50861 bsc#1256177).
- Update
patches.suse/NFSv4-Fix-a-credential-leak-in-_nfs4_discover_trunki.patch
(git-fixes CVE-2022-50853 bsc#1256189).
- Update
patches.suse/PCI-Fix-dropping-valid-root-bus-resources-with-.end-.patch
(git-fixes CVE-2023-53814 bsc#1254713).
- Update
patches.suse/PCI-Fix-pci_device_is_present-for-VFs-by-checking-PF.patch
(git-fixes CVE-2022-50636 bsc#1254645).
- Update
patches.suse/PCI-Free-released-resource-after-coalescing.patch
(git-fixes CVE-2023-53743 bsc#1254782).
- Update
patches.suse/RDMA-bnxt_re-Prevent-handling-any-completions-after-.patch
(git-fixes CVE-2023-54048 bsc#1256395).
- Update
patches.suse/RDMA-core-Fix-GID-entry-ref-leak-when-create_ah-fail.patch
(git-fixes CVE-2023-54003 bsc#1255619).
- Update
patches.suse/RDMA-efa-Fix-wrong-resources-deallocation-order.patch
(git-fixes CVE-2023-54201 bsc#1255964).
- Update
patches.suse/RDMA-hns-fix-memory-leak-in-hns_roce_alloc_mr.patch
(git-fixes CVE-2022-50662 bsc#1254625).
- Update
patches.suse/RDMA-irdma-Cap-MSIX-used-to-online-CPUs-1.patch
(git-fixes CVE-2023-53811 bsc#1254716).
- Update
patches.suse/RDMA-irdma-Fix-data-race-on-CQP-completion-stats.patch
(git-fixes CVE-2023-54302 bsc#1255792).
- Update
patches.suse/RDMA-irdma-Fix-data-race-on-CQP-request-done.patch
(git-fixes CVE-2023-54292 bsc#1255800).
- Update
patches.suse/RDMA-irdma-Fix-memory-leak-of-PBLE-objects.patch
(git-fixes CVE-2023-54055 bsc#1256384).
- Update
patches.suse/RDMA-mlx4-Prevent-shift-wrapping-in-set_user_sq_size.patch
(jsc#SLE-19255 CVE-2023-54168 bsc#1256053).
- Update
patches.suse/RDMA-restrack-Release-MR-restrack-when-delete.patch
(git-fixes CVE-2022-50822 bsc#1256260).
- Update
patches.suse/RDMA-rxe-Fix-NULL-ptr-deref-in-rxe_qp_do_cleanup-whe.patch
(git-fixes CVE-2022-50885 bsc#1256122).
- Update
patches.suse/RDMA-rxe-Fix-kernel-NULL-pointer-dereference-error.patch
(git-fixes CVE-2022-50671 bsc#1254711).
- Update
patches.suse/RDMA-rxe-Fix-the-error-trying-to-register-non-static.patch
(git-fixes CVE-2023-54028 bsc#1255546).
- Update
patches.suse/RDMA-siw-Fix-QP-destroy-to-wait-for-all-references-d.patch
(git-fixes CVE-2022-50666 bsc#1254674).
- Update
patches.suse/RDMA-siw-Fix-immediate-work-request-flush-to-complet.patch
(git-fixes CVE-2022-50736 bsc#1256137).
- Update
patches.suse/RDMA-srpt-Add-a-check-for-valid-mad_agent-pointer.patch
(git-fixes CVE-2023-54274 bsc#1255905).
- Update
patches.suse/Reinstate-some-of-swiotlb-rework-fix-info-leak-with-.patch
(CVE-2022-0854 bsc#1196823 CVE-2022-48853 bsc#1228015).
- Update
patches.suse/Revert-Bluetooth-btsdio-fix-use-after-free-bug-in-bt.patch
(git-fixes CVE-2023-54197 bsc#1255969).
- Update
patches.suse/Revert-IB-isert-Fix-incorrect-release-of-isert-conne.patch
(git-fixes CVE-2023-54219 bsc#1256231).
- Update
patches.suse/SMB3-Add-missing-locks-to-protect-deferred-close-file-list.patch
(git-fixes CVE-2023-53990 bsc#1255560).
- Update
patches.suse/SUNRPC-Don-t-leak-netobj-memory-when-gss_read_proxy_.patch
(git-fixes CVE-2022-50821 bsc#1256242).
- Update
patches.suse/SUNRPC-double-free-xprt_ctxt-while-still-in-use.patch
(git-fixes CVE-2023-54269 bsc#1255876).
- Update
patches.suse/USB-gadget-Fix-use-after-free-during-usb-config-swit.patch
(git-fixes CVE-2022-50704 bsc#1255623).
- Update patches.suse/USB-sisusbvga-Add-endpoint-checks.patch
(git-fixes CVE-2023-54213 bsc#1255953).
- Update
patches.suse/USB-usbtmc-Fix-direction-for-0-length-ioctl-control-.patch
(git-fixes CVE-2023-53761 bsc#1255002).
- Update
patches.suse/acct-fix-potential-integer-overflow-in-encode_comp_t.patch
(git-fixes CVE-2022-50749 bsc#1256191).
- Update patches.suse/amba-bus-fix-refcount-leak.patch (git-fixes
CVE-2023-54230 bsc#1255925).
- Update
patches.suse/amdgpu-pm-prevent-array-underflow-in-vega20_odn_edit.patch
(git-fixes CVE-2022-50781 bsc#1256306).
- Update
patches.suse/amdgpu-validate-offset_in_bo-of-drm_amdgpu_gem_va.patch
(git-fixes CVE-2023-53819 bsc#1254712).
- Update patches.suse/apparmor-Fix-memleak-in-alloc_ns.patch
(git-fixes CVE-2022-50860 bsc#1256174).
- Update
patches.suse/apparmor-fix-a-memleak-in-multi_transaction_new.patch
(git-fixes CVE-2022-50754 bsc#1256065).
- Update
patches.suse/arm64-mte-Avoid-setting-PG_mte_tagged-if-no-tags-cle.patch
(git-fixes CVE-2022-50675 bsc#1254664).
- Update
patches.suse/audit-fix-possible-soft-lockup-in-__audit_inode_chil.patch
(git-fixes CVE-2023-54045 bsc#1256285).
- Update
patches.suse/auxdisplay-hd44780-Fix-potential-memory-leak-in-hd44.patch
(git-fixes CVE-2022-50830 bsc#1256328).
- Update
patches.suse/blk-cgroup-Fix-NULL-deref-caused-by-blkg_policy_data-being-installed-before-init.patch
(bsc#1216062 CVE-2023-54271 bsc#1255902).
- Update
patches.suse/blk-iocost-fix-divide-by-0-error-in-calc_lcoefs.patch
(bsc#1214986 CVE-2023-53783 bsc#1254915).
- Update
patches.suse/block-bfq-Fix-division-by-zero-error-on-zero-wsum.patch
(bsc#1213653 CVE-2023-54242 bsc#1255919).
- Update
patches.suse/bpf-Disable-preemption-in-bpf_event_output.patch
(git-fixes CVE-2023-54173 bsc#1255996).
- Update
patches.suse/can-j1939-j1939_tp_tx_dat_new-fix-out-of-bounds-memo.patch
(git-fixes CVE-2023-54039 bsc#1255555).
- Update
patches.suse/cifs-Fix-lost-destroy-smbd-connection-when-MR-allocate-failed.patch
(git-fixes CVE-2023-54260 bsc#1255878).
- Update
patches.suse/cifs-Fix-the-error-length-of-VALIDATE_NEGOTIATE_INFO-message.patch
(bsc#1193629 CVE-2022-50859 bsc#1256172).
- Update
patches.suse/cifs-Fix-xid-leak-in-cifs_copy_file_range-.patch
(bsc#1193629 CVE-2022-50643 bsc#1254631).
- Update
patches.suse/cifs-Fix-xid-leak-in-cifs_ses_add_channel-.patch
(bsc#1193629 CVE-2022-50856 bsc#1256182).
- Update
patches.suse/cifs-fix-potential-race-when-tree-connecting-ipc.patch
(bsc#1208758 CVE-2023-54280 bsc#1255819).
- Update
patches.suse/cifs-fix-potential-use-after-free-bugs-in-TCP_Server_Info-hostname.patch
(bsc#1208758 CVE-2023-53751 bsc#1254986).
- Update
patches.suse/cifs-fix-session-state-check-in-reconnect-to-avoid-use-after-free-i.patch
(bsc#1193629 CVE-2023-53794 bsc#1255163).
- Update
patches.suse/clk-st-Fix-memory-leak-in-st_of_quadfs_setup.patch
(git-fixes CVE-2022-50776 bsc#1256254).
- Update
patches.suse/clk-tegra-Fix-refcount-leak-in-tegra114_clock_init.patch
(git-fixes CVE-2022-50823 bsc#1256333).
- Update
patches.suse/clk-ti-dra7-atl-Fix-reference-leak-in-of_dra7_atl_cl.patch
(git-fixes CVE-2022-50644 bsc#1254632).
- Update
patches.suse/clk-zynqmp-Fix-stack-out-of-bounds-in-strncpy.patch
(git-fixes CVE-2022-50828 bsc#1256230).
- Update
patches.suse/configfs-fix-possible-memory-leak-in-configfs_create.patch
(git-fixes CVE-2022-50751 bsc#1256184).
- Update
patches.suse/cpufreq-qcom-fix-memory-leak-in-error-path.patch
(git-fixes CVE-2022-50658 bsc#1254756).
- Update
patches.suse/crypto-akcipher-default-implementation-for-setting-a.patch
(git-fixes CVE-2022-50731 bsc#1256049).
- Update patches.suse/crypto-essiv-Handle-EBUSY-correctly.patch
(git-fixes CVE-2023-54046 bsc#1256295).
- Update
patches.suse/crypto-hisilicon-zip-fix-mismatch-in-get-set-sgl_sge.patch
(git-fixes CVE-2022-50814 bsc#1256248).
- Update
patches.suse/crypto-marvell-octeontx-prevent-integer-overflows.patch
(git-fixes CVE-2022-50763 bsc#1256317).
- Update patches.suse/crypto-qat-fix-DMA-transfer-direction.patch
(jsc#PED-1073 CVE-2022-50774 bsc#1256323).
- Update patches.suse/crypto-qat-fix-out-of-bounds-read.patch
(git-fixes CVE-2023-54325 bsc#1255757).
- Update
patches.suse/crypto-safexcel-Cleanup-ring-IRQ-workqueues-on-load-.patch
(git-fixes CVE-2023-54126 bsc#1256118).
- Update
patches.suse/dmaengine-ptdma-check-for-null-desc-before-calling-p.patch
(git-fixes CVE-2023-53755 bsc#1254608).
- Update
patches.suse/dmaengine-sf-pdma-pdma_desc-memory-leak-fix.patch
(git-fixes CVE-2023-54020 bsc#1255574).
- Update
patches.suse/driver-core-fix-potential-null-ptr-deref-in-device_a.patch
(git-fixes CVE-2023-54321 bsc#1255762).
- Update
patches.suse/drivers-dio-fix-possible-memory-leak-in-dio_init.patch
(git-fixes CVE-2022-50848 bsc#1256192).
- Update
patches.suse/drm-Prevent-drm_copy_field-to-attempt-copying-a-NULL.patch
(git-fixes CVE-2022-50884 bsc#1256127).
- Update
patches.suse/drm-amd-Fix-an-out-of-bounds-error-in-BIOS-parser.patch
(git-fixes CVE-2023-54150 bsc#1256086).
- Update
patches.suse/drm-amdgpu-Fix-PCI-device-refcount-leak-in-amdgpu_at.patch
(git-fixes CVE-2022-50760 bsc#1255983).
- Update
patches.suse/drm-amdgpu-Fix-type-of-second-parameter-in-odn_edit_.patch
(git-fixes CVE-2022-50844 bsc#1256205).
- Update
patches.suse/drm-amdgpu-fix-pci-device-refcount-leak.patch
(git-fixes CVE-2022-50718 bsc#1255750).
- Update
patches.suse/drm-amdgpu-powerplay-psm-Fix-memory-leak-in-power-st.patch
(git-fixes CVE-2022-50617 bsc#1254780).
- Update
patches.suse/drm-amdkfd-Fix-memory-leak-in-kfd_mem_dmamap_userptr.patch
(git-fixes CVE-2022-50619 bsc#1254789).
- Update
patches.suse/drm-client-Fix-memory-leak-in-drm_client_target_clon.patch
(git-fixes CVE-2023-54091 bsc#1256274).
- Update
patches.suse/drm-i915-fix-race-condition-UAF-in-i915_perf_add_con.patch
(git-fixes CVE-2023-54202 bsc#1255880).
- Update patches.suse/drm-i915-gvt-fix-gvt-debugfs-destroy.patch
(git-fixes CVE-2023-54098 bsc#1256185).
- Update
patches.suse/drm-msm-adreno-Fix-null-ptr-access-in-adreno_gpu_cle.patch
(git-fixes CVE-2023-54199 bsc#1255971).
- Update patches.suse/drm-msm-dpu-Add-check-for-cstate.patch
(git-fixes CVE-2023-54122 bsc#1256346).
- Update
patches.suse/drm-msm-dpu-Disallow-unallocated-resources-to-be-ret.patch
(git-fixes CVE-2023-53991 bsc#1255627).
- Update
patches.suse/drm-msm-fix-NULL-deref-on-snapshot-tear-down.patch
(git-fixes CVE-2023-53837 bsc#1254694).
- Update
patches.suse/drm-msm-hdmi-Add-missing-check-for-alloc_ordered_wor.patch
(git-fixes CVE-2023-54018 bsc#1255690).
- Update
patches.suse/drm-panel-panel-sitronix-st7701-Remove-panel-on-DSI-.patch
(git-fixes CVE-2022-50750 bsc#1256188).
- Update
patches.suse/drm-ttm-Don-t-leak-a-resource-on-swapout-move-error.patch
(git-fixes CVE-2023-53844 bsc#1254649).
- Update
patches.suse/drm-virtio-Check-whether-transferred-2D-BO-is-shmem.patch
(git-fixes CVE-2022-50842 bsc#1256202).
- Update
patches.suse/ext4-fix-bug_on-in-__es_tree_search-caused-by-bad-bo.patch
(bsc#1207620 CVE-2022-50638 bsc#1255469).
- Update
patches.suse/ext4-fix-bug_on-in-__es_tree_search-caused-by-bad-qu.patch
(bsc#1213111 CVE-2022-50782 bsc#1256282).
- Update
patches.suse/ext4-fix-deadlock-due-to-mbcache-entry-corruption.patch
(bsc#1207653 CVE-2022-50668 bsc#1254763).
- Update
patches.suse/ext4-fix-deadlock-when-converting-an-inline-director.patch
(bsc#1213105 CVE-2023-54311 bsc#1255773).
- Update
patches.suse/ext4-fix-inode-leak-in-ext4_xattr_inode_create-on-an.patch
(bsc#1207636 CVE-2022-50845 bsc#1256196).
- Update
patches.suse/ext4-fix-potential-memory-leak-in-ext4_fc_record_mod.patch
(bsc#1207611 CVE-2022-50622 bsc#1255467).
- Update
patches.suse/ext4-fix-use-after-free-in-ext4_orphan_cleanup.patch
(bsc#1207622 CVE-2022-50673 bsc#1255521).
- Update
patches.suse/ext4-refuse-to-create-ea-block-when-umounted.patch
(bsc#1213093 CVE-2023-54305 bsc#1255787).
- Update
patches.suse/ext4-set-goal-start-correctly-in-ext4_mb_normalize_r.patch
(bsc#1214940 CVE-2023-54021 bsc#1255600).
- Update
patches.suse/ext4-silence-the-warning-when-evicting-inode-with-di.patch
(bsc#1206889 CVE-2022-50730 bsc#1256048).
- Update
patches.suse/ext4-turn-quotas-off-if-mount-failed-after-enabling-.patch
(bsc#1213110 CVE-2023-54153 bsc#1256081).
- Update
patches.suse/fbdev-smscufx-Fix-several-use-after-free-bugs.patch
(git-fixes CVE-2022-50767 bsc#1256426).
- Update patches.suse/fbdev-udlfb-Fix-endpoint-check.patch
(git-fixes CVE-2023-54277 bsc#1255910).
- Update
patches.suse/firmware-arm_ffa-Check-if-ffa_driver-remove-is-prese.patch
(git-fixes CVE-2023-54058 bsc#1256382).
- Update
patches.suse/firmware-meson_sm-fix-to-avoid-potential-NULL-pointe.patch
(git-fixes CVE-2023-54304 bsc#1255786).
- Update
patches.suse/fpga-prevent-integer-overflow-in-dfl_feature_ioctl_s.patch
(git-fixes CVE-2022-50623 bsc#1254792).
- Update
patches.suse/fs-jfs-prevent-double-free-in-dbUnmount-after-failed-jfs_remount.patch
(git-fixes CVE-2023-54127 bsc#1256119).
- Update
patches.suse/fs-sysv-Null-check-to-prevent-null-ptr-deref-bug.patch
(git-fixes CVE-2023-54264 bsc#1255872).
- Update
patches.suse/gpu-lontium-lt9611-Fix-NULL-pointer-dereference-in-l.patch
(git-fixes CVE-2022-50878 bsc#1256140).
- Update patches.suse/hfs-Fix-OOB-Write-in-hfs_asc2mac.patch
(git-fixes CVE-2022-50747 bsc#1256432).
- Update
patches.suse/hfs-fix-missing-hfs_bnode_get-in-__hfs_bnode_create.patch
(git-fixes CVE-2023-53862 bsc#1254994).
- Update
patches.suse/hfs-hfsplus-avoid-WARN_ON-for-sanity-check-use-prope.patch
(git-fixes CVE-2023-54130 bsc#1256114).
- Update patches.suse/hwrng-amd-Fix-PCI-device-refcount-leak.patch
(git-fixes CVE-2022-50868 bsc#1256386).
- Update
patches.suse/hwrng-virtio-Fix-race-on-data_avail-and-actual-data.patch
(git-fixes CVE-2023-53998 bsc#1255578).
- Update
patches.suse/i2c-cadence-cdns_i2c_master_xfer-Fix-runtime-PM-leak.patch
(git-fixes CVE-2023-54009 bsc#1255620).
- Update patches.suse/i40e-Fix-DMA-mappings-leak.patch
(jsc#SLE-18378 CVE-2022-50679 bsc#1254656).
- Update
patches.suse/iavf-use-internal-state-to-free-traffic-IRQs.patch
(git-fixes CVE-2023-53850 bsc#1254677).
- Update patches.suse/ice-fix-wrong-fallback-logic-for-FDIR.patch
(git-fixes CVE-2023-54040 bsc#1255554).
- Update
patches.suse/igc-Fix-Kernel-Panic-during-ndo_tx_timeout-callback.patch
(git-fixes CVE-2023-54166 bsc#1256074).
- Update
patches.suse/iio-adc-ina2xx-avoid-NULL-pointer-dereference-on-OF-.patch
(git-fixes CVE-2023-53834 bsc#1254660).
- Update
patches.suse/inotify-Avoid-reporting-event-with-invalid-wd.patch
(bsc#1213025 CVE-2023-54119 bsc#1256349).
- Update
patches.suse/ipmi-fix-use-after-free-in-_ipmi_destroy_user.patch
(git-fixes CVE-2022-50677 bsc#1254692).
- Update
patches.suse/ipmi-ssif-Fix-a-memory-leak-when-scanning-for-an-ada.patch
(git-fixes CVE-2023-54064 bsc#1256375).
- Update
patches.suse/ipu3-imgu-Fix-NULL-pointer-dereference-in-imgu_subde.patch
(git-fixes CVE-2022-50826 bsc#1256265).
- Update
patches.suse/ixgbe-Fix-panic-during-XDP_TX-with-64-CPUs.patch
(jsc#SLE-18384 CVE-2023-54090 bsc#1256269).
- Update
patches.suse/jbd2-add-miss-release-buffer-head-in-fc_do_one_pass.patch
(bsc#1207646 CVE-2022-50835 bsc#1256220).
- Update
patches.suse/jbd2-fix-potential-buffer-head-reference-count-leak.patch
(bsc#1207644 CVE-2022-50839 bsc#1256206).
- Update
patches.suse/keys-Fix-linking-a-duplicate-key-to-a-keyring-s-asso.patch
(bsc#1207088 CVE-2023-54170 bsc#1256045).
- Update
patches.suse/leds-led-core-Fix-refcount-leak-in-of_led_get.patch
(git-fixes CVE-2023-54190 bsc#1255979).
- Update
patches.suse/loop-loop_set_status_from_info-check-before-assignme.patch
(bsc#1214990 CVE-2023-53820 bsc#1254706).
- Update
patches.suse/mailbox-zynq-ipi-fix-error-handling-while-device_reg.patch
(git-fixes CVE-2022-50672 bsc#1254696).
- Update
patches.suse/md-raid1-stop-mdx_raid1-thread-when-raid1-array-run-failed-b611.patch
(git-fixes CVE-2022-50715 bsc#1255749).
- Update
patches.suse/md-raid10-fix-memleak-for-conf-bio_split-c9ac.patch
(git-fixes CVE-2023-54123 bsc#1256142).
- Update
patches.suse/md-raid10-fix-memleak-of-md-thread-f0dd.patch
(git-fixes CVE-2023-54294 bsc#1255802).
- Update
patches.suse/md-raid10-fix-null-ptr-deref-in-raid10_sync_request-a405.patch
(git-fixes CVE-2023-53832 bsc#1254671).
- Update
patches.suse/media-av7110-prevent-underflow-in-write_ts_to_decode.patch
(git-fixes CVE-2023-54284 bsc#1255808).
- Update
patches.suse/media-camss-Clean-up-received-buffers-on-failed-star.patch
(git-fixes CVE-2022-50757 bsc#1256215).
- Update
patches.suse/media-dvb-frontends-fix-leak-of-memory-fw.patch
(git-fixes CVE-2022-50664 bsc#1254974).
- Update
patches.suse/media-dvb-usb-fix-memory-leak-in-dvb_usb_adapter_ini.patch
(git-fixes CVE-2022-50626 bsc#1254562).
- Update
patches.suse/media-dvb-usb-m920x-Fix-a-potential-memory-leak-in-m.patch
(git-fixes CVE-2023-54266 bsc#1255875).
- Update
patches.suse/media-ipu3-imgu-Fix-NULL-pointer-dereference-in-acti.patch
(git-fixes CVE-2022-50722 bsc#1255877).
- Update patches.suse/media-max9286-Free-control-handler.patch
(git-fixes CVE-2023-54078 bsc#1256337).
- Update
patches.suse/media-ov5675-Fix-memleak-in-ov5675_init_controls.patch
(git-fixes CVE-2023-54208 bsc#1255962).
- Update
patches.suse/media-usb-siano-Fix-use-after-free-bugs-caused-by-do.patch
(git-fixes CVE-2023-54270 bsc#1255901).
- Update
patches.suse/media-uvcvideo-Fix-memory-leak-in-uvc_gpio_parse.patch
(git-fixes CVE-2022-50882 bsc#1256126).
- Update
patches.suse/media-v4l2-core-Fix-a-potential-resource-leak-in-v4l.patch
(git-fixes CVE-2023-54183 bsc#1255990).
- Update
patches.suse/misc-ocxl-fix-possible-name-leak-in-ocxl_file_regist.patch
(git-fixes CVE-2022-50669 bsc#1254710).
- Update
patches.suse/misc-ocxl-fix-possible-refcount-leak-in-afu_ioctl.patch
(git-fixes CVE-2022-50742 bsc#1256143).
- Update
patches.suse/misc-pci_endpoint_test-Fix-pci_endpoint_test_-copy-w.patch
(git-fixes CVE-2022-50614 bsc#1254578).
- Update
patches.suse/misc-pci_endpoint_test-Free-IRQs-before-removing-the.patch
(git-fixes CVE-2023-54326 bsc#1255758).
- Update
patches.suse/mmc-alcor-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50858 bsc#1256391).
- Update
patches.suse/mmc-atmel-mci-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50653 bsc#1254729).
- Update
patches.suse/mmc-core-Fix-kernel-panic-when-remove-non-standard-S.patch
(git-fixes CVE-2022-50640 bsc#1254686).
- Update
patches.suse/mmc-meson-gx-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50618 bsc#1254788).
- Update
patches.suse/mmc-mxcmmc-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50769 bsc#1256383).
- Update
patches.suse/mmc-omap_hsmmc-fix-return-value-check-of-mmc_add_hos.patch
(git-fixes CVE-2022-50670 bsc#1254699).
- Update
patches.suse/mmc-toshsd-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50886 bsc#1256124).
- Update
patches.suse/mmc-via-sdmmc-fix-return-value-check-of-mmc_add_host.patch
(git-fixes CVE-2022-50846 bsc#1256200).
- Update
patches.suse/mtd-rawnand-fsl_upm-Fix-an-off-by-one-test-in-fun_ex.patch
(git-fixes CVE-2023-54104 bsc#1256145).
- Update
patches.suse/mtd-spi-nor-Fix-shift-out-of-bounds-in-spi_nor_set_e.patch
(git-fixes CVE-2023-54295 bsc#1255797).
- Update
patches.suse/net-do-not-allow-gso_size-to-be-set-to-GSO_BY_FRAGS.patch
(git-fixes CVE-2023-54051 bsc#1256394).
- Update
patches.suse/net-mlx5-Devcom-fix-error-flow-in-mlx5_devcom_regist.patch
(jsc#SLE-19253 CVE-2023-54015 bsc#1255562).
- Update
patches.suse/net-mlx5-Fix-possible-use-after-free-in-async-comman.patch
(jsc#SLE-19253 CVE-2022-50726 bsc#1256040).
- Update
patches.suse/net-net_failover-fix-txq-exceeding-warning.patch
(git-fixes CVE-2023-54236 bsc#1255922).
- Update
patches.suse/net-phy-xgmiitorgmii-Fix-refcount-leak-in-xgmiitorgm.patch
(git-fixes CVE-2022-50777 bsc#1256320).
- Update patches.suse/nfc-Fix-potential-resource-leaks.patch
(git-fixes CVE-2022-50834 bsc#1256219).
- Update
patches.suse/nfc-pn533-Clear-nfc_target-before-being-used.patch
(git-fixes CVE-2022-50656 bsc#1254745).
- Update
patches.suse/nilfs2-fix-WARNING-in-mark_buffer_dirty-due-to-disca.patch
(git-fixes CVE-2023-54140 bsc#1256093).
- Update
patches.suse/nilfs2-fix-infinite-loop-in-nilfs_mdt_get_block.patch
(git-fixes CVE-2023-53845 bsc#1255007).
- Update
patches.suse/nilfs2-fix-shift-out-of-bounds-due-to-too-large-expo.patch
(git-fixes CVE-2022-50864 bsc#1256167).
- Update
patches.suse/nilfs2-fix-use-after-free-bug-of-nilfs_root-in-nilfs.patch
(git-fixes CVE-2023-53804 bsc#1254920).
- Update
patches.suse/nvme-core-fix-memory-leak-in-dhchap_ctrl_secret.patch
(git-fixes CVE-2023-53792 bsc#1254743).
- Update
patches.suse/nvme-core-fix-memory-leak-in-dhchap_secret_store.patch
(git-fixes CVE-2023-53852 bsc#1254653).
- Update patches.suse/nvme-pci-fix-mempool-alloc-size.patch
(git-fixes CVE-2022-50756 bsc#1256216).
- Update
patches.suse/nvmet-tcp-add-bounds-check-on-Transfer-Tag.patch
(git-fixes CVE-2022-50717 bsc#1255844).
- Update
patches.suse/ocfs2-fix-memory-leak-in-ocfs2_mount_volume.patch
(bsc#1207652 CVE-2022-50770 bsc#1256221).
- Update
patches.suse/opp-Fix-use-after-free-in-lazy_opp_tables-after-prob.patch
(git-fixes CVE-2023-54026 bsc#1255549).
- Update
patches.suse/orangefs-Fix-kmemleak-in-orangefs_prepare_debugfs_help_string.patch
(git-fixes CVE-2022-50779 bsc#1256423).
- Update
patches.suse/pcmcia-rsrc_nonstatic-Fix-memory-leak-in-nonstatic_r.patch
(git-fixes CVE-2023-54115 bsc#1256121).
- Update
patches.suse/perf-x86-intel-uncore-Fix-reference-count-leak-in-snr_uncore_mmio_map.patch
(git fixes CVE-2022-50615 bsc#1254580).
- Update
patches.suse/phy-tegra-xusb-Clear-the-driver-reference-in-usb-phy.patch
(git-fixes CVE-2023-54083 bsc#1256368).
- Update
patches.suse/pinctrl-at91-pio4-check-return-value-of-devm_kasprin.patch
(git-fixes CVE-2023-54319 bsc#1255760).
- Update
patches.suse/pinctrl-rockchip-Fix-refcount-leak-in-rockchip_pinct.patch
(git-fixes CVE-2023-54111 bsc#1256149).
- Update
patches.suse/pinctrl-stm32-Fix-refcount-leak-in-stm32_pctrl_get_i.patch
(git-fixes CVE-2023-54205 bsc#1255968).
- Update
patches.suse/platform-x86-think-lmi-Fix-memory-leak-when-showing-.patch
(git-fixes CVE-2023-53830 bsc#1254658).
- Update
patches.suse/platform-x86-think-lmi-Fix-memory-leaks-when-parsing.patch
(git-fixes CVE-2023-54252 bsc#1255889).
- Update
patches.suse/power-supply-adp5061-fix-out-of-bounds-read-in-adp50.patch
(git-fixes CVE-2022-50649 bsc#1254775).
- Update
patches.suse/power-supply-bq27xxx-Fix-poll_interval-handling-and-.patch
(git-fixes CVE-2023-54079 bsc#1256338).
- Update patches.suse/powerpc-64s-Fix-VAS-mm-use-after-free.patch
(bsc#1194869 CVE-2023-54042 bsc#1255702).
- Update
patches.suse/powerpc-iommu-Fix-notifiers-being-shared-by-PCI-and-.patch
(bsc#1065729 CVE-2023-54095 bsc#1256271).
- Update
patches.suse/powerpc-kprobes-Fix-null-pointer-reference-in-arch_p.patch
(jsc#SLE-13847 git-fixes CVE-2022-50635 bsc#1254592).
- Update
patches.suse/powerpc-powernv-sriov-perform-null-check-on-iov-befo.patch
(bsc#1194869 CVE-2023-54315 bsc#1255769).
- Update
patches.suse/powerpc-rtas-avoid-device-tree-lookups-in-rtas_os_te.patch
(bsc#1065729 CVE-2022-50870 bsc#1256154).
- Update
patches.suse/pstore-Avoid-kcore-oops-by-vmap-ing-with-VM_IOREMAP.patch
(git-fixes CVE-2022-50849 bsc#1256193).
- Update patches.suse/pstore-ram-Add-check-for-kstrdup.patch
(git-fixes CVE-2023-54189 bsc#1255978).
- Update patches.suse/quota-fix-warning-in-dqgrab.patch
(bsc#1214962 CVE-2023-54177 bsc#1255993).
- Update
patches.suse/regulator-core-fix-resource-leak-in-regulator_regist.patch
(git-fixes CVE-2022-50724 bsc#1255950).
- Update
patches.suse/regulator-core-fix-unbalanced-of-node-refcount-in-re.patch
(git-fixes CVE-2022-50887 bsc#1256125).
- Update patches.suse/regulator-stm32-pwr-fix-of_iomap-leak.patch
(git-fixes CVE-2023-54097 bsc#1256179).
- Update
patches.suse/remoteproc-qcom-q6v5-Fix-potential-null-ptr-deref-in.patch
(git-fixes CVE-2022-50888 bsc#1256057).
- Update
patches.suse/remoteproc-sysmon-fix-memory-leak-in-qcom_add_sysmon.patch
(git-fixes CVE-2022-50836 bsc#1256211).
- Update patches.suse/rpmsg-glink-Add-check-for-kstrdup.patch
(git-fixes CVE-2023-54049 bsc#1256396).
- Update
patches.suse/s390-lcs-Fix-return-type-of-lcs_start_xmit.patch
(git-fixes bsc#1211690 CVE-2022-50728 bsc#1256046).
- Update
patches.suse/s390-vfio-ap-fix-memory-leak-in-vfio_ap-device-drive.patch
(git-fixes CVE-2023-53746 bsc#1254617).
- Update
patches.suse/sched-psi-use-kernfs-polling-functions-for-PSI-trigger-polling.patch
(bsc#1209799 CVE-2023-54019 bsc#1255636).
- Update
patches.suse/scsi-efct-Fix-possible-memleak-in-efct_device_init.patch
(git-fixes CVE-2022-50727 bsc#1256042).
- Update
patches.suse/scsi-hpsa-Fix-possible-memory-leak-in-hpsa_init_one.patch
(git-fixes CVE-2022-50646 bsc#1254634).
- Update patches.suse/scsi-ipr-Fix-WARNING-in-ipr_init.patch
(git-fixes CVE-2022-50850 bsc#1256194).
- Update
patches.suse/scsi-lpfc-Fix-hard-lockup-when-reading-the-rx_monito.patch
(bsc#1204957 CVE-2022-50744 bsc#1256165).
- Update
patches.suse/scsi-lpfc-Fix-ioremap-issues-in-lpfc_sli4_pci_mem_se.patch
(bsc#1210943 CVE-2023-53754 bsc#1254609).
- Update
patches.suse/scsi-lpfc-Fix-memory-leak-in-lpfc_create_port.patch
(bsc#1204957 CVE-2022-50827 bsc#1256344).
- Update
patches.suse/scsi-lpfc-Prevent-lpfc_debugfs_lockstat_write-buffer.patch
(bsc#1210943 CVE-2023-54102 bsc#1256173).
- Update
patches.suse/scsi-qedf-Fix-NULL-dereference-in-error-handling.patch
(git-fixes CVE-2023-54289 bsc#1255806).
- Update
patches.suse/scsi-qedi-Fix-use-after-free-bug-in-qedi_remove.patch
(git-fixes CVE-2023-54100 bsc#1256152).
- Update
patches.suse/scsi-qla2xxx-Array-index-may-go-out-of-bound.patch
(bsc#1213747 CVE-2023-54179 bsc#1255994).
- Update
patches.suse/scsi-qla2xxx-Check-valid-rport-returned-by-fc_bsg_to.patch
(bsc#1213747 CVE-2023-54014 bsc#1256300).
- Update
patches.suse/scsi-qla2xxx-fix-dma-api-call-trace-on-nvme-ls-requests.patch
(bsc#1208570 CVE-2023-54108 bsc#1256355).
- Update
patches.suse/scsi-ses-Fix-slab-out-of-bounds-in-ses_enclosure_data_process.patch
(git-fixes CVE-2023-53803 bsc#1255165).
- Update
patches.suse/scsi-snic-Fix-possible-UAF-in-snic_tgt_create.patch
(git-fixes CVE-2022-50840 bsc#1256208).
- Update
patches.suse/seccomp-Move-copy_seccomp-to-no-failure-path.patch
(bsc#1210817 CVE-2022-50661 bsc#1254759).
- Update
patches.suse/selinux-enable-use-of-both-GFP_KERNEL-and-GFP_ATOMIC.patch
(git-fixes CVE-2022-50699 bsc#1255582).
- Update
patches.suse/serial-8250_bcm7271-fix-leak-in-brcmuart_probe.patch
(git-fixes CVE-2023-54301 bsc#1255791).
- Update
patches.suse/serial-amba-pl011-avoid-SBSA-UART-accessing-DMACR-re.patch
(git-fixes CVE-2022-50625 bsc#1254559).
- Update
patches.suse/serial-sc16is7xx-setup-GPIO-controller-later-in-prob.patch
(git-fixes CVE-2023-54118 bsc#1256131).
- Update patches.suse/serial-sprd-Fix-DMA-buffer-leak-issue.patch
(git-fixes CVE-2023-54136 bsc#1256099).
- Update
patches.suse/sfc-fix-crash-when-reading-stats-while-NIC-is-resett.patch
(git-fixes CVE-2023-54156 bsc#1255704).
- Update patches.suse/smb-client-fix-missed-ses-refcounting.patch
(git-fixes CVE-2023-54076 bsc#1256335).
- Update
patches.suse/soc-qcom-smsm-Fix-refcount-leak-bugs-in-qcom_smsm_pr.patch
(git-fixes CVE-2022-50703 bsc#1255607).
- Update
patches.suse/soc-ti-pm33xx-Fix-refcount-leak-in-am33xx_pm_probe.patch
(git-fixes CVE-2023-53744 bsc#1254781).
- Update patches.suse/soundwire-fix-enumeration-completion.patch
(git-fixes CVE-2023-54096 bsc#1256178).
- Update
patches.suse/staging-media-tegra-video-fix-device_node-use-after-.patch
(git-fixes CVE-2022-50745 bsc#1256158).
- Update
patches.suse/staging-r8712-Fix-memory-leak-in-_r8712_init_xmit_pr.patch
(git-fixes CVE-2023-54001 bsc#1255628).
- Update
patches.suse/staging-rtl8192u-Fix-use-after-free-in-ieee80211_rx.patch
(git-fixes CVE-2022-50732 bsc#1256063).
- Update
patches.suse/staging-vt6655-fix-potential-memory-leak.patch
(git-fixes CVE-2022-50758 bsc#1256207).
- Update
patches.suse/thermal-intel-quark_dts-fix-error-pointer-dereferenc.patch
(git-fixes CVE-2023-54298 bsc#1255796).
- Update
patches.suse/tpm-tpm_tis-Add-the-missed-acpi_put_table-to-fix-mem.patch
(git-fixes CVE-2022-50824 bsc#1256334).
- Update
patches.suse/tpm-tpm_vtpm_proxy-fix-a-race-condition-in-dev-vtpmx.patch
(git-fixes CVE-2023-54309 bsc#1255780).
- Update
patches.suse/tracing-Fix-memory-leak-of-iter-temp-when-reading-trace_pipe.patch
(git-fixes CVE-2023-54171 bsc#1256034).
- Update
patches.suse/tracing-Fix-warning-in-trace_buffered_event_disable.patch
(git-fixes CVE-2023-54211 bsc#1255843).
- Update
patches.suse/tty-fix-out-of-bounds-access-in-tty_driver_lookup_tt.patch
(git-fixes CVE-2023-54198 bsc#1255970).
- Update
patches.suse/tty-serial-imx-disable-Ageing-Timer-interrupt-reques.patch
(git-fixes CVE-2023-54287 bsc#1255804).
- Update
patches.suse/tty-serial-samsung_tty-Fix-a-memory-leak-in-s3c24xx_.patch
(git-fixes CVE-2023-53858 bsc#1254704).
- Update
patches.suse/ubifs-Fix-memleak-when-insert_old_idx-failed.patch
(git-fixes CVE-2023-54050 bsc#1256397).
- Update patches.suse/udf-Avoid-double-brelse-in-udf_rename.patch
(bsc#1213032 CVE-2022-50755 bsc#1256199).
- Update
patches.suse/udmabuf-Set-ubuf-sg-NULL-if-the-creation-of-sg-table.patch
(git-fixes CVE-2022-50819 bsc#1256241).
- Update
patches.suse/uio-uio_dmem_genirq-Fix-missing-unlock-in-irq-config.patch
(git-fixes CVE-2022-50652 bsc#1254728).
- Update
patches.suse/usb-dwc3-qcom-Fix-memory-leak-in-dwc3_qcom_interconn.patch
(git-fixes CVE-2022-50633 bsc#1254644).
- Update
patches.suse/usb-early-xhci-dbc-Fix-a-potential-out-of-bound-memo.patch
(git-fixes CVE-2023-53840 bsc#1254709).
- Update
patches.suse/usb-idmouse-fix-an-uninit-value-in-idmouse_open.patch
(git-fixes CVE-2022-50733 bsc#1256064).
- Update
patches.suse/usb-mtu3-fix-kernel-panic-at-qmu-transfer-done-irq-h.patch
(git-fixes CVE-2023-54159 bsc#1255697).
- Update
patches.suse/usb-musb-Fix-musb_gadget.c-rxstate-overflow-bug.patch
(git-fixes CVE-2022-50876 bsc#1256136).
- Update
patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
(CVE-2023-23559 bsc#1207051 CVE-2023-54110 bsc#1256353).
- Update
patches.suse/usb-storage-alauda-Fix-uninit-value-in-alauda_check_.patch
(git-fixes CVE-2023-53847 bsc#1254698).
- Update
patches.suse/usb-typec-altmodes-displayport-fix-pin_assignment_sh.patch
(git-fixes CVE-2023-54186 bsc#1255985).
- Update
patches.suse/usb-typec-bus-verify-partner-exists-in-typec_altmode.patch
(git-fixes CVE-2023-54299 bsc#1255789).
- Update
patches.suse/vc_screen-reload-load-of-struct-vc_data-pointer-in-v.patch
(git-fixes CVE-2023-53747 bsc#1254572).
- Update
patches.suse/vdpa_sim-fix-possible-memory-leak-in-vdpasim_net_ini.patch
(git-fixes CVE-2022-50702 bsc#1255624).
- Update
patches.suse/vhost_vdpa-fix-the-crash-in-unmap-a-large-memory.patch
(git-fixes CVE-2022-50851 bsc#1256186).
- Update
patches.suse/vmci_host-fix-a-race-condition-in-vmci_host_poll-cau.patch
(git-fixes CVE-2023-54007 bsc#1255626).
- Update
patches.suse/wifi-ar5523-Fix-use-after-free-on-ar5523_cmd-timed-o.patch
(git-fixes CVE-2022-50716 bsc#1255839).
- Update
patches.suse/wifi-ath10k-add-peer-map-clean-up-for-peer-delete-in.patch
(git-fixes CVE-2022-50880 bsc#1256132).
- Update
patches.suse/wifi-ath11k-Fix-memory-leak-in-ath11k_peer_rx_frag_s.patch
(git-fixes CVE-2023-54275 bsc#1255906).
- Update
patches.suse/wifi-ath9k-Fix-use-after-free-in-ath9k_hif_usb_disco.patch
(git-fixes CVE-2022-50881 bsc#1256130).
- Update
patches.suse/wifi-ath9k-avoid-referencing-uninit-memory-in-ath9k_.patch
(git-fixes CVE-2023-54300 bsc#1255790).
- Update
patches.suse/wifi-ath9k-avoid-uninit-memory-read-in-ath9k_htc_rx_.patch
(git-fixes CVE-2022-50709 bsc#1255565).
- Update
patches.suse/wifi-ath9k-hif_usb-Fix-use-after-free-in-ath9k_hif_u.patch
(git-fixes CVE-2022-50829 bsc#1256235).
- Update
patches.suse/wifi-ath9k-hif_usb-fix-memory-leak-of-urbs-in-ath9k_.patch
(git-fixes CVE-2022-50740 bsc#1256155).
- Update
patches.suse/wifi-ath9k-htc_hst-free-skb-in-ath9k_htc_rx_msg-if-t.patch
(git-fixes CVE-2023-53802 bsc#1254725).
- Update
patches.suse/wifi-brcmfmac-fix-invalid-address-access-when-enabli.patch
(git-fixes CVE-2022-50678 bsc#1254902).
- Update
patches.suse/wifi-ipw2200-fix-memory-leak-in-ipw_wdev_init.patch
(git-fixes CVE-2022-50660 bsc#1254676).
- Update
patches.suse/wifi-iwlwifi-dvm-Fix-memcpy-detected-field-spanning-.patch
(git-fixes CVE-2023-54286 bsc#1255803).
- Update
patches.suse/wifi-iwlwifi-pcie-fix-possible-NULL-pointer-derefere.patch
(git-fixes CVE-2023-54053 bsc#1256388).
- Update
patches.suse/wifi-mt76-do-not-run-mt76u_status_worker-if-the-devi.patch
(git-fixes CVE-2022-50735 bsc#1256141).
- Update
patches.suse/wifi-mwifiex-fix-memory-leak-in-mwifiex_histogram_re.patch
(git-fixes CVE-2023-53808 bsc#1254723).
- Update
patches.suse/wifi-rsi-Do-not-configure-WoWlan-in-shutdown-hook-if.patch
(git-fixes CVE-2023-54025 bsc#1255558).
- Update
patches.suse/wifi-rsi-Fix-memory-leak-in-rsi_coex_attach.patch
(git-fixes CVE-2022-50629 bsc#1254783).
- Update
patches.suse/wifi-rt2x00-Fix-memory-leak-when-handling-surveys.patch
(git-fixes CVE-2023-54131 bsc#1256115).
- Update
patches.suse/wifi-rtl8xxxu-Fix-memory-leaks-with-RTL8723BU-RTL819.patch
(git-fixes CVE-2023-54036 bsc#1255528).
- Update
patches.suse/wifi-wilc1000-fix-potential-memory-leak-in-wilc_mac_.patch
(git-fixes CVE-2022-50832 bsc#1256228).
- Update
patches.suse/x86-kexec-Fix-double-free-of-elf-header-buffer.patch
(bsc#1205567 CVE-2023-54146 bsc#1256091).
- Update
patches.suse/x86-sev-Make-enc_dec_hypercall-accept-a-size-instead-of-npages
(bsc#1214635 CVE-2023-53996 bsc#1255618).
- Update
patches.suse/x86-xen-Fix-memory-leak-in-xen_init_lock_cpu.patch
(git-fixes CVE-2022-50761 bsc#1256062).
- Update
patches.suse/xfrm-also-call-xfrm_state_delete_tunnel-at-destroy-time-fo.patch
(CVE-2025-40215 bsc#1254959 CVE-2025-40256 bsc#1254851).
- Update
patches.suse/xhci-dbc-Fix-memory-leak-in-xhci_alloc_dbc.patch
(git-fixes CVE-2022-50809 bsc#1256250).
- commit 642af3d
- Bluetooth: hci_core: Fix not checking skb length on
hci_acldata_packet (bsc#1235038 CVE-2024-56590).
- commit e8f2c42
- kabi: hide dst_entry::dev_rcu (CVE-2025-40139 bsc#1253409).
- commit f2547af
- smc: Use __sk_dst_get() and dst_dev_rcu() in in
smc_clc_prfx_set() (CVE-2025-40139 bsc#1253409).
- net: dst: introduce dst->dev_rcu (CVE-2025-40139 bsc#1253409).
- net: Add locking to protect skb->dev access in ip_output
(CVE-2025-40139 bsc#1253409).
- ipv6: ip6_mc_input() and ip6_mr_input() cleanups (CVE-2025-40139
bsc#1253409).
- ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers
(CVE-2025-40139 bsc#1253409).
- ipv6: adopt dst_dev() helper (CVE-2025-40139 bsc#1253409).
- ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu]
(CVE-2025-40139 bsc#1253409).
- net: dst: add four helpers to annotate data-races around
dst->dev (CVE-2025-40139 bsc#1253409).
- net: dst: annotate data-races around dst->output (CVE-2025-40139
bsc#1253409).
- net: dst: annotate data-races around dst->input (CVE-2025-40139
bsc#1253409).
- net: dst: annotate data-races around dst->lastuse
(CVE-2025-40139 bsc#1253409).
- net: dst: annotate data-races around dst->expires
(CVE-2025-40139 bsc#1253409).
- net: dst: annotate data-races around dst->obsolete
(CVE-2025-40139 bsc#1253409).
- net: ipv4: ipmr: ipmr_queue_xmit(): Drop local variable `dev'
(CVE-2025-40139 bsc#1253409).
- net: gro: convert four dev_net() calls (CVE-2025-40139
bsc#1253409).
- tcp: convert to dev_net_rcu() (CVE-2025-40139 bsc#1253409).
- ndisc: ndisc_send_redirect() cleanup (CVE-2025-40139
bsc#1253409).
- ndisc: extend RCU protection in ndisc_send_skb() (CVE-2025-40139
bsc#1253409).
- ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-40139
bsc#1253409).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
(CVE-2025-40139 bsc#1253409).
- ipv6: Use RCU in ip6_input() (CVE-2025-40139 bsc#1253409).
- ipv6: icmp: convert to dev_net_rcu() (CVE-2025-40139
bsc#1253409).
- ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-40139
bsc#1253409).
- flow_dissector: use RCU protection to fetch dev_net()
(CVE-2025-40139 bsc#1253409).
- ipv4: icmp: convert to dev_net_rcu() (CVE-2025-40139
bsc#1253409).
- ipv4: use RCU protection in __ip_rt_update_pmtu()
(CVE-2025-40139 bsc#1253409).
- ipv4: use RCU protection in inet_select_addr() (CVE-2025-40139
bsc#1253409).
- ipv4: use RCU protection in rt_is_expired() (CVE-2025-40139
bsc#1253409).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
(CVE-2025-40139 bsc#1253409).
- ipv4: add RCU protection to ip4_dst_hoplimit() (CVE-2025-40139
bsc#1253409).
- net: add dev_net_rcu() helper (CVE-2025-40139 bsc#1253409).
- net: dst_cache: annotate data-races around dst_cache->reset_ts
(CVE-2025-40139 bsc#1253409).
- kabi: hide RCU annotation of possible_net_t::net (CVE-2025-40139
bsc#1253409).
- net: treat possible_net_t net pointer as an RCU one and add
read_pnet_rcu() (CVE-2025-40139 bsc#1253409).
- ip: Fix data-races around sysctl_ip_fwd_use_pmtu (CVE-2025-40139
bsc#1253409).
- ip: Fix data-races around sysctl_ip_default_ttl (CVE-2025-40139
bsc#1253409).
- ipv6: ip6_skb_dst_mtu() cleanups (CVE-2025-40139 bsc#1253409).
- net: ipv4: Consolidate ipv4_mtu and ip_dst_mtu_maybe_forward
(CVE-2025-40139 bsc#1253409).
- commit 367f8ae
- gpu: host1x: Fix race in syncpt alloc/free (CVE-2025-68732
bsc#1255688).
- commit 3f5a58d
- wifi: ath10k: Delay the unmapping of the buffer (CVE-2022-50700
bsc#1255576).
- commit 56293cd
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- commit 03d25fd
- drm/vmwgfx: Validate command header size against (bsc#1254894 CVE-2025-40277)
- commit c264bd5
- sctp: Prevent TOCTOU out-of-bounds write (CVE-2025-40331
bsc#1254615).
- commit 37e9b8d
- ocfs2: clear extent cache after moving/defragmenting extents
(CVE-2025-40233 bsc#1254813).
- commit d895b6c
- padata: Honor the caller's alignment in case of chunk_size 0
(bsc#1237563).
- commit ebd18f3
- tipc: Fix use-after-free in tipc_mon_reinit_self()
(CVE-2025-40280 bsc#1254847).
- commit a430c68
- xfrm: also call xfrm_state_delete_tunnel at destroy time for
states that were never added (CVE-2025-40215 bsc#1254959).
- commit 0f80be9
- xfrm: delete x->tunnel as we delete x (CVE-2025-40215
bsc#1254959).
- commit b6a5e5b
- kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959
CVE-2025-40215).
- commit 74c6bab
- supported.conf: Drop cpu5_wdt
We no longer build this driver.
- commit 5a22004
- mptcp: fix race condition in mptcp_schedule_work()
(CVE-2025-40258 bsc#1254843).
- commit 6856d1e
- futex: Prevent use-after-free during requeue-PI (CVE-2025-39977
bsc#1252046).
- commit 503d82a
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- commit 8ddcb6e
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- commit f603a11
- smc: Fix use-after-free in tcp_write_timer_handler()
(CVE-2023-53781 bsc#1254751).
- commit 525be06
- platform/x86/intel-uncore-freq: Fail module load when plat_info
is NULL (git-fixes).
- commit 38f497e
- ACPI: property: Do not pass NULL handles to acpi_attach_data()
(git-fixes).
- commit 24f9c68
- ACPI: property: Fix buffer properties extraction for subnodes
(git-fixes).
- commit faa3e74
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- commit ef79766
- ACPI: PRM: Remove unnecessary strict handler address checks
(git-fixes).
- commit d86efc6
- drivers: base: cacheinfo: Fix shared_cpu_map changes in event
of CPU hotplug (CVE-2023-53254 bsc#1249871).
- cacheinfo: Fix shared_cpu_map to handle shared caches at
different levels (CVE-2023-53254 bsc#1249871).
- commit c4452ba
- dm: free table mempools if not used in __bind (git-fixes).
- commit fb9a87c
- KVM: SVM: Fix TSC_AUX virtualization setup (git-fixes).
- commit ed61cba
- crypto: essiv - Check ssize for decryption and in-place
encryption (bsc#1252678 CVE-2025-40019).
- commit e680b45
- cpuidle: haltpoll: Do not enable interrupts when entering idle (git-fixes).
- commit ebcfbc4
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- commit cf9f67d
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- commit c32108a
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- commit bc2ccb6
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- commit 29784d0
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- commit e13b5dd
- x86/virt/tdx: Make TDX_MODULE_CALL handle SEAMCALL #UD and #GP (git-fixes).
- commit 6b94935
- x86/virt/tdx: Wire up basic SEAMCALL functions (git-fixes).
- commit 59fe61c
- x86/tdx: Remove 'struct tdx_hypercall_args' (git-fixes).
- Refresh
patches.suse/virt-tdx-guest-Add-Quote-generation-support-using-TSM_REPORTS.patch.
- Refresh
patches.suse/x86-tdx-Fix-arch_safe_halt-execution-for-TDX-VMs.patch.
- commit dffc1e6
- x86/tdx: Reimplement __tdx_hypercall() using TDX_MODULE_CALL asm (git-fixes).
- commit 50c4a13
- x86/tdx: Make TDX_HYPERCALL asm similar to TDX_MODULE_CALL (git-fixes).
- Refresh patches.suse/x86-tdx-Fix-data-leak-in-mmio_read.patch.
- commit 82a2e36
- x86/tdx: Retry partially-completed page conversion hypercalls (git-fixes).
- Refresh
patches.suse/virt-tdx-guest-Add-Quote-generation-support-using-TSM_REPORTS.patch.
- commit 5ffe81f
- x86/tdx: Drop flags from __tdx_hypercall() (git-fixes).
- Refresh
patches.suse/msft-hv-2876-x86-hyperv-Support-hypercalls-for-fully-enlightened-.patch.
- Refresh
patches.suse/msft-hv-2882-x86-hyperv-Use-TDX-GHCI-to-access-some-MSRs-in-a-TDX.patch.
- Refresh
patches.suse/msft-hv-2884-x86-hyperv-Move-the-code-in-ivm.c-around-to-avoid-un.patch.
- Refresh patches.suse/x86-tdx-Fix-data-leak-in-mmio_read.patch.
- Refresh
patches.suse/x86-tdx-Make-_tdx_hypercall-and-__tdx_module_call-available-in-boot-stub.patch.
- Refresh
patches.suse/x86-tdx-Pass-TDCALL-SEAMCALL-input-output-registers-via-a-.patch.
- Refresh
patches.suse/x86-tdx-Rename-__tdx_module_call-to-__tdcall.patch.
- Refresh
patches.suse/x86-tdx-Zero-out-the-missing-RSI-in-TDX_HYPERCALL-macro.patch.
- commit 5d4a797
- x86/tdx: Remove TDX_HCALL_ISSUE_STI (git-fixes).
- Refresh
patches.suse/x86-tdx-Do-not-corrupt-frame-pointer-in-__tdx_hyperc.patch.
- Refresh
patches.suse/x86-tdx-Fix-arch_safe_halt-execution-for-TDX-VMs.patch.
- Refresh
patches.suse/x86-tdx-Refactor-__tdx_hypercall-to-allow-pass-down-.patch.
- commit 6c60bc2
- cpuidle: Move IRQ state validation (git-fixes).
- commit 36be557
- cpuidle/poll: Ensure IRQs stay disabled after cpuidle_state::enter() calls (git-fixes).
- commit 778474e
- arch/idle: Change arch_cpu_idle() behavior: always exit with IRQs disabled (git-fixes).
- Refresh
patches.suse/x86-tdx-Fix-arch_safe_halt-execution-for-TDX-VMs.patch.
- commit e41dc4f
- x86/tdx: Extend TDX_MODULE_CALL to support more TDCALL/SEAMCALL leafs (git-fixes).
- commit c2dd199
- x86/tdx: Pass TDCALL/SEAMCALL input/output registers via a structure (git-fixes).
- commit b5416b4
- x86/tdx: Rename __tdx_module_call() to __tdcall() (git-fixes).
- commit 500bf81
- x86/tdx: Make macros of TDCALLs consistent with the spec (git-fixes).
- commit c288f03
- x86/tdx: Skip saving output regs when SEAMCALL fails with VMFailInvalid (git-fixes).
- commit ecd6cb0
- x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro (git-fixes).
- commit 9c63e88
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- commit 017ee41
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- commit 92791c8
- RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- commit 93dd7d0
- RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- commit e994fef
- RDMA/hns: Fix the modification of max_send_sge (git-fixes)
- commit 659f7e7
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- commit 6784a99
- xfs: fix sparse inode limits on runt AG (bsc#1254392).
- commit eddc2d0
- avahi
-
- Add avahi-CVE-2025-68276.patch:
Backport 0c013e2 from upstream, refuse to create wide-area record
browsers when wide-area is off.
(CVE-2025-68276, bsc#1256498)
- Add avahi-CVE-2025-68471.patch:
Backport 9c6eb53 from upstream, fix DoS bug by changing assert to
return.
(CVE-2025-68471, bsc#1256500)
- Add avahi-CVE-2025-68468.patch:
Backport f66be13 from upstream, fix DoS bug by removing incorrect
assertion.
(CVE-2025-68468, bsc#1256499)
- openssl-1_1
-
- Security fixes:
* Missing ASN1_TYPE validation in PKCS#12 parsing
* ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
- openssl-CVE-2026-22795.patch [bsc#1256839, CVE-2026-22795], [bsc#1256840, CVE-2026-22796]
* Missing ASN1_TYPE validation in TS_RESP_verify_response() function
- openssl-CVE-2025-69420.patch [bsc#1256837, CVE-2025-69420]
* NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
- openssl-CVE-2025-69421.patch [bsc#1256838, CVE-2025-69421]
* Heap out-of-bounds write in BIO_f_linebuffer on short writes
- openssl-CVE-2025-68160.patch [bsc#1256834, CVE-2025-68160]
* Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
- openssl-CVE-2025-69418.patch [bsc#1256835, CVE-2025-69418]
* Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
- openssl-CVE-2025-69419.patch [bsc#1256836, CVE-2025-69419]
- libpcap
-
- Security fix: [bsc#1255765, CVE-2025-11961]
* Fix out-of-bound-write and out-of-bound-read in pcap_ether_aton()
due to missing validation of provided MAC-48 address string
* Add libpcap-CVE-2025-11961.patch
- libpng16
-
- added patches
CVE-2026-25646: Heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020)
* libpng16-CVE-2026-25646.patch
- security update
- added patches
CVE-2025-28162 [bsc#1257364], memory leaks when running `pngimage`
CVE-2025-28164 [bsc#1257365], memory leaks when running `pngimage`
* libpng16-CVE-2025-28162,28164.patch
- security update
- added patches
CVE-2026-22695 [bsc#1256525], Heap buffer over-read in png_image_finish_read
* libpng16-CVE-2026-22695.patch
CVE-2026-22801 [bsc#1256526], Integer truncation causing heap buffer over-read in png_image_write_*
* libpng16-CVE-2026-22801.patch
- python311
-
- CVE-2025-11468: preserving parens when folding comments in
email headers (bsc#1257029, gh#python/cpython#143935).
CVE-2025-11468-email-hdr-fold-comment.patch
- CVE-2026-0672: rejects control characters in http cookies.
(bsc#1257031, gh#python/cpython#143919)
CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch
- CVE-2026-0865: rejecting control characters in
wsgiref.headers.Headers, which could be abused for injecting
false HTTP headers. (bsc#1257042, gh#python/cpython#143916)
CVE-2026-0865-wsgiref-ctrl-chars.patch
- CVE-2025-15366: basically the same as the previous patch for
IMAP protocol. (bsc#1257044, gh#python/cpython#143921)
CVE-2025-15366-imap-ctrl-chars.patch
- CVE-2025-15282: basically the same as the previous patch for
urllib library. (bsc#1257046, gh#python/cpython#143925)
CVE-2025-15282-urllib-ctrl-chars.patch
- CVE-2025-15367: basically the same as the previous patch for
poplib library. (bsc#1257041, gh#python/cpython#143923)
CVE-2025-15367-poplib-ctrl-chars.patch
- CVE-2025-12781: fix decoding with non-standard Base64 alphabet
(bsc#1257108, gh#python/cpython#125346)
CVE-2025-12781-b64decode-alt-chars.patch
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
against OOM when loading malicious content (CVE-2025-13837,
bsc#1254401).
- python3
-
- CVE-2025-11468: preserving parens when folding comments in
email headers (bsc#1257029, gh#python/cpython#143935).
CVE-2025-11468-email-hdr-fold-comment.patch
- CVE-2026-0672: rejects control characters in http cookies.
(bsc#1257031, gh#python/cpython#143919)
CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch
- CVE-2026-0865: rejecting control characters in
wsgiref.headers.Headers, which could be abused for injecting
false HTTP headers. (bsc#1257042, gh#python/cpython#143916)
CVE-2026-0865-wsgiref-ctrl-chars.patch
- CVE-2025-15366: basically the same as the previous patch for
IMAP protocol. (bsc#1257044, gh#python/cpython#143921)
CVE-2025-15366-imap-ctrl-chars.patch
- CVE-2025-15282: basically the same as the previous patch for
urllib library. (bsc#1257046, gh#python/cpython#143925)
CVE-2025-15282-urllib-ctrl-chars.patch
- CVE-2025-15367: basically the same as the previous patch for
poplib library. (bsc#1257041, gh#python/cpython#143923)
CVE-2025-15367-poplib-ctrl-chars.patch
- sqlite3
-
- Sync version 3.51.2 from Factory:
* CVE-2025-7709, bsc#1254670: Integer Overflow in FTS5 Extension
* bsc#1248586: Fix icu-enabled build.
- libxml2
-
- CVE-2026-0990: call stack overflow leading to application crash
due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811)
* Add patch libxml2-CVE-2026-0990.patch
- CVE-2026-0992: excessive resource consumption when processing XML
catalogs due to exponential behavior when handling `<nextCatalog>` elements (bsc#1256808, bsc#1256809, bsc#1256812)
* Add patch libxml2-CVE-2026-0992.patch
- CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850)
* Add patch libxml2-CVE-2025-8732.patch
- CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595)
* Add patch libxml2-CVE-2026-1757.patch
- CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553)
* Add patch libxml2-CVE-2025-10911.patch
- CVE-2026-0989: call stack exhaustion leading to application crash
due to RelaxNG parser not limiting the recursion depth when
resolving `<include>` directives (bsc#1256804, bsc#1256805, bsc#1256810)
* Add patch libxml2-CVE-2026-0989.patch
* https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374
- python-certifi
-
- Add python36-certifi provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-idna
-
- Add python36-idna provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-packaging
-
- Add python36-packaging provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-ply
-
- Add python36-ply provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pycparser
-
- Add python36-pycparser provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-py
-
- Add python36-py provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-requests
-
- Add python36- provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-six
-
- Add python36-six provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-boto3
-
- Update to 1.42.27
* api-change:``bedrock``: [``botocore``] This change will increase TestCase guardContent input size
from 1024 to 2028 characters and PolicyBuildDocumentDescription from 2000 to 4000 characters
* api-change:``datazone``: [``botocore``] Adds support for IAM role subscriptions to Glue table
listings via CreateSubscriptionRequest API. Also adds owningIamPrincipalArn filter to List APIs and
subscriptionGrantCreationMode parameter to subscription target APIs for controlling grant creation
behavior.
- from version 1.42.26
* api-change:``billing``: [``botocore``] Cost Categories filtering support to BillingView data
filter expressions through the new costCategories parameter, enabling users to filter billing views
by AWS Cost Categories for more granular cost management and allocation.
* api-change:``iot-managed-integrations``: [``botocore``] This release introduces WiFi Simple Setup
(WSS) enabling device provisioning via barcode scanning with automated network discovery,
authentication, and credential provisioning. Additionally, it introduces 2P Device Capability
Rediscovery for updating hub-managed device capabilities post-onboarding.
* api-change:``sagemaker``: [``botocore``] Added ultraServerType to the UltraServerInfo structure
to support server type identification for SageMaker HyperPod
- from version 1.42.25
* api-change:``bedrock-agentcore-control``: [``botocore``] Adds optional field "view" to GetMemory
API input to give customers control over whether CMK encrypted data such as strategy decryption or
override prompts is returned or not.
* api-change:``cloudfront``: [``botocore``] Added EntityLimitExceeded exception handling to the
following API operations AssociateDistributionWebACL, AssociateDistributionTenantWebACL,
UpdateDistributionWithStagingConfig
* api-change:``glue``: [``botocore``] Adding MaterializedViews task run APIs
* api-change:``medialive``: [``botocore``] MediaPackage v2 output groups in MediaLive can now
accept one additional destination for single pipeline channels and up to two additional
destinations for standard channels. MediaPackage v2 destinations now support sending to cross
region MediaPackage channels.
* api-change:``transcribe``: [``botocore``] Adds waiters to Amazon Transcribe.
- from version 1.42.24
* api-change:``workspaces``: [``botocore``] Add StateMessage and ProgressPercentage fields to
DescribeCustomWorkspaceImageImport API response.
- from version 1.42.23
* api-change:``ce``: [``botocore``] This release updates existing reservation recommendations API
to support deployment model.
* api-change:``emr-serverless``: [``botocore``] Added support for enabling disk encryption using
customer managed AWS KMS keys to CreateApplication, UpdateApplication and StartJobRun APIs.
- from version 1.42.22
* api-change:``cleanroomsml``: [``botocore``] AWS Clean Rooms ML now supports advanced Spark
configurations to optimize SQL performance when creating an MLInputChannel or an audience
generation job.
- from version 1.42.21
* bugfix:``s3``: [``botocore``] Clarify ``payload_signing_enabled`` documentation to cover
interaction with ``request_checksum_calculation``
- from version 1.42.20
* api-change:``cleanrooms``: [``botocore``] Added support for publishing detailed metrics to
CloudWatch for operational monitoring of collaborations, including query performance and resource
utilization.
* api-change:``identitystore``: [``botocore``] This change introduces "Roles" attribute for User
entities supported by AWS Identity Store SDK.
- from version 1.42.19
* api-change:``connect``: [``botocore``] Adds support for searching global contacts using the
ActiveRegions filter, and pagination support for ListSecurityProfileFlowModules and
ListEntitySecurityProfiles.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``kafkaconnect``: [``botocore``] This change sets the KafkaConnect GovCloud FIPS and
FIPS DualStack endpoints to use kafkaconnect instead of kafkaconnect-fips as the service name. This
is done to match the Kafka endpoints.
- from version 1.42.18
* api-change:``connect``: [``botocore``] Changes for Contact for Global Search
* api-change:``elastictranscoder``: [``botocore``] The elastictranscoder client has been removed
following the deprecation of the service.
* api-change:``quicksight``: [``botocore``] This release adds support for quick users to be able to
perform role upgrades on their own. Additionally it allows admins to make this feature admin or
auto approval along with new self upgrade capability that can be restricted by Admins.
- from version 1.42.17
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive now supports Pipeline Locking
using Video Alignment as well as linked single pipeline channels to enable cross-channel and
cross-region Pipeline Locking workflows.
- from version 1.42.16
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``geo-places``: [``botocore``] Adds support for InferredSecondaryAddress place type,
Designator in SecondaryAddressComponent and Heading in ReverseGeocode.
* api-change:``pinpoint-sms-voice-v2``: [``botocore``] This release adds support for the
Registration Reviewer feature, which provides generative AI feedback on a phone number or sender ID
registration to ensure completeness before sending to downstream (carrier) review.
* api-change:``s3``: [``botocore``] Add additional validation to Outpost bucket names.
- from version 1.42.15
* api-change:``config``: [``botocore``] Added supported resourceTypes for Config from July to
November 2025
* api-change:``ec2``: [``botocore``] Adds support for linkedGroupId on the CreatePlacementGroup and
DescribePlacementGroups APIs. The linkedGroupId parameter is reserved for future use.
* api-change:``guardduty``: [``botocore``] Make accountIds a required field in
GetRemainingFreeTrialDays API to reflect service behavior.
* api-change:``pcs``: [``botocore``] Change API Reference Documentation for default Mode in
Accounting and SlurmRest
- from version 1.42.14
* api-change:``arc-region-switch``: [``botocore``] Automatic Plan Execution Reports allow customers
to maintain a concise record of their Region switch Plan executions. This enables customer SREs
and leadership to have a clear view of their recovery posture based on the generated reports for
their Plan executions.
* api-change:``connect``: [``botocore``] Adding support for Custom Metrics and Pre-Defined
Attributes to GetCurrentMetricData API.
* api-change:``emr-serverless``: [``botocore``] Added JobLevelCostAllocationConfiguration field to
enable cost allocation reporting at the job level, providing more granular visibility into EMR
Serverless charges
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``iot``: [``botocore``] This release adds event-based logging feature that enables
granular event logging controls for AWS IoT logs.
* api-change:``qbusiness``: [``botocore``] It is a internal bug fix for region expansion
* api-change:``wickr``: [``botocore``] AWS Wickr now provides a suite of admin APIs to allow you to
programmatically manage secure communication for Wickr networks at scale. These APIs enable you to
automate administrative workflows including user lifecycle management, network configuration, and
security group administration.
* api-change:``workspaces-web``: [``botocore``] Add support for WebAuthn under user settings.
- from version 1.42.13
* api-change:``appstream``: [``botocore``] Added support for new operating systems (1) Ubuntu 24.04
Pro LTS on Elastic fleets, and (2) Microsoft Server 2025 on Always-On and On-Demand fleets
* api-change:``arc-region-switch``: [``botocore``] New API to list Route 53 health checks created
by ARC region switch for a plan in a specific AWS Region using the Region switch Regional data
plane.
* api-change:``artifact``: [``botocore``] Add support for ListReportVersions API for the calling
AWS account.
* api-change:``bedrock-agentcore-control``: [``botocore``] Feature to support header exchanges
between Bedrock AgentCore Gateway Targets and client, along with propagating query parameter to the
configured targets.
* api-change:``bedrock-data-automation``: [``botocore``] Blueprint Optimization (BPO) is a new
Amazon Bedrock Data Automation (BDA) capability that improves blueprint inference accuracy using
example content assets and ground truth data. BPO works by generating better instructions for
fields in the Blueprint using provided data.
* api-change:``cleanrooms``: [``botocore``] Adding support for collaboration change requests
requiring an approval workflow. Adding support for change requests that grant or revoke results
receiver ability and modifying auto approved change types in an existing collaboration.
* api-change:``ec2``: [``botocore``] This release adds AvailabilityZoneId support for CreateFleet,
ModifyFleet, DescribeFleets, RequestSpotFleet, ModifySpotFleetRequests and
DescribeSpotFleetRequests APIs.
* api-change:``ecr``: [``botocore``] Adds support for ECR Create On Push
* api-change:``ecs``: [``botocore``] Adding support for Event Windows via a new ECS account setting
"fargateEventWindows". When enabled, ECS Fargate will use the configured event window for patching
tasks. Introducing "CapacityOptionType" for CreateCapacityProvider API, allowing support for Spot
capacity for ECS Managed Instances.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``iot``: [``botocore``] This release adds message batching for the IoT Rules Engine
HTTP action.
* api-change:``opensearch``: [``botocore``] Amazon OpenSearch Service adds support for warm nodes,
enabling new multi-tier architecture.
* api-change:``sesv2``: [``botocore``] Amazon SES introduces Email Validation feature which checks
email addresses for syntax errors, domain validity, and risky addresses to help maintain
deliverability and protect sender reputation. SES also adds resource tagging and ABAC support for
EmailTemplates and CustomVerificationEmailTemplates.
* api-change:``ssm-sap``: [``botocore``] Added "Stopping" for the HANA Database Status.
- from version 1.42.12
* api-change:``gameliftstreams``: [``botocore``] Added new stream group operation parameters for
scale-on-demand capacity with automatic prewarming. Added new Gen6 stream classes based on the EC2
G6 instance family. Added new StartStreamSession parameter for exposure of real-time performance
stats to clients.
* api-change:``guardduty``: [``botocore``] Add support for dbiResourceId in finding.
* api-change:``inspector-scan``: [``botocore``] Adds an additional OutputFormat
* api-change:``kafkaconnect``: [``botocore``] Support dual-stack network connectivity for
connectors via NetworkType field.
* api-change:``mediaconvert``: [``botocore``] Adds support for tile encoding in HEVC and audio for
video overlays.
* api-change:``mediapackagev2``: [``botocore``] This release adds support for SPEKE V2 content key
encryption in MediaPackage v2 Origin Endpoints.
* api-change:``payment-cryptography``: [``botocore``] Support for AS2805 standard. Modifications
to import-key and export-key to support AS2805 variants.
* api-change:``payment-cryptography-data``: [``botocore``] Support for AS2805 standard. New API
GenerateAs2805KekValidation and changes to translate pin, GenerateMac and VerifyMac to support
AS2805 key variants.
* api-change:``sagemaker``: [``botocore``] Adding the newly launched p6-b300.48xlarge ec2 instance
support in Sagemaker(Hyperpod,Training and Sceptor)
- from version 1.42.11
* api-change:``iot``: [``botocore``] Add support for dynamic payloads in IoT Device Management
Commands
* api-change:``timestream-influxdb``: [``botocore``] This release adds support for rebooting
InfluxDB DbInstances and DbClusters
- from version 1.42.10
* api-change:``bedrock-agentcore-control``: [``botocore``] This release updates broken links for
AgentCore Policy APIs in the AWS CLI and SDK resources.
* api-change:``connect``: [``botocore``] Amazon Connect now supports outbound WhatsApp contacts via
the Send message block or StartOutboundChatContact API. Send proactive messages for surveys,
reminders, and updates. Offer customers the option to switch to WhatsApp while in queue,
eliminating hold time.
* api-change:``ec2``: [``botocore``] EC2 Capacity Manager now supports SpotTotalCount,
SpotTotalInterruptions and SpotInterruptionRate metrics for both vCPU and instance units.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``entityresolution``: [``botocore``] Support Customer Profiles Integration for AWS
Entity Resolution
* api-change:``glacier``: [``botocore``] Documentation updates for Amazon Glacier's maintenance mode
* api-change:``health``: [``botocore``] Updating Health API endpoint generation for dualstack only
regions
* api-change:``logs``: [``botocore``] This release allows you to import your historical CloudTrail
Lake data into CloudWatch with a few steps, enabling you to easily consolidate operational,
security, and compliance data in one place.
* api-change:``mediatailor``: [``botocore``] Added support for Ad Decision Server Configuration
enabling HTTP POST requests with custom bodies, headers, GZIP compression, and dynamic variables.
No changes required for existing GET request configurations.
* api-change:``route53resolver``: [``botocore``] Adds support for enabling detailed metrics on
Route 53 Resolver endpoints using RniEnhancedMetricsEnabled and TargetNameServerMetricsEnabled in
the CreateResolverEndpoint and UpdateResolverEndpoint APIs, providing enhanced visibility into
Resolver endpoint and target name server performance.
* api-change:``s3``: [``botocore``] This release adds support for the new optional field
'LifecycleExpirationDate' in S3 Inventory configurations.
* api-change:``service-quotas``: [``botocore``] Add support for SQ Dashboard Api
- from version 1.42.9
* api-change:``bcm-recommended-actions``: [``botocore``] Added new freetier action types to
RecommendedAction.type.
* api-change:``connect``: [``botocore``] Amazon Connect now offers automated post-chat surveys
triggered when customers end conversations. This captures timely feedback while experience is
fresh, using either a no-code form builder or Amazon Lex-powered interactive surveys.
* api-change:``datasync``: [``botocore``] Adds Enhanced mode support for NFS and SMB locations. SMB
credentials are now managed via Secrets Manager, and may be encrypted with service or customer
managed keys. Increases AgentArns maximum count to 8 (max 4 per TaskMode). Adds folder counters to
DescribeTaskExecution for Enhanced mode tasks.
* api-change:``workspaces-web``: [``botocore``] Adds support for portal branding customization,
enabling administrators to personalize end-user portals with custom assets.
- from version 1.42.8
* api-change:``lambda``: [``botocore``] Add Dotnet 10 (dotnet10) support to AWS Lambda.
* api-change:``organizations``: [``botocore``] Add support for policy operations on the NETWORK
SECURITY DIRECTOR POLICY policy type.
* api-change:``quicksight``: [``botocore``] This release adds new GetIdentityContext API, Dashboard
customization options for tables and pivot tables, Visual styling options- borders and decals, map
GeocodingPreferences, KeyPairCredentials for DataSourceCredentials. Snapshot APIs now support
registered users. Parameters limit increased to 400
* api-change:``secretsmanager``: [``botocore``] Add SortBy parameter to ListSecrets
* api-change:``sesv2``: [``botocore``] Update GetEmailIdentity and CreateEmailIdentity response to
include SigningHostedZone in DkimAttributes. Updated PutEmailIdentityDkimSigningAttributes Response
to include SigningHostedZone.
- from version 1.42.7
* api-change:``bedrock``: [``botocore``] Automated Reasoning checks in Amazon Bedrock Guardrails is
capable of generating policy scenarios to validate policies. The
GetAutomatedReasoningPolicyBuildWorkflowResultAssets API now adds POLICY SCENARIO asset type,
allowing customers to retrieve scenarios generated by the build workflow.
* api-change:``billingconductor``: [``botocore``] Launch itemized custom line item and service line
item filter
* api-change:``cloudwatch``: [``botocore``] This release introduces two additional protocols AWS
JSON 1.1 and Smithy RPC v2 CBOR, replacing the currently utilized one, AWSQuery. AWS SDKs will
prioritize the protocol that is the most performant for each language.
* api-change:``odb``: [``botocore``] The following APIs now return CloudExadataInfrastructureArn
and OdbNetworkArn fields for improved resource identification and AWS service integration -
GetCloudVmCluster, ListCloudVmClusters, GetCloudAutonomousVmCluster, and
ListCloudAutonomousVmClusters.
* api-change:``opensearch``: [``botocore``] The CreateApplication API now supports an optional kms
key arn parameter to allow customers to specify a CMK for application encryption.
* api-change:``partnercentral-selling``: [``botocore``] Adds support for the new
Project.AwsPartition field on Opportunity and AWS Opportunity Summary. Use this field to specify
the AWS partition where the opportunity will be deployed.
* api-change:``signer``: [``botocore``] Adds support for Signer GetRevocationStatus with updated
endpoints
- from version 1.42.6
* api-change:``account``: [``botocore``] This release adds a new API
(GetGovCloudAccountInformation) used to retrieve information about a linked GovCloud account from
the standard AWS partition.
* api-change:``appsync``: [``botocore``] Update Event API to require EventConfig parameter in
creation and update requests.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``guardduty``: [``botocore``] Adding support for Ec2LaunchTemplate Version field
* api-change:``ivs-realtime``: [``botocore``] Token Exchange introduces seamless token exchange
capabilities for IVS RTX, enabling customers to upgrade or downgrade token capabilities and update
token attributes within the IVS client SDK without forcing clients to disconnect and reconnect.
* api-change:``mgn``: [``botocore``] Added parameters encryption, IPv4/IPv6 protocol configuration,
and enhanced tagging support for replication operations.
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the EU (Germany) Region
(eusc-de-east-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that
region
- Update BuildRequires and Requires from setup.py
- Update to 1.42.5
* api-change:``ce``: [``botocore``] Add support for Cost Category resource associations including
filtering by resource type on ListCostCategoryDefinitions and new
ListCostCategoryResourceAssociations API.
* api-change:``ec2``: [``botocore``] Amazon EC2 P6-B300 instances provide 8x NVIDIA Blackwell Ultra
GPUs with 2.1 TB high bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps dedicated ENA
throughput, and 4 TB of system memory. Amazon EC2 C8a instances are powered by 5th Gen AMD EPYC
processors with a maximum frequency of 4.5 GHz.
* api-change:``identitystore``: [``botocore``] Updating AWS Identity Store APIs to support
Attribute Extensions capability, with the first release adding Enterprise Attributes. This launch
aligns Identity Store APIs with SCIM for enterprise attributes, reducing cases when customers are
forced to use SCIM due to lack of SigV4 API support.
* api-change:``partnercentral-selling``: [``botocore``] Deal Sizing Service for AI-based deal size
estimation with AWS service-level breakdown, supporting Expansion and Migration deals across
Technology, and Reseller partner cohorts, including Pricing Calculator AddOn for MAP deals and
funding incentives.
* api-change:``rds``: [``botocore``] Adding support for tagging RDS Instance/Cluster Automated
Backups
* api-change:``redshift-serverless``: [``botocore``] Added GetIdentityCenterAuthToken API to
retrieve encrypted authentication tokens for Identity Center integrated serverless workgroups. This
API enables programmatic access to secure Identity Center tokens with proper error handling and
parameter validation across supported SDK languages.
* api-change:``rolesanywhere``: [``botocore``] Increases certificate string length for trust anchor
source data to support ML-DSA certificates.
* api-change:``sesv2``: [``botocore``] Update Mail Manager Archive ARN validation
* enhancement:ContainerProvider: [``botocore``] The ContainerProvider now works with arbitray HTTPS
URLs for `AWS_CONTAINER_CREDENTIALS_FULL_URI`.
- from version 1.42.4
* api-change:``ecs``: [``botocore``] Updating stop-task API to encapsulate containers with custom
stop signal
* api-change:``iam``: [``botocore``] Adding the ExpirationTime attribute to the delegation request
resource.
* api-change:``inspector2``: [``botocore``] This release adds a new ScanStatus called "Unsupported
Code Artifacts". This ScanStatus will be returned when a Lambda function was not code scanned
because it has unsupported code artifacts.
* api-change:``partnercentral-account``: [``botocore``] Adding Verification API's to Partner
Central Account SDK.
* api-change:``sesv2``: [``botocore``] Updating the desired url for
`PutEmailIdentityDkimSigningAttributes` from v1 to v2
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.29.2
- from version 1.42.3
* api-change:``lambda``: [``botocore``] Add DisallowedByVpcEncryptionControl to the
LastUpdateStatusReasonCode and StateReasonCode enums to represent failures caused by VPC Encryption
Controls.
- from version 1.42.2
* api-change:``bedrock``: [``botocore``] Adding support in Amazon Bedrock to customize models with
reinforcement fine-tuning (RFT) and support for updating the existing Custom Model Deployments.
* api-change:``sagemaker``: [``botocore``] Introduces Serverless training: A fully managed compute
infrastructure that abstracts away all infrastructure complexity, allowing you to focus purely on
model development.
Added AI model customization assets used to train, refine, and evaluate custom models during the
model customization process.
- from version 1.42.1
* api-change:``bedrock``: [``botocore``] Adds the audioDataDeliveryEnabled boolean field to the
Model Invocation Logging Configuration.
* api-change:``bedrock-agentcore``: [``botocore``] Support for AgentCore Evaluations and Episodic
memory strategy for AgentCore Memory.
* api-change:``bedrock-agentcore-control``: [``botocore``] Supports AgentCore Evaluations, Policy,
Episodic Memory Strategy, Resource Based Policy for Runtime and Gateway APIs, API Gateway Rest API
Targets and enhances JWT authorizer.
* api-change:``bedrock-runtime``: [``botocore``] Adds support for Audio Blocks and Streaming Image
Output plus new Stop Reasons of malformed_model_output and malformed_tool_use.
* api-change:``ce``: [``botocore``] This release updates existing Savings Plans Purchase Analyzer
and Recommendations APIs to support Database Savings Plans.
* api-change:``datazone``: [``botocore``] Amazon DataZone now supports exporting Catalog datasets
as Amazon S3 tables, and provides automatic business glossary term suggestions for data assets.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``fsx``: [``botocore``] S3 Access Points support for FSx for NetApp ONTAP
* api-change:``guardduty``: [``botocore``] Adding support for extended threat detection for Amazon
EC2 and Amazon ECS. Adding support for wild card suppression rules.
* api-change:``lambda``: [``botocore``] Launching Lambda durable functions - a new feature to build
reliable multi-step applications and AI workflows natively within the Lambda developer experience.
* api-change:``logs``: [``botocore``] CloudWatch Logs adds managed S3 Tables integration to access
logs using other analytical tools, as well as facets and field indexing to simplify log analytics
in CloudWatch Logs Insights.
* api-change:``nova-act``: [``botocore``] Initial release of Nova Act SDK. The Nova Act service
enables customers to build and manage fleets of agents for automating production UI workflows with
high reliability, fastest time-to-value, and ease of implementation at scale.
* api-change:``observabilityadmin``: [``botocore``] CloudWatch Observability Admin adds pipelines
configuration for third party log ingestion and transformation of all logs ingested, integration of
CloudWatch logs with S3 Tables, and AWS account or organization level enablement for 7 AWS services.
* api-change:``opensearch``: [``botocore``] GPU-acceleration helps you build large-scale vector
databases faster and more efficiently. You can enable this feature on new OpenSearch domains and
OpenSearch Serverless collections. This feature uses GPU-acceleration to reduce the time needed to
index data into vector indexes.
* api-change:``opensearchserverless``: [``botocore``] GPU-acceleration helps you build large-scale
vector databases faster and more efficiently. You can enable this feature on new OpenSearch domains
and OpenSearch Serverless collections. This feature uses GPU-acceleration to reduce the time needed
to index data into vector indexes.
* api-change:``rds``: [``botocore``] RDS Oracle and SQL Server: Add support for adding, modifying,
and removing additional storage volumes, offering up to 256TiB storage; RDS SQL Server: Support
Developer Edition via custom engine versions for development and testing purposes; M7i/R7i
instances with Optimize CPU for cost savings.
* api-change:``s3``: [``botocore``] New S3 Storage Class FSX_ONTAP
* api-change:``s3control``: [``botocore``] Add support for S3 Storage Lens Advanced Performance
Metrics, Expanded Prefixes metrics report, and export to S3 Tables.
* api-change:``s3tables``: [``botocore``] Add storage class, replication, and table record
expiration features to S3 Tables.
* api-change:``s3vectors``: [``botocore``] Amazon S3 Vectors provides cost-effective, elastic, and
durable vector storage for queries based on semantic meaning and similarity.
* api-change:``sagemaker``: [``botocore``] Added support for serverless MLflow Apps.
Added support for new HubContentTypes (DataSet and JsonDoc) in Private Hub for AI model
customization assets, enabling tracking and management of training datasets and evaluators (reward
functions/prompts) throughout the ML lifecycle.
* api-change:``savingsplans``: [``botocore``] Added support for Amazon Database Savings Plans
* api-change:``securityhub``: [``botocore``] ITSM enhancements: DRYRUN mode for testing ticket
creation, ServiceNow now uses AWS Secrets Manager for credentials, ConnectorRegistrationsV2 renamed
to RegisterConnectorV2, added ServiceQuotaExceededException error, and ConnectorStatus visibility
in CreateConnectorV2.
- from version 1.42.0
* api-change:``appintegrations``: [``botocore``] This release adds support for MCP servers via the
ApplicationType field, allowing customers to register their Bedrock AgentCore gateways as third
party applications.
* api-change:``bedrock-agent``: [``botocore``] Support audio and video ingestion on Bedrock
Knowledge Bases.
* api-change:``bedrock-agent-runtime``: [``botocore``] Support audio and video content retrieval on
Bedrock Knowledge Bases.
* api-change:``cleanrooms``: [``botocore``] AWS Clean Rooms now supports privacy-enhancing
synthetic dataset generation for custom ML training.
* api-change:``cleanroomsml``: [``botocore``] AWS Clean Rooms ML now supports privacy-enhancing
synthetic dataset generation for custom ML training.
* api-change:``connect``: [``botocore``] This is a combined re:Invent release for Amazon Connect.
* api-change:``connectcampaignsv2``: [``botocore``] This release added support for new WhatsApp
channel and Journey type outbound campaign
* api-change:``connectparticipant``: [``botocore``] Amazon Connect now supports message processing
that intercepts and processes chat messages before they reach any participant.
* api-change:``customer-profiles``: [``botocore``] This release introduces, CRUD APIs for the
DomainObjectType and Recommender resources, APIs to offer statistical insights on Object Type
Attributes, Changes to SegmentDefinition APIs to support SQL queries to create Segments, and
Changes to Domain APIs to support Data Store.
* api-change:``eks``: [``botocore``] This release adds support for EKS Capabilities
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``glue``: [``botocore``] feature: Glue: Add support for Iceberg materialized view in
Glue Data Catalog, including updated CreateTable API to support materialized views and new APIs for
managing data refresh for materialized views.
feature: Glue: Add support for Iceberg table encryption keys and struct field defaults.
* api-change:``lambda``: [``botocore``] Launching Lambda Managed Instances - a new feature to run
Lambda on EC2.
* api-change:``lexv2-models``: [``botocore``] Adds support for speech-to-speech models for
human-like, adaptive, and expressive voice interactions. Also adds support for speech model
preference, allowing customers to select which speech model they want to use for speech-to-text
requests.
* api-change:``marketplace-agreement``: [``botocore``] This release supports 1/multi-product
transactions via offer sets. DescribeAgreement and SearchAgreements APIs now return offer set IDs.
SearchAgreements also supports filtering by offer set ID and 2/variable payment pricing terms will
be returned through GetAgreementTerms.
* api-change:``marketplace-catalog``: [``botocore``] This release introduces offer set entity in
AWS Marketplace Catalog API to enable multi-product transaction. Offer set enables sellers to group
multiple private offers into a single-click purchase experience, simplifying procurement for
customers purchasing multi-product solutions.
* api-change:``partnercentral-account``: [``botocore``] Initial GA launch of Partner Central Account
* api-change:``partnercentral-benefits``: [``botocore``] Initial GA launch of Partner Central
Benefits
* api-change:``partnercentral-selling``: [``botocore``] New Features:
Lead Management APIs for capturing and nurturing leads
Lead invitation support for partner collaboration
Lead-to-opportunity conversion operations
AWS Marketplace OfferSets support for opportunities
* api-change:``personalize``: [``botocore``] This release adds support for includedDatasetColumns
and performIncrementalUpdate in solution APIs, and rankingInfluence in campaign and batch inference
APIs.
* api-change:``qconnect``: [``botocore``] New AIAgent types: Orchestration for ModelContextProtocol
tool integration, CaseSummary for Amazon Connect Case summaries, NoteTaker for Agent Assistance
notes. Added ListSpans and Retrieve APIs. Enhanced Q in Connect AssistantAssociationType to support
Bring Your Own Bedrock Knowledge Bases.
* api-change:``route53globalresolver``: [``botocore``] Add SDK for Amazon Route 53 Global Resolver,
a fully managed DNS resolver service that offers broad DNS-filtering security controls.
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.29.1
* enhancement:``s3``: Adds partial ``TransferConfig`` support for CRT transfer managers.
* feature:``s3``: Added ``crt`` mode to ``preferred_transfer_client`` parameter in
``TransferConfig`` to enable CRT transfer client in all environments.
- from version 1.41.5
* api-change:``bedrock-runtime``: [``botocore``] Bedrock Runtime Reserved Service Support
* api-change:``compute-optimizer``: [``botocore``] Compute Optimizer now identifies idle NAT
Gateway resources for cost optimization based on traffic patterns and backup configuration
analysis. Access recommendations via the GetIdleRecommendations API.
* api-change:``cost-optimization-hub``: [``botocore``] This release enables AWS Cost Optimization
Hub to show cost optimization recommendations for NAT Gateway.
- from version 1.41.4
* api-change:``ec2``: [``botocore``] This release adds support to view Network firewall proxy
appliances attached to an existing NAT Gateway via DescribeNatGateways API
NatGatewayAttachedAppliance structure.
* api-change:``network-firewall``: [``botocore``] Network Firewall release of the Proxy feature.
* api-change:``organizations``: [``botocore``] Add support for policy operations on the S3_POLICY
and BEDROCK_POLICY policy type.
* api-change:``route53``: [``botocore``] Adds support for new route53 feature: accelerated recovery.
- Update BuildRequires and Requires from setup.py
- Update to 1.41.3
* api-change:``cloudfront``: [``botocore``] Add TrustStore, ConnectionFunction APIs to CloudFront
SDK
* api-change:``logs``: [``botocore``] New CloudWatch Logs feature - LogGroup Deletion Protection, a
capability that allows customers to safeguard their critical CloudWatch log groups from accidental
or unintended deletion.
* enhancement:awscrt: [``botocore``] Update awscrt version to 0.29.0
- from version 1.41.2
* api-change:``apigateway``: [``botocore``] API Gateway supports VPC link V2 for REST APIs.
* api-change:``athena``: [``botocore``] Introduces Spark workgroup features including log
persistence, S3/CloudWatch delivery, UI and History Server APIs, and SparkConnect 3.5.6 support.
Adds DPU usage limits at workgroup and query levels as well as DPU usage tracking for Capacity
Reservation queries to optimize performance and costs.
* api-change:``bedrock``: [``botocore``] Add support to automatically enforce safeguards across
accounts within an AWS Organization.
* api-change:``bedrock-agentcore-control``: [``botocore``] Support for agentcore gateway
interceptor configurations and NONE authorizer type
* api-change:``bedrock-data-automation-runtime``: [``botocore``] Adding new fields to
GetDataAutomationStatus: jobSubmissionTime, jobCompletionTime, and jobDurationInSeconds
* api-change:``bedrock-runtime``: [``botocore``] Add support to automatically enforce safeguards
across accounts within an AWS Organization.
* api-change:``cloudformation``: [``botocore``] Adds the DependsOn field to the AutoDeployment
configuration parameter for CreateStackSet, UpdateStackSet, and DescribeStackSet APIs, allowing
users to set and read auto-deployment dependencies between StackSets
* api-change:``compute-optimizer-automation``: [``botocore``] Initial release of AWS Compute
Optimizer Automation. Create automation rules to implement recommended actions on a recurring
schedule based on your specified criteria. Supported actions include: snapshot and delete
unattached EBS volumes and upgrade volume types to the latest generation.
* api-change:``connect``: [``botocore``] New APIs to support aliases and versions for
ContactFlowModule. Updated ContactFlowModule APIs to support custom blocks.
* api-change:``controltower``: [``botocore``] The manifest field is now optional for the AWS
Control Tower CreateLandingZone and UpdateLandingZone APIs for Landing Zone version 4.0
* api-change:``ec2``: [``botocore``] This release adds a new capability to create and manage
interruptible EC2 Capacity Reservations.
* api-change:``ecr``: [``botocore``] Add support for ECR managed signing
* api-change:``eks``: [``botocore``] Adds support for controlPlaneScalingConfig on EKS Clusters.
* api-change:``elbv2``: [``botocore``] This release adds the health check log feature in ALB,
allowing customers to send detailed target health check log data directly to their designated
Amazon S3 bucket.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``invoicing``: [``botocore``] Added the CreateProcurementPortalPreference,
GetProcurementPortalPreference, PutProcurementPortalPreference,
UpdateProcurementPortalPreferenceStatus, ListProcurementPortalPreferences and
DeleteProcurementPortalPreference APIs for procurement portal preference management.
* api-change:``kinesisvideo``: [``botocore``] This release adds support for Tiered Storage
* api-change:``kms``: [``botocore``] Support for on-demand rotation of AWS KMS Multi-Region keys
with imported key material
* api-change:``lambda``: [``botocore``] Launching Enhanced Error Handling and ESM Grouping
capabilities for Kafka ESMs
* api-change:``lexv2-models``: [``botocore``] Adds support for Intent Disambiguation, allowing
resolution of ambiguous user inputs when multiple intents match by presenting clarifying questions
to users. Also adds Speech Detection Sensitivity configuration for optimizing voice activity
detection sensitivity levels in various noise environments.
* api-change:``mailmanager``: [``botocore``] Add support for resources in the aws-eusc partition.
* api-change:``marketplace-entitlement``: [``botocore``] Endpoint update for new region
* api-change:``mediapackagev2``: [``botocore``] Adds support for excluding session key tags from
HLS multivariant playlists
* api-change:``meteringmarketplace``: [``botocore``] Endpoint update for new region
* api-change:``odb``: [``botocore``] Adds AssociateIamRoleToResource and
DisassociateIamRoleFromResource APIs for managing IAM roles. Enhances CreateOdbNetwork and
UpdateOdbNetwork APIs with KMS, STS, and cross-region S3 parameters. Adds OCI identity domain
support to InitializeService API.
* api-change:``organizations``: [``botocore``] Add support for policy operations on the
UPGRADE_ROLLOUT_POLICY policy type.
* api-change:``qconnect``: [``botocore``] This release introduces two new messaging channel
subtypes: Push, WhatsApp, under MessageTemplate which is a resource in Amazon Q in Connect.
* api-change:``quicksight``: [``botocore``] Amazon Quick Suite now supports QuickChat as an
embedding type when calling the GenerateEmbedUrlForRegisteredUser API, enabling developers to embed
conversational AI agents directly into their applications.
* api-change:``rds``: [``botocore``] Add support for Upgrade Rollout Order
* api-change:``redshift``: [``botocore``] Added support for Amazon Redshift Federated Permissions
and AWS IAM Identity Center trusted identity propagation.
* api-change:``redshift-serverless``: [``botocore``] Added UpdateLakehouseConfiguration API to
manage Amazon Redshift Federated Permissions and AWS IAM Identity Center trusted identity
propagation for namespaces.
* api-change:``sagemaker``: [``botocore``] Enhanced SageMaker HyperPod instance groups with support
for MinInstanceCount, CapacityRequirements (Spot/On-Demand), and KubernetesConfig (labels and
taints). Also Added speculative decoding and MaxInstanceCount for model optimization jobs.
* api-change:``security-ir``: [``botocore``] Add ListInvestigations and SendFeedback APIs to
support SecurityIR AI agents
* api-change:``sesv2``: [``botocore``] Added support for new SES regions - Asia Pacific (Malaysia)
and Canada (Calgary)
* api-change:``transfer``: [``botocore``] Adds support for creating Webapps accessible from a VPC.
- from version 1.41.1
* api-change:``application-signals``: [``botocore``] Amazon CloudWatch Application Signals now
supports un-instrumented services discovery, cross-account views, and change history, helping SRE
and DevOps teams monitor and troubleshoot their large-scale distributed applications.
* api-change:``autoscaling``: [``botocore``] This release adds support for three new features: 1)
Image ID overrides in mixed instances policy, 2) Replace Root Volume - a new strategy for Instance
Refresh, and 3) Instance Lifecycle Policy for enhanced instance lifecycle management.
* api-change:``bedrock-agentcore``: [``botocore``] Bedrock AgentCore Memory release for redriving
memory extraction jobs (StartMemoryExtractionJob and ListMemoryExtractionJob)
* api-change:``bedrock-data-automation``: [``botocore``] Added support for Synchronous project type
and PII Detection and Redaction
* api-change:``bedrock-data-automation-runtime``: [``botocore``] Bedrock Data Automation Runtime
Sync API
* api-change:``braket``: [``botocore``] Add support for Braket spending limits.
* api-change:``budgets``: [``botocore``] Add BillingViewHealthStatusException to
DescribeBudgetPerformanceHistory and ServiceQuotaExceededException to UpdateBudget for improved
error handling with Billing Views.
* api-change:``cloudfront``: [``botocore``] This release adds support for bring your own IP (BYOIP)
to CloudFront's CreateAnycastIpList API through an optional IpamCidrConfigs field.
* api-change:``cloudtrail``: [``botocore``] AWS launches CloudTrail aggregated events to simplify
monitoring of data events at scale. This feature delivers both granular and summarized data events
for resources like S3/Lambda, helping security teams identify patterns without custom aggregation
logic.
* api-change:``connect``: [``botocore``] Add optional ability to exclude users from send
notification actions for Contact Lens Rules.
* api-change:``datasync``: [``botocore``] The partition value "aws-eusc" is now permitted for ARN
(Amazon Resource Name) fields.
* api-change:``devicefarm``: [``botocore``] Add support for environment variables and an IAM
execution role.
* api-change:``dms``: [``botocore``] Added support for customer-managed KMS key (CMK) for
encryption for import private key certificate. Additionally added Amazon SageMaker Lakehouse
endpoint used for zero-ETL integrations with data warehouses.
* api-change:``dsql``: [``botocore``] Added clusterVpcEndpoint field to GetVpcEndpointServiceName
API response, returning the VPC connection endpoint for the cluster
* api-change:``ec2``: [``botocore``] This release adds support for multiple features including: VPC
Encryption Control for the status of traffic flow; S2S VPN BGP Logging; TGW Flexible Costs; IPAM
allocation of static IPs from IPAM pools to CF Anycast IP lists used on CloudFront distribution;
and EBS Volume Integration with Recycle Bin
* api-change:``ecs``: [``botocore``] Launching Amazon ECS Express Mode - a new feature that enables
developers to quickly launch highly available, scalable containerized applications with a single
command.
* api-change:``elbv2``: [``botocore``] This release adds the target optimizer feature in ALB,
enabling strict concurrency enforcement on targets.
* api-change:``emr``: [``botocore``] Add support for configuring S3 destination for step logs on a
per-step basis.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``glue``: [``botocore``] Added FunctionType parameter to Glue GetuserDefinedFunctions.
* api-change:``imagebuilder``: [``botocore``] EC2 Image Builder now enables the distribution of
existing AMIs, retry distribution, and define distribution workflows. It also supports automatic
versioning for recipes and components, allowing automatic version increments and dynamic
referencing in pipelines.
* api-change:``kinesis``: [``botocore``] Kinesis Data Streams now supports up to 50 Enhance Fan-out
consumers for On-demand Advantage Streams. On-demand Standard and Provisioned streams will continue
with the existing limit of 20 consumers for Enhanced Fan-out.
* api-change:``lakeformation``: [``botocore``] Added ServiceIntegrations as a request parameter for
CreateLakeFormationIdentityCenterConfigurationRequest and
UpdateLakeFormationIdentityCenterConfigurationRequest and response parameter for
DescribeLakeFormationIdentityCenterConfigurationResponse
* api-change:``license-manager``: [``botocore``] Added cross-account resource aggregation via
license asset groups and expiry tracking for Self-Managed Licenses. Extended Org-Wide View to
Self-Managed Licenses, added reporting for license asset groups, and removed Athena/Glue
dependencies for cross-account resource discovery in commercial regions.
* api-change:``networkmanager``: [``botocore``] This release adds support for Cloud WAN Routing
Policy providing customers sophisticated routing controls to better manage their global networks
* api-change:``organizations``: [``botocore``] Added new APIs for Billing Transfer, new policy type
INSPECTOR_POLICY, and allow an account to transfer between organizations
* api-change:``quicksight``: [``botocore``] Introducing comprehensive theme styling controls. New
features include border customization (radius, width, color), flexible padding controls, background
styling for cards and sheets, centralized typography management, and visual-level override support
across layouts.
* api-change:``rbin``: [``botocore``] Add support for EBS volume in Recycle Bin
* api-change:``rds``: [``botocore``] Add support for VPC Encryption Controls.
* api-change:``redshift-data``: [``botocore``] Increasing the length limit of Statement Name from
500 to 2048.
* api-change:``s3``: [``botocore``] Enable / Disable ABAC on a general purpose bucket.
* api-change:``sagemaker``: [``botocore``] Added training plan support for inference endpoints.
Added HyperPod task governance with accelerator partition-based quota allocation. Added
BatchRebootClusterNodes and BatchReplaceClusterNodes APIs. Updated ListClusterNodes to include
privateDnsHostName.
* api-change:``securityhub``: [``botocore``] Release Findings and Resources Trends APIs-
GetFindingsTrendsV2 and GetResourcesTrendsV2. This supports time-series aggregated counts with
composite filtering for 1-year of historical data analysis of Findings and Resources.
- from version 1.41.0
* api-change:``apigateway``: [``botocore``] API Gateway now supports response streaming and new
security policies for REST APIs and custom domain names.
* api-change:``apigatewayv2``: [``botocore``] Support for API Gateway portals and portal products.
* api-change:``backup``: [``botocore``] Amazon GuardDuty Malware Protection now supports AWS
Backup, extending malware detection capabilities to EC2, EBS, and S3 backups.
* api-change:``bcm-pricing-calculator``: [``botocore``] Add GroupSharingPreference,
CostCategoryGroupSharingPreferenceArn, and CostCategoryGroupSharingPreferenceEffectiveDate to Bill
Estimate. Add GroupSharingPreference and CostCategoryGroupSharingPreferenceArn to Bill Scenario.
* api-change:``bedrock-runtime``: [``botocore``] This release includes support for Search Results.
* api-change:``billing``: [``botocore``] Added name filtering support to ListBillingViews API
through the new names parameter to efficiently filter billing views by name.
* api-change:``billingconductor``: [``botocore``] This release adds support for Billing Transfers,
enabling management of billing transfers with billing groups on AWS Billing Conductor.
* api-change:``ce``: [``botocore``] Add support for COST_CATEGORY, TAG, and LINKED_ACCOUNT AWS
managed cost anomaly detection monitors
* api-change:``cloudtrail``: [``botocore``] AWS CloudTrail now supports Insights for data events,
expanding beyond management events to automatically detect unusual activity on data plane
operations.
* api-change:``connectcampaignsv2``: [``botocore``] This release added support for ring timer
configuration for campaign calls.
* api-change:``cost-optimization-hub``: [``botocore``] Release ListEfficiencyMetrics API
* api-change:``datazone``: [``botocore``] Amazon DataZone now supports business metadata (readme
and metadata forms) at the individual attribute (column) level, a new rule type for glossary terms,
and the ability to update the owner of the root domain unit.
* api-change:``dynamodb``: [``botocore``] Extended Global Secondary Index (GSI) composite keys to
support up to 8 attributes.
* api-change:``ec2``: [``botocore``] This launch adds support for two new features: Regional NAT
Gateway and IPAM Policies. IPAM policies offers customers central control for public IPv4
assignments across AWS services. Regional NAT is a single NAT Gateway that automatically expands
across AZs in a VPC to maintain high availability.
* api-change:``ecr``: [``botocore``] Add support for ECR archival storage class and Inspector org
policy for scanning
* api-change:``ecs``: [``botocore``] Added support for Amazon ECS Managed Instances infrastructure
optimization configuration.
* api-change:``emr``: [``botocore``] Add CloudWatch Logs integration for Spark driver, executor and
step logs
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``fsx``: [``botocore``] Adding File Server Resource Manager configuration to FSx
Windows
* api-change:``guardduty``: [``botocore``] Add support for scanning and viewing scan results for
backup resource types
* api-change:``health``: [``botocore``] Adds actionability and personas properties to Health events
exposed through DescribeEvents, DescribeEventsForOrganization, DescribeEventDetails, and
DescribeEventTypes APIs. Adds filtering by actionabilities and personas in EventFilter,
OrganizationEventFilter, EventTypeFilter.
* api-change:``iam``: [``botocore``] Added the EnableOutboundWebIdentityFederation,
DisableOutboundWebIdentityFederation and GetOutboundWebIdentityFederationInfo APIs for the IAM
outbound federation feature.
* api-change:``inspector2``: [``botocore``] This release introduces BLOCKED_BY_ORGANIZATION_POLICY
error code and IMAGE_ARCHIVED scanStatusReason. BLOCKED_BY_ORGANIZATION_POLICY error code is
returned when an operation is blocked by an AWS Organizations policy. IMAGE_ARCHIVED
scanStatusReason is returned when an Image is archived in ECR.
* api-change:``invoicing``: [``botocore``] Add support for adding Billing transfers in Invoice
configuration
* api-change:``lambda``: [``botocore``] Added support for creating and invoking Tenant Isolated
functions in AWS Lambda APIs.
* api-change:``logs``: [``botocore``] Adding support for ocsf version 1.5, add optional parameter
MappingVersion
* api-change:``mediaconnect``: [``botocore``] This release adds support for global routing in AWS
Elemental MediaConnect. You can now use router inputs and router outputs to manage global video and
audio routing workflows both within the AWS-Cloud and over the public internet.
* api-change:``medialive``: [``botocore``] MediaLive is adding support for MediaConnect Router by
supporting a new input type called MEDIACONNECT_ROUTER. This new input type will provide seamless
encrypted transport between MediaConnect Router and your MediaLive channel.
* api-change:``network-firewall``: [``botocore``] Partner Managed Rulegroup feature support
* api-change:``networkflowmonitor``: [``botocore``] Added new enum value (AWS::EKS::Cluster) for
type field under MonitorLocalResource
* api-change:``partnercentral-channel``: [``botocore``] Initial GA launch of Partner Central Channel
* api-change:``route53``: [``botocore``] Add dual-stack endpoint support for Route53
* api-change:``rum``: [``botocore``] CloudWatch RUM now supports mobile application monitoring for
Android and iOS platforms
* api-change:``s3``: [``botocore``] Adds support for blocking SSE-C writes to general purpose
buckets.
* api-change:``sagemaker``: [``botocore``] Added support for enhanced metrics for SageMaker AI
Endpoints. This features provides Utilization Metrics at instance and container granularity and
also provides easy configuration of metric publish frequency from 10 sec -> 5 mins
* api-change:``secretsmanager``: [``botocore``] Adds support to create, update, retrieve, rotate,
and delete managed external secrets.
* api-change:``signin``: [``botocore``] AWS Sign-In manages authentication for AWS services. This
service provides secure authentication flows for accessing AWS resources from the console and
developer tools. This release adds the CreateOAuth2Token API, which can be used to fetch OAuth2
access tokens and refresh tokens from Sign-In.
* api-change:``stepfunctions``: [``botocore``] Adds support to TestState for mocked results and
exceptions, along with additional inspection data.
* api-change:``sts``: [``botocore``] IAM now supports outbound identity federation via the STS
GetWebIdentityToken API, enabling AWS workloads to securely authenticate with external services
using short-lived JSON Web Tokens.
* feature:credentials: [``botocore``] Adds support for the login credential provider, allowing
users to use AWS Management Console credentials for authentication.
- from version 1.40.76
* api-change:``autoscaling``: [``botocore``] This release adds the new LaunchInstances API, which
can launch instances synchronously in an AutoScaling group. The API also returns instances info and
launch error back immediately.
* api-change:``backup``: [``botocore``] AWS Backup now supports a low-cost warm storage tier for
Amazon S3 backup data.
* api-change:``bedrock-runtime``: [``botocore``] Amazon Bedrock Runtime Service Tier Support Launch
* api-change:``cloudformation``: [``botocore``] New CloudFormation DescribeEvents API with
operation ID tracking and failure filtering capabilities to quickly identify root causes of
deployment failures. Also, a DeploymentMode parameter for the CreateChangeSet API that enables
creation of drift-aware change sets for safe drift management.
* api-change:``connect``: [``botocore``] This release added support for ring timer configuration
for campaign calls.
* api-change:``ec2``: [``botocore``] AWS Site-to-Site VPN now supports VPN Concentrator, a new
feature that enables customers to connect multiple low-bandwidth sites connections through a single
attachment, simplifying multi-site connectivity for distributed enterprises.
* api-change:``iam``: [``botocore``] Added the AssociateDelegationRequest, GetDelegationRequest,
AcceptDelegationRequest, RejectDelegatonRequest, ListDelegationRequests, UpdateDelegationRequest,
SendDelegationToken and GetHumanReadableSummary APIs for the IAM temporary delegation feature.
* api-change:``kafka``: [``botocore``] Amazon MSK adds three new APIs, ListTopics, DescribeTopic,
and DescribeTopicPartitions for viewing Kafka topics in your MSK clusters.
* api-change:``logs``: [``botocore``] CloudWatch Logs updates: Added capability to setup a
recurring schedule for log insights queries. Logs introduced Scheduled Queries (managed through
Create/Update/Get/Delete/List/History Scheduled Query APIs). For more information, see CloudWatch
Logs API documentation.
* api-change:``resourcegroupstaggingapi``: [``botocore``] Add support for new ListRequiredTags API
used to retrieve the required tags specified in a customer's effective tag policy.
* api-change:``storagegateway``: [``botocore``] Adds support for European Sovereign Cloud ARNs in
Storage Gateway API parameters.
* api-change:``wafv2``: [``botocore``] AssociateWebACL, UpdateWebACL and PutLoggingConfiguration
will now throw WAFFeatureNotIncludedInPricingPlanException when the request contains a feature that
is not included in the CloudFront pricing plan of the WebACL.
- from version 1.40.75
* api-change:``appstream``: [``botocore``] Adding support for additional instances and extended
storage
* api-change:``backup``: [``botocore``] AWS Backup now supports specifying a logically air-gapped
backup vault as a primary backup target in backup plans and on-demand backup jobs.
* api-change:``bedrock``: [``botocore``] Automated Reasoning checks in Amazon Bedrock Guardrails
now automatically generate Q&A tests for new Automated Reasoning policies. The
GetAutomatedReasoningPolicyBuildWorkflowResultAssets API adds GENERATED_TEST_CASES asset type,
allowing customers to retrieve tests generated by the build workflow.
* api-change:``devicefarm``: [``botocore``] This release adds support for interacting with devices
during a remote access session using the remoteDriverEndpoint interface
* api-change:``dms``: [``botocore``] This release introduces the SAP ASE(Sybase) Data Provider for
AWS Data Migration Service (DMS). In addition, DMS Schema Conversion now supports this provider,
enabling customers to migrate SAP ASE(Sybase) databases to Amazon RDS for PostgreSQL or Aurora
PostgreSQL seamlessly.
* api-change:``ec2``: [``botocore``] This release introduces new APIs: DescribeInstanceSqlHaStates,
DescribeInstanceSqlHaHistoryStates, EnableInstanceSqlHaStandbyDetections and
DisableInstanceSqlHaStandbyDetections on Amazon EC2, allowing customers to enroll and monitor SQL
Server licensing fee savings for their SQL HA EC2 instances.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``glue``: [``botocore``] Amazon Glue Releasing 2 the new API
ListIntegrationResourceProperties and DeleteIntegrationResourceProperty along with minor
improvement on existing API(s).
* api-change:``guardduty``: [``botocore``] Add S3 On-Demand Object Scanning
* api-change:``lexv2-models``: [``botocore``] Adds support for LLM as Primary, allowing usage of
LLMs as the default NLU system.
* api-change:``medialive``: [``botocore``] Adds configurations for spatial/temporal adaptive
quantization in AV1 codec, and conversion to HLG output color space in H265 codec.
* api-change:``mediapackagev2``: [``botocore``] Add support for SCTE messages in Segment file output
* api-change:``mwaa-serverless``: [``botocore``] Amazon MWAA now offers serverless deployment,
eliminating operational overhead while optimizing costs. The service supports YAML and Python-based
workflows, with 80+ AWS Operators. It provides isolated execution, IAM permissions, and automatic
scaling with pay-per-use pricing.
* api-change:``opensearch``: [``botocore``] This release adds index operation APIs to support
Automatic Semantic Enrichment feature
* api-change:``pcs``: [``botocore``] Added support for the managed Slurm REST API endpoint
* api-change:``route53resolver``: [``botocore``] Adding DICTIONARY_DGA to dns-threat-protection as
a new enum type. Customers can now set rules for dictionary dga protection
- from version 1.40.74
* api-change:``datazone``: [``botocore``] Adds support for granting read and write access to Amazon
S3 general purpose buckets using CreateSubscriptionRequest and AcceptSubscriptionRequest APIs. Also
adds search filters for SSOUser and SSOGroup to ListSubscriptions APIs and deprecates "sortBy"
parameter for ListSubscriptions APIs.
* api-change:``ec2``: [``botocore``] This release adds AvailabilityZoneId support for
CreateInstanceConnectEndpoint, DescribeInstanceConnectEndpoints, and DeleteInstanceConnectEndpoint
APIs.
* api-change:``imagebuilder``: [``botocore``] EC2 Image Builder now supports invoking Lambda
functions and executing Step Functions state machine through image workflows.
* api-change:``medialive``: [``botocore``] Removed all the value constraint (min/max) for the shape
definitions (e.g. integerMin0Max3600) on the C2j models to get rid of the need to request an
exemption from the SDK team whenever a shape definition (e.g. integerMin0Max3600) is changed.
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.28.4
- from version 1.40.73
* api-change:``cloudformation``: [``botocore``] CloudFormation now supports GetHookResult API with
annotations to retrieve structured compliance check results and remediation guidance for each
evaluated resource, replacing the previous single-message limitation with detailed validation
outcomes.
* api-change:``controlcatalog``: [``botocore``] Added support for related control mappings with new
RELATED_CONTROL mapping type in ListControlMappings API.
* api-change:``ec2``: [``botocore``] Added support for new accelerator types ("media") and
accelerator names ("L4", "L40s", "GAUDI_HL_205", "INFERENTIA2", "TRAINIUM", "TRAINIUM2", "U30") in
Attributes Based Instance Type Selection for launched instance types.
* api-change:``ecr``: [``botocore``] Add Amazon ECR FIPS PrivateLink endpoint support
* api-change:``elbv2``: [``botocore``] QUIC and TCP_QUIC protocol support for Network Load Balancer
(NLB). This capability enables customers to forward QUIC traffic to their targets with ultra-low
latency while maintaining session stickiness using QUIC Connection IDs.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``iotwireless``: [``botocore``] Integration of Device Location with Amazon Sidewalk
network for Amazon Sidewalk enabled devices
* api-change:``mediaconvert``: [``botocore``] Lowers minimum duration for black video generator.
Adds support for embedding and signing C2PA content credentials in DASH and CMAF HLS outputs.
* api-change:``rds``: [``botocore``] Updated endpoint and service metadata
* api-change:``sagemaker``: [``botocore``] Added support for minor version upgrades and AWS
Identity Center integration for SageMaker Hadron Partner Apps, enabling automated version
management and IdC group-based access control.
* api-change:``workspaces-web``: [``botocore``] Support for managing web content filtering for
defining, tracking and regulating type of content accessed with WorkSpaces Secure Browser as part
of browser settings.
- from version 1.40.72
* api-change:``amp``: [``botocore``] Add VPC source configuration support enabling Amazon Managed
Service for Prometheus Collector to collect metrics from MSK clusters.
* api-change:``connect``: [``botocore``] Updated Authentication Profile APIs to add support for
automatic logout on user inactivity
* api-change:``dms``: [``botocore``] Added support of SQL statements creation, metadata model
discovery and selection rules transformation.
* api-change:``ec2``: [``botocore``] Adds complete AMI ancestry tracing from immediate parent
through each preceding generation back to the root AMI
* api-change:``elbv2``: [``botocore``] This release expands ALB Authentication to support JWT
verification and adds support for a new JWT validation action in listener rule.
* api-change:``redshift``: [``botocore``] Added GetIdentityCenterAuthToken API to retrieve
encrypted authentication tokens for Identity Center integrated applications. This API enables
programmatic access to secure Identity Center tokens with proper error handling and parameter
validation across supported SDK languages.
* api-change:``s3tables``: [``botocore``] Adds support for request metrics metrics APIs for S3
Tables
* api-change:``sagemaker``: [``botocore``] Add support for trn2.3xlarge instance type for SageMaker
Hyperpod
- from version 1.40.71
* api-change:``batch``: [``botocore``] Documentation-only update: update API and doc descriptions
per EKS ImageType default value switch from AL2 to AL2023.
* api-change:``bedrock-data-automation``: [``botocore``] Added support for Language Expansion
feature for BDA Audio modality.
* api-change:``ec2``: [``botocore``] AWS Site-to-Site VPN now supports VPN connections with up to 5
Gbps bandwidth per tunnel, a 4x improvement from existing limit of 1.25 Gbps.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``medical-imaging``: [``botocore``] Added new fields in existing APIs.
* api-change:``rtbfabric``: [``botocore``] Added LogSettings and LinkAttribute fields to external
links
* api-change:``security-ir``: [``botocore``] Added support for configuring communication
preferences as well as clearly displaying case comment author identities.
- from version 1.40.70
* api-change:``acm-pca``: [``botocore``] Private Certificate Authority service now supports ML-DSA
key algorithms.
* api-change:``appstream``: [``botocore``] AWS Appstream support for IPv6
* api-change:``backup``: [``botocore``] AWS Backup supports backups of Amazon EKS clusters,
including Kubernetes cluster state and persistent storage attached to the EKS cluster via a
persistent volume claim (EBS volumes, EFS file systems, and S3 buckets).
* api-change:``braket``: [``botocore``] Adds ExperimentalCapabilities field to CreateQuantumTask
request and GetQuantumTask response objects. Enables use of experimental software capabilities when
creating quantum tasks.
* api-change:``datazone``: [``botocore``] Remove trackingServerName from DataZone Connection
MLflowProperties
* api-change:``dsql``: [``botocore``] Cluster endpoint added to CreateCluster and GetCluster API
responses
* api-change:``ec2``: [``botocore``] Amazon EC2 Fleet customers can now filter instance types based
on encryption-in-transit support using Attribute-Based Instance Type Selection (ABIS), eliminating
the manual effort of identifying and selecting compatible instance types for security-sensitive
workloads.
* api-change:``guardduty``: [``botocore``] Include tags filed in CreatePublishingDestinationRequest
and DescribePublishingDestinationResponse.
* api-change:``iam``: [``botocore``] Added CreateDelegationRequest API, which is not available for
general use at this time.
* api-change:``invoicing``: [``botocore``] Added new invoicing get-invoice-pdf API Operation
* api-change:``kafka``: [``botocore``] Amazon MSK now supports intelligent rebalancing for MSK
Express brokers.
* api-change:``sts``: [``botocore``] Added GetDelegatedAccessToken API, which is not available for
general use at this time.
* api-change:``verifiedpermissions``: [``botocore``] Amazon Verified Permissions / Features : Adds
support for entity Cedar tags.
* api-change:``wafv2``: [``botocore``] AWS WAF now supports CLOUDWATCH_TELEMETRY_RULE_MANAGED as a
LogScope option, enabling automated logging configuration through Amazon CloudWatch Logs for
telemetry data collection and analysis.
- from version 1.40.69
* api-change:``controltower``: [``botocore``] Added Parent Identifier support to
ListEnabledControls and GetEnabledControl API. Implemented RemediationType support for Landing Zone
operations: CreateLandingZone, UpdateLandingZone and GetLandingZone APIs
* api-change:``ec2``: [``botocore``] Adds PrivateDnsPreference and PrivateDnsSpecifiedDomains to
control private DNS resolution for resource and service network VPC endpoints and
IpamScopeExternalAuthorityConfiguration to integrate Amazon VPC IPAM with a third-party IPAM service
* api-change:``kms``: [``botocore``] Added support for new ECC_NIST_EDWARDS25519 AWS KMS key spec
* api-change:``opensearch``: [``botocore``] This release introduces the Default Application
feature, allowing users to set, change, or unset a preferred OpenSearch UI application on a
per-region basis for a streamlined and consistent user experience.
* api-change:``vpc-lattice``: [``botocore``] Amazon VPC Lattice now supports custom domain name for
resource configurations
- from version 1.40.68
* api-change:``accessanalyzer``: [``botocore``] New field totalActiveErrors added to
getFindingsStatistics response.
* api-change:``backup``: [``botocore``] AWS Backup now supports customer-managed keys (CMK) for
logically air-gapped vaults, enabling customers to maintain full control over their encryption key
lifecycle. This feature helps organizations meet specific internal governance requirements or
external regulatory compliance standards.
* api-change:``connect``: [``botocore``] Added support for Conditional Questions in Evaluation
Forms. Introduced Auto Evaluation capability for Evaluation Forms and Contact Evaluations. Added
new API operations: SearchEvaluationForms and SearchContactEvaluations.
* api-change:``ec2``: [``botocore``] Add Amazon EC2 R8a instance types
* api-change:``gamelift``: [``botocore``] Amazon GameLift Servers now supports game builds that use
the Windows 2022 operating system.
* api-change:``identitystore``: [``botocore``] IdentityStore API: added new KMSExceptionReason
fields to the Exception object; added multiple new fields to the User APIs - UserStatus, Birthdate,
Website and Photos; added multiple new metadata fields for User, Groups and Membership APIs -
CreatedAt, CreatedBy, UpdatedAt and UpdatedBy.
* api-change:``quicksight``: [``botocore``] Support for New Data Prep Experience
* api-change:``s3tables``: [``botocore``] Adds support for tagging APIs for S3 Tables
* api-change:``s3vectors``: [``botocore``] Amazon S3 Vectors provides cost-effective, elastic, and
durable vector storage for queries based on semantic meaning and similarity.
* api-change:``sagemaker``: [``botocore``] Added NodeProvisioningMode parameter to UpdateCluster
API to determine how instance provisioning is handled during cluster operations; in Continuous
mode. Added VpcId field in UpdateDomain request for SageMaker Unified Studio domains with no VPC to
add a customer VPC.
* api-change:``ssm``: [``botocore``] Provides NoLongerSupportedException error message
- from version 1.40.67
* api-change:``cloudfront``: [``botocore``] This release adds new and updated API operations. You
can now use the IpAddressType field to specify either ipv4 or dualstack for your Anycast static IP
list. You can also enable cross-account resource sharing to share your VPC origins with other AWS
accounts
* api-change:``datazone``: [``botocore``] Added support for Project Resource Tags
* api-change:``ec2``: [``botocore``] This release adds AvailabilityZoneId support for
DescribeFastSnapshotRestores, DisableFastSnapshotRestores, and EnableFastSnapshotRestores APIs.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``fsx``: [``botocore``] Amazon FSx now enables secure management of Active Directory
credentials through AWS Secrets Manager integration. Customers can use Secret ARNs instead of
direct credentials when joining resources to Active Directory domains.
* api-change:``groundstation``: [``botocore``] Introduce CreateDataflowEndpointGroupV2 action
* api-change:``s3``: [``botocore``] Launch IPv6 dual-stack support for S3 Express
* api-change:``sagemaker``: [``botocore``] Add new fields in SageMaker Hyperpod DescribeCluster API
response: TargetStateCount, SoftwareUpdateStatus and ActiveSoftwareDeploymentConfig to provide AMI
update progress visibility .
- from version 1.40.66
* api-change:``pinpoint-sms-voice-v2``: [``botocore``] This release adds support for the
CarrierLookup API, which returns information about a destination phone number including if the
number is valid, the carrier, and more.
- from version 1.40.65
* api-change:``bedrock-agentcore-control``: [``botocore``] Adds support for direct code deploy with
CreateAgentRuntime and UpdateAgentRuntime
* api-change:``budgets``: [``botocore``] Fix the AWS Budgets endpoint for the aws-eusc partition.
* api-change:``ec2``: [``botocore``] Add Amazon EC2 trn2.3xlarge instance type.
* api-change:``ecs``: [``botocore``] Documentation-only update for LINEAR and CANARY deployment
strategies.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``kinesis``: [``botocore``] Adds support for MinimumThroughputBillingCommitment with
new UpdateAccountSettings API. Adds support to configure warm throughput for on-demand streams in
new UpdateStreamWarmThroughput API and existing CreateStream API and UpdateStreamMode API.
- from version 1.40.64
* api-change:``connectcases``: [``botocore``] Added two new case rule types: Parent Child Field
Options (restricts child field options based on parent field value) and Hidden (controls child
field visibility based on parent field value). Both enable dynamic field behavior within templates.
* api-change:``ec2``: [``botocore``] Amazon VPC IP Address Manager (IPAM) now supports automated
prefix list management, allowing you to create rules that automatically populate customer-managed
prefix lists with CIDRs from your IPAM pools or AWS resources based on tags, Regions, or other
criteria.
* api-change:``emr``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``fms``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``fsx``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``health``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesis``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lambda``: [``botocore``] Add Python3.14 (python3.14) and Java 25 (java25) support to
AWS Lambda
* api-change:``logs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``marketplace-catalog``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mediaconvert``: [``botocore``] Adds SlowPalPitchCorrection to audio pitch correction
settings. Enables opacity for VideoOverlays. Adds REMUX_ALL option to enable multi-rendition
passthrough to VideoSelector for allow listed accounts.
* api-change:``omics``: [``botocore``] Added WDL_LENIENT engine type that enables implicit
typecasting of variable values to its compatible declared types
* api-change:``payment-cryptography``: [``botocore``] Allow additional characters in the
CertificateSubject for GetCertificateSigningRequest API.
* api-change:``redshift``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``resourcegroupstaggingapi``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sagemaker``: [``botocore``] Allow update of platform identifier via
UpdateNotebookInstance operation.
* api-change:``savingsplans``: [``botocore``] Add dual-stack endpoint support for Savings Plans
* api-change:``snowball``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ssm-quicksetup``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``textract``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``waf``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.63
* api-change:``amp``: [``botocore``] Add Anomaly Detection APIs for Amazon Managed Prometheus
* api-change:``apigateway``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``appconfig``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``appflow``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``applicationcostprofiler``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``appmesh``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``appsync``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``artifact``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``auditmanager``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-agent``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-agentcore-control``: [``botocore``] Web-Bot-Auth support for AgentCore
Browser tool to help reduce captcha challenges.
* api-change:``chime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cleanrooms``: [``botocore``] Added support for advanced Spark configurations to
optimize SQL performance
* api-change:``cloudcontrol``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``clouddirectory``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudsearch``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudwatch``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codecatalyst``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codecommit``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codedeploy``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cognito-sync``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``compute-optimizer``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``connectcases``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``deadline``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``devops-guru``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``docdb``: [``botocore``] Adding FailoverState and TagList to GlobalCluster and
SynchronizationStatus to GlobalClusterMember.
* api-change:``ecs``: [``botocore``] Amazon ECS Service Connect now supports Envoy access logs,
providing deeper observability into request-level traffic patterns and service interactions.
* api-change:``eks-auth``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``elasticache``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``emr-serverless``: [``botocore``] This release adds the capability to enable User
Background Sessions for customers running Trusted Identity Propagation enabled Interactive Sessions
on EMR Serverless Applications.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``firehose``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``frauddetector``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``geo-places``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``glue``: [``botocore``] This release adds the capability to enable User Background
Sessions for customers running Trusted Identity Propagation enabled Interactive Sessions on AWS
Glue.
* api-change:``greengrassv2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotevents-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iot-managed-integrations``: [``botocore``] Add a new GetManagedThingCertificate API
to expose Iot ManagedIntegrations (MI) device certificate, and add "-" support for name,
properties, actions and events in the CapabilityReportCapability object.
* api-change:``keyspacesstreams``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kms``: [``botocore``] Add cross account VPC endpoint service connectivity support to
CustomKeyStore.
* api-change:``license-manager-linux-subscriptions``: [``botocore``] Update endpoint ruleset
parameters casing
* api-change:``marketplace-reporting``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``neptune``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: [``botocore``] RTB Fabric documentation update.
* api-change:``s3outposts``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sagemaker-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``schemas``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``serverlessrepo``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``servicecatalog``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sso``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sts``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.62
* api-change:``bedrock-runtime``: [``botocore``] Add support for system tool and web citation
response.
- from version 1.40.61
* api-change:``apigatewayv2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``application-signals``: [``botocore``] Added support for CloudWatch Synthetics Canary
resources in ListAuditFindings API. This enhancement allows customers to retrieve audit findings
specifically for CloudWatch Synthetics canaries and enables service-canary correlation analysis.
* api-change:``backupsearch``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bcm-pricing-calculator``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-agent-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cleanroomsml``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:clients: [``botocore``] The following clients have been removed per deprecation of the
services - qldb, qldb-session, robomaker, lookoutmetrics, lookoutvision, iotfleethub, apptest
* api-change:``cloud9``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudsearchdomain``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codeconnections``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codeguru-security``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``detective``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ec2``: [``botocore``] This released the DescribeCapacityReservationTopology API.
* api-change:``ecs``: [``botocore``] Amazon ECS supports native linear and canary service
deployments, allowing you to shift traffic in increments for more control.
* api-change:``efs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``elastictranscoder``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``emr-containers``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``gameliftstreams``: [``botocore``] Add stream group expiration date and expired status
* api-change:``glacier``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``groundstation``: [``botocore``] Enable use of AzEl ephemerides
* api-change:``inspector-scan``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kafkaconnect``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kendra``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesisvideo``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lambda``: [``botocore``] Added SerializedRequestEntityTooLargeException to Lambda
Invoke API
* api-change:``marketplace-deployment``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mediapackage-vod``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``migrationhuborchestrator``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``notifications``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``opensearch``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``organizations``: [``botocore``] Added Account State field to the
ListDelegatedAdministrators API response.
* api-change:``partnercentral-selling``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pipes``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ram``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``resource-groups``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``s3``: [``botocore``] Amazon Simple Storage Service / Features: Add conditional
writes in CopyObject on destination key to prevent unintended object modifications.
* api-change:``s3control``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker now supports deleting training and
processing jobs in a terminal status.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``security-ir``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``servicecatalog-appregistry``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``sqs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``support-app``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``taxsettings``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``trustedadvisor``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workspaces``: [``botocore``] Added IPv6 address support for WorkSpaces using
Dual-Stack subnets
* api-change:``workspaces-instances``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``xray``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.60
* api-change:``accessanalyzer``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``aiops``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``athena``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``backup-gateway``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-data-automation``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``braket``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ce``: [``botocore``] Updated endpoint for eusc-de-east-1 region.
* api-change:``chime-sdk-identity``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``chime-sdk-media-pipelines``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codeartifact``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codeguruprofiler``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cognito-idp``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``comprehend``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``connectcampaigns``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``controltower``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cost-optimization-hub``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dax``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``elasticbeanstalk``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``entityresolution``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``forecast``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``greengrass``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iam``: [``botocore``] Fixed missing SummaryMap keys in GetAccountSummary response
that were being filtered out during deserialization in AWS Java SDK v2
* api-change:``invoicing``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesis``: [``botocore``] Adds support for record sizes up to 10MiB and introduces
new UpdateMaxRecordSize API to modify stream record size limits. Adds record size parameters to
existing CreateStream and DescribeStreamSummary APIs for request and response payloads respectively.
* api-change:``launch-wizard``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lex-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``managedblockchain``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mturk``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``neptune-graph``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``outposts``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pinpoint``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rbin``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rds-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``redshift-serverless``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rekognition``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``repostspace``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``route53profiles``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``route53resolver``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``s3vectors``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``scheduler``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``secretsmanager``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ses``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``shield``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``simspaceweaver``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``socialmessaging``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ssm-sap``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sso-admin``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``stepfunctions``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``waf-regional``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workmailmessageflow``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.59
* api-change:``acm``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``amplifyuibuilder``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``application-signals``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``billing``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``budgets``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``chime-sdk-messaging``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudtrail``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codepipeline``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``datapipeline``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``datazone``: [``botocore``] This release adds support for MLflow connections Creation
in DataZone
* api-change:``docdb``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dynamodbstreams``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``eks``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``elb``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``evs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``fis``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``gameliftstreams``: [``botocore``] Add status reasons for TERMINATED stream sessions
* api-change:``geo-maps``: [``botocore``] Added support for optional AdditionalFeatures parameter
in the V2 GetTile API.
* api-change:``inspector``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iot-managed-integrations``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotwireless``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesisanalytics``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesis-video-signaling``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``location``: [``botocore``] Added support for mobile app restrictions in Amazon
Location API keys.
* api-change:``lookoutvision``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mediapackage``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mediastore``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mediastore-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``migrationhubstrategy``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mq``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``panorama``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``payment-cryptography``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``payment-cryptography-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pca-connector-ad``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``qbusiness``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``robomaker``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``route53domains``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: [``botocore``] Add support for custom rate limits.
* api-change:``s3tables``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sagemaker``: [``botocore``] Added inference components model data caching feature
* api-change:``sagemaker-metrics``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``securityhub``: [``botocore``] Release 3 layer filter support in GetFindingsV2,
GetFindingStatisticsV2, GetResourcesV2,GetResourcesStatisticsV2, AutomationRule V2 APIs. Update
filter casing in GetResourcesV2, GetResourcesStatisticsV2 APIs. Add new filters in GetFindingsV2,
GetFindingStatisticsV2, AutomationRule V2 APIs.
* api-change:``servicediscovery``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``snow-device-management``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sso-oidc``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``supplychain``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``translate``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``verifiedpermissions``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``vpc-lattice``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``wisdom``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workspaces-thin-client``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.58
* api-change:``account``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``application-autoscaling``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-agentcore``: [``botocore``] Fixing the service documentation name
* api-change:``bedrock-agentcore-control``: [``botocore``] Fixing the service documentation name
* api-change:``chime-sdk-voice``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudtrail-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codebuild``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codestar-connections``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``config``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``connect-contact-lens``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cur``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``discovery``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dms``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``docdb-elastic``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``drs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dsql``: [``botocore``] Add support for resource-based policies for Aurora DSQL
clusters. This will enable you to implement Block Public Access (BPA) which will help restrict
access to your Aurora DSQL public or VPC endpoints.
* api-change:``ebs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ecr``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ecr-public``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``healthlake``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``internetmonitor``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotevents``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iot-jobs-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesis-video-archived-media``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``kinesis-video-webrtc-storage``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``lambda``: [``botocore``] Add NodeJs 24 (nodejs24.x) support to AWS Lambda.
* api-change:``macie2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``managedblockchain-query``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``marketplacecommerceanalytics``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``mediatailor``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mgh``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mgn``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mpa``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``neptunedata``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``networkmonitor``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``odb``: [``botocore``] Doc-only update that removes duplicate values from
descriptions of ODB peering APIs.
* api-change:``omics``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``opensearchserverless``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pca-connector-scep``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``personalize-events``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pinpoint-email``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``resiliencehub``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rum``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sagemaker``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sagemaker-edge``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``savingsplans``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``securitylake``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sesv2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``storagegateway``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``synthetics``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.57
* api-change:``appfabric``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``autoscaling``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``b2bi``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bcm-dashboards``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ce``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``chatbot``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudformation``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudhsm``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudhsmv2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codeguru-reviewer``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cognito-identity``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``comprehendmedical``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``connect``: [``botocore``] This release added support for email address alias
configuration and outbound campaign preview mode.
* api-change:``connectcampaignsv2``: [``botocore``] Updated Amazon Connect Outbound Campaigns V2
SDK to support Preview Outbound Mode
* api-change:``connectparticipant``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``devicefarm``: [``botocore``] This release adds support for optionally including an
app as part of a CreateRemoteAccessSession request
* api-change:``directconnect``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ds-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ec2``: [``botocore``] This release adds AvailabilityZoneId support for
CreateNetworkInterface and DescribeNetworkInterfaces APIs.
* api-change:``ec2-instance-connect``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``forecastquery``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iam``: [``botocore``] Updated OIDC and SAML apis to reject multiple simultaneous
requests to change a unique object.
* api-change:``inspector2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iot``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotanalytics``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotfleetwise``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotsecuretunneling``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotsitewise``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ivschat``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesisanalyticsv2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lexv2-models``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mailmanager``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``marketplace-agreement``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``medialive``: [``botocore``] Add 3 API operations for fetching alerts: ListAlerts
(Channels), ListClusterAlerts (MediaLive Anywhere), and ListMultiplexAlerts
* api-change:``mwaa``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``notificationscontacts``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``oam``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pcs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pinpoint-sms-voice-v2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``redshift-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the ISOB West Region for
private DNS for Amazon VPCs and cloudwatch healthchecks.
* api-change:``route53-recovery-cluster``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: [``botocore``] Update for general availability of AWS RTB Fabric
service.
* api-change:``sagemaker-a2i-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``sns``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ssm-incidents``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workdocs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workmail``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workspaces``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.56
* api-change:``dynamodb``: [``botocore``] Add AccountID based endpoint metric to endpoint rules.
* api-change:``emr``: [``botocore``] Added RECONFIGURING to the InstanceFleetState convenience enum.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``mediaconvert``: [``botocore``] This release adds the ability to set resolution for
the black video generator and also adds the StartJobsQuery and GetJobsQueryResults APIs which allow
asynchronous search of job history using new filters.
* api-change:``meteringmarketplace``: [``botocore``] Added ClientToken parameter to MeterUsage API
for specifying idempotent requests.
- from version 1.40.55
* api-change:``amp``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``amplifybackend``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``appconfigdata``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``appintegrations``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``application-insights``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``arc-zonal-shift``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bcm-recommended-actions``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bedrock-data-automation-runtime``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``chime-sdk-meetings``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudfront``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``cloudfront-keyvaluestore``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``codestar-notifications``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``controlcatalog``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``datasync``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ds``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dsql``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``es``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``events``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``evidently``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``finspace``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``finspace-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``gameliftstreams``: [``botocore``] Updates documentation to clarify valid application
binaries for an Amazon GameLift Streams application and provide descriptions of stream session
error status reasons
* api-change:``geo-maps``: [``botocore``] Added support for optional style parameters in maps,
including Terrain, ContourDensity, Traffic, and TravelModes.
* api-change:``imagebuilder``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iot-data``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotdeviceadvisor``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iotthingsgraph``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``iottwinmaker``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kendra-ranking``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kinesis-video-media``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lakeformation``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``license-manager``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``license-manager-user-subscriptions``: [``botocore``] Update endpoint ruleset
parameters casing
* api-change:``marketplace-catalog``: [``botocore``] The ListEntities API now supports two new CAPI
filters: DeliveryOptionTypes for SaaS products and CompatibleAWSServices for Container products.
* api-change:``mediaconnect``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``migration-hub-refactor-spaces``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``network-firewall``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``networkmanager``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``organizations``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pi``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``qapps``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``rolesanywhere``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``route53-recovery-readiness``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``sagemaker-geospatial``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``signer``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``swf``: [``botocore``] Releasing minor endpoint updates.
* api-change:``timestream-write``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``tnb``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``wellarchitected``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.54
* api-change:``acm-pca``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``amplify``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``apigatewaymanagementapi``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``apprunner``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``apptest``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``autoscaling-plans``: [``botocore``] Updated FIPS endpoints for US GovCloud regions
* api-change:``batch``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``bcm-data-exports``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``billingconductor``: [``botocore``] New feature: service flat CLI and first AWS
managed pricing plan (BasicPricingPlan)
* api-change:``customer-profiles``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``databrew``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dataexchange``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``dlm``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
* api-change:``freetier``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``gamelift``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``geo-routes``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``globalaccelerator``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``grafana``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``identitystore``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ivs``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ivs-realtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kafka``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``keyspaces``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``kms``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lex-models``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lexv2-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``lookoutequipment``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``m2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``machinelearning``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``marketplace-entitlement``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``mediapackagev2``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``medical-imaging``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``memorydb``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``migrationhub-config``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``networkflowmonitor``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``osis``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``personalize``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``personalize-runtime``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pinpoint-sms-voice``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``polly``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``pricing``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``qldb``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``qldb-session``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``route53-recovery-control-config``: [``botocore``] Update endpoint ruleset parameters
casing
* api-change:``ssm``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ssm-contacts``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``ssm-guiconnect``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``timestream-query``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``voice-id``: [``botocore``] Update endpoint ruleset parameters casing
* api-change:``workspaces-web``: [``botocore``] Update endpoint ruleset parameters casing
- from version 1.40.53
* api-change:``bedrock``: [``botocore``] Amazon Bedrock Automated Reasoning Policy now offers
enhanced AWS KMS integration. The CreateAutomatedReasoningPolicy API includes a new kmsKeyId field,
allowing customers to specify their preferred KMS key for encryption, improving control and
compliance with AWS encryption mandates.
* api-change:``docdb``: [``botocore``] Add support for NetworkType field in CreateDbCluster,
ModifyDbCluster, RestoreDbClusterFromSnapshot and RestoreDbClusterToPointInTime for DocumentDB.
* api-change:``ec2``: [``botocore``] Introducing EC2 Capacity Manager for monitoring and analyzing
capacity usage across On-Demand Instances, Spot Instances, and Capacity Reservations.
* api-change:``elbv2``: [``botocore``] This release expands Listener Rule Conditions to support
RegexValues and adds support for a new Transforms field in Listener Rules.
* api-change:``guardduty``: [``botocore``] Added default pagination value for
ListMalwareProtectionPlans API and updated UpdateFindingsFeedback API
* api-change:``lightsail``: [``botocore``] Add support for manage Lightsail Bucket CORS
configuration
* api-change:``timestream-influxdb``: [``botocore``] This release adds support for creating and
managing InfluxDB 3 Core and Enterprise DbClusters.
- from version 1.40.52
* api-change:``appstream``: [``botocore``] This release introduces support for Microsoft license
included applications streaming.
* api-change:``backup``: [``botocore``] The AWS Backup job attribute extension enhancement helps
customers better understand the plan that initiated each job, and the properties of the resource
each job creates.
* api-change:``connect``: [``botocore``] SDK release for TaskTemplateInfo in Contact for
DescribeContact response.
* api-change:``datazone``: [``botocore``] Support creating scoped and trustedIdentityPropagation
enabled connections.
* api-change:``ec2``: [``botocore``] This release adds support for creating instant, point-in-time
copies of EBS volumes within the same Availability Zone
* api-change:``transcribe``: [``botocore``] Move UntagResource API body member to query parameter
* api-change:``transfer``: [``botocore``] SFTP connectors now support routing connections via
customers' VPC. This enables connections to remote servers that are only accessible in a customer's
VPC environment, and to servers that are accessible over the internet but need connections coming
from an IP address in a customer VPC's CIDR range.
- from version 1.40.51
* api-change:``bedrock-agentcore``: [``botocore``] Updated InvokeAgentRuntime API to accept account
id optionally and added CompleteResourceTokenAuth API.
* api-change:``bedrock-agentcore-control``: [``botocore``] Updated http status code in control
plane apis of agentcore runtime, tools and identity. Additional included provider types for
AgentCore Identity
* api-change:``ec2``: [``botocore``] Release Amazon EC2 c8i, c8i-flex, m8a, and r8gb
* api-change:``observabilityadmin``: [``botocore``] CloudWatch Observability Admin adds the ability
to enable Resource tags for telemetry in a customer account. The release introduces new APIs to
enable, disable and describe the status of Resource tags for telemetry feature. This new capability
simplifies monitoring AWS resources using tags.
- Update BuildRequires and Requires from setup.py
- python-botocore
-
- Update to 1.42.27
* api-change:``bedrock``: This change will increase TestCase guardContent input size from 1024 to
2028 characters and PolicyBuildDocumentDescription from 2000 to 4000 characters
* api-change:``datazone``: Adds support for IAM role subscriptions to Glue table listings via
CreateSubscriptionRequest API. Also adds owningIamPrincipalArn filter to List APIs and
subscriptionGrantCreationMode parameter to subscription target APIs for controlling grant creation
behavior.
- from version 1.42.26
* api-change:``billing``: Cost Categories filtering support to BillingView data filter expressions
through the new costCategories parameter, enabling users to filter billing views by AWS Cost
Categories for more granular cost management and allocation.
* api-change:``iot-managed-integrations``: This release introduces WiFi Simple Setup (WSS) enabling
device provisioning via barcode scanning with automated network discovery, authentication, and
credential provisioning. Additionally, it introduces 2P Device Capability Rediscovery for updating
hub-managed device capabilities post-onboarding.
* api-change:``sagemaker``: Added ultraServerType to the UltraServerInfo structure to support
server type identification for SageMaker HyperPod
- from version 1.42.25
* api-change:``bedrock-agentcore-control``: Adds optional field "view" to GetMemory API input to
give customers control over whether CMK encrypted data such as strategy decryption or override
prompts is returned or not.
* api-change:``cloudfront``: Added EntityLimitExceeded exception handling to the following API
operations AssociateDistributionWebACL, AssociateDistributionTenantWebACL,
UpdateDistributionWithStagingConfig
* api-change:``glue``: Adding MaterializedViews task run APIs
* api-change:``medialive``: MediaPackage v2 output groups in MediaLive can now accept one
additional destination for single pipeline channels and up to two additional destinations for
standard channels. MediaPackage v2 destinations now support sending to cross region MediaPackage
channels.
* api-change:``transcribe``: Adds waiters to Amazon Transcribe.
- from version 1.42.24
* api-change:``workspaces``: Add StateMessage and ProgressPercentage fields to
DescribeCustomWorkspaceImageImport API response.
- from version 1.42.23
* api-change:``ce``: This release updates existing reservation recommendations API to support
deployment model.
* api-change:``emr-serverless``: Added support for enabling disk encryption using customer managed
AWS KMS keys to CreateApplication, UpdateApplication and StartJobRun APIs.
- from version 1.42.22
* api-change:``cleanroomsml``: AWS Clean Rooms ML now supports advanced Spark configurations to
optimize SQL performance when creating an MLInputChannel or an audience generation job.
- from version 1.42.21
* bugfix:``s3``: Clarify ``payload_signing_enabled`` documentation to cover interaction with
``request_checksum_calculation``
- from version 1.42.20
* api-change:``cleanrooms``: Added support for publishing detailed metrics to CloudWatch for
operational monitoring of collaborations, including query performance and resource utilization.
* api-change:``identitystore``: This change introduces "Roles" attribute for User entities
supported by AWS Identity Store SDK.
- from version 1.42.19
* api-change:``connect``: Adds support for searching global contacts using the ActiveRegions
filter, and pagination support for ListSecurityProfileFlowModules and ListEntitySecurityProfiles.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``kafkaconnect``: This change sets the KafkaConnect GovCloud FIPS and FIPS DualStack
endpoints to use kafkaconnect instead of kafkaconnect-fips as the service name. This is done to
match the Kafka endpoints.
- from version 1.42.18
* api-change:``connect``: Changes for Contact for Global Search
* api-change:``elastictranscoder``: The elastictranscoder client has been removed following the
deprecation of the service.
* api-change:``quicksight``: This release adds support for quick users to be able to perform role
upgrades on their own. Additionally it allows admins to make this feature admin or auto approval
along with new self upgrade capability that can be restricted by Admins.
- from version 1.42.17
* api-change:``medialive``: AWS Elemental MediaLive now supports Pipeline Locking using Video
Alignment as well as linked single pipeline channels to enable cross-channel and cross-region
Pipeline Locking workflows.
- from version 1.42.16
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``geo-places``: Adds support for InferredSecondaryAddress place type, Designator in
SecondaryAddressComponent and Heading in ReverseGeocode.
* api-change:``pinpoint-sms-voice-v2``: This release adds support for the Registration Reviewer
feature, which provides generative AI feedback on a phone number or sender ID registration to
ensure completeness before sending to downstream (carrier) review.
* api-change:``s3``: Add additional validation to Outpost bucket names.
- from version 1.42.15
* api-change:``config``: Added supported resourceTypes for Config from July to November 2025
* api-change:``ec2``: Adds support for linkedGroupId on the CreatePlacementGroup and
DescribePlacementGroups APIs. The linkedGroupId parameter is reserved for future use.
* api-change:``guardduty``: Make accountIds a required field in GetRemainingFreeTrialDays API to
reflect service behavior.
* api-change:``pcs``: Change API Reference Documentation for default Mode in Accounting and
SlurmRest
- from version 1.42.14
* api-change:``arc-region-switch``: Automatic Plan Execution Reports allow customers to maintain a
concise record of their Region switch Plan executions. This enables customer SREs and leadership
to have a clear view of their recovery posture based on the generated reports for their Plan
executions.
* api-change:``connect``: Adding support for Custom Metrics and Pre-Defined Attributes to
GetCurrentMetricData API.
* api-change:``emr-serverless``: Added JobLevelCostAllocationConfiguration field to enable cost
allocation reporting at the job level, providing more granular visibility into EMR Serverless
charges
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``iot``: This release adds event-based logging feature that enables granular event
logging controls for AWS IoT logs.
* api-change:``qbusiness``: It is a internal bug fix for region expansion
* api-change:``wickr``: AWS Wickr now provides a suite of admin APIs to allow you to
programmatically manage secure communication for Wickr networks at scale. These APIs enable you to
automate administrative workflows including user lifecycle management, network configuration, and
security group administration.
* api-change:``workspaces-web``: Add support for WebAuthn under user settings.
- from version 1.42.13
* api-change:``appstream``: Added support for new operating systems (1) Ubuntu 24.04 Pro LTS on
Elastic fleets, and (2) Microsoft Server 2025 on Always-On and On-Demand fleets
* api-change:``arc-region-switch``: New API to list Route 53 health checks created by ARC region
switch for a plan in a specific AWS Region using the Region switch Regional data plane.
* api-change:``artifact``: Add support for ListReportVersions API for the calling AWS account.
* api-change:``bedrock-agentcore-control``: Feature to support header exchanges between Bedrock
AgentCore Gateway Targets and client, along with propagating query parameter to the configured
targets.
* api-change:``bedrock-data-automation``: Blueprint Optimization (BPO) is a new Amazon Bedrock Data
Automation (BDA) capability that improves blueprint inference accuracy using example content assets
and ground truth data. BPO works by generating better instructions for fields in the Blueprint
using provided data.
* api-change:``cleanrooms``: Adding support for collaboration change requests requiring an approval
workflow. Adding support for change requests that grant or revoke results receiver ability and
modifying auto approved change types in an existing collaboration.
* api-change:``ec2``: This release adds AvailabilityZoneId support for CreateFleet, ModifyFleet,
DescribeFleets, RequestSpotFleet, ModifySpotFleetRequests and DescribeSpotFleetRequests APIs.
* api-change:``ecr``: Adds support for ECR Create On Push
* api-change:``ecs``: Adding support for Event Windows via a new ECS account setting
"fargateEventWindows". When enabled, ECS Fargate will use the configured event window for patching
tasks. Introducing "CapacityOptionType" for CreateCapacityProvider API, allowing support for Spot
capacity for ECS Managed Instances.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``iot``: This release adds message batching for the IoT Rules Engine HTTP action.
* api-change:``opensearch``: Amazon OpenSearch Service adds support for warm nodes, enabling new
multi-tier architecture.
* api-change:``sesv2``: Amazon SES introduces Email Validation feature which checks email addresses
for syntax errors, domain validity, and risky addresses to help maintain deliverability and protect
sender reputation. SES also adds resource tagging and ABAC support for EmailTemplates and
CustomVerificationEmailTemplates.
* api-change:``ssm-sap``: Added "Stopping" for the HANA Database Status.
- from version 1.42.12
* api-change:``gameliftstreams``: Added new stream group operation parameters for scale-on-demand
capacity with automatic prewarming. Added new Gen6 stream classes based on the EC2 G6 instance
family. Added new StartStreamSession parameter for exposure of real-time performance stats to
clients.
* api-change:``guardduty``: Add support for dbiResourceId in finding.
* api-change:``inspector-scan``: Adds an additional OutputFormat
* api-change:``kafkaconnect``: Support dual-stack network connectivity for connectors via
NetworkType field.
* api-change:``mediaconvert``: Adds support for tile encoding in HEVC and audio for video overlays.
* api-change:``mediapackagev2``: This release adds support for SPEKE V2 content key encryption in
MediaPackage v2 Origin Endpoints.
* api-change:``payment-cryptography``: Support for AS2805 standard. Modifications to import-key
and export-key to support AS2805 variants.
* api-change:``payment-cryptography-data``: Support for AS2805 standard. New API
GenerateAs2805KekValidation and changes to translate pin, GenerateMac and VerifyMac to support
AS2805 key variants.
* api-change:``sagemaker``: Adding the newly launched p6-b300.48xlarge ec2 instance support in
Sagemaker(Hyperpod,Training and Sceptor)
- from version 1.42.11
* api-change:``iot``: Add support for dynamic payloads in IoT Device Management Commands
* api-change:``timestream-influxdb``: This release adds support for rebooting InfluxDB DbInstances
and DbClusters
- from version 1.42.10
* api-change:``bedrock-agentcore-control``: This release updates broken links for AgentCore Policy
APIs in the AWS CLI and SDK resources.
* api-change:``connect``: Amazon Connect now supports outbound WhatsApp contacts via the Send
message block or StartOutboundChatContact API. Send proactive messages for surveys, reminders, and
updates. Offer customers the option to switch to WhatsApp while in queue, eliminating hold time.
* api-change:``ec2``: EC2 Capacity Manager now supports SpotTotalCount, SpotTotalInterruptions and
SpotInterruptionRate metrics for both vCPU and instance units.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``entityresolution``: Support Customer Profiles Integration for AWS Entity Resolution
* api-change:``glacier``: Documentation updates for Amazon Glacier's maintenance mode
* api-change:``health``: Updating Health API endpoint generation for dualstack only regions
* api-change:``logs``: This release allows you to import your historical CloudTrail Lake data into
CloudWatch with a few steps, enabling you to easily consolidate operational, security, and
compliance data in one place.
* api-change:``mediatailor``: Added support for Ad Decision Server Configuration enabling HTTP POST
requests with custom bodies, headers, GZIP compression, and dynamic variables. No changes required
for existing GET request configurations.
* api-change:``route53resolver``: Adds support for enabling detailed metrics on Route 53 Resolver
endpoints using RniEnhancedMetricsEnabled and TargetNameServerMetricsEnabled in the
CreateResolverEndpoint and UpdateResolverEndpoint APIs, providing enhanced visibility into Resolver
endpoint and target name server performance.
* api-change:``s3``: This release adds support for the new optional field 'LifecycleExpirationDate'
in S3 Inventory configurations.
* api-change:``service-quotas``: Add support for SQ Dashboard Api
- from version 1.42.9
* api-change:``bcm-recommended-actions``: Added new freetier action types to RecommendedAction.type.
* api-change:``connect``: Amazon Connect now offers automated post-chat surveys triggered when
customers end conversations. This captures timely feedback while experience is fresh, using either
a no-code form builder or Amazon Lex-powered interactive surveys.
* api-change:``datasync``: Adds Enhanced mode support for NFS and SMB locations. SMB credentials
are now managed via Secrets Manager, and may be encrypted with service or customer managed keys.
Increases AgentArns maximum count to 8 (max 4 per TaskMode). Adds folder counters to
DescribeTaskExecution for Enhanced mode tasks.
* api-change:``workspaces-web``: Adds support for portal branding customization, enabling
administrators to personalize end-user portals with custom assets.
- from version 1.42.8
* api-change:``lambda``: Add Dotnet 10 (dotnet10) support to AWS Lambda.
* api-change:``organizations``: Add support for policy operations on the NETWORK SECURITY DIRECTOR
POLICY policy type.
* api-change:``quicksight``: This release adds new GetIdentityContext API, Dashboard customization
options for tables and pivot tables, Visual styling options- borders and decals, map
GeocodingPreferences, KeyPairCredentials for DataSourceCredentials. Snapshot APIs now support
registered users. Parameters limit increased to 400
* api-change:``secretsmanager``: Add SortBy parameter to ListSecrets
* api-change:``sesv2``: Update GetEmailIdentity and CreateEmailIdentity response to include
SigningHostedZone in DkimAttributes. Updated PutEmailIdentityDkimSigningAttributes Response to
include SigningHostedZone.
- from version 1.42.7
* api-change:``bedrock``: Automated Reasoning checks in Amazon Bedrock Guardrails is capable of
generating policy scenarios to validate policies. The
GetAutomatedReasoningPolicyBuildWorkflowResultAssets API now adds POLICY SCENARIO asset type,
allowing customers to retrieve scenarios generated by the build workflow.
* api-change:``billingconductor``: Launch itemized custom line item and service line item filter
* api-change:``cloudwatch``: This release introduces two additional protocols AWS JSON 1.1 and
Smithy RPC v2 CBOR, replacing the currently utilized one, AWSQuery. AWS SDKs will prioritize the
protocol that is the most performant for each language.
* api-change:``odb``: The following APIs now return CloudExadataInfrastructureArn and OdbNetworkArn
fields for improved resource identification and AWS service integration - GetCloudVmCluster,
ListCloudVmClusters, GetCloudAutonomousVmCluster, and ListCloudAutonomousVmClusters.
* api-change:``opensearch``: The CreateApplication API now supports an optional kms key arn
parameter to allow customers to specify a CMK for application encryption.
* api-change:``partnercentral-selling``: Adds support for the new Project.AwsPartition field on
Opportunity and AWS Opportunity Summary. Use this field to specify the AWS partition where the
opportunity will be deployed.
* api-change:``signer``: Adds support for Signer GetRevocationStatus with updated endpoints
- Update to 1.42.6
* api-change:``account``: This release adds a new API (GetGovCloudAccountInformation) used to
retrieve information about a linked GovCloud account from the standard AWS partition.
* api-change:``appsync``: Update Event API to require EventConfig parameter in creation and update
requests.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``guardduty``: Adding support for Ec2LaunchTemplate Version field
* api-change:``ivs-realtime``: Token Exchange introduces seamless token exchange capabilities for
IVS RTX, enabling customers to upgrade or downgrade token capabilities and update token attributes
within the IVS client SDK without forcing clients to disconnect and reconnect.
* api-change:``mgn``: Added parameters encryption, IPv4/IPv6 protocol configuration, and enhanced
tagging support for replication operations.
* api-change:``route53``: Amazon Route 53 now supports the EU (Germany) Region (eusc-de-east-1) for
latency records, geoproximity records, and private DNS for Amazon VPCs in that region
- Update to 1.42.5
* api-change:``ce``: Add support for Cost Category resource associations including filtering by
resource type on ListCostCategoryDefinitions and new ListCostCategoryResourceAssociations API.
* api-change:``ec2``: Amazon EC2 P6-B300 instances provide 8x NVIDIA Blackwell Ultra GPUs with 2.1
TB high bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps dedicated ENA throughput, and 4 TB
of system memory. Amazon EC2 C8a instances are powered by 5th Gen AMD EPYC processors with a
maximum frequency of 4.5 GHz.
* api-change:``identitystore``: Updating AWS Identity Store APIs to support Attribute Extensions
capability, with the first release adding Enterprise Attributes. This launch aligns Identity Store
APIs with SCIM for enterprise attributes, reducing cases when customers are forced to use SCIM due
to lack of SigV4 API support.
* api-change:``partnercentral-selling``: Deal Sizing Service for AI-based deal size estimation with
AWS service-level breakdown, supporting Expansion and Migration deals across Technology, and
Reseller partner cohorts, including Pricing Calculator AddOn for MAP deals and funding incentives.
* api-change:``rds``: Adding support for tagging RDS Instance/Cluster Automated Backups
* api-change:``redshift-serverless``: Added GetIdentityCenterAuthToken API to retrieve encrypted
authentication tokens for Identity Center integrated serverless workgroups. This API enables
programmatic access to secure Identity Center tokens with proper error handling and parameter
validation across supported SDK languages.
* api-change:``rolesanywhere``: Increases certificate string length for trust anchor source data to
support ML-DSA certificates.
* api-change:``sesv2``: Update Mail Manager Archive ARN validation
* enhancement:ContainerProvider: The ContainerProvider now works with arbitray HTTPS URLs for
`AWS_CONTAINER_CREDENTIALS_FULL_URI`.
- from version 1.42.4
* api-change:``ecs``: Updating stop-task API to encapsulate containers with custom stop signal
* api-change:``iam``: Adding the ExpirationTime attribute to the delegation request resource.
* api-change:``inspector2``: This release adds a new ScanStatus called "Unsupported Code
Artifacts". This ScanStatus will be returned when a Lambda function was not code scanned because it
has unsupported code artifacts.
* api-change:``partnercentral-account``: Adding Verification API's to Partner Central Account SDK.
* api-change:``sesv2``: Updating the desired url for `PutEmailIdentityDkimSigningAttributes` from
v1 to v2
* enhancement:AWSCRT: Update awscrt version to 0.29.2
- from version 1.42.3
* api-change:``lambda``: Add DisallowedByVpcEncryptionControl to the LastUpdateStatusReasonCode and
StateReasonCode enums to represent failures caused by VPC Encryption Controls.
- from version 1.42.2
* api-change:``bedrock``: Adding support in Amazon Bedrock to customize models with reinforcement
fine-tuning (RFT) and support for updating the existing Custom Model Deployments.
* api-change:``sagemaker``: Introduces Serverless training: A fully managed compute infrastructure
that abstracts away all infrastructure complexity, allowing you to focus purely on model
development.
Added AI model customization assets used to train, refine, and evaluate custom models during the
model customization process.
- from version 1.42.1
* api-change:``bedrock``: Adds the audioDataDeliveryEnabled boolean field to the Model Invocation
Logging Configuration.
* api-change:``bedrock-agentcore``: Support for AgentCore Evaluations and Episodic memory strategy
for AgentCore Memory.
* api-change:``bedrock-agentcore-control``: Supports AgentCore Evaluations, Policy, Episodic Memory
Strategy, Resource Based Policy for Runtime and Gateway APIs, API Gateway Rest API Targets and
enhances JWT authorizer.
* api-change:``bedrock-runtime``: Adds support for Audio Blocks and Streaming Image Output plus new
Stop Reasons of malformed_model_output and malformed_tool_use.
* api-change:``ce``: This release updates existing Savings Plans Purchase Analyzer and
Recommendations APIs to support Database Savings Plans.
* api-change:``datazone``: Amazon DataZone now supports exporting Catalog datasets as Amazon S3
tables, and provides automatic business glossary term suggestions for data assets.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``fsx``: S3 Access Points support for FSx for NetApp ONTAP
* api-change:``guardduty``: Adding support for extended threat detection for Amazon EC2 and Amazon
ECS. Adding support for wild card suppression rules.
* api-change:``lambda``: Launching Lambda durable functions - a new feature to build reliable
multi-step applications and AI workflows natively within the Lambda developer experience.
* api-change:``logs``: CloudWatch Logs adds managed S3 Tables integration to access logs using
other analytical tools, as well as facets and field indexing to simplify log analytics in
CloudWatch Logs Insights.
* api-change:``nova-act``: Initial release of Nova Act SDK. The Nova Act service enables customers
to build and manage fleets of agents for automating production UI workflows with high reliability,
fastest time-to-value, and ease of implementation at scale.
* api-change:``observabilityadmin``: CloudWatch Observability Admin adds pipelines configuration
for third party log ingestion and transformation of all logs ingested, integration of CloudWatch
logs with S3 Tables, and AWS account or organization level enablement for 7 AWS services.
* api-change:``opensearch``: GPU-acceleration helps you build large-scale vector databases faster
and more efficiently. You can enable this feature on new OpenSearch domains and OpenSearch
Serverless collections. This feature uses GPU-acceleration to reduce the time needed to index data
into vector indexes.
* api-change:``opensearchserverless``: GPU-acceleration helps you build large-scale vector
databases faster and more efficiently. You can enable this feature on new OpenSearch domains and
OpenSearch Serverless collections. This feature uses GPU-acceleration to reduce the time needed to
index data into vector indexes.
* api-change:``rds``: RDS Oracle and SQL Server: Add support for adding, modifying, and removing
additional storage volumes, offering up to 256TiB storage; RDS SQL Server: Support Developer
Edition via custom engine versions for development and testing purposes; M7i/R7i instances with
Optimize CPU for cost savings.
* api-change:``s3``: New S3 Storage Class FSX_ONTAP
* api-change:``s3control``: Add support for S3 Storage Lens Advanced Performance Metrics, Expanded
Prefixes metrics report, and export to S3 Tables.
* api-change:``s3tables``: Add storage class, replication, and table record expiration features to
S3 Tables.
* api-change:``s3vectors``: Amazon S3 Vectors provides cost-effective, elastic, and durable vector
storage for queries based on semantic meaning and similarity.
* api-change:``sagemaker``: Added support for serverless MLflow Apps.
Added support for new HubContentTypes (DataSet and JsonDoc) in Private Hub for AI model
customization assets, enabling tracking and management of training datasets and evaluators (reward
functions/prompts) throughout the ML lifecycle.
* api-change:``savingsplans``: Added support for Amazon Database Savings Plans
* api-change:``securityhub``: ITSM enhancements: DRYRUN mode for testing ticket creation,
ServiceNow now uses AWS Secrets Manager for credentials, ConnectorRegistrationsV2 renamed to
RegisterConnectorV2, added ServiceQuotaExceededException error, and ConnectorStatus visibility in
CreateConnectorV2.
- from version 1.41.6
* api-change:``appintegrations``: This release adds support for MCP servers via the ApplicationType
field, allowing customers to register their Bedrock AgentCore gateways as third party applications.
* api-change:``bedrock-agent``: Support audio and video ingestion on Bedrock Knowledge Bases.
* api-change:``bedrock-agent-runtime``: Support audio and video content retrieval on Bedrock
Knowledge Bases.
* api-change:``cleanrooms``: AWS Clean Rooms now supports privacy-enhancing synthetic dataset
generation for custom ML training.
* api-change:``cleanroomsml``: AWS Clean Rooms ML now supports privacy-enhancing synthetic dataset
generation for custom ML training.
* api-change:``connect``: This is a combined re:Invent release for Amazon Connect.
* api-change:``connectcampaignsv2``: This release added support for new WhatsApp channel and
Journey type outbound campaign
* api-change:``connectparticipant``: Amazon Connect now supports message processing that intercepts
and processes chat messages before they reach any participant.
* api-change:``customer-profiles``: This release introduces, CRUD APIs for the DomainObjectType and
Recommender resources, APIs to offer statistical insights on Object Type Attributes, Changes to
SegmentDefinition APIs to support SQL queries to create Segments, and Changes to Domain APIs to
support Data Store.
* api-change:``eks``: This release adds support for EKS Capabilities
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``glue``: feature: Glue: Add support for Iceberg materialized view in Glue Data
Catalog, including updated CreateTable API to support materialized views and new APIs for managing
data refresh for materialized views.
feature: Glue: Add support for Iceberg table encryption keys and struct field defaults.
* api-change:``lambda``: Launching Lambda Managed Instances - a new feature to run Lambda on EC2.
* api-change:``lexv2-models``: Adds support for speech-to-speech models for human-like, adaptive,
and expressive voice interactions. Also adds support for speech model preference, allowing
customers to select which speech model they want to use for speech-to-text requests.
* api-change:``marketplace-agreement``: This release supports 1/multi-product transactions via
offer sets. DescribeAgreement and SearchAgreements APIs now return offer set IDs. SearchAgreements
also supports filtering by offer set ID and 2/variable payment pricing terms will be returned
through GetAgreementTerms.
* api-change:``marketplace-catalog``: This release introduces offer set entity in AWS Marketplace
Catalog API to enable multi-product transaction. Offer set enables sellers to group multiple
private offers into a single-click purchase experience, simplifying procurement for customers
purchasing multi-product solutions.
* api-change:``partnercentral-account``: Initial GA launch of Partner Central Account
* api-change:``partnercentral-benefits``: Initial GA launch of Partner Central Benefits
* api-change:``partnercentral-selling``: New Features:
Lead Management APIs for capturing and nurturing leads
Lead invitation support for partner collaboration
Lead-to-opportunity conversion operations
AWS Marketplace OfferSets support for opportunities
* api-change:``personalize``: This release adds support for includedDatasetColumns and
performIncrementalUpdate in solution APIs, and rankingInfluence in campaign and batch inference
APIs.
* api-change:``qconnect``: New AIAgent types: Orchestration for ModelContextProtocol tool
integration, CaseSummary for Amazon Connect Case summaries, NoteTaker for Agent Assistance notes.
Added ListSpans and Retrieve APIs. Enhanced Q in Connect AssistantAssociationType to support Bring
Your Own Bedrock Knowledge Bases.
* api-change:``route53globalresolver``: Add SDK for Amazon Route 53 Global Resolver, a fully
managed DNS resolver service that offers broad DNS-filtering security controls.
* enhancement:AWSCRT: Update awscrt version to 0.29.1
- from version 1.41.5
* api-change:``bedrock-runtime``: Bedrock Runtime Reserved Service Support
* api-change:``compute-optimizer``: Compute Optimizer now identifies idle NAT Gateway resources for
cost optimization based on traffic patterns and backup configuration analysis. Access
recommendations via the GetIdleRecommendations API.
* api-change:``cost-optimization-hub``: This release enables AWS Cost Optimization Hub to show cost
optimization recommendations for NAT Gateway.
- from version 1.41.4
* api-change:``ec2``: This release adds support to view Network firewall proxy appliances attached
to an existing NAT Gateway via DescribeNatGateways API NatGatewayAttachedAppliance structure.
* api-change:``network-firewall``: Network Firewall release of the Proxy feature.
* api-change:``organizations``: Add support for policy operations on the S3_POLICY and
BEDROCK_POLICY policy type.
* api-change:``route53``: Adds support for new route53 feature: accelerated recovery.
- Update to 1.41.3
* api-change:``cloudfront``: Add TrustStore, ConnectionFunction APIs to CloudFront SDK
* api-change:``logs``: New CloudWatch Logs feature - LogGroup Deletion Protection, a capability
that allows customers to safeguard their critical CloudWatch log groups from accidental or
unintended deletion.
* enhancement:awscrt: Update awscrt version to 0.29.0
- from version 1.41.2
* api-change:``apigateway``: API Gateway supports VPC link V2 for REST APIs.
* api-change:``athena``: Introduces Spark workgroup features including log persistence,
S3/CloudWatch delivery, UI and History Server APIs, and SparkConnect 3.5.6 support. Adds DPU usage
limits at workgroup and query levels as well as DPU usage tracking for Capacity Reservation queries
to optimize performance and costs.
* api-change:``bedrock``: Add support to automatically enforce safeguards across accounts within an
AWS Organization.
* api-change:``bedrock-agentcore-control``: Support for agentcore gateway interceptor
configurations and NONE authorizer type
* api-change:``bedrock-data-automation-runtime``: Adding new fields to GetDataAutomationStatus:
jobSubmissionTime, jobCompletionTime, and jobDurationInSeconds
* api-change:``bedrock-runtime``: Add support to automatically enforce safeguards across accounts
within an AWS Organization.
* api-change:``cloudformation``: Adds the DependsOn field to the AutoDeployment configuration
parameter for CreateStackSet, UpdateStackSet, and DescribeStackSet APIs, allowing users to set and
read auto-deployment dependencies between StackSets
* api-change:``compute-optimizer-automation``: Initial release of AWS Compute Optimizer Automation.
Create automation rules to implement recommended actions on a recurring schedule based on your
specified criteria. Supported actions include: snapshot and delete unattached EBS volumes and
upgrade volume types to the latest generation.
* api-change:``connect``: New APIs to support aliases and versions for ContactFlowModule. Updated
ContactFlowModule APIs to support custom blocks.
* api-change:``controltower``: The manifest field is now optional for the AWS Control Tower
CreateLandingZone and UpdateLandingZone APIs for Landing Zone version 4.0
* api-change:``ec2``: This release adds a new capability to create and manage interruptible EC2
Capacity Reservations.
* api-change:``ecr``: Add support for ECR managed signing
* api-change:``eks``: Adds support for controlPlaneScalingConfig on EKS Clusters.
* api-change:``elbv2``: This release adds the health check log feature in ALB, allowing customers
to send detailed target health check log data directly to their designated Amazon S3 bucket.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``invoicing``: Added the CreateProcurementPortalPreference,
GetProcurementPortalPreference, PutProcurementPortalPreference,
UpdateProcurementPortalPreferenceStatus, ListProcurementPortalPreferences and
DeleteProcurementPortalPreference APIs for procurement portal preference management.
* api-change:``kinesisvideo``: This release adds support for Tiered Storage
* api-change:``kms``: Support for on-demand rotation of AWS KMS Multi-Region keys with imported key
material
* api-change:``lambda``: Launching Enhanced Error Handling and ESM Grouping capabilities for Kafka
ESMs
* api-change:``lexv2-models``: Adds support for Intent Disambiguation, allowing resolution of
ambiguous user inputs when multiple intents match by presenting clarifying questions to users. Also
adds Speech Detection Sensitivity configuration for optimizing voice activity detection sensitivity
levels in various noise environments.
* api-change:``mailmanager``: Add support for resources in the aws-eusc partition.
* api-change:``marketplace-entitlement``: Endpoint update for new region
* api-change:``mediapackagev2``: Adds support for excluding session key tags from HLS multivariant
playlists
* api-change:``meteringmarketplace``: Endpoint update for new region
* api-change:``odb``: Adds AssociateIamRoleToResource and DisassociateIamRoleFromResource APIs for
managing IAM roles. Enhances CreateOdbNetwork and UpdateOdbNetwork APIs with KMS, STS, and
cross-region S3 parameters. Adds OCI identity domain support to InitializeService API.
* api-change:``organizations``: Add support for policy operations on the UPGRADE_ROLLOUT_POLICY
policy type.
* api-change:``qconnect``: This release introduces two new messaging channel subtypes: Push,
WhatsApp, under MessageTemplate which is a resource in Amazon Q in Connect.
* api-change:``quicksight``: Amazon Quick Suite now supports QuickChat as an embedding type when
calling the GenerateEmbedUrlForRegisteredUser API, enabling developers to embed conversational AI
agents directly into their applications.
* api-change:``rds``: Add support for Upgrade Rollout Order
* api-change:``redshift``: Added support for Amazon Redshift Federated Permissions and AWS IAM
Identity Center trusted identity propagation.
* api-change:``redshift-serverless``: Added UpdateLakehouseConfiguration API to manage Amazon
Redshift Federated Permissions and AWS IAM Identity Center trusted identity propagation for
namespaces.
* api-change:``sagemaker``: Enhanced SageMaker HyperPod instance groups with support for
MinInstanceCount, CapacityRequirements (Spot/On-Demand), and KubernetesConfig (labels and taints).
Also Added speculative decoding and MaxInstanceCount for model optimization jobs.
* api-change:``security-ir``: Add ListInvestigations and SendFeedback APIs to support SecurityIR AI
agents
* api-change:``sesv2``: Added support for new SES regions - Asia Pacific (Malaysia) and Canada
(Calgary)
* api-change:``transfer``: Adds support for creating Webapps accessible from a VPC.
- from version 1.41.1
* api-change:``application-signals``: Amazon CloudWatch Application Signals now supports
un-instrumented services discovery, cross-account views, and change history, helping SRE and DevOps
teams monitor and troubleshoot their large-scale distributed applications.
* api-change:``autoscaling``: This release adds support for three new features: 1) Image ID
overrides in mixed instances policy, 2) Replace Root Volume - a new strategy for Instance Refresh,
and 3) Instance Lifecycle Policy for enhanced instance lifecycle management.
* api-change:``bedrock-agentcore``: Bedrock AgentCore Memory release for redriving memory
extraction jobs (StartMemoryExtractionJob and ListMemoryExtractionJob)
* api-change:``bedrock-data-automation``: Added support for Synchronous project type and PII
Detection and Redaction
* api-change:``bedrock-data-automation-runtime``: Bedrock Data Automation Runtime Sync API
* api-change:``braket``: Add support for Braket spending limits.
* api-change:``budgets``: Add BillingViewHealthStatusException to DescribeBudgetPerformanceHistory
and ServiceQuotaExceededException to UpdateBudget for improved error handling with Billing Views.
* api-change:``cloudfront``: This release adds support for bring your own IP (BYOIP) to
CloudFront's CreateAnycastIpList API through an optional IpamCidrConfigs field.
* api-change:``cloudtrail``: AWS launches CloudTrail aggregated events to simplify monitoring of
data events at scale. This feature delivers both granular and summarized data events for resources
like S3/Lambda, helping security teams identify patterns without custom aggregation logic.
* api-change:``connect``: Add optional ability to exclude users from send notification actions for
Contact Lens Rules.
* api-change:``datasync``: The partition value "aws-eusc" is now permitted for ARN (Amazon Resource
Name) fields.
* api-change:``devicefarm``: Add support for environment variables and an IAM execution role.
* api-change:``dms``: Added support for customer-managed KMS key (CMK) for encryption for import
private key certificate. Additionally added Amazon SageMaker Lakehouse endpoint used for zero-ETL
integrations with data warehouses.
* api-change:``dsql``: Added clusterVpcEndpoint field to GetVpcEndpointServiceName API response,
returning the VPC connection endpoint for the cluster
* api-change:``ec2``: This release adds support for multiple features including: VPC Encryption
Control for the status of traffic flow; S2S VPN BGP Logging; TGW Flexible Costs; IPAM allocation of
static IPs from IPAM pools to CF Anycast IP lists used on CloudFront distribution; and EBS Volume
Integration with Recycle Bin
* api-change:``ecs``: Launching Amazon ECS Express Mode - a new feature that enables developers to
quickly launch highly available, scalable containerized applications with a single command.
* api-change:``elbv2``: This release adds the target optimizer feature in ALB, enabling strict
concurrency enforcement on targets.
* api-change:``emr``: Add support for configuring S3 destination for step logs on a per-step basis.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``glue``: Added FunctionType parameter to Glue GetuserDefinedFunctions.
* api-change:``imagebuilder``: EC2 Image Builder now enables the distribution of existing AMIs,
retry distribution, and define distribution workflows. It also supports automatic versioning for
recipes and components, allowing automatic version increments and dynamic referencing in pipelines.
* api-change:``kinesis``: Kinesis Data Streams now supports up to 50 Enhance Fan-out consumers for
On-demand Advantage Streams. On-demand Standard and Provisioned streams will continue with the
existing limit of 20 consumers for Enhanced Fan-out.
* api-change:``lakeformation``: Added ServiceIntegrations as a request parameter for
CreateLakeFormationIdentityCenterConfigurationRequest and
UpdateLakeFormationIdentityCenterConfigurationRequest and response parameter for
DescribeLakeFormationIdentityCenterConfigurationResponse
* api-change:``license-manager``: Added cross-account resource aggregation via license asset groups
and expiry tracking for Self-Managed Licenses. Extended Org-Wide View to Self-Managed Licenses,
added reporting for license asset groups, and removed Athena/Glue dependencies for cross-account
resource discovery in commercial regions.
* api-change:``networkmanager``: This release adds support for Cloud WAN Routing Policy providing
customers sophisticated routing controls to better manage their global networks
* api-change:``organizations``: Added new APIs for Billing Transfer, new policy type
INSPECTOR_POLICY, and allow an account to transfer between organizations
* api-change:``quicksight``: Introducing comprehensive theme styling controls. New features include
border customization (radius, width, color), flexible padding controls, background styling for
cards and sheets, centralized typography management, and visual-level override support across
layouts.
* api-change:``rbin``: Add support for EBS volume in Recycle Bin
* api-change:``rds``: Add support for VPC Encryption Controls.
* api-change:``redshift-data``: Increasing the length limit of Statement Name from 500 to 2048.
* api-change:``s3``: Enable / Disable ABAC on a general purpose bucket.
* api-change:``sagemaker``: Added training plan support for inference endpoints. Added HyperPod
task governance with accelerator partition-based quota allocation. Added BatchRebootClusterNodes
and BatchReplaceClusterNodes APIs. Updated ListClusterNodes to include privateDnsHostName.
* api-change:``securityhub``: Release Findings and Resources Trends APIs- GetFindingsTrendsV2 and
GetResourcesTrendsV2. This supports time-series aggregated counts with composite filtering for
1-year of historical data analysis of Findings and Resources.
- from version 1.41.0
* api-change:``apigateway``: API Gateway now supports response streaming and new security policies
for REST APIs and custom domain names.
* api-change:``apigatewayv2``: Support for API Gateway portals and portal products.
* api-change:``backup``: Amazon GuardDuty Malware Protection now supports AWS Backup, extending
malware detection capabilities to EC2, EBS, and S3 backups.
* api-change:``bcm-pricing-calculator``: Add GroupSharingPreference,
CostCategoryGroupSharingPreferenceArn, and CostCategoryGroupSharingPreferenceEffectiveDate to Bill
Estimate. Add GroupSharingPreference and CostCategoryGroupSharingPreferenceArn to Bill Scenario.
* api-change:``bedrock-runtime``: This release includes support for Search Results.
* api-change:``billing``: Added name filtering support to ListBillingViews API through the new
names parameter to efficiently filter billing views by name.
* api-change:``billingconductor``: This release adds support for Billing Transfers, enabling
management of billing transfers with billing groups on AWS Billing Conductor.
* api-change:``ce``: Add support for COST_CATEGORY, TAG, and LINKED_ACCOUNT AWS managed cost
anomaly detection monitors
* api-change:``cloudtrail``: AWS CloudTrail now supports Insights for data events, expanding beyond
management events to automatically detect unusual activity on data plane operations.
* api-change:``connectcampaignsv2``: This release added support for ring timer configuration for
campaign calls.
* api-change:``cost-optimization-hub``: Release ListEfficiencyMetrics API
* api-change:``datazone``: Amazon DataZone now supports business metadata (readme and metadata
forms) at the individual attribute (column) level, a new rule type for glossary terms, and the
ability to update the owner of the root domain unit.
* api-change:``dynamodb``: Extended Global Secondary Index (GSI) composite keys to support up to 8
attributes.
* api-change:``ec2``: This launch adds support for two new features: Regional NAT Gateway and IPAM
Policies. IPAM policies offers customers central control for public IPv4 assignments across AWS
services. Regional NAT is a single NAT Gateway that automatically expands across AZs in a VPC to
maintain high availability.
* api-change:``ecr``: Add support for ECR archival storage class and Inspector org policy for
scanning
* api-change:``ecs``: Added support for Amazon ECS Managed Instances infrastructure optimization
configuration.
* api-change:``emr``: Add CloudWatch Logs integration for Spark driver, executor and step logs
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``fsx``: Adding File Server Resource Manager configuration to FSx Windows
* api-change:``guardduty``: Add support for scanning and viewing scan results for backup resource
types
* api-change:``health``: Adds actionability and personas properties to Health events exposed
through DescribeEvents, DescribeEventsForOrganization, DescribeEventDetails, and DescribeEventTypes
APIs. Adds filtering by actionabilities and personas in EventFilter, OrganizationEventFilter,
EventTypeFilter.
* api-change:``iam``: Added the EnableOutboundWebIdentityFederation,
DisableOutboundWebIdentityFederation and GetOutboundWebIdentityFederationInfo APIs for the IAM
outbound federation feature.
* api-change:``inspector2``: This release introduces BLOCKED_BY_ORGANIZATION_POLICY error code and
IMAGE_ARCHIVED scanStatusReason. BLOCKED_BY_ORGANIZATION_POLICY error code is returned when an
operation is blocked by an AWS Organizations policy. IMAGE_ARCHIVED scanStatusReason is returned
when an Image is archived in ECR.
* api-change:``invoicing``: Add support for adding Billing transfers in Invoice configuration
* api-change:``lambda``: Added support for creating and invoking Tenant Isolated functions in AWS
Lambda APIs.
* api-change:``logs``: Adding support for ocsf version 1.5, add optional parameter MappingVersion
* api-change:``mediaconnect``: This release adds support for global routing in AWS Elemental
MediaConnect. You can now use router inputs and router outputs to manage global video and audio
routing workflows both within the AWS-Cloud and over the public internet.
* api-change:``medialive``: MediaLive is adding support for MediaConnect Router by supporting a new
input type called MEDIACONNECT_ROUTER. This new input type will provide seamless encrypted
transport between MediaConnect Router and your MediaLive channel.
* api-change:``network-firewall``: Partner Managed Rulegroup feature support
* api-change:``networkflowmonitor``: Added new enum value (AWS::EKS::Cluster) for type field under
MonitorLocalResource
* api-change:``partnercentral-channel``: Initial GA launch of Partner Central Channel
* api-change:``route53``: Add dual-stack endpoint support for Route53
* api-change:``rum``: CloudWatch RUM now supports mobile application monitoring for Android and iOS
platforms
* api-change:``s3``: Adds support for blocking SSE-C writes to general purpose buckets.
* api-change:``sagemaker``: Added support for enhanced metrics for SageMaker AI Endpoints. This
features provides Utilization Metrics at instance and container granularity and also provides easy
configuration of metric publish frequency from 10 sec -> 5 mins
* api-change:``secretsmanager``: Adds support to create, update, retrieve, rotate, and delete
managed external secrets.
* api-change:``signin``: AWS Sign-In manages authentication for AWS services. This service provides
secure authentication flows for accessing AWS resources from the console and developer tools. This
release adds the CreateOAuth2Token API, which can be used to fetch OAuth2 access tokens and refresh
tokens from Sign-In.
* api-change:``stepfunctions``: Adds support to TestState for mocked results and exceptions, along
with additional inspection data.
* api-change:``sts``: IAM now supports outbound identity federation via the STS GetWebIdentityToken
API, enabling AWS workloads to securely authenticate with external services using short-lived JSON
Web Tokens.
* feature:credentials: Adds support for the login credential provider, allowing users to use AWS
Management Console credentials for authentication.
- from version 1.40.76
* api-change:``autoscaling``: This release adds the new LaunchInstances API, which can launch
instances synchronously in an AutoScaling group. The API also returns instances info and launch
error back immediately.
* api-change:``backup``: AWS Backup now supports a low-cost warm storage tier for Amazon S3 backup
data.
* api-change:``bedrock-runtime``: Amazon Bedrock Runtime Service Tier Support Launch
* api-change:``cloudformation``: New CloudFormation DescribeEvents API with operation ID tracking
and failure filtering capabilities to quickly identify root causes of deployment failures. Also, a
DeploymentMode parameter for the CreateChangeSet API that enables creation of drift-aware change
sets for safe drift management.
* api-change:``connect``: This release added support for ring timer configuration for campaign
calls.
* api-change:``ec2``: AWS Site-to-Site VPN now supports VPN Concentrator, a new feature that
enables customers to connect multiple low-bandwidth sites connections through a single attachment,
simplifying multi-site connectivity for distributed enterprises.
* api-change:``iam``: Added the AssociateDelegationRequest, GetDelegationRequest,
AcceptDelegationRequest, RejectDelegatonRequest, ListDelegationRequests, UpdateDelegationRequest,
SendDelegationToken and GetHumanReadableSummary APIs for the IAM temporary delegation feature.
* api-change:``kafka``: Amazon MSK adds three new APIs, ListTopics, DescribeTopic, and
DescribeTopicPartitions for viewing Kafka topics in your MSK clusters.
* api-change:``logs``: CloudWatch Logs updates: Added capability to setup a recurring schedule for
log insights queries. Logs introduced Scheduled Queries (managed through
Create/Update/Get/Delete/List/History Scheduled Query APIs). For more information, see CloudWatch
Logs API documentation.
* api-change:``resourcegroupstaggingapi``: Add support for new ListRequiredTags API used to
retrieve the required tags specified in a customer's effective tag policy.
* api-change:``storagegateway``: Adds support for European Sovereign Cloud ARNs in Storage Gateway
API parameters.
* api-change:``wafv2``: AssociateWebACL, UpdateWebACL and PutLoggingConfiguration will now throw
WAFFeatureNotIncludedInPricingPlanException when the request contains a feature that is not
included in the CloudFront pricing plan of the WebACL.
- from version 1.40.75
* api-change:``appstream``: Adding support for additional instances and extended storage
* api-change:``backup``: AWS Backup now supports specifying a logically air-gapped backup vault as
a primary backup target in backup plans and on-demand backup jobs.
* api-change:``bedrock``: Automated Reasoning checks in Amazon Bedrock Guardrails now automatically
generate Q&A tests for new Automated Reasoning policies. The
GetAutomatedReasoningPolicyBuildWorkflowResultAssets API adds GENERATED_TEST_CASES asset type,
allowing customers to retrieve tests generated by the build workflow.
* api-change:``devicefarm``: This release adds support for interacting with devices during a remote
access session using the remoteDriverEndpoint interface
* api-change:``dms``: This release introduces the SAP ASE(Sybase) Data Provider for AWS Data
Migration Service (DMS). In addition, DMS Schema Conversion now supports this provider, enabling
customers to migrate SAP ASE(Sybase) databases to Amazon RDS for PostgreSQL or Aurora PostgreSQL
seamlessly.
* api-change:``ec2``: This release introduces new APIs: DescribeInstanceSqlHaStates,
DescribeInstanceSqlHaHistoryStates, EnableInstanceSqlHaStandbyDetections and
DisableInstanceSqlHaStandbyDetections on Amazon EC2, allowing customers to enroll and monitor SQL
Server licensing fee savings for their SQL HA EC2 instances.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``glue``: Amazon Glue Releasing 2 the new API ListIntegrationResourceProperties and
DeleteIntegrationResourceProperty along with minor improvement on existing API(s).
* api-change:``guardduty``: Add S3 On-Demand Object Scanning
* api-change:``lexv2-models``: Adds support for LLM as Primary, allowing usage of LLMs as the
default NLU system.
* api-change:``medialive``: Adds configurations for spatial/temporal adaptive quantization in AV1
codec, and conversion to HLG output color space in H265 codec.
* api-change:``mediapackagev2``: Add support for SCTE messages in Segment file output
* api-change:``mwaa-serverless``: Amazon MWAA now offers serverless deployment, eliminating
operational overhead while optimizing costs. The service supports YAML and Python-based workflows,
with 80+ AWS Operators. It provides isolated execution, IAM permissions, and automatic scaling with
pay-per-use pricing.
* api-change:``opensearch``: This release adds index operation APIs to support Automatic Semantic
Enrichment feature
* api-change:``pcs``: Added support for the managed Slurm REST API endpoint
* api-change:``route53resolver``: Adding DICTIONARY_DGA to dns-threat-protection as a new enum
type. Customers can now set rules for dictionary dga protection
- from version 1.40.74
* api-change:``datazone``: Adds support for granting read and write access to Amazon S3 general
purpose buckets using CreateSubscriptionRequest and AcceptSubscriptionRequest APIs. Also adds
search filters for SSOUser and SSOGroup to ListSubscriptions APIs and deprecates "sortBy" parameter
for ListSubscriptions APIs.
* api-change:``ec2``: This release adds AvailabilityZoneId support for
CreateInstanceConnectEndpoint, DescribeInstanceConnectEndpoints, and DeleteInstanceConnectEndpoint
APIs.
* api-change:``imagebuilder``: EC2 Image Builder now supports invoking Lambda functions and
executing Step Functions state machine through image workflows.
* api-change:``medialive``: Removed all the value constraint (min/max) for the shape definitions
(e.g. integerMin0Max3600) on the C2j models to get rid of the need to request an exemption from the
SDK team whenever a shape definition (e.g. integerMin0Max3600) is changed.
* enhancement:AWSCRT: Update awscrt version to 0.28.4
- from version 1.40.73
* api-change:``cloudformation``: CloudFormation now supports GetHookResult API with annotations to
retrieve structured compliance check results and remediation guidance for each evaluated resource,
replacing the previous single-message limitation with detailed validation outcomes.
* api-change:``controlcatalog``: Added support for related control mappings with new
RELATED_CONTROL mapping type in ListControlMappings API.
* api-change:``ec2``: Added support for new accelerator types ("media") and accelerator names
("L4", "L40s", "GAUDI_HL_205", "INFERENTIA2", "TRAINIUM", "TRAINIUM2", "U30") in Attributes Based
Instance Type Selection for launched instance types.
* api-change:``ecr``: Add Amazon ECR FIPS PrivateLink endpoint support
* api-change:``elbv2``: QUIC and TCP_QUIC protocol support for Network Load Balancer (NLB). This
capability enables customers to forward QUIC traffic to their targets with ultra-low latency while
maintaining session stickiness using QUIC Connection IDs.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``iotwireless``: Integration of Device Location with Amazon Sidewalk network for
Amazon Sidewalk enabled devices
* api-change:``mediaconvert``: Lowers minimum duration for black video generator. Adds support for
embedding and signing C2PA content credentials in DASH and CMAF HLS outputs.
* api-change:``rds``: Updated endpoint and service metadata
* api-change:``sagemaker``: Added support for minor version upgrades and AWS Identity Center
integration for SageMaker Hadron Partner Apps, enabling automated version management and IdC
group-based access control.
* api-change:``workspaces-web``: Support for managing web content filtering for defining, tracking
and regulating type of content accessed with WorkSpaces Secure Browser as part of browser settings.
- from version 1.40.72
* api-change:``amp``: Add VPC source configuration support enabling Amazon Managed Service for
Prometheus Collector to collect metrics from MSK clusters.
* api-change:``connect``: Updated Authentication Profile APIs to add support for automatic logout
on user inactivity
* api-change:``dms``: Added support of SQL statements creation, metadata model discovery and
selection rules transformation.
* api-change:``ec2``: Adds complete AMI ancestry tracing from immediate parent through each
preceding generation back to the root AMI
* api-change:``elbv2``: This release expands ALB Authentication to support JWT verification and
adds support for a new JWT validation action in listener rule.
* api-change:``redshift``: Added GetIdentityCenterAuthToken API to retrieve encrypted
authentication tokens for Identity Center integrated applications. This API enables programmatic
access to secure Identity Center tokens with proper error handling and parameter validation across
supported SDK languages.
* api-change:``s3tables``: Adds support for request metrics metrics APIs for S3 Tables
* api-change:``sagemaker``: Add support for trn2.3xlarge instance type for SageMaker Hyperpod
- from version 1.40.71
* api-change:``batch``: Documentation-only update: update API and doc descriptions per EKS
ImageType default value switch from AL2 to AL2023.
* api-change:``bedrock-data-automation``: Added support for Language Expansion feature for BDA
Audio modality.
* api-change:``ec2``: AWS Site-to-Site VPN now supports VPN connections with up to 5 Gbps bandwidth
per tunnel, a 4x improvement from existing limit of 1.25 Gbps.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``medical-imaging``: Added new fields in existing APIs.
* api-change:``rtbfabric``: Added LogSettings and LinkAttribute fields to external links
* api-change:``security-ir``: Added support for configuring communication preferences as well as
clearly displaying case comment author identities.
- from version 1.40.70
* api-change:``acm-pca``: Private Certificate Authority service now supports ML-DSA key algorithms.
* api-change:``appstream``: AWS Appstream support for IPv6
* api-change:``backup``: AWS Backup supports backups of Amazon EKS clusters, including Kubernetes
cluster state and persistent storage attached to the EKS cluster via a persistent volume claim (EBS
volumes, EFS file systems, and S3 buckets).
* api-change:``braket``: Adds ExperimentalCapabilities field to CreateQuantumTask request and
GetQuantumTask response objects. Enables use of experimental software capabilities when creating
quantum tasks.
* api-change:``datazone``: Remove trackingServerName from DataZone Connection MLflowProperties
* api-change:``dsql``: Cluster endpoint added to CreateCluster and GetCluster API responses
* api-change:``ec2``: Amazon EC2 Fleet customers can now filter instance types based on
encryption-in-transit support using Attribute-Based Instance Type Selection (ABIS), eliminating the
manual effort of identifying and selecting compatible instance types for security-sensitive
workloads.
* api-change:``guardduty``: Include tags filed in CreatePublishingDestinationRequest and
DescribePublishingDestinationResponse.
* api-change:``iam``: Added CreateDelegationRequest API, which is not available for general use at
this time.
* api-change:``invoicing``: Added new invoicing get-invoice-pdf API Operation
* api-change:``kafka``: Amazon MSK now supports intelligent rebalancing for MSK Express brokers.
* api-change:``sts``: Added GetDelegatedAccessToken API, which is not available for general use at
this time.
* api-change:``verifiedpermissions``: Amazon Verified Permissions / Features : Adds support for
entity Cedar tags.
* api-change:``wafv2``: AWS WAF now supports CLOUDWATCH_TELEMETRY_RULE_MANAGED as a LogScope
option, enabling automated logging configuration through Amazon CloudWatch Logs for telemetry data
collection and analysis.
- from version 1.40.69
* api-change:``controltower``: Added Parent Identifier support to ListEnabledControls and
GetEnabledControl API. Implemented RemediationType support for Landing Zone operations:
CreateLandingZone, UpdateLandingZone and GetLandingZone APIs
* api-change:``ec2``: Adds PrivateDnsPreference and PrivateDnsSpecifiedDomains to control private
DNS resolution for resource and service network VPC endpoints and
IpamScopeExternalAuthorityConfiguration to integrate Amazon VPC IPAM with a third-party IPAM service
* api-change:``kms``: Added support for new ECC_NIST_EDWARDS25519 AWS KMS key spec
* api-change:``opensearch``: This release introduces the Default Application feature, allowing
users to set, change, or unset a preferred OpenSearch UI application on a per-region basis for a
streamlined and consistent user experience.
* api-change:``vpc-lattice``: Amazon VPC Lattice now supports custom domain name for resource
configurations
- from version 1.40.68
* api-change:``accessanalyzer``: New field totalActiveErrors added to getFindingsStatistics
response.
* api-change:``backup``: AWS Backup now supports customer-managed keys (CMK) for logically
air-gapped vaults, enabling customers to maintain full control over their encryption key lifecycle.
This feature helps organizations meet specific internal governance requirements or external
regulatory compliance standards.
* api-change:``connect``: Added support for Conditional Questions in Evaluation Forms. Introduced
Auto Evaluation capability for Evaluation Forms and Contact Evaluations. Added new API operations:
SearchEvaluationForms and SearchContactEvaluations.
* api-change:``ec2``: Add Amazon EC2 R8a instance types
* api-change:``gamelift``: Amazon GameLift Servers now supports game builds that use the Windows
2022 operating system.
* api-change:``identitystore``: IdentityStore API: added new KMSExceptionReason fields to the
Exception object; added multiple new fields to the User APIs - UserStatus, Birthdate, Website and
Photos; added multiple new metadata fields for User, Groups and Membership APIs - CreatedAt,
CreatedBy, UpdatedAt and UpdatedBy.
* api-change:``quicksight``: Support for New Data Prep Experience
* api-change:``s3tables``: Adds support for tagging APIs for S3 Tables
* api-change:``s3vectors``: Amazon S3 Vectors provides cost-effective, elastic, and durable vector
storage for queries based on semantic meaning and similarity.
* api-change:``sagemaker``: Added NodeProvisioningMode parameter to UpdateCluster API to determine
how instance provisioning is handled during cluster operations; in Continuous mode. Added VpcId
field in UpdateDomain request for SageMaker Unified Studio domains with no VPC to add a customer
VPC.
* api-change:``ssm``: Provides NoLongerSupportedException error message
- from version 1.40.67
* api-change:``cloudfront``: This release adds new and updated API operations. You can now use the
IpAddressType field to specify either ipv4 or dualstack for your Anycast static IP list. You can
also enable cross-account resource sharing to share your VPC origins with other AWS accounts
* api-change:``datazone``: Added support for Project Resource Tags
* api-change:``ec2``: This release adds AvailabilityZoneId support for
DescribeFastSnapshotRestores, DisableFastSnapshotRestores, and EnableFastSnapshotRestores APIs.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``fsx``: Amazon FSx now enables secure management of Active Directory credentials
through AWS Secrets Manager integration. Customers can use Secret ARNs instead of direct
credentials when joining resources to Active Directory domains.
* api-change:``groundstation``: Introduce CreateDataflowEndpointGroupV2 action
* api-change:``s3``: Launch IPv6 dual-stack support for S3 Express
* api-change:``sagemaker``: Add new fields in SageMaker Hyperpod DescribeCluster API response:
TargetStateCount, SoftwareUpdateStatus and ActiveSoftwareDeploymentConfig to provide AMI update
progress visibility .
- from version 1.40.66
* api-change:``pinpoint-sms-voice-v2``: This release adds support for the CarrierLookup API, which
returns information about a destination phone number including if the number is valid, the carrier,
and more.
- from version 1.40.65
* api-change:``bedrock-agentcore-control``: Adds support for direct code deploy with
CreateAgentRuntime and UpdateAgentRuntime
* api-change:``budgets``: Fix the AWS Budgets endpoint for the aws-eusc partition.
* api-change:``ec2``: Add Amazon EC2 trn2.3xlarge instance type.
* api-change:``ecs``: Documentation-only update for LINEAR and CANARY deployment strategies.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``kinesis``: Adds support for MinimumThroughputBillingCommitment with new
UpdateAccountSettings API. Adds support to configure warm throughput for on-demand streams in new
UpdateStreamWarmThroughput API and existing CreateStream API and UpdateStreamMode API.
- from version 1.40.64
* api-change:``connectcases``: Added two new case rule types: Parent Child Field Options (restricts
child field options based on parent field value) and Hidden (controls child field visibility based
on parent field value). Both enable dynamic field behavior within templates.
* api-change:``ec2``: Amazon VPC IP Address Manager (IPAM) now supports automated prefix list
management, allowing you to create rules that automatically populate customer-managed prefix lists
with CIDRs from your IPAM pools or AWS resources based on tags, Regions, or other criteria.
* api-change:``emr``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``fms``: Update endpoint ruleset parameters casing
* api-change:``fsx``: Update endpoint ruleset parameters casing
* api-change:``health``: Update endpoint ruleset parameters casing
* api-change:``kinesis``: Update endpoint ruleset parameters casing
* api-change:``lambda``: Add Python3.14 (python3.14) and Java 25 (java25) support to AWS Lambda
* api-change:``logs``: Update endpoint ruleset parameters casing
* api-change:``marketplace-catalog``: Update endpoint ruleset parameters casing
* api-change:``mediaconvert``: Adds SlowPalPitchCorrection to audio pitch correction settings.
Enables opacity for VideoOverlays. Adds REMUX_ALL option to enable multi-rendition passthrough to
VideoSelector for allow listed accounts.
* api-change:``omics``: Added WDL_LENIENT engine type that enables implicit typecasting of variable
values to its compatible declared types
* api-change:``payment-cryptography``: Allow additional characters in the CertificateSubject for
GetCertificateSigningRequest API.
* api-change:``redshift``: Update endpoint ruleset parameters casing
* api-change:``resourcegroupstaggingapi``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Allow update of platform identifier via UpdateNotebookInstance
operation.
* api-change:``savingsplans``: Add dual-stack endpoint support for Savings Plans
* api-change:``snowball``: Update endpoint ruleset parameters casing
* api-change:``ssm-quicksetup``: Update endpoint ruleset parameters casing
* api-change:``textract``: Update endpoint ruleset parameters casing
* api-change:``waf``: Update endpoint ruleset parameters casing
- from version 1.40.63
* api-change:``amp``: Add Anomaly Detection APIs for Amazon Managed Prometheus
* api-change:``apigateway``: Update endpoint ruleset parameters casing
* api-change:``appconfig``: Update endpoint ruleset parameters casing
* api-change:``appflow``: Update endpoint ruleset parameters casing
* api-change:``applicationcostprofiler``: Update endpoint ruleset parameters casing
* api-change:``appmesh``: Update endpoint ruleset parameters casing
* api-change:``appsync``: Update endpoint ruleset parameters casing
* api-change:``artifact``: Update endpoint ruleset parameters casing
* api-change:``auditmanager``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agent``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agentcore-control``: Web-Bot-Auth support for AgentCore Browser tool to help
reduce captcha challenges.
* api-change:``chime``: Update endpoint ruleset parameters casing
* api-change:``cleanrooms``: Added support for advanced Spark configurations to optimize SQL
performance
* api-change:``cloudcontrol``: Update endpoint ruleset parameters casing
* api-change:``clouddirectory``: Update endpoint ruleset parameters casing
* api-change:``cloudsearch``: Update endpoint ruleset parameters casing
* api-change:``cloudwatch``: Update endpoint ruleset parameters casing
* api-change:``codecatalyst``: Update endpoint ruleset parameters casing
* api-change:``codecommit``: Update endpoint ruleset parameters casing
* api-change:``codedeploy``: Update endpoint ruleset parameters casing
* api-change:``cognito-sync``: Update endpoint ruleset parameters casing
* api-change:``compute-optimizer``: Update endpoint ruleset parameters casing
* api-change:``connectcases``: Update endpoint ruleset parameters casing
* api-change:``deadline``: Update endpoint ruleset parameters casing
* api-change:``devops-guru``: Update endpoint ruleset parameters casing
* api-change:``docdb``: Adding FailoverState and TagList to GlobalCluster and SynchronizationStatus
to GlobalClusterMember.
* api-change:``ecs``: Amazon ECS Service Connect now supports Envoy access logs, providing deeper
observability into request-level traffic patterns and service interactions.
* api-change:``eks-auth``: Update endpoint ruleset parameters casing
* api-change:``elasticache``: Update endpoint ruleset parameters casing
* api-change:``emr-serverless``: This release adds the capability to enable User Background
Sessions for customers running Trusted Identity Propagation enabled Interactive Sessions on EMR
Serverless Applications.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``firehose``: Update endpoint ruleset parameters casing
* api-change:``frauddetector``: Update endpoint ruleset parameters casing
* api-change:``geo-places``: Update endpoint ruleset parameters casing
* api-change:``glue``: This release adds the capability to enable User Background Sessions for
customers running Trusted Identity Propagation enabled Interactive Sessions on AWS Glue.
* api-change:``greengrassv2``: Update endpoint ruleset parameters casing
* api-change:``iotevents-data``: Update endpoint ruleset parameters casing
* api-change:``iot-managed-integrations``: Add a new GetManagedThingCertificate API to expose Iot
ManagedIntegrations (MI) device certificate, and add "-" support for name, properties, actions
and events in the CapabilityReportCapability object.
* api-change:``keyspacesstreams``: Update endpoint ruleset parameters casing
* api-change:``kms``: Add cross account VPC endpoint service connectivity support to CustomKeyStore.
* api-change:``license-manager-linux-subscriptions``: Update endpoint ruleset parameters casing
* api-change:``marketplace-reporting``: Update endpoint ruleset parameters casing
* api-change:``neptune``: Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: RTB Fabric documentation update.
* api-change:``s3outposts``: Update endpoint ruleset parameters casing
* api-change:``sagemaker-runtime``: Update endpoint ruleset parameters casing
* api-change:``schemas``: Update endpoint ruleset parameters casing
* api-change:``serverlessrepo``: Update endpoint ruleset parameters casing
* api-change:``servicecatalog``: Update endpoint ruleset parameters casing
* api-change:``sso``: Update endpoint ruleset parameters casing
* api-change:``sts``: Update endpoint ruleset parameters casing
- from version 1.40.62
* api-change:``bedrock-runtime``: Add support for system tool and web citation response.
- from version 1.40.61
* api-change:``apigatewayv2``: Update endpoint ruleset parameters casing
* api-change:``application-signals``: Added support for CloudWatch Synthetics Canary resources in
ListAuditFindings API. This enhancement allows customers to retrieve audit findings specifically
for CloudWatch Synthetics canaries and enables service-canary correlation analysis.
* api-change:``backupsearch``: Update endpoint ruleset parameters casing
* api-change:``bcm-pricing-calculator``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agent-runtime``: Update endpoint ruleset parameters casing
* api-change:``bedrock-runtime``: Update endpoint ruleset parameters casing
* api-change:``cleanroomsml``: Update endpoint ruleset parameters casing
* api-change:clients: The following clients have been removed per deprecation of the services -
qldb, qldb-session, robomaker, lookoutmetrics, lookoutvision, iotfleethub, apptest
* api-change:``cloud9``: Update endpoint ruleset parameters casing
* api-change:``cloudsearchdomain``: Update endpoint ruleset parameters casing
* api-change:``codeconnections``: Update endpoint ruleset parameters casing
* api-change:``codeguru-security``: Update endpoint ruleset parameters casing
* api-change:``detective``: Update endpoint ruleset parameters casing
* api-change:``ec2``: This released the DescribeCapacityReservationTopology API.
* api-change:``ecs``: Amazon ECS supports native linear and canary service deployments, allowing
you to shift traffic in increments for more control.
* api-change:``efs``: Update endpoint ruleset parameters casing
* api-change:``elastictranscoder``: Update endpoint ruleset parameters casing
* api-change:``emr-containers``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``gameliftstreams``: Add stream group expiration date and expired status
* api-change:``glacier``: Update endpoint ruleset parameters casing
* api-change:``groundstation``: Enable use of AzEl ephemerides
* api-change:``inspector-scan``: Update endpoint ruleset parameters casing
* api-change:``kafkaconnect``: Update endpoint ruleset parameters casing
* api-change:``kendra``: Update endpoint ruleset parameters casing
* api-change:``kinesisvideo``: Update endpoint ruleset parameters casing
* api-change:``lambda``: Added SerializedRequestEntityTooLargeException to Lambda Invoke API
* api-change:``marketplace-deployment``: Update endpoint ruleset parameters casing
* api-change:``mediapackage-vod``: Update endpoint ruleset parameters casing
* api-change:``migrationhuborchestrator``: Update endpoint ruleset parameters casing
* api-change:``notifications``: Update endpoint ruleset parameters casing
* api-change:``opensearch``: Update endpoint ruleset parameters casing
* api-change:``organizations``: Added Account State field to the ListDelegatedAdministrators API
response.
* api-change:``partnercentral-selling``: Update endpoint ruleset parameters casing
* api-change:``pipes``: Update endpoint ruleset parameters casing
* api-change:``ram``: Update endpoint ruleset parameters casing
* api-change:``resource-groups``: Update endpoint ruleset parameters casing
* api-change:``s3``: Amazon Simple Storage Service / Features: Add conditional writes in CopyObject
on destination key to prevent unintended object modifications.
* api-change:``s3control``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Amazon SageMaker now supports deleting training and processing jobs in
a terminal status.
* api-change:``sagemaker-featurestore-runtime``: Update endpoint ruleset parameters casing
* api-change:``security-ir``: Update endpoint ruleset parameters casing
* api-change:``servicecatalog-appregistry``: Update endpoint ruleset parameters casing
* api-change:``sqs``: Update endpoint ruleset parameters casing
* api-change:``support-app``: Update endpoint ruleset parameters casing
* api-change:``taxsettings``: Update endpoint ruleset parameters casing
* api-change:``trustedadvisor``: Update endpoint ruleset parameters casing
* api-change:``workspaces``: Added IPv6 address support for WorkSpaces using Dual-Stack subnets
* api-change:``workspaces-instances``: Update endpoint ruleset parameters casing
* api-change:``xray``: Update endpoint ruleset parameters casing
- from version 1.40.60
* api-change:``accessanalyzer``: Update endpoint ruleset parameters casing
* api-change:``aiops``: Update endpoint ruleset parameters casing
* api-change:``athena``: Update endpoint ruleset parameters casing
* api-change:``backup-gateway``: Update endpoint ruleset parameters casing
* api-change:``bedrock-data-automation``: Update endpoint ruleset parameters casing
* api-change:``braket``: Update endpoint ruleset parameters casing
* api-change:``ce``: Updated endpoint for eusc-de-east-1 region.
* api-change:``chime-sdk-identity``: Update endpoint ruleset parameters casing
* api-change:``chime-sdk-media-pipelines``: Update endpoint ruleset parameters casing
* api-change:``codeartifact``: Update endpoint ruleset parameters casing
* api-change:``codeguruprofiler``: Update endpoint ruleset parameters casing
* api-change:``cognito-idp``: Update endpoint ruleset parameters casing
* api-change:``comprehend``: Update endpoint ruleset parameters casing
* api-change:``connectcampaigns``: Update endpoint ruleset parameters casing
* api-change:``controltower``: Update endpoint ruleset parameters casing
* api-change:``cost-optimization-hub``: Update endpoint ruleset parameters casing
* api-change:``dax``: Update endpoint ruleset parameters casing
* api-change:``elasticbeanstalk``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``entityresolution``: Update endpoint ruleset parameters casing
* api-change:``forecast``: Update endpoint ruleset parameters casing
* api-change:``greengrass``: Update endpoint ruleset parameters casing
* api-change:``iam``: Fixed missing SummaryMap keys in GetAccountSummary response that were being
filtered out during deserialization in AWS Java SDK v2
* api-change:``invoicing``: Update endpoint ruleset parameters casing
* api-change:``kinesis``: Adds support for record sizes up to 10MiB and introduces new
UpdateMaxRecordSize API to modify stream record size limits. Adds record size parameters to
existing CreateStream and DescribeStreamSummary APIs for request and response payloads respectively.
* api-change:``launch-wizard``: Update endpoint ruleset parameters casing
* api-change:``lex-runtime``: Update endpoint ruleset parameters casing
* api-change:``managedblockchain``: Update endpoint ruleset parameters casing
* api-change:``mturk``: Update endpoint ruleset parameters casing
* api-change:``neptune-graph``: Update endpoint ruleset parameters casing
* api-change:``outposts``: Update endpoint ruleset parameters casing
* api-change:``pinpoint``: Update endpoint ruleset parameters casing
* api-change:``rbin``: Update endpoint ruleset parameters casing
* api-change:``rds-data``: Update endpoint ruleset parameters casing
* api-change:``redshift-serverless``: Update endpoint ruleset parameters casing
* api-change:``rekognition``: Update endpoint ruleset parameters casing
* api-change:``repostspace``: Update endpoint ruleset parameters casing
* api-change:``route53profiles``: Update endpoint ruleset parameters casing
* api-change:``route53resolver``: Update endpoint ruleset parameters casing
* api-change:``s3vectors``: Update endpoint ruleset parameters casing
* api-change:``scheduler``: Update endpoint ruleset parameters casing
* api-change:``secretsmanager``: Update endpoint ruleset parameters casing
* api-change:``ses``: Update endpoint ruleset parameters casing
* api-change:``shield``: Update endpoint ruleset parameters casing
* api-change:``simspaceweaver``: Update endpoint ruleset parameters casing
* api-change:``socialmessaging``: Update endpoint ruleset parameters casing
* api-change:``ssm-sap``: Update endpoint ruleset parameters casing
* api-change:``sso-admin``: Update endpoint ruleset parameters casing
* api-change:``stepfunctions``: Update endpoint ruleset parameters casing
* api-change:``waf-regional``: Update endpoint ruleset parameters casing
* api-change:``workmailmessageflow``: Update endpoint ruleset parameters casing
- from version 1.40.59
* api-change:``acm``: Update endpoint ruleset parameters casing
* api-change:``amplifyuibuilder``: Update endpoint ruleset parameters casing
* api-change:``application-signals``: Update endpoint ruleset parameters casing
* api-change:``billing``: Update endpoint ruleset parameters casing
* api-change:``budgets``: Update endpoint ruleset parameters casing
* api-change:``chime-sdk-messaging``: Update endpoint ruleset parameters casing
* api-change:``cloudtrail``: Update endpoint ruleset parameters casing
* api-change:``codepipeline``: Update endpoint ruleset parameters casing
* api-change:``datapipeline``: Update endpoint ruleset parameters casing
* api-change:``datazone``: This release adds support for MLflow connections Creation in DataZone
* api-change:``docdb``: Update endpoint ruleset parameters casing
* api-change:``dynamodbstreams``: Update endpoint ruleset parameters casing
* api-change:``eks``: Update endpoint ruleset parameters casing
* api-change:``elb``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``evs``: Update endpoint ruleset parameters casing
* api-change:``fis``: Update endpoint ruleset parameters casing
* api-change:``gameliftstreams``: Add status reasons for TERMINATED stream sessions
* api-change:``geo-maps``: Added support for optional AdditionalFeatures parameter in the V2
GetTile API.
* api-change:``inspector``: Update endpoint ruleset parameters casing
* api-change:``iot-managed-integrations``: Update endpoint ruleset parameters casing
* api-change:``iotwireless``: Update endpoint ruleset parameters casing
* api-change:``kinesisanalytics``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-signaling``: Update endpoint ruleset parameters casing
* api-change:``location``: Added support for mobile app restrictions in Amazon Location API keys.
* api-change:``lookoutvision``: Update endpoint ruleset parameters casing
* api-change:``mediapackage``: Update endpoint ruleset parameters casing
* api-change:``mediastore``: Update endpoint ruleset parameters casing
* api-change:``mediastore-data``: Update endpoint ruleset parameters casing
* api-change:``migrationhubstrategy``: Update endpoint ruleset parameters casing
* api-change:``mq``: Update endpoint ruleset parameters casing
* api-change:``panorama``: Update endpoint ruleset parameters casing
* api-change:``payment-cryptography``: Update endpoint ruleset parameters casing
* api-change:``payment-cryptography-data``: Update endpoint ruleset parameters casing
* api-change:``pca-connector-ad``: Update endpoint ruleset parameters casing
* api-change:``qbusiness``: Update endpoint ruleset parameters casing
* api-change:``robomaker``: Update endpoint ruleset parameters casing
* api-change:``route53domains``: Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: Add support for custom rate limits.
* api-change:``s3tables``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Added inference components model data caching feature
* api-change:``sagemaker-metrics``: Update endpoint ruleset parameters casing
* api-change:``securityhub``: Release 3 layer filter support in GetFindingsV2,
GetFindingStatisticsV2, GetResourcesV2,GetResourcesStatisticsV2, AutomationRule V2 APIs. Update
filter casing in GetResourcesV2, GetResourcesStatisticsV2 APIs. Add new filters in GetFindingsV2,
GetFindingStatisticsV2, AutomationRule V2 APIs.
* api-change:``servicediscovery``: Update endpoint ruleset parameters casing
* api-change:``snow-device-management``: Update endpoint ruleset parameters casing
* api-change:``sso-oidc``: Update endpoint ruleset parameters casing
* api-change:``supplychain``: Update endpoint ruleset parameters casing
* api-change:``translate``: Update endpoint ruleset parameters casing
* api-change:``verifiedpermissions``: Update endpoint ruleset parameters casing
* api-change:``vpc-lattice``: Update endpoint ruleset parameters casing
* api-change:``wisdom``: Update endpoint ruleset parameters casing
* api-change:``workspaces-thin-client``: Update endpoint ruleset parameters casing
- from version 1.40.58
* api-change:``account``: Update endpoint ruleset parameters casing
* api-change:``application-autoscaling``: Update endpoint ruleset parameters casing
* api-change:``bedrock-agentcore``: Fixing the service documentation name
* api-change:``bedrock-agentcore-control``: Fixing the service documentation name
* api-change:``chime-sdk-voice``: Update endpoint ruleset parameters casing
* api-change:``cloudtrail-data``: Update endpoint ruleset parameters casing
* api-change:``codebuild``: Update endpoint ruleset parameters casing
* api-change:``codestar-connections``: Update endpoint ruleset parameters casing
* api-change:``config``: Update endpoint ruleset parameters casing
* api-change:``connect-contact-lens``: Update endpoint ruleset parameters casing
* api-change:``cur``: Update endpoint ruleset parameters casing
* api-change:``discovery``: Update endpoint ruleset parameters casing
* api-change:``dms``: Update endpoint ruleset parameters casing
* api-change:``docdb-elastic``: Update endpoint ruleset parameters casing
* api-change:``drs``: Update endpoint ruleset parameters casing
* api-change:``dsql``: Add support for resource-based policies for Aurora DSQL clusters. This will
enable you to implement Block Public Access (BPA) which will help restrict access to your Aurora
DSQL public or VPC endpoints.
* api-change:``ebs``: Update endpoint ruleset parameters casing
* api-change:``ecr``: Update endpoint ruleset parameters casing
* api-change:``ecr-public``: Update endpoint ruleset parameters casing
* api-change:``healthlake``: Update endpoint ruleset parameters casing
* api-change:``internetmonitor``: Update endpoint ruleset parameters casing
* api-change:``iotevents``: Update endpoint ruleset parameters casing
* api-change:``iot-jobs-data``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-archived-media``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-webrtc-storage``: Update endpoint ruleset parameters casing
* api-change:``lambda``: Add NodeJs 24 (nodejs24.x) support to AWS Lambda.
* api-change:``macie2``: Update endpoint ruleset parameters casing
* api-change:``managedblockchain-query``: Update endpoint ruleset parameters casing
* api-change:``marketplacecommerceanalytics``: Update endpoint ruleset parameters casing
* api-change:``mediatailor``: Update endpoint ruleset parameters casing
* api-change:``mgh``: Update endpoint ruleset parameters casing
* api-change:``mgn``: Update endpoint ruleset parameters casing
* api-change:``mpa``: Update endpoint ruleset parameters casing
* api-change:``neptunedata``: Update endpoint ruleset parameters casing
* api-change:``networkmonitor``: Update endpoint ruleset parameters casing
* api-change:``odb``: Doc-only update that removes duplicate values from descriptions of ODB
peering APIs.
* api-change:``omics``: Update endpoint ruleset parameters casing
* api-change:``opensearchserverless``: Update endpoint ruleset parameters casing
* api-change:``pca-connector-scep``: Update endpoint ruleset parameters casing
* api-change:``personalize-events``: Update endpoint ruleset parameters casing
* api-change:``pinpoint-email``: Update endpoint ruleset parameters casing
* api-change:``resiliencehub``: Update endpoint ruleset parameters casing
* api-change:``rum``: Update endpoint ruleset parameters casing
* api-change:``sagemaker``: Update endpoint ruleset parameters casing
* api-change:``sagemaker-edge``: Update endpoint ruleset parameters casing
* api-change:``savingsplans``: Update endpoint ruleset parameters casing
* api-change:``securitylake``: Update endpoint ruleset parameters casing
* api-change:``sesv2``: Update endpoint ruleset parameters casing
* api-change:``storagegateway``: Update endpoint ruleset parameters casing
* api-change:``synthetics``: Update endpoint ruleset parameters casing
- from version 1.40.57
* api-change:``appfabric``: Update endpoint ruleset parameters casing
* api-change:``autoscaling``: Update endpoint ruleset parameters casing
* api-change:``b2bi``: Update endpoint ruleset parameters casing
* api-change:``bcm-dashboards``: Update endpoint ruleset parameters casing
* api-change:``ce``: Update endpoint ruleset parameters casing
* api-change:``chatbot``: Update endpoint ruleset parameters casing
* api-change:``cloudformation``: Update endpoint ruleset parameters casing
* api-change:``cloudhsm``: Update endpoint ruleset parameters casing
* api-change:``cloudhsmv2``: Update endpoint ruleset parameters casing
* api-change:``codeguru-reviewer``: Update endpoint ruleset parameters casing
* api-change:``cognito-identity``: Update endpoint ruleset parameters casing
* api-change:``comprehendmedical``: Update endpoint ruleset parameters casing
* api-change:``connect``: This release added support for email address alias configuration and
outbound campaign preview mode.
* api-change:``connectcampaignsv2``: Updated Amazon Connect Outbound Campaigns V2 SDK to support
Preview Outbound Mode
* api-change:``connectparticipant``: Update endpoint ruleset parameters casing
* api-change:``devicefarm``: This release adds support for optionally including an app as part of a
CreateRemoteAccessSession request
* api-change:``directconnect``: Update endpoint ruleset parameters casing
* api-change:``ds-data``: Update endpoint ruleset parameters casing
* api-change:``ec2``: This release adds AvailabilityZoneId support for CreateNetworkInterface and
DescribeNetworkInterfaces APIs.
* api-change:``ec2-instance-connect``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``forecastquery``: Update endpoint ruleset parameters casing
* api-change:``iam``: Updated OIDC and SAML apis to reject multiple simultaneous requests to change
a unique object.
* api-change:``inspector2``: Update endpoint ruleset parameters casing
* api-change:``iot``: Update endpoint ruleset parameters casing
* api-change:``iotanalytics``: Update endpoint ruleset parameters casing
* api-change:``iotfleetwise``: Update endpoint ruleset parameters casing
* api-change:``iotsecuretunneling``: Update endpoint ruleset parameters casing
* api-change:``iotsitewise``: Update endpoint ruleset parameters casing
* api-change:``ivschat``: Update endpoint ruleset parameters casing
* api-change:``kinesisanalyticsv2``: Update endpoint ruleset parameters casing
* api-change:``lexv2-models``: Update endpoint ruleset parameters casing
* api-change:``mailmanager``: Update endpoint ruleset parameters casing
* api-change:``marketplace-agreement``: Update endpoint ruleset parameters casing
* api-change:``medialive``: Add 3 API operations for fetching alerts: ListAlerts (Channels),
ListClusterAlerts (MediaLive Anywhere), and ListMultiplexAlerts
* api-change:``mwaa``: Update endpoint ruleset parameters casing
* api-change:``notificationscontacts``: Update endpoint ruleset parameters casing
* api-change:``oam``: Update endpoint ruleset parameters casing
* api-change:``pcs``: Update endpoint ruleset parameters casing
* api-change:``pinpoint-sms-voice-v2``: Update endpoint ruleset parameters casing
* api-change:``redshift-data``: Update endpoint ruleset parameters casing
* api-change:``route53``: Amazon Route 53 now supports the ISOB West Region for private DNS for
Amazon VPCs and cloudwatch healthchecks.
* api-change:``route53-recovery-cluster``: Update endpoint ruleset parameters casing
* api-change:``rtbfabric``: Update for general availability of AWS RTB Fabric service.
* api-change:``sagemaker-a2i-runtime``: Update endpoint ruleset parameters casing
* api-change:``sns``: Update endpoint ruleset parameters casing
* api-change:``ssm-incidents``: Update endpoint ruleset parameters casing
* api-change:``workdocs``: Update endpoint ruleset parameters casing
* api-change:``workmail``: Update endpoint ruleset parameters casing
* api-change:``workspaces``: Update endpoint ruleset parameters casing
- from version 1.40.56
* api-change:``dynamodb``: Add AccountID based endpoint metric to endpoint rules.
* api-change:``emr``: Added RECONFIGURING to the InstanceFleetState convenience enum.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``mediaconvert``: This release adds the ability to set resolution for the black video
generator and also adds the StartJobsQuery and GetJobsQueryResults APIs which allow asynchronous
search of job history using new filters.
* api-change:``meteringmarketplace``: Added ClientToken parameter to MeterUsage API for specifying
idempotent requests.
- from version 1.40.55
* api-change:``amp``: Update endpoint ruleset parameters casing
* api-change:``amplifybackend``: Update endpoint ruleset parameters casing
* api-change:``appconfigdata``: Update endpoint ruleset parameters casing
* api-change:``appintegrations``: Update endpoint ruleset parameters casing
* api-change:``application-insights``: Update endpoint ruleset parameters casing
* api-change:``arc-zonal-shift``: Update endpoint ruleset parameters casing
* api-change:``bcm-recommended-actions``: Update endpoint ruleset parameters casing
* api-change:``bedrock-data-automation-runtime``: Update endpoint ruleset parameters casing
* api-change:``chime-sdk-meetings``: Update endpoint ruleset parameters casing
* api-change:``cloudfront``: Update endpoint ruleset parameters casing
* api-change:``cloudfront-keyvaluestore``: Update endpoint ruleset parameters casing
* api-change:``codestar-notifications``: Update endpoint ruleset parameters casing
* api-change:``controlcatalog``: Update endpoint ruleset parameters casing
* api-change:``datasync``: Update endpoint ruleset parameters casing
* api-change:``ds``: Update endpoint ruleset parameters casing
* api-change:``dsql``: Update endpoint ruleset parameters casing
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``es``: Update endpoint ruleset parameters casing
* api-change:``events``: Update endpoint ruleset parameters casing
* api-change:``evidently``: Update endpoint ruleset parameters casing
* api-change:``finspace``: Update endpoint ruleset parameters casing
* api-change:``finspace-data``: Update endpoint ruleset parameters casing
* api-change:``gameliftstreams``: Updates documentation to clarify valid application binaries for
an Amazon GameLift Streams application and provide descriptions of stream session error status
reasons
* api-change:``geo-maps``: Added support for optional style parameters in maps, including Terrain,
ContourDensity, Traffic, and TravelModes.
* api-change:``imagebuilder``: Update endpoint ruleset parameters casing
* api-change:``iot-data``: Update endpoint ruleset parameters casing
* api-change:``iotdeviceadvisor``: Update endpoint ruleset parameters casing
* api-change:``iotthingsgraph``: Update endpoint ruleset parameters casing
* api-change:``iottwinmaker``: Update endpoint ruleset parameters casing
* api-change:``kendra-ranking``: Update endpoint ruleset parameters casing
* api-change:``kinesis-video-media``: Update endpoint ruleset parameters casing
* api-change:``lakeformation``: Update endpoint ruleset parameters casing
* api-change:``license-manager``: Update endpoint ruleset parameters casing
* api-change:``license-manager-user-subscriptions``: Update endpoint ruleset parameters casing
* api-change:``marketplace-catalog``: The ListEntities API now supports two new CAPI filters:
DeliveryOptionTypes for SaaS products and CompatibleAWSServices for Container products.
* api-change:``mediaconnect``: Update endpoint ruleset parameters casing
* api-change:``migration-hub-refactor-spaces``: Update endpoint ruleset parameters casing
* api-change:``network-firewall``: Update endpoint ruleset parameters casing
* api-change:``networkmanager``: Update endpoint ruleset parameters casing
* api-change:``organizations``: Update endpoint ruleset parameters casing
* api-change:``pi``: Update endpoint ruleset parameters casing
* api-change:``qapps``: Update endpoint ruleset parameters casing
* api-change:``rolesanywhere``: Update endpoint ruleset parameters casing
* api-change:``route53-recovery-readiness``: Update endpoint ruleset parameters casing
* api-change:``sagemaker-geospatial``: Update endpoint ruleset parameters casing
* api-change:``signer``: Update endpoint ruleset parameters casing
* api-change:``swf``: Releasing minor endpoint updates.
* api-change:``timestream-write``: Update endpoint ruleset parameters casing
* api-change:``tnb``: Update endpoint ruleset parameters casing
* api-change:``wellarchitected``: Update endpoint ruleset parameters casing
- from version 1.40.54
* api-change:``acm-pca``: Update endpoint ruleset parameters casing
* api-change:``amplify``: Update endpoint ruleset parameters casing
* api-change:``apigatewaymanagementapi``: Update endpoint ruleset parameters casing
* api-change:``apprunner``: Update endpoint ruleset parameters casing
* api-change:``apptest``: Update endpoint ruleset parameters casing
* api-change:``autoscaling-plans``: Updated FIPS endpoints for US GovCloud regions
* api-change:``batch``: Update endpoint ruleset parameters casing
* api-change:``bcm-data-exports``: Update endpoint ruleset parameters casing
* api-change:``billingconductor``: New feature: service flat CLI and first AWS managed pricing plan
(BasicPricingPlan)
* api-change:``customer-profiles``: Update endpoint ruleset parameters casing
* api-change:``databrew``: Update endpoint ruleset parameters casing
* api-change:``dataexchange``: Update endpoint ruleset parameters casing
* api-change:``dlm``: Update endpoint ruleset parameters casing
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``freetier``: Update endpoint ruleset parameters casing
* api-change:``gamelift``: Update endpoint ruleset parameters casing
* api-change:``geo-routes``: Update endpoint ruleset parameters casing
* api-change:``globalaccelerator``: Update endpoint ruleset parameters casing
* api-change:``grafana``: Update endpoint ruleset parameters casing
* api-change:``identitystore``: Update endpoint ruleset parameters casing
* api-change:``ivs``: Update endpoint ruleset parameters casing
* api-change:``ivs-realtime``: Update endpoint ruleset parameters casing
* api-change:``kafka``: Update endpoint ruleset parameters casing
* api-change:``keyspaces``: Update endpoint ruleset parameters casing
* api-change:``kms``: Update endpoint ruleset parameters casing
* api-change:``lex-models``: Update endpoint ruleset parameters casing
* api-change:``lexv2-runtime``: Update endpoint ruleset parameters casing
* api-change:``lookoutequipment``: Update endpoint ruleset parameters casing
* api-change:``m2``: Update endpoint ruleset parameters casing
* api-change:``machinelearning``: Update endpoint ruleset parameters casing
* api-change:``marketplace-entitlement``: Update endpoint ruleset parameters casing
* api-change:``mediapackagev2``: Update endpoint ruleset parameters casing
* api-change:``medical-imaging``: Update endpoint ruleset parameters casing
* api-change:``memorydb``: Update endpoint ruleset parameters casing
* api-change:``migrationhub-config``: Update endpoint ruleset parameters casing
* api-change:``networkflowmonitor``: Update endpoint ruleset parameters casing
* api-change:``osis``: Update endpoint ruleset parameters casing
* api-change:``personalize``: Update endpoint ruleset parameters casing
* api-change:``personalize-runtime``: Update endpoint ruleset parameters casing
* api-change:``pinpoint-sms-voice``: Update endpoint ruleset parameters casing
* api-change:``polly``: Update endpoint ruleset parameters casing
* api-change:``pricing``: Update endpoint ruleset parameters casing
* api-change:``qldb``: Update endpoint ruleset parameters casing
* api-change:``qldb-session``: Update endpoint ruleset parameters casing
* api-change:``route53-recovery-control-config``: Update endpoint ruleset parameters casing
* api-change:``ssm``: Update endpoint ruleset parameters casing
* api-change:``ssm-contacts``: Update endpoint ruleset parameters casing
* api-change:``ssm-guiconnect``: Update endpoint ruleset parameters casing
* api-change:``timestream-query``: Update endpoint ruleset parameters casing
* api-change:``voice-id``: Update endpoint ruleset parameters casing
* api-change:``workspaces-web``: Update endpoint ruleset parameters casing
- from version 1.40.53
* api-change:``bedrock``: Amazon Bedrock Automated Reasoning Policy now offers enhanced AWS KMS
integration. The CreateAutomatedReasoningPolicy API includes a new kmsKeyId field, allowing
customers to specify their preferred KMS key for encryption, improving control and compliance with
AWS encryption mandates.
* api-change:``docdb``: Add support for NetworkType field in CreateDbCluster, ModifyDbCluster,
RestoreDbClusterFromSnapshot and RestoreDbClusterToPointInTime for DocumentDB.
* api-change:``ec2``: Introducing EC2 Capacity Manager for monitoring and analyzing capacity usage
across On-Demand Instances, Spot Instances, and Capacity Reservations.
* api-change:``elbv2``: This release expands Listener Rule Conditions to support RegexValues and
adds support for a new Transforms field in Listener Rules.
* api-change:``guardduty``: Added default pagination value for ListMalwareProtectionPlans API and
updated UpdateFindingsFeedback API
* api-change:``lightsail``: Add support for manage Lightsail Bucket CORS configuration
* api-change:``timestream-influxdb``: This release adds support for creating and managing InfluxDB
3 Core and Enterprise DbClusters.
- from version 1.40.52
* api-change:``appstream``: This release introduces support for Microsoft license included
applications streaming.
* api-change:``backup``: The AWS Backup job attribute extension enhancement helps customers better
understand the plan that initiated each job, and the properties of the resource each job creates.
* api-change:``connect``: SDK release for TaskTemplateInfo in Contact for DescribeContact response.
* api-change:``datazone``: Support creating scoped and trustedIdentityPropagation enabled
connections.
* api-change:``ec2``: This release adds support for creating instant, point-in-time copies of EBS
volumes within the same Availability Zone
* api-change:``transcribe``: Move UntagResource API body member to query parameter
* api-change:``transfer``: SFTP connectors now support routing connections via customers' VPC. This
enables connections to remote servers that are only accessible in a customer's VPC environment, and
to servers that are accessible over the internet but need connections coming from an IP address in
a customer VPC's CIDR range.
- from version 1.40.51
* api-change:``bedrock-agentcore``: Updated InvokeAgentRuntime API to accept account id optionally
and added CompleteResourceTokenAuth API.
* api-change:``bedrock-agentcore-control``: Updated http status code in control plane apis of
agentcore runtime, tools and identity. Additional included provider types for AgentCore Identity
* api-change:``ec2``: Release Amazon EC2 c8i, c8i-flex, m8a, and r8gb
* api-change:``observabilityadmin``: CloudWatch Observability Admin adds the ability to enable
Resource tags for telemetry in a customer account. The release introduces new APIs to enable,
disable and describe the status of Resource tags for telemetry feature. This new capability
simplifies monitoring AWS resources using tags.
- python-s3transfer
-
- Update to version 0.16.0
* feature:``awscrt``: ``CRTTransferManager`` now supports the following
``TransferConfig`` options - ``multipart_threshold``, ``multipart_chunksize``,
``max_request_concurrency``
- Update to version 0.15.0
* feature:``CopyPartTask``: Validate ETag of stored object during multipart copies
- shim
-
- Add Microsoft-signed 16.1 shim
- shim.spec: Temporarily disable nx-shim
- We still need time to test nx (non-executable) shim and develop
the script for delivery. We will not support nx-shim on all Leap
and SLE distros because the function should also be supported by
grub2 and kernel.
- shim.spec: Remove the reproducibility check for the shim binary
- The binutils on Leap 15.6 and SLE-15-SP3 has been upgraded to 2.45
when we are waiting shim-review and Microsoft signing. It causes
that the shim binary is NOT reproducible on build services.
- We just direct use the Microsoft signed-back shim binaries
because we build this binary before and have the logs to prove it.
Before we find a good approach to save/restore the build service
environment, let’s directly use the Microsoft signed-back shim for
delivery.
- Certificates: Add Microsoft UEFI CA files to the target certificates
array in pretrans script.
- Certificates: Convert the SUSE certificates from PEM to DER format
- timestamp.pl: fix the size of checksum in PE Optional Header
- shim.spec: Workaround the string comparison issue in elif directive
- shim.spec: Specify the certificate format in openssl commands
- shim.spec: Use io.open instead of pcall rpm.open in pretrans lua script
- Add a pretrans script to verify that the UEFI db should have the
necessary certificate to allow the shim binary to boot. The installation
will be aborted if the db is missing the target certificate. To proceed,
the user must enroll the target certificate in the db or disable UEFI
Secure Boot.
- Update to 16.1
- Patches (git log --oneline --reverse 16.0..16.1)
4040ec4 shim_start_image(): fix guid/handle pairing when uninstalling protocols
39c0aa1 str2ip6(): parsing of "uncompressed" ipv6 addresses
3133d19 test-mock-variables: make our filter list entries safer.
d44405e mock-variables: remove unused variable
0e8459f Update CI to use ubuntu-24.04 instead of ubuntu-20.04
d16a5a6 SbatLevel_Variable.txt: minor typo fix.
32804cf Realloc() needs one more byte for sprintf()
431d370 IPv6: Add more check to avoid multiple double colon and illegal char
5e4d93c Loader Proto: make freeing of bprop.buffer conditional.
33deac2 Prepare to move things from shim.c to verify.c
030e7df Move a bunch of stuff from shim.c to verify.c
f3ddda7 handle_image(): make verification conditional
774f226 Cache sections of a loaded image and sub-images from them.
eb0d20b loader-protocol: handle sub-section loading for UKIs
2f64bb9 loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
1abc7ca loader-protocol: NULL output variable in load_image on failure
fb77b44 Generate Authenticode for the entire PE file
b86b909 README: mention new loader protocol and interaction with UKIs
8522612 ci: add mkosi configuration and CI
9ebab84 mkosi workflow: fix the branch name for main.
72a4c41 shim: change automatically enable MOK_POLICY_REQUIRE_NX
a2f0dfa This is an organizational patch to move some things around in mok.c
54b9946 Update to the shim-16.1 branch of gnu-efi to get AsciiSPrint()
a5a6922 get_max_var_sz(): add more debugging for apple platforms
77a2922 Add a "VariableInfo" variable to mok-variables.
efc71c9 build: Avoid passing *FLAGS to sub-make
7670932 Fixes for 'make TOPDIR=... clean'
13ab598 add SbatLevel entry 2025051000 for PSA-2025-00012-1
617aed5 Update version to 16.1~rc1
d316ba8 format_variable_info(): fix wrong size test.
f5fad0e _do_sha256_sum(): Fix missing error check.
3a9734d doc: add howto for running mkosi locally
ced5f71 mkosi: remove spurious slashes from script
0076155 ci: update mkosi commit
5481105 fix http boot
121cddf loader-protocol: Handle UnloadImage after StartImage properly
6a1d1a9 loader-protocol: Fix memory leaks
27a5d22 gitignore: add more mkosi dirs and vscode dir
346ed15 mkosi: disable repository key check on Fedora
afc4955 Update version to 16.1
- 16.1 release note https://github.com/rhboot/shim/releases
shim_start_image(): fix guid/handle pairing when uninstalling protocols by @vathpela in #738
Fix uncompressed ipv6 netboot by @hrvach in #742
fix test segfaults caused by uninitialized memory by @Fabian-Gruenbichler in #739
Update CI to use ubuntu-24.04 instead of ubuntu-20.04 by @vathpela in #749
SbatLevel_Variable.txt: minor typo fix. by @vathpela in #751
Realloc() needs to allocate one more byte for sprintf() by @dennis-tseng99 in #746
IPv6: Add more check to avoid multiple double colon and illegal char by @dennis-tseng99 in #753
Loader proto v2 by @vathpela in #748
loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages by @bluca in #750
Generate Authenticode for the entire PE file by @esnowberg in #604
README: mention new loader protocol and interaction with UKIs by @bluca in #755
ci: add mkosi configuration and CI by @bluca in #764
shim: change automatically enable MOK_POLICY_REQUIRE_NX by @vathpela in #761
Save var info by @vathpela in #763
build: Avoid passing *FLAGS to sub-make by @rosslagerwall in #758
Fixes for 'make TOPDIR=... clean' by @bluca in #762
add SbatLevel entry 2025051000 for PSA-2025-00012-1 by @Fabian-Gruenbichler in #766
Coverity fixes 20250804 by @vathpela in #767
ci: fixlets and docs for mkosi workflow by @bluca in #768
fix http boot by @jsetje in #770
Fix double free and leak in the loader protocol by @rosslagerwall in #769
gitignore: add more mkosi dirs and vscode dir by @bluca in #771
- Drop upstreamed patch:
The following patches are merged to 16.1
- shim-alloc-one-more-byte-for-sprintf.patch
- 32804cf5d9 Realloc() needs one more byte for sprintf() [16.1]
- shim-change-automatically-enable-MOK_POLICY_REQUIRE_NX.patch
- 72a4c41877 shim: change automatically enable MOK_POLICY_REQUIRE_NX [16.1]
- Building with the latest version of gcc in the codebase:
- We prefer that building shim with the latest version of gcc in
codebase.
- Set the minimum version is gcc-13.
if gcc_version < 13
define gcc_version 13
endif
(bsc#1247432)
- SLE shim should includes vendor-dbx-sles.esl instead of
vendor-dbx-opensuse.esl. Fixed it in shim.spec.
verify='SUSE Linux Enterprise Secure Boot CA1'
- vendor_dbx='vendor-dbx-opensuse.esl'
+ vendor_dbx='vendor-dbx-sles.esl'
- Using gcc12 for building shim/shim-nx
- The gcc12 can workaround dxe_get_mem_attrs() hsi_status problem
- Add the following changes to shim.spec :
define gcc_version 12
global cc_compiler /usr/bin/gcc-%{gcc_version}
BuildRequires gcc%{gcc_version}
make CC=%{cc_compiler} RELEASE=0
- Remove shim-disable-dxe-get-mem-attrs.patch
- This downstream patch can be removed after moving to gcc12
(bsc#1247432)
- Add shim-disable-dxe-get-mem-attrs.patch
- On old edk2-stable202308 ovmf, running dxe_get_mem_attrs() causes
get_hsi_mem_info() confusion on hsi_status. It looks that hsi_status
has a copy after running dxe_get_mem_attrs(). Those elements in
hsi_nx_is_enforced(), HEAPX|STACKX|ROW can NOT set into hsi_status.
Let's disabling the approach of DXE get memory attributes until
we found the root cause.
(bsc#1247432)
- Building out shim.nx.efi for supporting non-executable
- Building additional shim with POST_PROCESS_PE_FLAGS=-n to set
the PE NX-compatibility DLL. (NxCompatible field in DllCharacteristics)
- Packaging shim.nx.efi to shim-nx RPM.
- Add MS signatures for shim.nx
- signature-opensuse-nx.x86_64.asc
signature-sles-nx.x86_64.asc
signature-opensuse-nx.aarch64.asc
signature-sles-nx.aarch64.asc
- We direc copy signatures of shim for shim.nx before we got
signatures from Microsoft.
- Building MokManager.efi and fallback.efi with POST_PROCESS_PE_FLAGS=-n
(bsc#1205588)
Factory: Fri Jul 25 05:44:51 UTC 2025 - Joey Lee <jlee@suse.com>
- Add shim-change-automatically-enable-MOK_POLICY_REQUIRE_NX.patch
- shim: change automatically enable MOK_POLICY_REQUIRE_NX (PR #761)
(bsc#1205588)
Factory: Wed May 28 03:37:04 UTC 2025 - Tseng <dennis.tseng@suse.com>
- add revoked-openSUSE-UEFI-SIGN-Certificate-2022-06.crt into dbx
- build shim with EKU enable flag (ENABLE_CODESIGN_EKU)
Factory: Tue May 6 06:19:02 UTC 2025 - Dennis <dennis.tseng@suse.com>
- Update to version 16.0
- https://github.com/rhboot/shim/releases/download/16.0/shim-16.0.tar.bz2
- remove shim-bsc1177315-verify-eku-codesign.patch
remove it because shim github upstream has accepted it (PR #664)
- add revoked-SLES-UEFI-SIGN-Certificate-2022-05.crt to revoked certificates for dbx
SLES-UEFI-SIGN-Certificate-20220525.crt can be blacklisted,
and can be added to the vendor dbx.
- add shim-alloc-one-more-byte-for-sprintf.patch (bsc#1240871)
The codes already submitted to git upstream (PR #746)
In generate_sbat_var_defs.c, realloc() should allocate one more byte for
the end of string '\0' when running sprintf() later.
- Patches (git log --oneline --reverse 15.8..16.0)
126a07e Validate that a supplied vendor cert is not in PEM format
63edf92 sbat: Add grub.peimage,2 to latest (CVE-2024-2312)
3e1394e sbat: Also bump latest for grub,4 (and to todays date)
470a8cd undo change that limits certificate files to a single file
0287c6b shim: don't set second_stage to the empty string
3685b13 Fix SBAT.md for today's consensus about numbers
dc07432 Realize the suggestions as part of PR #672
e064e7d Update Code of Conduct contact address
e68f4ca make-certs: Handle missing OpenSSL installation
74a1f29 Update MokVars.txt - Update documented mirrored variable attributes from RT to BS,RT - Add missing MokSBStateRT - Clarify that MokIgnoreDB is a mirror of MokDBState - Add missing attributes for MokPWStore
f6674fe export DEFINES for sub makefile
47bbb5e Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition
338fded Null-terminate 'arguments' in fallback
3d1dcd4 Fix "Verifiying" typo in error message
b5d359a CI: use checkout@v4
1d8365f CI: work around ownership issue on github
20094ca Update fedora CI targets
3cf0e09 Force gcc to produce DWARF4 so that gdb can use it
5f54182 includes: work around CLANG_PREREQ() double-definition
ab06527 Makefile: don't warn about clang when building compile_commands.json
0c9249d Suppress some warnings even harder in Cryptlib and OpenSSL.
fd7e16f Add building compile_commands.json to CI
314aecf Discard load-options that start with WINDOWS
ac85ba4 Fix the issue that the gBS->LoadImage pointer was empty.
d8c86b7 shim: Allow data after the end of device path node in load options
d197220 Backport EFI_HTTP_ERROR status code
6410312 netboot: Convert TFTP error codes to EFI status codes
ef8e729 httpboot: Convert HTTP status codes to EFI status codes
2a1cbe6 Update gnu-efi submodule for EFI_HTTP_ERROR
196cbb9 Increase EFI file alignment
ad8692e avoid EFIv2 runtime services on Apple x86 machines
0345331 Improve shortcut performance when comparing two boolean expressions
27562ea Fix bad reference to PathName in image loading
1508ece Move is_removable_media_path() to a shared location.
7864c10 Provide better error message when MokManager is not found
3e60895 tpm: Boot with a warning if the event log is full
b560c52 MokManager: remove redundant logical constraints
9229e7c Make mock_set_variable() correctly account for resource usage.
f7e1d72 tests: make it possible to use different limits for variable space
67efdfc test-mok-mirror: refactor the validation of test_mok_mirror_0
70366a2 test-mok-mirror: add a test case where MokListRT won't fit.
3caa75e test-mok-mirror: minor bug fix
dc45aa6 lib/simple_file.c: Allocate zeroed pool for SimpleFS entries
9415d3c simple_file: Allow to form a volume name from DevicePath
d6076cb simple_file: Use second variable to create filesystem entries
f99749a Ignore a minor clang-tidy nit
98173f0 Fall back to default loader when encountering errors on network boot
e42c319 test.mk: don't use a temporary random.bin
c66c157 pe: Enhance debug report for update_mem_attrs
1125212 Fix leak in error path
2daf1db Load concatenated EFI_SIGNATURE_LISTs from shim_certificate.efi
eeca60a Update SbatLevel_Variable.txt with peimage CVE-2024-2312 revocation
743f3fa Add generate_sbat_var_defs utility program
5ae408a Generate and use generated_sbat_var_defs.h
e886fb3 SbatLevel_Variable.txt: clarify where and how revocation data is tracked
15c1a9a Implement the CodeSign EKU check to fulfill the requirements of NIAP OS_PP.
eb02afc Optionally enabling codesign EKU check in compiling time.
7ae0ee6 Add docs for ENABLE_CODESIGN_EKU
38dfa37 Create utils file
83850cd Add configuration option to boot an alternative 2nd stage
bb114a3 Implement shim image load protocol
e7b3598 Move some stuff around
0322e10 Implement the rest of the loader protocol functions
e43aea8 Add EFI_LOAD_FILE2_PROTOCOL to gnu-efi
2bff460 loader-proto: Add support for loading files from disk to LoadImage()
5d17278 loader-proto: Mark load_image()'s handle_image() call as "in_protocol"
fe2ad36 Don't print full screen error dialog from handle_image() when called in_protocol
c57af36 loader-proto: Respect optional DevicePath parameter to load_image()
2b49dc1 Suppress file open failures for some netboot cases
3c3295d netboot: process revocations.efi as revocations not shim_certificate
c66ce2a Allow indepdent SkuSi and SBAT revocation updates
6b8e40c netboot can try to load shim_certificate_[0..9].efi
301cf52 Document how revocations can be delivered
7cde2cc post-process-pe: add tests to validate NX compliance
1294b47 regression: out of bounds read in CopyMem() in ad8692e
765f294 compiler.h: minor ALIGN_... fixes
5c1e6e4 Move error logging decls out of shim.h
d972515 Save the debug and error logs in mok-variables
e3f0338 Silence minor nit in load-options parsing debug output
3d7c057 get_mem_attrs(): ensure an error code is set on failure
49db3de mok: add MOK_VARIABLE_CONFIG_ONLY
887c0ed mok variables: add a format callback
e4857b4 Make test-mok-error failures *slightly* more clear.
589c3f2 Move memory attribute support to its own file.
848667d shim: add HSIStatus feature
e136e64 mock-variables: fix debugging printf format specifier oopsie
f0958ba test-mock-variables: improve some debug prints
b216543 Move mok state variable data flag definitions to the header.
fc0cfac Mirror some more efi variables to mok-variables
eeda3fa gnu-efi: add some DXE services.
c41b1f0 Add support for DXE memory attribute updates.
9269e9b Add DXE Services information to HSI
c868d54 hexdump: give a different debug log for size==0
1baf1ef HSI: Add decode_hsi_bits() for easier reading of the debug log
3bce118 pe: read_header(): allow skipping SecDir content validation
89e6150 Add shim's current NX_COMPAT status to HSIStatus
c5c5287 peimage.h: minor whitespace fixes
5007d83 peimage: add a bunch of comments to read_header()
489af5e README.tpm: reflect that vendor_db is in fact logged as "vendor_db"
1958b0f reject message with different values in multiple Content-Length header field
9c423e0 Some save_logs() improvements.
81d40e3 Disable log saving for now.
498b149 fallback: don't add new boot order entries backwards
06d8dec makefiles: Make GITTAG swizzle tildes to dashes
f02b2c1 make-archive: some minor housekeeping
794d237 Update version to 16.0~rc1
d45c610 SetSecureVariable(): free Cert on failure
76fab7b generate_sbat_var_defs: run clang-format on readfile()
6dadb70 generate_sbat_var_defs: Fix memory leak on realloc failure and fd leak.
f58c77e generate_sbat_var_defs: Ensure revlistentry->revocations is initialized.
b427a34 mirror_mok_db(): get rid of an unused variable+allocation
92630f2 mirror_one_mok_variable(): fix a memory leak on TPM log error.
38f0a9c mirror_mok_db(): Free our mok variable name correctly
db04321 shim_load_image(): initialize the buffer fully
7b75382 simple_dir_filter(): test our 'next' pointer
db1f1da Make 'make fanalyzer' work again.
28d8871 README.tpm: Update MokList entry to MokListRT
8932527 SBAT Level update for February 2025 GRUB CVEs
18d98bf Update version to 16.0
Factory: Tue Jun 25 04:12:39 UTC 2024 - Dennis Tseng <dennis.tseng@suse.com>
- Update asc files of shim-15.8 after being signed back from
Microsoft, including:
signature-opensuse.x86_64.asc,
signature-opensuse.aarch64.asc
- asc files of shim-15.8 for sles is already updated on Apr 18, 2024
signature-sles.x86_64.asc,
signature-sles.aarch64.asc.
Factory: Mon Feb 26 13:09:29 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Use %autosetup macro. Allows to eliminate the usage of deprecated
PatchN.
Factory: Sat Feb 17 07:51:01 UTC 2024 - Joey Lee <jlee@suse.com>
- Modified shim.spec file to add suffix string of project to filename
of included certificates. e.g.
rpm -pql shim-15.8-lp155.6.1.x86_64.rpm
/etc/uefi
/etc/uefi/certs
/etc/uefi/certs/2B697CB1-shim-devel.crt
/etc/uefi/certs/4659838C-shim-opensuse.crt
/etc/uefi/certs/BCA4E38E-shim-sles.crt
The original name of crt files are:
/etc/uefi/certs/2B697CB1-shim.crt
/etc/uefi/certs/4659838C-shim.crt
/etc/uefi/certs/BCA4E38E-shim.crt
It can indicate the souce project of certificates.
- 000release-packages:sle-module-basesystem-release
-
n/a
- 000release-packages:sle-module-containers-release
-
n/a
- 000release-packages:sle-module-desktop-applications-release
-
n/a
- 000release-packages:sle-module-development-tools-release
-
n/a
- 000release-packages:sle-module-public-cloud-release
-
n/a
- 000release-packages:sle-module-server-applications-release
-
n/a
- supportutils
-
- scplugin.rc is restored in package 3.2.12.1 for continued compatibility.
There is no furture development for scplugin.rc. Use supportconfig.rc.
Package version 3.2.12.2 does not have scplugin.rc. Supportconfig
itself is the same for both versions. (bsc#1256709)
- Changes to version 3.2.12
+ Optimized lsof usage and honors OPTION_OFILES (bsc#1232351, PR#274)
+ Run in containers without errors (bsc#1245667, PR#272)
+ Removed pmap PID from memory.txt (bsc#1246011, PR#263)
+ Added missing /proc/pagetypeinfo to memory.txt (bsc#1246025, PR#264)
+ Improved database perforce with kGraft patching (bsc#1249657, PR#273)
+ Using last boot for journalctl for optimization (bsc#1250224, PR#287)
+ Fixed extraction failures (bsc#1252318, PR#275)
+ Update supportconfig.conf path in docs (bsc#1254425, PR#281)
+ drm_sub_info: Catch error when dir doesn't exist (PR#265)
+ Replace remaining `egrep` with `grep -E` (PR#261, PR#266)
+ Add process affinity to slert logs (PR#269)
+ Reintroduce cgroup statistics (and v2) (PR#270)
+ Minor changes to basic-health-check: improve information level (PR#271)
+ Collect important machine health counters (PR#276)
+ powerpc: collect hot-pluggable PCI and PHB slots (PR#278)
+ podman: collect podman disk usage (PR#279)
+ Exclude binary files in crondir (PR#282)
+ kexec/kdump: collect everything under /sys/kernel/kexec dir (PR#284)
+ Use short-iso for journalctl (PR#288)
- Changes to version 3.2.11
+ Collect rsyslog frule files (bsc#1244003, pr#257)
+ Remove proxy passwords (bsc#1244011, pr#257)
+ Missing NetworkManager information (bsc#1241284, pr#257)
+ Include agama logs bsc#1244937, pr#256)
+ Additional NFS conf files (pr#253)
+ New fadump sysfs files (pr#252)
+ Fixed change log dates
- xen
-
- bsc#1256745 - VUL-0: CVE-2025-58150: xen: x86: buffer overrun
with shadow paging + tracing (XSA-477)
xsa477.patch
- bsc#1256747 - VUL-0: CVE-2026-23553: xen: x86: incomplete IBPB
for vCPU isolation (XSA-479)
xsa479.patch