- SAPHanaSR
-
- Version bump to 0.162.4
* unify global.ini examples
* add demo script SAPHanaSR-upgrade-to-angi-demo
* update man pages:
SAPHanaSR_basic_cluster.7
SAPHanaSR_maintenance_examples.7
SAPHanaSR_upgrade_to_angi.7
SAPHanaSR-manageProvider.8
SAPHanaSR-upgrade-to-angi-demo.8
SAPHanaSR.py.7
- 000release-packages:SLES_SAP-release
-
n/a
- aaa_base
-
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
to also fix the typo to set JAVA_BINDIR in the csh variant
of the alljava profile script (bsc#1221361)
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
make sure the script does not exit with 1 if a file
with content is found (bsc#1222547)
- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- autofs
-
- autofs-5.1.6-remove-intr-hosts-map-mount-option.patch
Don't use the intr option on NFS mounts by default, it's been
ignored by the kernel for a long time now. (bsc#1225130)
- aws-cli
-
- Reconfigure the spec file support builds better in Factory and SLE
supporting different Python interpreter versions
- Use %autosetup macro. Allows to eliminate the usage of deprecated
%patchN.
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371)
- Switch to wheel build
- Update to version 1.32.31
* Forward port ac_update-docutils.patch
* api-change:``datazone``: Add new skipDeletionCheck to DeleteDomain. Add
new skipDeletionCheck to DeleteProject which also automatically deletes
dependent objects
* api-change:``route53``: Update the SDKs for text changes in the APIs.
- From 1.32.30
* api-change:``autoscaling``: EC2 Auto Scaling customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
* api-change:``comprehend``: Comprehend PII analysis now supports Spanish
input documents.
* api-change:``ec2``: EC2 Fleet customers who use attribute based
instance-type selection can now intuitively define their Spot instances
price protection limit as a percentage of the lowest priced On-Demand
instance type.
* api-change:``mwaa``: This release adds MAINTENANCE environment status for
Amazon MWAA environments.
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods.
This provides enhanced error handling, ensuring a more robust experience.
* api-change:``snowball``: Modified description of createaddress to include
direction to add path when providing a JSON file.
- From 1.32.29
* api-change:``connect``: Update list and string length limits for predefined
attributes.
* api-change:``inspector2``: This release adds ECR container image scanning
based on their lastRecordedPullTime.
* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now
provides an API to programmatically delete tuning jobs.
- From 1.32.28
* api-change:``acm-pca``: AWS Private CA now supports an option to omit the
CDP extension from issued certificates, when CRL revocation is enabled.
* api-change:``lightsail``: This release adds support for IPv6-only instance
plans.
- From 1.32.27
* api-change:``ec2``: Introduced a new clientToken request parameter on
CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter
allows idempotent operations on the APIs.
* api-change:``ecs``: Documentation updates for Amazon ECS.
* api-change:``outposts``: DeviceSerialNumber parameter is now optional in
StartConnection API
* api-change:``rds``: This release adds support for Aurora Limitless Database.
* api-change:``storagegateway``: Add DeprecationDate and SoftwareVersion to
response of ListGateways.
- From 1.32.26
* api-change:``inspector2``: This release adds support for CIS scans on EC2
instances.
- From 1.32.25
* bugfix:``s3 sync``: Disable S3 Express support for s3 sync command
- From 1.32.24
* api-change:``appconfigdata``: Fix FIPS Endpoints in aws-us-gov.
* api-change:``cloud9``: Doc-only update around removing AL1 from list of
available AMIs for Cloud9
* api-change:``cloudfront-keyvaluestore``: This release improves upon the
DescribeKeyValueStore API by returning two additional fields, Status of the
KeyValueStore and the FailureReason in case of failures during creation of
KeyValueStore.
* api-change:``connectcases``: This release adds the ability to view audit
history on a case and introduces a new parameter, performedBy, for
CreateCase and UpdateCase API's.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``ecs``: This release adds support for Transport Layer Security
(TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates
privacy and data security for inter-service communications, while
Configurable Timeout allows customized per-request timeout and idle timeout
for Service Connect services.
* api-change:``finspace``: Allow customer to set zip default through command
line arguments.
* api-change:``organizations``: Doc only update for quota increase change
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.23
* api-change:``athena``: Introducing new NotebookS3LocationUri parameter to
Athena ImportNotebook API. Payload is no longer required and either Payload
or NotebookS3LocationUri needs to be provided (not both) for a successful
ImportNotebook API call. If both are provided, an InvalidRequestException
will be thrown.
* api-change:``codebuild``: Release CodeBuild Reserved Capacity feature
* api-change:``dynamodb``: This release adds support for including
ApproximateCreationDateTimePrecision configurations in
EnableKinesisStreamingDestination API, adds the same as an optional field
in the response of DescribeKinesisStreamingDestination, and adds support
for a new UpdateKinesisStreamingDestination API.
* api-change:``qconnect``: Increased Quick Response name max length to 100
- From 1.32.22
* api-change:``b2bi``: Increasing TestMapping inputFileContent file size
limit to 5MB and adding file size limit 250KB for TestParsing input file.
This release also includes exposing InternalServerException for Tag APIs.
* api-change:``cloudtrail``: This release adds a new API
ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
* api-change:``connect``: GetMetricDataV2 now supports 3 groupings
* api-change:``drs``: Removed invalid and unnecessary default values.
* api-change:``firehose``: Allow support for Snowflake as a Kinesis Data
Firehose delivery destination.
* api-change:``sagemaker-featurestore-runtime``: Increase BatchGetRecord
limits from 10 items to 100 items
- From 1.32.21
* api-change:``dynamodb``: Updating note for enabling streams for UpdateTable.
* api-change:``keyspaces``: This release adds support for Multi-Region
Replication with provisioned tables, and Keyspaces auto scaling APIs
- From 1.32.20
* api-change:``iot``: Revert release of LogTargetTypes
* api-change:``iotfleetwise``: Updated APIs: SignalNodeType query parameter
has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse
has been extended with attributes field.
* api-change:``macie2``: This release adds support for analyzing Amazon S3
objects that are encrypted using dual-layer server-side encryption with
AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS
details in statistics and metadata about encryption settings for S3 buckets
and objects.
* api-change:``payment-cryptography``: Provide an additional option for key
exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and
ExportKey operations. Added new key usage (type)
TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane
operations with ISO9797 Algorithm 1 MAC calculations.
* api-change:``personalize-runtime``: Documentation updates for Amazon
Personalize
* api-change:``personalize``: Documentation updates for Amazon Personalize.
* api-change:``rekognition``: This release adds ContentType and TaxonomyLevel
attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- From 1.32.19
* api-change:``sagemaker``: This release will have ValidationException thrown
if certain invalid app types are provided. The release will also throw
ValidationException if more than 10 account ids are provided in
VpcOnlyTrustedAccounts.
- From 1.32.18
* api-change:``connect``: Supervisor Barge for Chat is now supported through
the MonitorContact API.
* api-change:``connectparticipant``: Introduce new Supervisor participant
role
* api-change:``location``: Location SDK documentation update. Added missing
fonts to the MapConfiguration data type. Updated note for the
SubMunicipality property in the place data type.
* api-change:``mwaa``: This Amazon MWAA feature release includes new fields
in CreateWebLoginToken response model. The new fields IamIdentity and
AirflowIdentity will let you match identifications, as the Airflow identity
length is currently hashed to 64 characters.
* api-change:``s3control``: S3 On Outposts team adds dualstack endpoints
support for S3Control and S3Outposts API calls.
* api-change:``supplychain``: This release includes APIs
CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
* api-change:``transfer``: AWS Transfer Family now supports static IP
addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.17
* api-change:``ec2``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``ecs``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``events``: Update events command to latest version
* api-change:``iot``: Add ConflictException to Update APIs of AWS IoT
Software Package Catalog
* api-change:``iotfleetwise``: The following dataTypes have been removed:
CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType;
CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason;
CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in
NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
* api-change:``secretsmanager``: Doc only update for Secrets Manager
* api-change:``workspaces``: Added AWS Workspaces RebootWorkspaces
API - Extended Reboot documentation update
- From 1.32.16
* api-change:``connectcampaigns``: Minor pattern updates for Campaign and
Dial Request API fields.
* api-change:``location``: This release adds API support for custom layers
for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
* api-change:``logs``: Add support for account level subscription filter
policies to PutAccountPolicy, DescribeAccountPolicies, and
DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified
with new optional "selectionCriteria" parameter for resource selection.
* api-change:``qconnect``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
* api-change:``redshift-serverless``: Updates to ConfigParameter for RSS
workgroup, removal of use_fips_ssl
* api-change:``route53``: Route53 now supports geoproximity routing in AWS
regions
* api-change:``wisdom``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
- From 1.32.15
* api-change:``codebuild``: Aws CodeBuild now supports new compute type
BUILD_GENERAL1_XLARGE
* api-change:``ec2``: Amazon EC2 R7iz bare metal instances are powered by
custom 4th generation Intel Xeon Scalable processors.
* api-change:``route53resolver``: This release adds support for query type
configuration on firewall rules that enables customers for granular action
(ALLOW, ALERT, BLOCK) by DNS query type.
- From 1.32.14
* api-change:``connect``: Minor trait updates for User APIs
* api-change:``kms``: Documentation updates for AWS Key Management Service
(KMS).
* api-change:``redshift-serverless``: use_fips_ssl and require_ssl parameter
support for Workgroup, UpdateWorkgroup, and CreateWorkgroup
- From 1.32.13
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config in November and December 2023.
* api-change:``docdb``: Adding PerformanceInsightsEnabled and
PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.
* api-change:``ecs``: This release adds support for managed instance
draining which facilitates graceful termination of Amazon ECS instances.
* api-change:``es``: This release adds support for new or existing Amazon
OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``lightsail``: This release adds support to set up an HTTPS
endpoint on an instance.
* api-change:``opensearch``: This release adds support for new or existing
Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``sagemaker``: Adding support for provisioned throughput mode
for SageMaker Feature Groups
* api-change:``servicecatalog``: Added Idempotency token support to Service
Catalog AssociateServiceActionWithProvisioningArtifact,
DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.12
* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API
increase evaluation notes max length to 3072.
* api-change:``mediaconvert``: This release includes video engine updates
including HEVC improvements, support for ingesting VP9 encoded video in
MP4 containers, and support for user-specified 3D LUTs.
- From 1.32.11
* api-change:``apprunner``: AWS App Runner adds Python 3.11 and Node.js 18
runtimes.
* api-change:``location``: This release introduces a new parameter to
bypasses an API key's expiry conditions and delete the key.
* api-change:``quicksight``: Add LinkEntityArn support for different
partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks
API; Add support for New Reader Experience Topics
- From 1.32.10
* api-change:``codestar-connections``: New integration with the GitLab
self-managed provider type.
* api-change:``kinesis-video-archived-media``: NoDataRetentionException
thrown when GetImages requested for a Stream that does not retain data
(that is, has a DataRetentionInHours of 0).
* api-change:``sagemaker``: Amazon SageMaker Studio now supports Docker
access from within app container
- From 1.32.9
* api-change:``emr``: Update emr command to latest version
- From 1.32.8
* api-change:``iam``: Documentation updates for AWS Identity and Access
Management (IAM).
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.7
* api-change:``bedrock-agent``: Adding Claude 2.1 support to Bedrock Agents
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
* api-change:``glue``: This release adds additional configurations for Query
Session Context on the following APIs: GetUnfilteredTableMetadata,
GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.
* api-change:``lakeformation``: This release adds additional configurations
on GetTemporaryGlueTableCredentials for Query Session Context.
* api-change:``mediaconnect``: This release adds the DescribeSourceMetadata
API. This API can be used to view the stream information of the flow's
source.
* api-change:``networkmonitor``: CloudWatch Network Monitor is a new service
within CloudWatch that will help network administrators and operators
continuously monitor network performance metrics such as round-trip-time
and packet loss between their AWS-hosted applications and their on-premises
locations.
* api-change:``omics``: Provides minor corrections and an updated description
of APIs.
* api-change:``secretsmanager``: Update endpoint rules and examples.
- From 1.32.6
* api-change:``amp``: This release updates Amazon Managed Service for
Prometheus APIs to support customer managed KMS keys.
* api-change:``appintegrations``: The Amazon AppIntegrations service adds
DeleteApplication API for deleting applications, and updates APIs to
support third party applications reacting to workspace events and make
data requests to Amazon Connect for agent and contact events.
* api-change:``bedrock-agent``: This release introduces Amazon Aurora as a
vector store on Knowledge Bases for Amazon Bedrock
* api-change:``codecommit``: AWS CodeCommit now supports customer managed
keys from AWS Key Management Service. UpdateRepositoryEncryptionKey is
added for updating the key configuration. CreateRepository, GetRepository,
BatchGetRepositories are updated with new input or output parameters.
* api-change:``connect``: Adds APIs to manage User Proficiencies and
Predefined Attributes. Enhances StartOutboundVoiceContact API input.
Introduces SearchContacts API. Enhances DescribeContact API. Adds an API to
update Routing Attributes in QueuePriority and QueueTimeAdjustmentSeconds.
* api-change:``medialive``: MediaLive now supports the ability to configure
the audio that an AWS Elemental Link UHD device produces, when the device
is configured as the source for a flow in AWS Elemental MediaConnect.
* api-change:``neptune-graph``: Adds Waiters for successful creation and
deletion of Graph, Graph Snapshot, Import Task and Private Endpoints for
Neptune Analytics
* api-change:``rds-data``: This release adds support for using RDS Data API
with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``rds``: This release adds support for using RDS Data API with
Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``sagemaker``: Amazon SageMaker Training now provides model
training container access for debugging purposes. Amazon SageMaker Search
now provides the ability to use visibility conditions to limit resource
access to a single domain or multiple domains.
- From 1.32.5
* api-change:``appstream``: This release introduces configurable clipboard,
allowing admins to specify the maximum length of text that can be copied by
the users from their device to the remote session and vice-versa.
* api-change:``eks``: Add support for cluster insights, new EKS capability
that surfaces potentially upgrade impacting issues.
* api-change:``guardduty``: This release 1) introduces a new API:
GetOrganizationStatistics , and 2) adds a new UsageStatisticType
TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API
* api-change:``managedblockchain-query``: Adding Confirmation Status and
Execution Status to GetTransaction Response.
* api-change:``mediatailor``: Adds the ability to configure time shifting on
MediaTailor channels using the TimeShiftConfiguration field
* api-change:``route53``: Amazon Route 53 now supports the Canada West
(Calgary) Region (ca-west-1) for latency records, geoproximity records,
and private DNS for Amazon VPCs in that region.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.4
* api-change:``appsync``: This release adds additional configurations on
GraphQL APIs for limits on query depth, resolver count, and introspection
* api-change:``chime-sdk-meetings``: Add meeting features to specify a
maximum camera resolution, a maximum content sharing resolution, and a
maximum number of attendees for a given meeting.
* api-change:``ec2``: Provision BYOIPv4 address ranges and advertise them by
specifying the network border groups option in Los Angeles, Phoenix and
Dallas AWS Local Zones.
* api-change:``fsx``: Added support for FSx for OpenZFS on-demand data
replication across AWS accounts and/or regions.Added the IncludeShared
attribute for DescribeSnapshots.Added the CopyStrategy attribute for
OpenZFSVolumeConfiguration.
* api-change:``marketplace-catalog``: AWS Marketplace now supports a new API,
BatchDescribeEntities, which returns metadata and content for multiple
entities.
* api-change:``rds``: RDS - The release adds two new APIs:
DescribeDBRecommendations and ModifyDBRecommendation
- From 1.32.3
* api-change:``cognito-idp``: Amazon Cognito now supports trigger versions
that define the fields in the request sent to pre token generation Lambda
triggers.
* api-change:``eks``: Add support for EKS Cluster Access Management.
* api-change:``quicksight``: A docs-only release to add missing entities to
the API reference.
* api-change:``route53resolver``: Add DOH protocols in resolver endpoints.
- From 1.32.2
* enhancement:``cloudformation package``: Add support for intrinsic
Fn:ForEach (fixes `#8075 <https://github.com/aws/aws-cli/issues/8075>`__)
* api-change:``cloud9``: Updated Cloud9 API documentation for AL2023 release
* api-change:``connect``: Adds relatedContactId field to
StartOutboundVoiceContact API input. Introduces PauseContact API and
ResumeContact API for Task contacts. Adds pause duration, number of pauses,
timestamps for last paused and resumed events to DescribeContact API
response. Adds new Rule type and new Rule action.
* api-change:``connectcases``: Increase number of fields that can be included
in CaseEventIncludedData from 50 to 200
* api-change:``kms``: Documentation updates for AWS Key Management Service
* api-change:``rds``: Updates Amazon RDS documentation by adding code examples
* api-change:``sagemaker``: This release 1) introduces a new API:
DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe
training job API
- From 1.32.1
* api-change:``appstream``: This release includes support for images of
Windows Server 2022 platform.
* api-change:``b2bi``: Documentation updates for AWS B2B Data Interchange
* api-change:``billingconductor``: Billing Conductor is releasing a new API,
GetBillingGroupCostReport, which provides the ability to retrieve/view the
Billing Group Cost Report broken down by attributes for a specific billing
group.
* api-change:``connect``: This release adds support for more granular
billing using tags (key:value pairs)
* api-change:``controltower``: Documentation updates for AWS Control Tower.
* api-change:``firehose``: This release, 1) adds configurable buffering hints
for the Splunk destination, and 2) reduces the minimum configurable
buffering interval for supported destinations
* api-change:``gamelift``: Amazon GameLift adds the ability to add and update
the game properties of active game sessions.
* api-change:``iot``: This release adds the ability to self-manage
certificate signing in AWS IoT Core fleet provisioning using the new
certificate provider resource.
* api-change:``neptune-graph``: This is the initial SDK release for Amazon
Neptune Analytics
* api-change:``opensearch``: Updating documentation for Amazon OpenSearch
Service support for new zero-ETL integration with Amazon S3.
* api-change:``quicksight``: Update Dashboard Links support;
SingleAxisOptions support; Scatterplot Query limit support.
* api-change:``workspaces``: Updated note to ensure customers understand
running modes.
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- From 1.32.0
* feature:Python: End of support for Python 3.7
* api-change:``drs``: Adding AgentVersion to SourceServer and
RecoveryInstance structures
* feature:Python: End of support for Python 3.7
- From 1.31.13
* api-change:``imagebuilder``: This release adds the Image Workflows feature
to give more flexibility and control over the image building and testing
process.
* api-change:``location``: This release 1) adds sub-municipality field in
Places API for searching and getting places information, and 2) allows
optimizing route calculation based on expected arrival time.
* api-change:``logs``: This release introduces the StartLiveTail API to tail
ingested logs in near real time.
- From 1.31.12
* api-change:``neptune``: This release adds a new parameter configuration
setting to the Neptune cluster related APIs that can be leveraged to
switch between the underlying supported storage modes.
* api-change:``pinpoint``: This release includes Amazon Pinpoint API
documentation updates pertaining to campaign message sending rate limits.
* api-change:``securityhub``: Added new resource detail objects to ASFF,
including resources for AwsDynamoDbTable, AwsEc2ClientVpnEndpoint,
AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket
* api-change:``endpoint-rules``: Update endpoint-rules command to latest
version
- Update to version 1.31.11
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.31.11/CHANGELOG.rst
- Add patch to update docutils dependency (bsc#1217336)
+ ac_update-docutils.patch
- Update Requires in spec file from setup.py
- Update to version 1.30.6
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.30.6/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.61
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.61/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.36
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.27/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.27
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.27/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.29.2
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.29.2/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.163
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.163/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.153
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.153/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.130
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.130/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.27.115
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.27.115/CHANGELOG.rst
- Update Requires in spec file from setup.py
- catatonit
-
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
- chrony
-
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
- Use shorter NTS-KE retry interval when network is down
(bsc#1213551, chrony-burst_total_samples_to_go.patch,
chrony-retry_interval_ke_start.patch).
- cloud-init
-
- Add cloud-init-skip-rename.patch (bsc#1219680)
+ Brute force appraoch to skip renames if the device is already present
- Add cloud-init-usr-sudoers.patch (bsc#1223469)
+ Handle the existence of /usr/etc/sudoers to search for the expected
include location
- Update cloud-init-no-openstack-guess.patch
+ Do not enable cloud-init on systems where there is no DMI just
because no data source has been found. No data source means
cloud-init will not run.
- cloud-regionsrv-client
-
- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
- Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016)
+ In addition to logging, write message to stderr when registration fails
+ Detect transactional-update system with read only setup and use
the transactional-update command to register
+ Handle operation in a different target root directory for credentials
checking
- kernel-default
-
- usb: typec: ucsi: Limit read size on v1.2 (CVE-2024-35924
bsc#1224657).
- commit 578815c
- net: preserve kabi for sk_buff (CVE-2024-26921 bsc#1223138).
- commit 68cb9bf
- xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
(bsc#1224575 CVE-2024-35976).
- commit bc0a82d
- bpf, skmsg: Fix NULL pointer dereference in
sk_psock_skb_ingress_enqueue (bsc#1225761 CVE-2024-36938).
- commit 38f788d
- inet: inet_defrag: prevent sk release while still in use
(CVE-2024-26921 bsc#1223138).
- commit fb20c1d
- Update references
- commit 006ab15
- kABI: bpf: struct bpf_insn_aux_data kABI workaround
(bsc#1225756).
- commit b5b7cd0
- bpf: Protect against int overflow for stack access size
(bsc#1224488 CVE-2024-35905).
- commit 1edb341
- vhost-vdpa: fix use after free in vhost_vdpa_probe()
(CVE-2023-52795 bsc#1225085).
- commit 423f910
- smb3: fix lock ordering potential deadlock in
cifs_sync_mid_result (bsc#1224020, bsc#1224549, CVE-2024-35998).
- commit fbb4c17
- smb: client: fix potential deadlock when releasing mids
(bsc#1224020, bsc#1225548, CVE-2023-52757).
- commit edc36f8
- ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array (bsc#1225506 CVE-2021-47548)
- commit b006eef
- Update
patches.suse/scsi-core-Fix-unremoved-procfs-host-directory-regression.patch
(git-fixes bsc#1223675 CVE-2024-269355).
Adding the CVE references.
- commit 2df316d
- cifs: fix underflow in parse_server_interfaces() (bsc#1223084,
CVE-2024-26828).
- commit cade548
- bpf: remove unnecessary prune and jump points (bsc#1225756).
- bpf: mostly decouple jump history management from
is_state_visited() (bsc#1225756).
- bpf: decouple prune and jump points (bsc#1225756).
- commit 574a67d
- Refresh patches.suse/swiotlb-Fix-double-allocation-of-slots-due-to-broken-alignment-handling.patch
This fixes following build warning:
Changed build warnings:
* **** 1 warnings *****
* comparison of distinct pointer types lacks a cast in ../kernel/dma/swiotlb.c in swiotlb_do_find_slots (from ../include/linux/minmax.h)
In file included from ../include/linux/kernel.h:17:0,
../kernel/dma/swiotlb.c: In function 'swiotlb_do_find_slots':
../include/linux/minmax.h:20:28: warning: comparison of distinct pointer types lacks a cast
../include/linux/minmax.h:26:4: note: in expansion of macro '__typecheck'
../include/linux/minmax.h:36:24: note: in expansion of macro '__safe_cmp'
../include/linux/minmax.h:52:19: note: in expansion of macro '__careful_cmp'
../kernel/dma/swiotlb.c:648:12: note: in expansion of macro 'max'
- commit a52b0ca
- blacklist.conf: add d380ce70058a4ccddc3e5f5c2063165dc07672c6
netrom: Fix data-races around sysctl_net_busy_read
(CVE-2024-27419 bsc#1224759)
- commit b538410
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- commit 7a7f193
- blacklist.conf: added fix that needs code not present
- commit 9671fd4
- smb: client: set correct id, uid and cruid for multiuser
automounts (bsc#1223011, CVE-2024-26822).
- commit 04cc660
- smb3: missing lock when picking channel (bsc#1224020,
bsc#1224550, CVE-2024-35999).
- commit dfca6b0
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1224020, bsc#1224766,
CVE-2024-35861).
- commit 40c4ccf
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1224020, bsc#1224764, CVE-2024-35862).
- commit 464e649
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1224763, CVE-2024-35863).
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1224020, bsc#1224763, CVE-2024-35863).
- commit bfa9e6b
- smb: client: fix potential UAF in smb2_is_valid_oplock_break()
(bsc#1224020, bsc#1224668, CVE-2024-35865).
- commit 08baf42
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1224020, bsc#1224765, CVE-2024-35864).
- commit b0dc4df
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1224664, CVE-2024-35867).
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1224020, bsc#1224664, CVE-2024-35867).
- commit 45bad5a
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1224678, CVE-2024-35868).
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1224020, bsc#1224678, CVE-2024-35868).
- commit 3ae3416
- smb: client: fix potential UAF in cifs_dump_full_key()
(bsc#1224020, bsc#1224667, CVE-2024-35866).
- commit f99c74f
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1223532, CVE-2024-26928).
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1224020, bsc#1223532, CVE-2024-26928).
- commit e95e3a6
- smb: client: guarantee refcounted children from parent session
(bsc#1224020, bsc#1224679, CVE-2024-35869).
- commit 6773173
- smb: client: fix UAF in smb2_reconnect_server() (bsc#1224020,
bsc#1224672, CVE-2024-35870).
- commit 69f157e
- cifs: failure to add channel on iface should bump up weight
(git-fixes, bsc#1224020).
- commit f21b7f9
- Revert "cifs: reconnect work should have reference on server
struct" (git-fixes, bsc#1224020).
- commit 04d1a0e
- cifs: fix leak of iface for primary channel (git-fixes,
bsc#1224020).
- commit 0af0c46
- smb: client: fix mount when dns_resolver key is not available
(git-fixes, bsc#1224020).
- commit 751b43e
- cifs: handle cases where multiple sessions share connection
(bsc#1224020).
- commit caf101a
- smb3: show beginning time for per share stats (bsc#1224020).
- commit 9120f21
- cifs: cifs_chan_is_iface_active should be called with chan_lock
held (bsc#1224020).
- commit 8eaf345
- cifs: do not pass cifs_sb when trying to add channels
(bsc#1224020).
- commit 0be08c0
- smb: client: remove extra @chan_count check in
__cifs_put_smb_ses() (bsc#1224020).
- commit 48869a9
- cifs: reconnect work should have reference on server struct
(bsc#1224020).
- commit 4099f48
- cifs: handle cases where a channel is closed (bsc#1224020).
- commit 856c9d4
- smb: client: reduce stack usage in cifs_try_adding_channels()
(bsc#1224020).
- commit 664baaf
- smb: client: get rid of dfs code dep in namespace.c
(bsc#1224020).
- commit fd4a262
- smb: client: get rid of dfs naming in automount code
(bsc#1224020).
- commit ffae390
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020).
- commit 28e987f
- smb: client: ensure to try all targets when finding nested links
(bsc#1224020).
- commit af0feb9
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020).
- commit ba31c72
- cifs: fix charset issue in reconnection (bsc#1224020).
- commit 18aa95e
- cifs: account for primary channel in the interface list
(bsc#1224020).
- commit a4889d1
- smb: Fix regression in writes when non-standard maximum write
size negotiated (bsc#1222464, CVE-2024-26692).
- commit 3c009aa
- cifs: distribute channels across interfaces based on speed
(bsc#1224020).
- commit 607d036
- Update
patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
(git-fixes CVE-2024-26894 bsc#1223043).
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-fix-usage-of-device_get_name.patch
(git-fixes CVE-2024-36955 bsc#1225810).
- Update
patches.suse/ALSA-usb-audio-Stop-parsing-channels-bits-when-all-c.patch
(git-fixes CVE-2024-27436 bsc#1224803).
- Update
patches.suse/ARM-9381-1-kasan-clear-stale-stack-poison.patch
(git-fixes CVE-2024-36906 bsc#1225715).
- Update
patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
(git-fixes CVE-2024-26801 bsc#1222413).
- Update
patches.suse/Bluetooth-Fix-memory-leak-in-hci_req_sync_complete.patch
(git-fixes CVE-2024-35978 bsc#1224571).
- Update
patches.suse/Bluetooth-L2CAP-Fix-not-validating-setsockopt-user-i.patch
(git-fixes CVE-2024-35965 bsc#1224579).
- Update
patches.suse/Bluetooth-RFCOMM-Fix-not-validating-setsockopt-user-.patch
(git-fixes CVE-2024-35966 bsc#1224576).
- Update
patches.suse/Bluetooth-SCO-Fix-not-validating-setsockopt-user-inp.patch
(git-fixes CVE-2024-35967 bsc#1224587).
- Update
patches.suse/Bluetooth-btintel-Fix-null-ptr-deref-in-btintel_read.patch
(stable-fixes CVE-2024-35933 bsc#1224640).
- Update
patches.suse/Bluetooth-hci_event-Fix-handling-of-HCI_EV_IO_CAPA_R.patch
(git-fixes CVE-2024-27416 bsc#1224723).
- Update
patches.suse/Bluetooth-hci_sock-Fix-not-validating-setsockopt-use.patch
(git-fixes CVE-2024-35963 bsc#1224582).
- Update
patches.suse/Bluetooth-l2cap-fix-null-ptr-deref-in-l2cap_chan_tim.patch
(git-fixes CVE-2024-27399 bsc#1224177).
- Update
patches.suse/Bluetooth-msft-fix-slab-use-after-free-in-msft_do_cl.patch
(git-fixes CVE-2024-36012 bsc#1225502).
- Update
patches.suse/Bluetooth-qca-add-missing-firmware-sanity-checks.patch
(git-fixes CVE-2024-36880 bsc#1225722).
- Update
patches.suse/Bluetooth-qca-fix-NULL-deref-on-non-serdev-suspend.patch
(git-fixes CVE-2024-35851 bsc#1224509).
- Update
patches.suse/Bluetooth-qca-fix-info-leak-when-fetching-fw-build-i.patch
(git-fixes CVE-2024-36032 bsc#1225720).
- Update
patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
(git-fixes CVE-2024-26839 bsc#1222975).
- Update
patches.suse/NFSv4.2-fix-nfs4_listxattr-kernel-BUG-at-mm-usercopy.patch
(git-fixes CVE-2024-26870 bsc#1223113).
- Update
patches.suse/PCI-PM-Drain-runtime-idle-callbacks-before-driver-re.patch
(git-fixes CVE-2024-35809 bsc#1224738).
- Update
patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
(git-fixes CVE-2024-26838 bsc#1222974).
- Update
patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
(git-fixes CVE-2024-26907 bsc#1223203).
- Update
patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
(git-fixes CVE-2024-26916 bsc#1223137).
- Update
patches.suse/SUNRPC-fix-some-memleaks-in-gssx_dec_option_array.patch
(git-fixes CVE-2024-27388 bsc#1223744).
- Update
patches.suse/USB-core-Fix-access-violation-during-port-device-rem.patch
(git-fixes CVE-2024-36896 bsc#1225734).
- Update
patches.suse/USB-core-Fix-deadlock-in-usb_deauthorize_interface.patch
(git-fixes CVE-2024-26934 bsc#1223671).
- Update
patches.suse/arm64-hibernate-Fix-level3-translation-fault-in-swsu.patch
(git-fixes CVE-2024-26989 bsc#1223748).
- Update
patches.suse/ax25-fix-use-after-free-bugs-caused-by-ax25_ds_del_t.patch
(git-fixes CVE-2024-35887 bsc#1224663).
- Update
patches.suse/batman-adv-Avoid-infinite-loop-trying-to-resize-loca.patch
(git-fixes CVE-2024-35982 bsc#1224566).
- Update patches.suse/bpf-Check-bloom-filter-map-value-size.patch
(bsc#1224488 CVE-2024-35905 CVE-2024-36918 bsc#1225766).
- Update
patches.suse/btrfs-fix-information-leak-in-btrfs_ioctl_logical_to.patch
(git-fixes CVE-2024-35849 bsc#1224733).
- Update
patches.suse/clk-Get-runtime-PM-before-walking-tree-during-disabl.patch
(git-fixes CVE-2024-27004 bsc#1223762).
- Update
patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
(git-fixes CVE-2024-27037 bsc#1223717).
- Update
patches.suse/comedi-vmk80xx-fix-incomplete-endpoint-checking.patch
(git-fixes CVE-2024-27001 bsc#1223698).
- Update
patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
(git-fixes CVE-2024-27051 bsc#1223769).
- Update
patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
(git-fixes CVE-2024-26974 bsc#1223638).
- Update
patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
(git-fixes CVE-2024-26880 bsc#1223188).
- Update patches.suse/dma-xilinx_dpdma-Fix-locking.patch
(git-fixes CVE-2024-35990 bsc#1224559).
- Update
patches.suse/dmaengine-fsl-qdma-Fix-a-memory-leak-related-to-the-.patch
(git-fixes CVE-2024-35833 bsc#1224632).
- Update
patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
(git-fixes CVE-2024-26788 bsc#1222783).
- Update
patches.suse/dmaengine-idxd-Fix-oops-during-rmmod-on-single-CPU-p.patch
(git-fixes CVE-2024-35989 bsc#1224558).
- Update
patches.suse/drm-amd-display-Atom-Integrated-System-Info-v2_2-for.patch
(stable-fixes CVE-2024-36897 bsc#1225735).
- Update
patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
(git-fixes CVE-2024-27045 bsc#1223826).
- Update
patches.suse/drm-amd-pm-fixes-a-random-hang-in-S4-for-SMU-v13.0.4.patch
(stable-fixes CVE-2024-36026 bsc#1225705).
- Update
patches.suse/drm-amdgpu-once-more-fix-the-call-oder-in-amdgpu_ttm.patch
(git-fixes CVE-2024-27400 bsc#1224180).
- Update
patches.suse/drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch
(git-fixes CVE-2024-26922 bsc#1223315).
- Update
patches.suse/drm-arm-malidp-fix-a-possible-null-pointer-dereferen.patch
(git-fixes CVE-2024-36014 bsc#1225593).
- Update patches.suse/drm-ast-Fix-soft-lockup.patch (git-fixes
CVE-2024-35952 bsc#1224705).
- Update
patches.suse/drm-client-Fully-protect-modes-with-dev-mode_config..patch
(stable-fixes CVE-2024-35950 bsc#1224703).
- Update
patches.suse/drm-i915-bios-Tolerate-devdata-NULL-in-intel_bios_en.patch
(stable-fixes CVE-2024-26938 bsc#1223678).
- Update
patches.suse/drm-i915-gt-Reset-queue_priority_hint-on-parking.patch
(git-fixes CVE-2024-26937 bsc#1223677).
- Update
patches.suse/drm-lima-fix-a-memleak-in-lima_heap_alloc.patch
(git-fixes CVE-2024-35829 bsc#1224707).
- Update
patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
(git-fixes CVE-2024-26874 bsc#1223048).
- Update patches.suse/drm-nv04-Fix-out-of-bounds-access.patch
(git-fixes CVE-2024-27008 bsc#1223802).
- Update
patches.suse/drm-vc4-don-t-check-if-plane-state-fb-state-fb.patch
(stable-fixes CVE-2024-35932 bsc#1224650).
- Update
patches.suse/drm-vmwgfx-Create-debugfs-ttm_resource_manager-entry.patch
(git-fixes CVE-2024-26940 bsc#1223718).
- Update
patches.suse/dyndbg-fix-old-BUG_ON-in-control-parser.patch
(stable-fixes CVE-2024-35947 bsc#1224647).
- Update
patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch
(git-fixes CVE-2024-26778 bsc#1222770).
- Update
patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch
(git-fixes CVE-2024-26777 bsc#1222765).
- Update
patches.suse/fbmon-prevent-division-by-zero-in-fb_videomode_from_.patch
(stable-fixes CVE-2024-35922 bsc#1224660).
- Update
patches.suse/i2c-smbus-fix-NULL-function-pointer-dereference.patch
(git-fixes CVE-2024-35984 bsc#1224567).
- Update
patches.suse/init-main.c-Fix-potential-static_command_line-memory.patch
(git-fixes CVE-2024-26988 bsc#1223747).
- Update
patches.suse/irqchip-gic-v3-its-Prevent-double-free-on-error.patch
(git-fixes CVE-2024-35847 bsc#1224697).
- Update
patches.suse/kprobes-Fix-possible-use-after-free-issue-on-kprobe-registration.patch
(git-fixes CVE-2024-35955 bsc#1224676).
- Update
patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
(git-fixes CVE-2024-27075 bsc#1223842).
- Update
patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
(git-fixes CVE-2024-27074 bsc#1223844).
- Update
patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
(git-fixes CVE-2024-27076 bsc#1223779).
- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
(git-fixes CVE-2024-26829 bsc#1223027).
- Update
patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
(git-fixes CVE-2024-27073 bsc#1223843).
- Update
patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
(git-fixes CVE-2024-27072 bsc#1223837).
- Update
patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
(git-fixes CVE-2024-27077 bsc#1223780).
- Update
patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
(git-fixes CVE-2024-27078 bsc#1223781).
- Update
patches.suse/mmc-core-Avoid-negative-index-with-array-access.patch
(git-fixes CVE-2024-35813 bsc#1224618).
- Update
patches.suse/mmc-sdhci-msm-pervent-access-to-suspended-controller.patch
(git-fixes CVE-2024-36029 bsc#1225708).
- Update
patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch
(git-fixes CVE-2024-26698 bsc#1222374).
- Update
patches.suse/msft-hv-2971-net-mana-Fix-Rx-DMA-datasize-and-skb_over_panic.patch
(git-fixes CVE-2024-35901 bsc#1224495).
- Update
patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
(bsc#1215322 CVE-2024-26859 bsc#1223049).
- Update
patches.suse/net-ll_temac-platform_get_resource-replaced-by-wrong.patch
(git-fixes CVE-2024-35796 bsc#1224615).
- Update
patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
(git-fixes CVE-2024-27047 bsc#1223828).
- Update
patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch
(git-fixes CVE-2024-26597 bsc#1220363).
- Update
patches.suse/nfc-nci-Fix-uninit-value-in-nci_dev_up-and-nci_ntf_p.patch
(git-fixes CVE-2024-35915 bsc#1224479).
- Update
patches.suse/nouveau-fix-instmem-race-condition-around-ptr-stores.patch
(git-fixes CVE-2024-26984 bsc#1223633).
- Update
patches.suse/nvme-fc-do-not-wait-in-vain-when-unloading-module.patch
(git-fixes CVE-2024-26846 bsc#1223023).
- Update
patches.suse/nvme-fix-reconnection-fail-due-to-reserved-tag-alloc.patch
(git-fixes CVE-2024-27435 bsc#1224717).
- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
(git-fixes CVE-2024-26977 bsc#1223631).
- Update
patches.suse/power-supply-bq27xxx-i2c-Do-not-free-non-existing-IR.patch
(git-fixes CVE-2024-27412 bsc#1224437).
- Update
patches.suse/powerpc-pseries-iommu-LPAR-panics-during-boot-up-wit.patch
(bsc#1222011 ltc#205900 CVE-2024-36926 bsc#1225829).
- Update
patches.suse/ppdev-Add-an-error-check-in-register_device.patch
(git-fixes CVE-2024-36015 bsc#1225640).
- Update
patches.suse/pstore-zone-Add-a-null-pointer-check-to-the-psz_kmsg.patch
(stable-fixes CVE-2024-35940 bsc#1224537).
- Update
patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
(bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
- Update
patches.suse/s390-cio-Ensure-the-copied-buf-is-NUL-terminated.patch
(git-fixes bsc#1223875 CVE-2024-36931 bsc#1225747).
- Update
patches.suse/s390-qeth-Fix-kernel-panic-after-setting-hsuid.patch
(git-fixes bsc#1223879 CVE-2024-36928 bsc#1225775).
- Update
patches.suse/s390-zcrypt-fix-reference-counting-on-zcrypt-card-objects.patch
(git-fixes bsc#1223595 CVE-2024-26957 bsc#1223666).
- Update
patches.suse/scsi-lpfc-Fix-possible-memory-leak-in-lpfc_rcv_padis.patch
(bsc#1220021 CVE-2024-35930 bsc#1224651).
- Update
patches.suse/scsi-lpfc-Release-hbalock-before-calling-lpfc_worker.patch
(bsc#1221777 CVE-2024-36924 bsc#1225820).
- Update
patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
(bsc1221816 CVE-2024-26931 bsc#1223627).
- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
(bsc1221816 CVE-2024-26929 bsc#1223715).
- Update
patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointer.patch
(bsc1221816 CVE-2024-26930 bsc#1223626).
- Update
patches.suse/serial-mxs-auart-add-spinlock-around-changing-cts-st.patch
(git-fixes CVE-2024-27000 bsc#1223757).
- Update
patches.suse/serial-pmac_zilog-Remove-flawed-mitigation-for-rx-ir.patch
(git-fixes CVE-2024-26999 bsc#1223754).
- Update
patches.suse/soc-fsl-qbman-Always-disable-interrupts-when-taking-.patch
(git-fixes CVE-2024-35806 bsc#1224699).
- Update patches.suse/speakup-Avoid-crash-on-very-long-word.patch
(git-fixes CVE-2024-26994 bsc#1223750).
- Update
patches.suse/spi-spi-mt65xx-Fix-NULL-pointer-access-in-interrupt-.patch
(git-fixes CVE-2024-27028 bsc#1223788).
- Update
patches.suse/tty-n_gsm-fix-possible-out-of-bounds-in-gsm0_receive.patch
(git-fixes CVE-2024-36016 bsc#1225642).
- Update
patches.suse/ubifs-Set-page-uptodate-in-the-correct-place.patch
(git-fixes CVE-2024-35821 bsc#1224629).
- Update
patches.suse/usb-cdc-wdm-close-race-between-read-and-workqueue.patch
(git-fixes CVE-2024-35812 bsc#1224624).
- Update
patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch
(git-fixes CVE-2024-26748 bsc#1222513).
- Update
patches.suse/usb-dwc2-host-Fix-dereference-issue-in-DDMA-completi.patch
(git-fixes CVE-2024-26997 bsc#1223741).
- Update
patches.suse/usb-gadget-f_ncm-Fix-UAF-ncm-object-at-re-bind-after.patch
(stable-fixes CVE-2024-26996 bsc#1223752).
- Update
patches.suse/usb-gadget-ncm-Avoid-dropping-datagrams-of-properly-.patch
(git-fixes CVE-2024-27405 bsc#1224423).
- Update
patches.suse/usb-gadget-ncm-Fix-handling-of-zero-block-length-pac.patch
(git-fixes CVE-2024-35825 bsc#1224681).
- Update
patches.suse/usb-typec-tcpm-Check-for-port-partner-validity-befor.patch
(git-fixes CVE-2024-36893 bsc#1225748).
- Update
patches.suse/usb-udc-remove-warning-when-queue-disabled-ep.patch
(stable-fixes CVE-2024-35822 bsc#1224739).
- Update
patches.suse/usb-xhci-Add-error-handling-in-xhci_map_urb_for_dma.patch
(git-fixes CVE-2024-26964 bsc#1223650).
- Update
patches.suse/vt-fix-unicode-buffer-corruption-when-deleting-chara.patch
(git-fixes CVE-2024-35823 bsc#1224692).
- Update
patches.suse/wifi-ath11k-decrease-MHI-channel-buffer-length-to-8K.patch
(bsc#1207948 CVE-2024-35938 bsc#1224643).
- Update
patches.suse/wifi-iwlwifi-dbg-tlv-ensure-NUL-termination.patch
(git-fixes CVE-2024-35845 bsc#1224731).
- Update
patches.suse/wifi-iwlwifi-mvm-rfi-fix-potential-response-leaks.patch
(git-fixes CVE-2024-35912 bsc#1224487).
- Update
patches.suse/wifi-libertas-fix-some-memleaks-in-lbs_allocate_cmd_.patch
(git-fixes CVE-2024-35828 bsc#1224622).
- Update
patches.suse/wifi-mac80211-check-clear-fast-rx-for-non-4addr-sta-.patch
(stable-fixes CVE-2024-35789 bsc#1224749).
- Update
patches.suse/wifi-nl80211-don-t-free-NULL-coalescing-rule.patch
(git-fixes CVE-2024-36941 bsc#1225835).
- Update
patches.suse/wifi-nl80211-reject-iftype-change-with-mesh-ID-chang.patch
(git-fixes CVE-2024-27410 bsc#1224432).
- Update
patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
(git-fixes CVE-2024-27052 bsc#1223829).
- Update
patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
(git-fixes CVE-2024-27053 bsc#1223737).
- Update
patches.suse/x86-fpu-Keep-xfd_state-in-sync-with-MSR_IA32_XFD.patch
(git-fixes CVE-2024-35801 bsc#1224732).
- commit aea06f9
- Update
patches.suse/ACPI-LPIT-Avoid-u32-multiplication-overflow.patch
(git-fixes CVE-2023-52683 bsc#1224627).
- Update
patches.suse/ACPI-video-check-for-error-while-searching-for-backl.patch
(git-fixes CVE-2023-52693 bsc#1224686).
- Update
patches.suse/IB-mlx5-Fix-init-stage-error-handling-to-avoid-doubl.patch
(git-fixes CVE-2023-52851 bsc#1225587).
- Update
patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch
(git-fixes CVE-2023-52657 bsc#1224722).
- Update
patches.suse/SUNRPC-Fix-RPC-client-cleaned-up-the-freed-pipefs-de.patch
(git-fixes CVE-2023-52803 bsc#1225008).
- Update
patches.suse/SUNRPC-fix-a-memleak-in-gss_import_v2_context.patch
(git-fixes bsc#1223858 CVE-2023-52653 bsc#1223712).
- Update
patches.suse/ceph-blocklist-the-kclient-when-receiving-corrupted-snap-trace.patch
(jsc#SES-1880 CVE-2023-52732 bsc#1225222).
- Update
patches.suse/crypto-s390-aes-Fix-buffer-overread-in-CTR-mode.patch
(git-fixes CVE-2023-52669 bsc#1224637).
- Update
patches.suse/drm-amd-display-fix-a-NULL-pointer-dereference-in-am.patch
(git-fixes CVE-2023-52773 bsc#1225041).
- Update
patches.suse/drm-amd-pm-fix-a-double-free-in-si_dpm_init.patch
(git-fixes CVE-2023-52691 bsc#1224607).
- Update
patches.suse/drm-amdgpu-vkms-fix-a-possible-null-pointer-derefere.patch
(git-fixes CVE-2023-52815 bsc#1225568).
- Update
patches.suse/drm-amdkfd-Confirm-list-is-non-empty-before-utilizin.patch
(git-fixes CVE-2023-52678 bsc#1224617).
- Update
patches.suse/drm-bridge-it66121-Fix-invalid-connector-dereference.patch
(git-fixes CVE-2023-52861 bsc#1224941).
- Update
patches.suse/drm-bridge-tpd12s015-Drop-buggy-__exit-annotation-fo.patch
(git-fixes CVE-2023-52694 bsc#1224598).
- Update
patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
(git-fixes CVE-2023-52650 bsc#1223770).
- Update
patches.suse/drm-tegra-rgb-Fix-missing-clk_put-in-the-error-handl.patch
(git-fixes CVE-2023-52661 bsc#1224445).
- Update
patches.suse/drm-vmwgfx-fix-a-memleak-in-vmw_gmrid_man_get_node.patch
(git-fixes CVE-2023-52662 bsc#1224449).
- Update
patches.suse/fbdev-Fix-invalid-page-access-after-closing-deferred.patch
(bsc#1207284 CVE-2023-52731 bsc#1224929).
- Update
patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
(git-fixes CVE-2023-52643 bsc#1222960).
- Update
patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
(git-fixes CVE-2023-52642 bsc#1223031).
- Update
patches.suse/nilfs2-fix-underflow-in-second-superblock-position-c.patch
(git-fixes CVE-2023-52705 bsc#1225480).
- Update
patches.suse/of-Fix-double-free-in-of_parse_phandle_with_args_map.patch
(git-fixes CVE-2023-52679 bsc#1224508).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_pow.patch
(bsc#1181674 ltc#189159 git-fixes CVE-2023-52696 bsc#1224601).
- Update
patches.suse/pstore-ram_core-fix-possible-overflow-in-persistent_.patch
(git-fixes CVE-2023-52685 bsc#1224728).
- Update
patches.suse/scsi-hisi_sas-Set-debugfs_dir-pointer-to-NULL-after-removing-debugfs.patch
(git-fixes CVE-2023-52808 bsc#1225555).
- Update
patches.suse/scsi-ibmvfc-Remove-BUG_ON-in-the-case-of-an-empty-ev.patch
(bsc#1209834 ltc#202097 CVE-2023-52811 bsc#1225559).
- Update
patches.suse/scsi-libfc-Fix-potential-NULL-pointer-dereference-in-fc_lport_ptp_setup.patch
(git-fixes CVE-2023-52809 bsc#1225556).
- Update
patches.suse/sysv-don-t-call-sb_bread-with-pointers_lock-held.patch
(git-fixes CVE-2023-52699 bsc#1224659).
- Update
patches.suse/wifi-ath11k-fix-gtk-offload-status-event-locking.patch
(git-fixes CVE-2023-52777 bsc#1224992).
- Update
patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
(git-fixes CVE-2023-52644 bsc#1222961).
- Update
patches.suse/x86-mm-Ensure-input-to-pfn_to_kaddr-is-treated-as-a-64-bit-type.patch
(jsc#PED-7167 git-fixes CVE-2023-52659 bsc#1224442).
- commit c90a371
- Update
patches.suse/1622-drm-gma500-Fix-WARN_ON-lock-magic-lock-error.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-48633 bsc#1223489).
- Update
patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes CVE-2022-48669
bsc#1223756).
- Update
patches.suse/wifi-mt76-mt7921e-fix-crash-in-chip-reset-fail.patch
(bsc#1209980 CVE-2022-48705 bsc#1223895).
- commit 5061b21
- Update
patches.suse/1321-drm-msm-devfreq-Fix-OPP-refcnt-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47532 bsc#1225444).
- Update
patches.suse/1322-drm-msm-Fix-mmap-to-include-VM_IO-and-VM_DONTDUMP.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47531 bsc#1225443).
- Update
patches.suse/1323-drm-msm-Fix-wait_fence-submitqueue-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47530 bsc#1225442).
- Update
patches.suse/blk-mq-cancel-blk-mq-dispatch-work-in-both-blk_clean.patch
(jsc#PED-1183 CVE-2021-47552 bsc#1225513).
- Update
patches.suse/btrfs-free-exchange-changeset-on-failures.patch
(git-fixes CVE-2021-47508 bsc#1225408).
- Update
patches.suse/io_uring-ensure-task_work-gets-run-as-part-of-cancel.patch
(bsc#1205205 CVE-2021-47504 bsc#1225382).
- Update
patches.suse/io_uring-fail-cancellation-for-EXITING-tasks.patch
(bsc#1205205 CVE-2021-47569 bsc#1225515).
- Update
patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
(bsc#1207361 CVE-2021-47512 bsc#1225424).
- Update
patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
(bsc#1207361 CVE-2021-47557 bsc#1225468).
- Update
patches.suse/net-vlan-fix-underflow-for-the-real_dev-refcnt.patch
(git-fixes CVE-2021-47555 bsc#1225467).
- commit 89b5f8b
- Update
patches.suse/ALSA-hda-Do-not-unset-preset-when-cleaning-up-codec.patch
(git-fixes CVE-2023-52736 bsc#1225486).
- Update
patches.suse/ALSA-hda-Fix-possible-null-ptr-deref-when-assigning-.patch
(git-fixes CVE-2023-52806 bsc#1225554).
- Update
patches.suse/Bluetooth-btusb-Add-date-evt_skb-is-NULL-check.patch
(git-fixes CVE-2023-52833 bsc#1225595).
- Update
patches.suse/Fix-page-corruption-caused-by-racy-check-in-__free_pages.patch
(bsc#1208149 CVE-2023-52739 bsc#1225118).
- Update
patches.suse/IB-IPoIB-Fix-legacy-IPoIB-due-to-wrong-number-of-que.patch
(git-fixes CVE-2023-52745 bsc#1225032).
- Update
patches.suse/IB-hfi1-Restore-allocated-resources-on-failed-copyou.patch
(git-fixes CVE-2023-52747 bsc#1224931).
- Update
patches.suse/Input-synaptics-rmi4-fix-use-after-free-in-rmi_unreg.patch
(git-fixes CVE-2023-52840 bsc#1224928).
- Update
patches.suse/RDMA-irdma-Fix-potential-NULL-ptr-dereference.patch
(git-fixes CVE-2023-52744 bsc#1225121).
- Update
patches.suse/atl1c-Work-around-the-DMA-RX-overflow-issue.patch
(git-fixes CVE-2023-52834 bsc#1225599).
- Update
patches.suse/can-dev-can_put_echo_skb-don-t-crash-kernel-if-can_p.patch
(git-fixes CVE-2023-52878 bsc#1225000).
- Update
patches.suse/cifs-Fix-use-after-free-in-rdata-read_into_pages-.patch
(git-fixes CVE-2023-52741 bsc#1225479).
- Update
patches.suse/clk-mediatek-clk-mt2701-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52875 bsc#1225096).
- Update
patches.suse/clk-mediatek-clk-mt6765-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52870 bsc#1224937).
- Update
patches.suse/clk-mediatek-clk-mt6779-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52873 bsc#1225589).
- Update
patches.suse/clk-mediatek-clk-mt6797-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52865 bsc#1225086).
- Update
patches.suse/clk-mediatek-clk-mt7629-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52858 bsc#1225566).
- Update
patches.suse/clk-mediatek-clk-mt7629-eth-Add-check-for-mtk_alloc_.patch
(git-fixes CVE-2023-52876 bsc#1225036).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-Pola.patch
(git-fixes CVE-2023-52819 bsc#1225532).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-SMU7.patch
(git-fixes CVE-2023-52818 bsc#1225530).
- Update
patches.suse/drm-amd-display-Avoid-NULL-dereference-of-timing-gen.patch
(git-fixes CVE-2023-52753 bsc#1225478).
- Update
patches.suse/drm-amdgpu-Fix-a-null-pointer-access-when-the-smc_rr.patch
(git-fixes CVE-2023-52817 bsc#1225569).
- Update
patches.suse/drm-amdgpu-Fix-potential-null-pointer-derefernce.patch
(git-fixes CVE-2023-52814 bsc#1225565).
- Update
patches.suse/drm-amdgpu-fence-Fix-oops-due-to-non-matching-drm_sc.patch
(git-fixes CVE-2023-52738 bsc#1225005).
- Update
patches.suse/drm-amdkfd-Fix-a-race-condition-of-vram-buffer-unref.patch
(git-fixes CVE-2023-52825 bsc#1225076).
- Update
patches.suse/drm-amdkfd-Fix-shift-out-of-bounds-issue.patch
(git-fixes CVE-2023-52816 bsc#1225529).
- Update
patches.suse/drm-bridge-lt8912b-Fix-crash-on-bridge-detach.patch
(git-fixes CVE-2023-52856 bsc#1224932).
- Update
patches.suse/drm-panel-fix-a-possible-null-pointer-dereference.patch
(git-fixes CVE-2023-52821 bsc#1225022).
- Update
patches.suse/drm-panel-panel-tpo-tpg110-fix-a-possible-null-point.patch
(git-fixes CVE-2023-52826 bsc#1225077).
- Update patches.suse/drm-radeon-possible-buffer-overflow.patch
(git-fixes CVE-2023-52867 bsc#1225009).
- Update
patches.suse/fbdev-imsttfb-fix-a-resource-leak-in-probe.patch
(git-fixes CVE-2023-52838 bsc#1225031).
- Update
patches.suse/fs-jfs-Add-check-for-negative-db_l2nbperpage.patch
(git-fixes CVE-2023-52810 bsc#1225557).
- Update
patches.suse/fs-jfs-Add-validity-check-for-db_maxag-and-db_agpref.patch
(git-fixes CVE-2023-52804 bsc#1225550).
- Update patches.suse/gfs2-ignore-negated-quota-changes.patch
(git-fixes CVE-2023-52759 bsc#1225560).
- Update
patches.suse/hid-cp2112-Fix-duplicate-workqueue-initialization.patch
(git-fixes CVE-2023-52853 bsc#1224988).
- Update
patches.suse/i2c-core-Run-atomic-i2c-xfer-when-preemptible.patch
(git-fixes CVE-2023-52791 bsc#1225108).
- Update
patches.suse/i3c-master-mipi-i3c-hci-Fix-a-kernel-panic-for-acces.patch
(git-fixes CVE-2023-52763 bsc#1225570).
- Update
patches.suse/i915-perf-Fix-NULL-deref-bugs-with-drm_dbg-calls.patch
(git-fixes CVE-2023-52788 bsc#1225106).
- Update
patches.suse/ice-Do-not-use-WQ_MEM_RECLAIM-flag-for-workqueue.patch
(git-fixes CVE-2023-52743 bsc#1225003).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbFindLeaf.patch
(git-fixes CVE-2023-52799 bsc#1225472).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diAlloc.patch
(git-fixes CVE-2023-52805 bsc#1225553).
- Update
patches.suse/media-bttv-fix-use-after-free-error-due-to-btv-timeo.patch
(git-fixes CVE-2023-52847 bsc#1225588).
- Update
patches.suse/media-gspca-cpia1-shift-out-of-bounds-in-set_flicker.patch
(git-fixes CVE-2023-52764 bsc#1225571).
- Update
patches.suse/media-imon-fix-access-to-invalid-resource-for-the-se.patch
(git-fixes CVE-2023-52754 bsc#1225490).
- Update
patches.suse/media-vidtv-mux-Add-check-and-kfree-for-kstrdup.patch
(git-fixes CVE-2023-52841 bsc#1225592).
- Update patches.suse/media-vidtv-psi-Add-check-for-kstrdup.patch
(git-fixes CVE-2023-52844 bsc#1225590).
- Update
patches.suse/mmc-mmc_spi-fix-error-handling-in-mmc_spi_probe.patch
(git-fixes CVE-2023-52708 bsc#1225483).
- Update
patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch
(git-fixes CVE-2023-52730 bsc#1224956).
- Update
patches.suse/net-USB-Fix-wrong-direction-WARNING-in-plusb.c.patch
(git-fixes CVE-2023-52742 bsc#1225482).
- Update
patches.suse/net-openvswitch-fix-possible-memory-leak-in-ovs_mete.patch
(git-fixes CVE-2023-52702 bsc#1224945).
- Update
patches.suse/net-usb-kalmia-Don-t-pass-act_len-in-usb_bulk_msg-er.patch
(git-fixes CVE-2023-52703 bsc#1225549).
- Update
patches.suse/padata-Fix-refcnt-handling-in-padata_free_shell.patch
(git-fixes CVE-2023-52854 bsc#1225584).
- Update
patches.suse/platform-x86-wmi-Fix-opening-of-char-device.patch
(git-fixes CVE-2023-52864 bsc#1225132).
- Update
patches.suse/powerpc-64s-interrupt-Fix-interrupt-exit-race-with-s.patch
(bsc#1194869 CVE-2023-52740 bsc#1225471).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686 bsc#1224682).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-to-scom_deb.patch
(bsc#1194869 CVE-2023-52690 bsc#1224611).
- Update patches.suse/pwm-Fix-double-shift-bug.patch (git-fixes
CVE-2023-52756 bsc#1225461).
- Update
patches.suse/s390-dasd-protect-device-queue-against-concurrent-access.patch
(git-fixes bsc#1217515 CVE-2023-52774 bsc#1225572).
- Update
patches.suse/s390-decompressor-specify-__decompress-buf-len-to-avoid-overflow.patch
(git-fixes bsc#1213863 CVE-2023-52733 bsc#1225488).
- Update
patches.suse/sched-psi-Fix-use-after-free-in-ep_remove_wait_queue.patch
(bsc#1209799 CVE-2023-52707 bsc#1225109).
- Update
patches.suse/soc-qcom-llcc-Handle-a-second-device-without-data-co.patch
(git-fixes CVE-2023-52871 bsc#1225534).
- Update
patches.suse/thermal-core-prevent-potential-string-overflow.patch
(git-fixes CVE-2023-52868 bsc#1225044).
- Update
patches.suse/tty-n_gsm-fix-race-condition-in-status-line-change-o.patch
(git-fixes CVE-2023-52872 bsc#1225591).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-vcc-Add-check-for-kstrdup-in-vcc_probe.patch
(git-fixes CVE-2023-52789 bsc#1225180).
- Update
patches.suse/usb-config-fix-iteration-issue-in-usb_get_bos_descri.patch
(git-fixes CVE-2023-52781 bsc#1225092).
- Update
patches.suse/usb-dwc2-fix-possible-NULL-pointer-dereference-cause.patch
(git-fixes CVE-2023-52855 bsc#1225583).
- Update
patches.suse/usb-typec-tcpm-Fix-NULL-pointer-dereference-in-tcpm_.patch
(git-fixes CVE-2023-52877 bsc#1224944).
- Update
patches.suse/wifi-ath11k-fix-dfs-radar-event-locking.patch
(git-fixes CVE-2023-52798 bsc#1224947).
- Update
patches.suse/wifi-mac80211-don-t-return-unset-power-in-ieee80211_.patch
(git-fixes CVE-2023-52832 bsc#1225577).
- commit c6aceca
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(git-fixes CVE-2022-48710 bsc#1225230).
- Update
patches.suse/ice-switch-fix-potential-memleak-in-ice_add_adv_reci.patch
(git-fixes CVE-2022-48709 bsc#1225095).
- Update
patches.suse/pinctrl-single-fix-potential-NULL-dereference.patch
(git-fixes CVE-2022-48708 bsc#1224942).
- commit 41f6d79
- Update
patches.suse/ALSA-pcm-oss-Fix-negative-period-buffer-sizes.patch
(git-fixes CVE-2021-47511 bsc#1225411).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes CVE-2021-47509 bsc#1225409).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes stable-5.14.10 CVE-2021-47381 bsc#1225206).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes CVE-2021-47502 bsc#1225369).
- Update
patches.suse/HID-amd_sfh-Fix-potential-NULL-pointer-dereference.patch
(stable-5.14.10 CVE-2021-47380 bsc#1225205).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(stable-5.14.10 CVE-2021-47404 bsc#1225303).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(git-fixes CVE-2021-47522 bsc#1225437).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(stable-5.14.10 CVE-2021-47405 bsc#1225238).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(jsc#SLE-19242 CVE-2021-47523 bsc#1225438).
- Update
patches.suse/IB-qib-Protect-from-buffer-overflow-in-struct-qib_us.patch
(stable-5.14.16 CVE-2021-47485 bsc#1224904).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(stable-5.14.15 bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056 CVE-2021-47465 bsc#1225341).
- Update
patches.suse/KVM-SVM-fix-missing-sev_decommission-in-sev_receive_.patch
(stable-5.14.10 CVE-2021-47389 bsc#1225126).
- Update
patches.suse/KVM-arm64-Fix-host-stage-2-PGD-refcount.patch
(stable-5.14.15 CVE-2021-47450 bsc#1225258).
- Update
patches.suse/KVM-x86-Fix-stack-out-of-bounds-memory-access-from-i.patch
(stable-5.14.10 CVE-2021-47390 bsc#1225125).
- Update
patches.suse/KVM-x86-Handle-SRCU-initialization-failure-during-pa.patch
(stable-5.14.10 CVE-2021-47407 bsc#1225306).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(stable-5.14.14 CVE-2021-47442 bsc#1225263).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(stable-5.14.14 CVE-2021-47443 bsc#1225262).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(stable-5.14.10 CVE-2021-47391 bsc#1225318).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(stable-5.14.10 CVE-2021-47392 bsc#1225320).
- Update patches.suse/RDMA-hfi1-Fix-kernel-pointer-leak.patch
(stable-5.14.10 CVE-2021-47398 bsc#1225131).
- Update
patches.suse/RDMA-mlx5-Initialize-the-ODP-xarray-when-creating-an.patch
(stable-5.14.16 CVE-2021-47481 bsc#1224910).
- Update
patches.suse/afs-Fix-corruption-in-reads-at-fpos-2G-4G-from-an-Op.patch
(stable-5.14.9 CVE-2021-47366 bsc#1225160).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 CVE-2021-47505 bsc#1225400).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(stable-5.14.15 CVE-2021-47464 bsc#1225393).
- Update patches.suse/binder-make-sure-fd-closes-complete.patch
(stable-5.14.9 CVE-2021-47360 bsc#1225122).
- Update
patches.suse/blk-cgroup-fix-UAF-by-grabbing-blkcg-lock-before-des.patch
(stable-5.14.9 CVE-2021-47379 bsc#1225203).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(stable-5.14.9 CVE-2021-47375 bsc#1225193).
- Update
patches.suse/block-don-t-call-rq_qos_ops-done_bio-if-the-bio-isn-.patch
(stable-5.14.11 CVE-2021-47412 bsc#1225332).
- Update
patches.suse/bpf-Add-oversize-check-before-call-kvcalloc.patch
(stable-5.14.9 CVE-2021-47376 bsc#1225195).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(stable-5.14.12 CVE-2021-47426 bsc#1225370).
- Update
patches.suse/btrfs-fix-abort-logic-in-btrfs_replace_file_extents.patch
(stable-5.14.14 CVE-2021-47433 bsc#1225392).
- Update
patches.suse/btrfs-fix-re-dirty-process-of-tree-log-nodes.patch
(bsc#1197915 CVE-2021-47510 bsc#1225410).
- Update
patches.suse/can-isotp-isotp_sendmsg-add-result-check-for-wait_ev.patch
(stable-5.14.15 CVE-2021-47457 bsc#1225235).
- Update
patches.suse/can-j1939-j1939_netdev_start-fix-UAF-for-rx_kref-of-.patch
(stable-5.14.15 CVE-2021-47459 bsc#1225253).
- Update
patches.suse/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
(git-fixes CVE-2021-47520 bsc#1225431).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(stable-5.14.15 CVE-2021-47456 bsc#1225256).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes CVE-2021-47521 bsc#1225435).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes stable-5.14.16 CVE-2021-47494 bsc#1225450).
- Update
patches.suse/cgroup-Fix-memory-leak-caused-by-missing-cgroup_bpf_.patch
(stable-5.14.16 CVE-2021-47488 bsc#1224902).
- Update patches.suse/cifs-Fix-soft-lockup-during-fsstress.patch
(stable-5.14.9 CVE-2021-47359 bsc#1225145).
- Update
patches.suse/comedi-Fix-memory-leak-in-compat_insnlist.patch
(stable-5.14.9 CVE-2021-47364 bsc#1225158).
- Update patches.suse/comedi-dt9812-fix-DMA-buffers-on-stack.patch
(git-fixes stable-5.14.18 CVE-2021-47477 bsc#1224912).
- Update
patches.suse/comedi-ni_usb6501-fix-NULL-deref-in-command-paths.patch
(git-fixes stable-5.14.18 CVE-2021-47476 bsc#1224913).
- Update
patches.suse/comedi-vmk80xx-fix-bulk-buffer-overflow.patch
(git-fixes stable-5.14.18 CVE-2021-47474 bsc#1224915).
- Update
patches.suse/comedi-vmk80xx-fix-transfer-buffer-overflows.patch
(git-fixes stable-5.14.18 CVE-2021-47475 bsc#1224914).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(stable-5.14.10 CVE-2021-47387 bsc#1225316).
- Update
patches.suse/devlink-fix-netns-refcount-leak-in-devlink_nl_cmd_re.patch
(git-fixes CVE-2021-47514 bsc#1225425).
- Update
patches.suse/dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(stable-5.14.14 CVE-2021-47435 bsc#1225247).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(stable-5.14.14 CVE-2021-47498 bsc#1225357).
- Update
patches.suse/dma-debug-prevent-an-error-message-from-causing-runt.patch
(stable-5.14.9 CVE-2021-47374 bsc#1225191).
- Update patches.suse/drm-amd-amdgpu-fix-potential-memleak.patch
(git-fixes CVE-2021-47550 bsc#1225379).
- Update
patches.suse/drm-amd-amdkfd-Fix-kernel-panic-when-reset-failed-an.patch
(git-fixes CVE-2021-47551 bsc#1225510).
- Update
patches.suse/drm-amd-pm-Update-intermediate-power-state-for-SI.patch
(stable-5.14.9 CVE-2021-47362 bsc#1225153).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(stable-5.14.13 CVE-2021-47431 bsc#1225390).
- Update
patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch
(git-fixes stable-5.14.12 CVE-2021-47421 bsc#1225353).
- Update
patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47420 bsc#1225339).
- Update
patches.suse/drm-amdkfd-fix-svm_migrate_fini-warning.patch
(stable-5.14.11 CVE-2021-47410 bsc#1225331).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(git-fixes stable-5.14.14 CVE-2021-47444 bsc#1225243).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes stable-5.14.14 CVE-2021-47445 bsc#1225261).
- Update
patches.suse/drm-msm-a3xx-fix-error-handling-in-a3xx_gpu_init.patch
(git-fixes stable-5.14.14 CVE-2021-47447 bsc#1225260).
- Update
patches.suse/drm-msm-a4xx-fix-error-handling-in-a4xx_gpu_init.patch
(git-fixes stable-5.14.14 CVE-2021-47446 bsc#1225240).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(git-fixes CVE-2021-47535 bsc#1225446).
- Update
patches.suse/drm-mxsfb-Fix-NULL-pointer-dereference-crash-on-unlo.patch
(stable-5.14.15 CVE-2021-47471 bsc#1225187).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47423 bsc#1225366).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47422 bsc#1225233).
- Update
patches.suse/drm-ttm-fix-memleak-in-ttm_transfered_destroy.patch
(stable-5.14.16 CVE-2021-47490 bsc#1225436).
- Update
patches.suse/drm-vc4-kms-Clear-the-HVS-FIFO-commit-pointer-once-d.patch
(git-fixes CVE-2021-47533 bsc#1225445).
- Update
patches.suse/enetc-Fix-illegal-access-when-reading-affinity_hint.patch
(stable-5.14.9 CVE-2021-47368 bsc#1225161).
- Update
patches.suse/ethtool-ioctl-fix-potential-NULL-deref-in-ethtool_se.patch
(jsc#SLE-19253 CVE-2021-47556 bsc#1225383).
- Update
patches.suse/ext4-add-error-checking-to-ext4_ext_replay_set_ibloc.patch
(stable-5.14.10 CVE-2021-47406 bsc#1225304).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes stable-5.14.10 CVE-2021-47393 bsc#1225321).
- Update
patches.suse/hwmon-w83791d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 CVE-2021-47386 bsc#1225268).
- Update
patches.suse/hwmon-w83792d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 CVE-2021-47385 bsc#1225210).
- Update
patches.suse/hwmon-w83793-Fix-NULL-pointer-dereference-by-removin.patch
(stable-5.14.10 CVE-2021-47384 bsc#1225209).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes stable-5.14.12 CVE-2021-47425 bsc#1225223).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(jsc#SLE-18378 CVE-2021-47501 bsc#1225361).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(stable-5.14.12 CVE-2021-47424 bsc#1225367).
- Update
patches.suse/ice-Avoid-crash-from-unnecessary-IDA-free.patch
(stable-5.14.15 CVE-2021-47453 bsc#1225239).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-18375 CVE-2021-47563 bsc#1225500).
- Update
patches.suse/ice-fix-locking-for-Tx-timestamp-tracking-flush.patch
(stable-5.14.14 CVE-2021-47449 bsc#1225259).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-18375 CVE-2021-47562 bsc#1225499).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes CVE-2021-47499 bsc#1225358).
- Update
patches.suse/iio-adis16475-fix-deadlock-on-frequency-set.patch
(git-fixes stable-5.14.14 CVE-2021-47437 bsc#1225245).
- Update
patches.suse/iio-mma8452-Fix-trigger-reference-couting.patch
(git-fixes CVE-2021-47500 bsc#1225360).
- Update
patches.suse/ipack-ipoctal-fix-module-reference-leak.patch
(stable-5.14.10 CVE-2021-47403 bsc#1225241).
- Update
patches.suse/ipack-ipoctal-fix-stack-information-leak.patch
(stable-5.14.10 CVE-2021-47401 bsc#1225242).
- Update
patches.suse/irqchip-gic-v3-its-Fix-potential-VPE-leak-on-error.patch
(stable-5.14.9 CVE-2021-47373 bsc#1225190).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(stable-5.14.15 CVE-2021-47468 bsc#1225346).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(stable-5.14.18 CVE-2021-47478 bsc#1225198).
- Update
patches.suse/iwlwifi-Fix-memory-leaks-in-error-handling-path.patch
(git-fixes CVE-2021-47529 bsc#1225373).
- Update
patches.suse/iwlwifi-mvm-Fix-possible-NULL-dereference.patch
(git-fixes stable-5.14.12 CVE-2021-47415 bsc#1225335).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(stable-5.14.10 CVE-2021-47399 bsc#1225328).
- Update
patches.suse/kunit-fix-reference-count-leak-in-kfree_at_end.patch
(stable-5.14.15 CVE-2021-47467 bsc#1225344).
- Update patches.suse/libbpf-Fix-memory-leak-in-strset.patch
(git-fixes stable-5.14.12 CVE-2021-47417 bsc#1225227).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes stable-5.14.10 CVE-2021-47388 bsc#1225214).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes stable-5.14.10 CVE-2021-47396 bsc#1225327).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes stable-5.14.10 CVE-2021-47395 bsc#1225326).
- Update
patches.suse/mcb-fix-error-handling-in-mcb_alloc_bus.patch
(stable-5.14.9 CVE-2021-47361 bsc#1225151).
- Update
patches.suse/mlxsw-spectrum-Protect-driver-from-buggy-firmware.patch
(git-fixes CVE-2021-47560 bsc#1225495).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(stable-5.14.14 CVE-2021-47441 bsc#1225224).
- Update
patches.suse/mm-mempolicy-do-not-allow-illegal-MPOL_F_NUMA_BALANC.patch
(stable-5.14.15 CVE-2021-47462 bsc#1225250).
- Update
patches.suse/mm-secretmem-fix-NULL-page-mapping-dereference-in-pa.patch
(stable-5.14.15 CVE-2021-47463 bsc#1225127).
- Update
patches.suse/mm-slub-fix-potential-memoryleak-in-kmem_cache_open.patch
(stable-5.14.15 CVE-2021-47466 bsc#1225342).
- Update
patches.suse/mm-slub-fix-potential-use-after-free-in-slab_debugfs.patch
(stable-5.14.15 CVE-2021-47470 bsc#1225186).
- Update
patches.suse/mptcp-ensure-tx-skbs-always-have-the-MPTCP-ext.patch
(stable-5.14.9 CVE-2021-47370 bsc#1225183).
- Update patches.suse/mptcp-fix-possible-stall-on-recvmsg.patch
(stable-5.14.14 CVE-2021-47448 bsc#1225129).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes CVE-2021-47540 bsc#1225386).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes stable-5.14.16 CVE-2021-47482 bsc#1224909).
- Update
patches.suse/net-dsa-felix-Fix-memory-leak-in-felix_setup_mmio_fi.patch
(git-fixes CVE-2021-47513 bsc#1225380).
- Update
patches.suse/net-dsa-microchip-Added-the-condition-for-scheduling.patch
(stable-5.14.14 CVE-2021-47439 bsc#1225246).
- Update
patches.suse/net-encx24j600-check-error-in-devm_regmap_init_encx2.patch
(stable-5.14.14 CVE-2021-47440 bsc#1225248).
- Update
patches.suse/net-hns3-do-not-allow-call-hns3_nic_net_open-repeate.patch
(stable-5.14.10 CVE-2021-47400 bsc#1225329).
- Update patches.suse/net-macb-fix-use-after-free-on-rmmod.patch
(stable-5.14.9 CVE-2021-47372 bsc#1225184).
- Update
patches.suse/net-marvell-prestera-fix-double-free-issue-on-err-pa.patch
(git-fixes CVE-2021-47564 bsc#1225501).
- Update
patches.suse/net-mdiobus-Fix-memory-leak-in-__mdiobus_register.patch
(stable-5.14.15 CVE-2021-47472 bsc#1225189).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(jsc#SLE-19256 CVE-2021-47541 bsc#1225453).
- Update
patches.suse/net-mlx5e-Fix-memory-leak-in-mlx5_core_destroy_cq-er.patch
(stable-5.14.14 CVE-2021-47438 bsc#1225229).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes CVE-2021-47542 bsc#1225455).
- Update
patches.suse/net-sched-flower-protect-fl_walk-with-rcu.patch
(stable-5.14.10 CVE-2021-47402 bsc#1225301).
- Update
patches.suse/net-sched-sch_taprio-properly-cancel-timer-from-tapr.patch
(stable-5.14.12 CVE-2021-47419 bsc#1225338).
- Update
patches.suse/net-smc-Fix-NULL-pointer-dereferencing-in-smc_vlan_by_tcpsk
(git-fixes CVE-2021-47559 bsc#1225396).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes CVE-2021-47536 bsc#1225447).
- Update
patches.suse/net-stmmac-Disable-Tx-queues-when-reconfiguring-the-.patch
(jsc#SLE-19033 CVE-2021-47558 bsc#1225492).
- Update
patches.suse/net-tls-Fix-flipped-sign-in-tls_err_abort-calls.patch
(stable-5.14.16 CVE-2021-47496 bsc#1225354).
- Update
patches.suse/net_sched-fix-NULL-deref-in-fifo_set_limit.patch
(stable-5.14.12 CVE-2021-47418 bsc#1225337).
- Update
patches.suse/netfilter-conntrack-serialize-hash-resizes-and-clean.patch
(stable-5.14.10 CVE-2021-47408 bsc#1225236).
- Update
patches.suse/netfilter-nf_tables-skip-netdev-events-generated-on-.patch
(stable-5.14.15 CVE-2021-47452 bsc#1225257).
- Update
patches.suse/netfilter-nf_tables-unlink-table-before-deleting-it.patch
(stable-5.14.10 CVE-2021-47394 bsc#1225323).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(stable-5.14.15 CVE-2021-47451 bsc#1225237).
- Update
patches.suse/nexthop-Fix-division-by-zero-while-replacing-a-resil.patch
(stable-5.14.9 CVE-2021-47363 bsc#1225156).
- Update
patches.suse/nexthop-Fix-memory-leaks-in-nexthop-notification-cha.patch
(stable-5.14.9 CVE-2021-47371 bsc#1225167).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes CVE-2021-47518 bsc#1225372).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes CVE-2021-47516 bsc#1225427).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes CVE-2021-47507 bsc#1225405).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes CVE-2021-47506 bsc#1225404).
- Update
patches.suse/nvme-rdma-destroy-cm-id-before-destroy-qp-to-avoid-u.patch
(bsc#1190569 stable-5.14.9 CVE-2021-47378 bsc#1225201).
- Update
patches.suse/nvmem-Fix-shift-out-of-bound-UBSAN-with-byte-size-ce.patch
(stable-5.14.14 CVE-2021-47497 bsc#1225355).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(stable-5.14.15 CVE-2021-47460 bsc#1225251).
- Update
patches.suse/ocfs2-fix-race-between-searching-chunks-and-release-.patch
(stable-5.14.16 CVE-2021-47493 bsc#1225439).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(stable-5.14.15 CVE-2021-47458 bsc#1225252).
- Update
patches.suse/octeontx2-af-Fix-a-memleak-bug-in-rvu_mbox_init.patch
(git-fixes CVE-2021-47537 bsc#1225375).
- Update
patches.suse/octeontx2-af-Fix-possible-null-pointer-dereference.patch
(stable-5.14.16 CVE-2021-47484 bsc#1224905).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 CVE-2021-47416 bsc#1225336).
- Update
patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
(stable-5.14.12 CVE-2021-47429 bsc#1225388).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(stable-5.14.12 CVE-2021-47428 bsc#1225387).
- Update
patches.suse/powerpc-smp-do-not-decrement-idle-task-preempt-count.patch
(stable-5.14.15 CVE-2021-47454 bsc#1225255).
- Update
patches.suse/ptp-Fix-possible-memory-leak-in-ptp_clock_register.patch
(stable-5.14.15 CVE-2021-47455 bsc#1225254).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes stable-5.14.16 CVE-2021-47483 bsc#1224907).
- Update
patches.suse/riscv-Flush-current-cpu-icache-before-other-cpus.patch
(stable-5.14.12 CVE-2021-47414 bsc#1225334).
- Update
patches.suse/riscv-bpf-Fix-potential-NULL-dereference.patch
(stable-5.14.16 CVE-2021-47486 bsc#1224903).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_.patch
(stable-5.14.9 CVE-2021-47369 bsc#1225164).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery.patch
(stable-5.14.10 CVE-2021-47382 bsc#1225207).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes CVE-2021-47549 bsc#1225508).
- Update
patches.suse/sched-scs-Reset-task-stack-state-in-bringup_cpu.patch
(git-fixes CVE-2021-47553 bsc#1225464).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is.patch
(stable-5.14.17 CVE-2021-47480 bsc#1225322).
- Update
patches.suse/scsi-iscsi-Fix-iscsi_task-use-after-free.patch
(stable-5.14.12 CVE-2021-47427 bsc#1225225).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes CVE-2021-47565 bsc#1225384).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes CVE-2021-47503 bsc#1225374).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-q.patch
(stable-5.14.15 CVE-2021-47473 bsc#1225192).
- Update
patches.suse/sctp-break-out-if-skb_header_pointer-returns-NULL-in.patch
(stable-5.14.10 CVE-2021-47397 bsc#1225082).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes CVE-2021-47527 bsc#1194288).
- Update
patches.suse/serial-liteuart-Fix-NULL-pointer-dereference-in-remo.patch
(git-fixes CVE-2021-47526 bsc#1225376).
- Update
patches.suse/serial-liteuart-fix-minor-number-leak-on-probe-error.patch
(git-fixes CVE-2021-47524 bsc#1225377).
- Update
patches.suse/serial-liteuart-fix-use-after-free-and-memleak-on-un.patch
(git-fixes CVE-2021-47525 bsc#1225441).
- Update
patches.suse/spi-Fix-deadlock-when-adding-SPI-controllers-on-SPI-.patch
(stable-5.14.15 CVE-2021-47469 bsc#1225347).
- Update
patches.suse/staging-greybus-uart-fix-tty-use-after-free.patch
(stable-5.14.9 CVE-2021-47358 bsc#1224920).
- Update
patches.suse/staging-rtl8712-fix-use-after-free-in-rtl8712_dl_fw.patch
(git-fixes stable-5.14.18 CVE-2021-47479 bsc#1224911).
- Update
patches.suse/tcp-fix-page-frag-corruption-on-page-fault.patch
(git-fixes CVE-2021-47544 bsc#1225463).
- Update
patches.suse/tty-Fix-out-of-bound-vmalloc-access-in-imageblit.patch
(stable-5.14.10 CVE-2021-47383 bsc#1225208).
- Update
patches.suse/usb-cdnsp-Fix-a-NULL-pointer-dereference-in-cdnsp_en.patch
(git-fixes CVE-2021-47528 bsc#1225368).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes stable-5.14.12 CVE-2021-47413 bsc#1225333).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(stable-5.14.11 CVE-2021-47409 bsc#1225330).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes stable-5.14.14 CVE-2021-47436 bsc#1225244).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(stable-5.14.16 CVE-2021-47495 bsc#1225351).
- Update
patches.suse/userfaultfd-fix-a-race-between-writeprotect-and-exit.patch
(stable-5.14.15 CVE-2021-47461 bsc#1225249).
- Update
patches.suse/vdpa_sim-avoid-putting-an-uninitialized-iova_domain.patch
(git-fixes CVE-2021-47554 bsc#1225466).
- Update
patches.suse/virtio-net-fix-pages-leaking-when-building-skb-in-bi.patch
(stable-5.14.9 CVE-2021-47367 bsc#1225123).
- Update
patches.suse/x86-entry-Clear-X86_FEATURE_SMAP-when-CONFIG_X86_SMA.patch
(stable-5.14.12 CVE-2021-47430 bsc#1225228).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(stable-5.14.14 CVE-2021-47434 bsc#1225232).
- commit 3a2e44b
- blacklist.conf: add fix that requires absent infrastruucture
- commit dbb8058
- scsi: lpfc: Copyright updates for 14.4.0.2 patches
(bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask
(bsc#1225842).
Refresh:
- patches.suse/lpfc-reintroduce-old-irq-probe-logic.patch
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list
(bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver
is unloading (bsc#1225842).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O
(bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT
MIB commands (bsc#1225842).
- commit 5e95ee6
- Update
patches.suse/1321-drm-msm-devfreq-Fix-OPP-refcnt-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225444
CVE-2021-47532).
- Update
patches.suse/1322-drm-msm-Fix-mmap-to-include-VM_IO-and-VM_DONTDUMP.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225443
CVE-2021-47531).
- Update
patches.suse/1323-drm-msm-Fix-wait_fence-submitqueue-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225442
CVE-2021-47530).
- Update
patches.suse/1622-drm-gma500-Fix-WARN_ON-lock-magic-lock-error.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
bsc#1223489 CVE-2022-48633).
- Update
patches.suse/ACPI-LPIT-Avoid-u32-multiplication-overflow.patch
(git-fixes bsc#1224627 CVE-2023-52683).
- Update
patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
(git-fixes bsc#1223043 CVE-2024-26894).
- Update
patches.suse/ACPI-video-check-for-error-while-searching-for-backl.patch
(git-fixes bsc#1224686 CVE-2023-52693).
- Update
patches.suse/ALSA-hda-Do-not-unset-preset-when-cleaning-up-codec.patch
(git-fixes bsc#1225486 CVE-2023-52736).
- Update
patches.suse/ALSA-hda-Fix-possible-null-ptr-deref-when-assigning-.patch
(git-fixes bsc#1225554 CVE-2023-52806).
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-fix-usage-of-device_get_name.patch
(git-fixes CVE-2024-36955).
- Update
patches.suse/ALSA-pcm-oss-Fix-negative-period-buffer-sizes.patch
(git-fixes bsc#1225411 CVE-2021-47511).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes bsc#1225409 CVE-2021-47509).
- Update
patches.suse/ALSA-usb-audio-Stop-parsing-channels-bits-when-all-c.patch
(git-fixes bsc#1224803 CVE-2024-27436).
- Update
patches.suse/ARM-9381-1-kasan-clear-stale-stack-poison.patch
(git-fixes bsc#1225715 CVE-2024-36906).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes stable-5.14.10 bsc#1225206 CVE-2021-47381).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes bsc#1225369 CVE-2021-47502).
- Update
patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
(git-fixes bsc#1222413 CVE-2024-26801).
- Update
patches.suse/Bluetooth-Fix-memory-leak-in-hci_req_sync_complete.patch
(git-fixes bsc#1224571 CVE-2024-35978).
- Update
patches.suse/Bluetooth-L2CAP-Fix-not-validating-setsockopt-user-i.patch
(git-fixes bsc#1224579 CVE-2024-35965).
- Update
patches.suse/Bluetooth-RFCOMM-Fix-not-validating-setsockopt-user-.patch
(git-fixes bsc#1224576 CVE-2024-35966).
- Update
patches.suse/Bluetooth-SCO-Fix-not-validating-setsockopt-user-inp.patch
(git-fixes bsc#1224587 CVE-2024-35967).
- Update
patches.suse/Bluetooth-btintel-Fix-null-ptr-deref-in-btintel_read.patch
(stable-fixes bsc#1224640 CVE-2024-35933).
- Update
patches.suse/Bluetooth-btusb-Add-date-evt_skb-is-NULL-check.patch
(git-fixes bsc#1225595 CVE-2023-52833).
- Update
patches.suse/Bluetooth-hci_core-Fix-possible-buffer-overflow.patch
(git-fixes CVE-2024-26889).
- Update
patches.suse/Bluetooth-hci_event-Fix-handling-of-HCI_EV_IO_CAPA_R.patch
(git-fixes bsc#1224723 CVE-2024-27416).
- Update
patches.suse/Bluetooth-hci_sock-Fix-not-validating-setsockopt-use.patch
(git-fixes bsc#1224582 CVE-2024-35963).
- Update
patches.suse/Bluetooth-l2cap-fix-null-ptr-deref-in-l2cap_chan_tim.patch
(git-fixes bsc#1224177 CVE-2024-27399).
- Update
patches.suse/Bluetooth-msft-fix-slab-use-after-free-in-msft_do_cl.patch
(git-fixes bsc#1225502 CVE-2024-36012).
- Update
patches.suse/Bluetooth-qca-add-missing-firmware-sanity-checks.patch
(git-fixes bsc#1225722 CVE-2024-36880).
- Update
patches.suse/Bluetooth-qca-fix-NULL-deref-on-non-serdev-suspend.patch
(git-fixes bsc#1224509 CVE-2024-35851).
- Update
patches.suse/Bluetooth-qca-fix-firmware-check-error-path.patch
(git-fixes CVE-2024-36942).
- Update
patches.suse/Bluetooth-qca-fix-info-leak-when-fetching-fw-build-i.patch
(git-fixes bsc#1225720 CVE-2024-36032).
- Update
patches.suse/Fix-page-corruption-caused-by-racy-check-in-__free_pages.patch
(bsc#1208149 bsc#1225118 CVE-2023-52739).
- Update
patches.suse/HID-amd_sfh-Fix-potential-NULL-pointer-dereference.patch
(stable-5.14.10 bsc#1225205 CVE-2021-47380).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(stable-5.14.10 bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(git-fixes bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(stable-5.14.10 bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-IPoIB-Fix-legacy-IPoIB-due-to-wrong-number-of-que.patch
(git-fixes bsc#1225032 CVE-2023-52745).
- Update
patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
(git-fixes bsc#1222975 CVE-2024-26839).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(jsc#SLE-19242 bsc#1225438 CVE-2021-47523).
- Update
patches.suse/IB-hfi1-Restore-allocated-resources-on-failed-copyou.patch
(git-fixes bsc#1224931 CVE-2023-52747).
- Update
patches.suse/IB-mlx5-Fix-init-stage-error-handling-to-avoid-doubl.patch
(git-fixes bsc#1225587 CVE-2023-52851).
- Update
patches.suse/IB-qib-Protect-from-buffer-overflow-in-struct-qib_us.patch
(stable-5.14.16 bsc#1224904 CVE-2021-47485).
- Update
patches.suse/Input-synaptics-rmi4-fix-use-after-free-in-rmi_unreg.patch
(git-fixes bsc#1224928 CVE-2023-52840).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(stable-5.14.15 bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056 bsc#1225341 CVE-2021-47465).
- Update
patches.suse/KVM-SVM-fix-missing-sev_decommission-in-sev_receive_.patch
(stable-5.14.10 bsc#1225126 CVE-2021-47389).
- Update
patches.suse/KVM-arm64-Fix-host-stage-2-PGD-refcount.patch
(stable-5.14.15 bsc#1225258 CVE-2021-47450).
- Update
patches.suse/KVM-x86-Fix-stack-out-of-bounds-memory-access-from-i.patch
(stable-5.14.10 bsc#1225125 CVE-2021-47390).
- Update
patches.suse/KVM-x86-Handle-SRCU-initialization-failure-during-pa.patch
(stable-5.14.10 bsc#1225306 CVE-2021-47407).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(stable-5.14.14 bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(stable-5.14.14 bsc#1225262 CVE-2021-47443).
- Update
patches.suse/NFSv4.2-fix-nfs4_listxattr-kernel-BUG-at-mm-usercopy.patch
(git-fixes bsc#1223113 CVE-2024-26870).
- Update
patches.suse/PCI-PM-Drain-runtime-idle-callbacks-before-driver-re.patch
(git-fixes bsc#1224738 CVE-2024-35809).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(stable-5.14.10 bsc#1225318 CVE-2021-47391).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(stable-5.14.10 bsc#1225320 CVE-2021-47392).
- Update patches.suse/RDMA-hfi1-Fix-kernel-pointer-leak.patch
(stable-5.14.10 bsc#1225131 CVE-2021-47398).
- Update
patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
(git-fixes bsc#1222974 CVE-2024-26838).
- Update
patches.suse/RDMA-irdma-Fix-potential-NULL-ptr-dereference.patch
(git-fixes bsc#1225121 CVE-2023-52744).
- Update
patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
(git-fixes bsc#1223203 CVE-2024-26907).
- Update
patches.suse/RDMA-mlx5-Initialize-the-ODP-xarray-when-creating-an.patch
(stable-5.14.16 bsc#1224910 CVE-2021-47481).
- Update
patches.suse/Reapply-drm-qxl-simplify-qxl_fence_wait.patch
(stable-fixes CVE-2024-36944).
- Update
patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
(git-fixes bsc#1223137 CVE-2024-26916).
- Update
patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch
(git-fixes bsc#1224722 CVE-2023-52657).
- Update
patches.suse/SUNRPC-Fix-RPC-client-cleaned-up-the-freed-pipefs-de.patch
(git-fixes bsc#1225008 CVE-2023-52803).
- Update
patches.suse/SUNRPC-fix-a-memleak-in-gss_import_v2_context.patch
(git-fixes bsc#1223858 bsc#1223712 CVE-2023-52653).
- Update
patches.suse/SUNRPC-fix-some-memleaks-in-gssx_dec_option_array.patch
(git-fixes bsc#1223744 CVE-2024-27388).
- Update
patches.suse/USB-core-Fix-access-violation-during-port-device-rem.patch
(git-fixes bsc#1225734 CVE-2024-36896).
- Update
patches.suse/USB-core-Fix-deadlock-in-usb_deauthorize_interface.patch
(git-fixes bsc#1223671 CVE-2024-26934).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/arm64-hibernate-Fix-level3-translation-fault-in-swsu.patch
(git-fixes bsc#1223748 CVE-2024-26989).
- Update
patches.suse/atl1c-Work-around-the-DMA-RX-overflow-issue.patch
(git-fixes bsc#1225599 CVE-2023-52834).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(stable-5.14.15 bsc#1225393 CVE-2021-47464).
- Update
patches.suse/ax25-fix-use-after-free-bugs-caused-by-ax25_ds_del_t.patch
(git-fixes bsc#1224663 CVE-2024-35887).
- Update
patches.suse/batman-adv-Avoid-infinite-loop-trying-to-resize-loca.patch
(git-fixes bsc#1224566 CVE-2024-35982).
- Update patches.suse/binder-make-sure-fd-closes-complete.patch
(stable-5.14.9 bsc#1225122 CVE-2021-47360).
- Update
patches.suse/blk-cgroup-fix-UAF-by-grabbing-blkcg-lock-before-des.patch
(stable-5.14.9 bsc#1225203 CVE-2021-47379).
- Update
patches.suse/blk-mq-cancel-blk-mq-dispatch-work-in-both-blk_clean.patch
(jsc#PED-1183 bsc#1225513 CVE-2021-47552).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(stable-5.14.9 bsc#1225193 CVE-2021-47375).
- Update
patches.suse/block-don-t-call-rq_qos_ops-done_bio-if-the-bio-isn-.patch
(stable-5.14.11 bsc#1225332 CVE-2021-47412).
- Update
patches.suse/bpf-Add-oversize-check-before-call-kvcalloc.patch
(stable-5.14.9 bsc#1225195 CVE-2021-47376).
- Update patches.suse/bpf-Check-bloom-filter-map-value-size.patch
(bsc#1224488 CVE-2024-35905 bsc#1225766 CVE-2024-36918).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(stable-5.14.12 bsc#1225370 CVE-2021-47426).
- Update
patches.suse/btrfs-fix-abort-logic-in-btrfs_replace_file_extents.patch
(stable-5.14.14 bsc#1225392 CVE-2021-47433).
- Update
patches.suse/btrfs-fix-information-leak-in-btrfs_ioctl_logical_to.patch
(git-fixes bsc#1224733 CVE-2024-35849).
- Update
patches.suse/btrfs-fix-re-dirty-process-of-tree-log-nodes.patch
(bsc#1197915 bsc#1225410 CVE-2021-47510).
- Update
patches.suse/btrfs-free-exchange-changeset-on-failures.patch
(git-fixes bsc#1225408 CVE-2021-47508).
- Update
patches.suse/can-dev-can_put_echo_skb-don-t-crash-kernel-if-can_p.patch
(git-fixes bsc#1225000 CVE-2023-52878).
- Update
patches.suse/can-isotp-isotp_sendmsg-add-result-check-for-wait_ev.patch
(stable-5.14.15 bsc#1225235 CVE-2021-47457).
- Update
patches.suse/can-j1939-j1939_netdev_start-fix-UAF-for-rx_kref-of-.patch
(stable-5.14.15 bsc#1225253 CVE-2021-47459).
- Update
patches.suse/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
(git-fixes bsc#1225431 CVE-2021-47520).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(stable-5.14.15 bsc#1225256 CVE-2021-47456).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes bsc#1225435 CVE-2021-47521).
- Update
patches.suse/ceph-blocklist-the-kclient-when-receiving-corrupted-snap-trace.patch
(jsc#SES-1880 bsc#1225222 CVE-2023-52732).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes stable-5.14.16 bsc#1225450 CVE-2021-47494).
- Update
patches.suse/cgroup-Fix-memory-leak-caused-by-missing-cgroup_bpf_.patch
(stable-5.14.16 bsc#1224902 CVE-2021-47488).
- Update patches.suse/cifs-Fix-soft-lockup-during-fsstress.patch
(stable-5.14.9 bsc#1225145 CVE-2021-47359).
- Update
patches.suse/cifs-Fix-use-after-free-in-rdata-read_into_pages-.patch
(git-fixes bsc#1225479 CVE-2023-52741).
- Update
patches.suse/clk-Get-runtime-PM-before-walking-tree-during-disabl.patch
(git-fixes bsc#1223762 CVE-2024-27004).
- Update
patches.suse/clk-mediatek-clk-mt2701-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225096 CVE-2023-52875).
- Update
patches.suse/clk-mediatek-clk-mt6765-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1224937 CVE-2023-52870).
- Update
patches.suse/clk-mediatek-clk-mt6779-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225589 CVE-2023-52873).
- Update
patches.suse/clk-mediatek-clk-mt6797-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225086 CVE-2023-52865).
- Update
patches.suse/clk-mediatek-clk-mt7629-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225566 CVE-2023-52858).
- Update
patches.suse/clk-mediatek-clk-mt7629-eth-Add-check-for-mtk_alloc_.patch
(git-fixes bsc#1225036 CVE-2023-52876).
- Update
patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
(git-fixes bsc#1223717 CVE-2024-27037).
- Update
patches.suse/comedi-Fix-memory-leak-in-compat_insnlist.patch
(stable-5.14.9 bsc#1225158 CVE-2021-47364).
- Update patches.suse/comedi-dt9812-fix-DMA-buffers-on-stack.patch
(git-fixes stable-5.14.18 bsc#1224912 CVE-2021-47477).
- Update
patches.suse/comedi-ni_usb6501-fix-NULL-deref-in-command-paths.patch
(git-fixes stable-5.14.18 bsc#1224913 CVE-2021-47476).
- Update
patches.suse/comedi-vmk80xx-fix-bulk-buffer-overflow.patch
(git-fixes stable-5.14.18 bsc#1224915 CVE-2021-47474).
- Update
patches.suse/comedi-vmk80xx-fix-incomplete-endpoint-checking.patch
(git-fixes bsc#1223698 CVE-2024-27001).
- Update
patches.suse/comedi-vmk80xx-fix-transfer-buffer-overflows.patch
(git-fixes stable-5.14.18 bsc#1224914 CVE-2021-47475).
- Update
patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
(git-fixes bsc#1223769 CVE-2024-27051).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(stable-5.14.10 bsc#1225316 CVE-2021-47387).
- Update
patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
(git-fixes bsc#1223638 CVE-2024-26974).
- Update
patches.suse/crypto-s390-aes-Fix-buffer-overread-in-CTR-mode.patch
(git-fixes bsc#1224637 CVE-2023-52669).
- Update
patches.suse/devlink-fix-netns-refcount-leak-in-devlink_nl_cmd_re.patch
(git-fixes bsc#1225425 CVE-2021-47514).
- Update
patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
(git-fixes bsc#1223188 CVE-2024-26880).
- Update
patches.suse/dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(stable-5.14.14 bsc#1225247 CVE-2021-47435).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(stable-5.14.14 bsc#1225357 CVE-2021-47498).
- Update
patches.suse/dma-debug-prevent-an-error-message-from-causing-runt.patch
(stable-5.14.9 bsc#1225191 CVE-2021-47374).
- Update patches.suse/dma-xilinx_dpdma-Fix-locking.patch
(git-fixes bsc#1224559 CVE-2024-35990).
- Update
patches.suse/dmaengine-fsl-qdma-Fix-a-memory-leak-related-to-the-.patch
(git-fixes bsc#1224632 CVE-2024-35833).
- Update
patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
(git-fixes bsc#1222783 CVE-2024-26788).
- Update
patches.suse/dmaengine-idxd-Fix-oops-during-rmmod-on-single-CPU-p.patch
(git-fixes bsc#1224558 CVE-2024-35989).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-Pola.patch
(git-fixes bsc#1225532 CVE-2023-52819).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-SMU7.patch
(git-fixes bsc#1225530 CVE-2023-52818).
- Update patches.suse/drm-amd-amdgpu-fix-potential-memleak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225379
CVE-2021-47550).
- Update
patches.suse/drm-amd-amdkfd-Fix-kernel-panic-when-reset-failed-an.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225510
CVE-2021-47551).
- Update
patches.suse/drm-amd-display-Atom-Integrated-System-Info-v2_2-for.patch
(stable-fixes bsc#1225735 CVE-2024-36897).
- Update
patches.suse/drm-amd-display-Avoid-NULL-dereference-of-timing-gen.patch
(git-fixes bsc#1225478 CVE-2023-52753).
- Update
patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
(git-fixes bsc#1223826 CVE-2024-27045).
- Update
patches.suse/drm-amd-display-fix-a-NULL-pointer-dereference-in-am.patch
(git-fixes bsc#1225041 CVE-2023-52773).
- Update
patches.suse/drm-amd-pm-Update-intermediate-power-state-for-SI.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225153
CVE-2021-47362).
- Update
patches.suse/drm-amd-pm-fix-a-double-free-in-si_dpm_init.patch
(git-fixes bsc#1224607 CVE-2023-52691).
- Update
patches.suse/drm-amd-pm-fixes-a-random-hang-in-S4-for-SMU-v13.0.4.patch
(stable-fixes bsc#1225705 CVE-2024-36026).
- Update
patches.suse/drm-amdgpu-Fix-a-null-pointer-access-when-the-smc_rr.patch
(git-fixes bsc#1225569 CVE-2023-52817).
- Update
patches.suse/drm-amdgpu-Fix-potential-null-pointer-derefernce.patch
(git-fixes bsc#1225565 CVE-2023-52814).
- Update
patches.suse/drm-amdgpu-fence-Fix-oops-due-to-non-matching-drm_sc.patch
(git-fixes bsc#1225005 CVE-2023-52738).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(stable-5.14.13 bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225353
CVE-2021-47421).
- Update
patches.suse/drm-amdgpu-once-more-fix-the-call-oder-in-amdgpu_ttm.patch
(git-fixes bsc#1224180 CVE-2024-27400).
- Update
patches.suse/drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch
(git-fixes bsc#1223315 CVE-2024-26922).
- Update
patches.suse/drm-amdgpu-vkms-fix-a-possible-null-pointer-derefere.patch
(git-fixes bsc#1225568 CVE-2023-52815).
- Update
patches.suse/drm-amdkfd-Confirm-list-is-non-empty-before-utilizin.patch
(git-fixes bsc#1224617 CVE-2023-52678).
- Update
patches.suse/drm-amdkfd-Fix-a-race-condition-of-vram-buffer-unref.patch
(git-fixes bsc#1225076 CVE-2023-52825).
- Update
patches.suse/drm-amdkfd-Fix-shift-out-of-bounds-issue.patch
(git-fixes bsc#1225529 CVE-2023-52816).
- Update
patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225339
CVE-2021-47420).
- Update
patches.suse/drm-amdkfd-fix-svm_migrate_fini-warning.patch
(stable-5.14.11 bsc#1225331 CVE-2021-47410).
- Update
patches.suse/drm-arm-malidp-fix-a-possible-null-pointer-dereferen.patch
(git-fixes bsc#1225593 CVE-2024-36014).
- Update patches.suse/drm-ast-Fix-soft-lockup.patch (git-fixes
bsc#1224705 CVE-2024-35952).
- Update
patches.suse/drm-bridge-it66121-Fix-invalid-connector-dereference.patch
(git-fixes bsc#1224941 CVE-2023-52861).
- Update
patches.suse/drm-bridge-lt8912b-Fix-crash-on-bridge-detach.patch
(git-fixes bsc#1224932 CVE-2023-52856).
- Update
patches.suse/drm-bridge-tpd12s015-Drop-buggy-__exit-annotation-fo.patch
(git-fixes bsc#1224598 CVE-2023-52694).
- Update
patches.suse/drm-client-Fully-protect-modes-with-dev-mode_config..patch
(stable-fixes bsc#1224703 CVE-2024-35950).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225243
CVE-2021-47444).
- Update
patches.suse/drm-i915-bios-Tolerate-devdata-NULL-in-intel_bios_en.patch
(stable-fixes bsc#1223678 CVE-2024-26938).
- Update
patches.suse/drm-i915-gt-Reset-queue_priority_hint-on-parking.patch
(git-fixes bsc#1223677 CVE-2024-26937).
- Update
patches.suse/drm-lima-fix-a-memleak-in-lima_heap_alloc.patch
(git-fixes bsc#1224707 CVE-2024-35829).
- Update
patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
(git-fixes bsc#1223048 CVE-2024-26874).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225261
CVE-2021-47445).
- Update
patches.suse/drm-msm-a3xx-fix-error-handling-in-a3xx_gpu_init.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225260
CVE-2021-47447).
- Update
patches.suse/drm-msm-a4xx-fix-error-handling-in-a4xx_gpu_init.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225240
CVE-2021-47446).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225446
CVE-2021-47535).
- Update
patches.suse/drm-mxsfb-Fix-NULL-pointer-dereference-crash-on-unlo.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225187
CVE-2021-47471).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225366
CVE-2021-47423).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225233
CVE-2021-47422).
- Update patches.suse/drm-nv04-Fix-out-of-bounds-access.patch
(git-fixes bsc#1223802 CVE-2024-27008).
- Update
patches.suse/drm-panel-fix-a-possible-null-pointer-dereference.patch
(git-fixes bsc#1225022 CVE-2023-52821).
- Update
patches.suse/drm-panel-panel-tpo-tpg110-fix-a-possible-null-point.patch
(git-fixes bsc#1225077 CVE-2023-52826).
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225230
CVE-2022-48710).
- Update patches.suse/drm-radeon-possible-buffer-overflow.patch
(git-fixes bsc#1225009 CVE-2023-52867).
- Update
patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
(git-fixes bsc#1223770 CVE-2023-52650).
- Update
patches.suse/drm-tegra-rgb-Fix-missing-clk_put-in-the-error-handl.patch
(git-fixes bsc#1224445 CVE-2023-52661).
- Update
patches.suse/drm-ttm-fix-memleak-in-ttm_transfered_destroy.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225436
CVE-2021-47490).
- Update
patches.suse/drm-vc4-don-t-check-if-plane-state-fb-state-fb.patch
(stable-fixes bsc#1224650 CVE-2024-35932).
- Update
patches.suse/drm-vc4-kms-Add-missing-drm_crtc_commit_put.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47534).
- Update
patches.suse/drm-vc4-kms-Clear-the-HVS-FIFO-commit-pointer-once-d.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225445
CVE-2021-47533).
- Update
patches.suse/drm-vmwgfx-Create-debugfs-ttm_resource_manager-entry.patch
(git-fixes bsc#1223718 CVE-2024-26940).
- Update
patches.suse/drm-vmwgfx-fix-a-memleak-in-vmw_gmrid_man_get_node.patch
(git-fixes bsc#1224449 CVE-2023-52662).
- Update
patches.suse/dyndbg-fix-old-BUG_ON-in-control-parser.patch
(stable-fixes bsc#1224647 CVE-2024-35947).
- Update
patches.suse/enetc-Fix-illegal-access-when-reading-affinity_hint.patch
(stable-5.14.9 bsc#1225161 CVE-2021-47368).
- Update
patches.suse/ethtool-ioctl-fix-potential-NULL-deref-in-ethtool_se.patch
(jsc#SLE-19253 bsc#1225383 CVE-2021-47556).
- Update
patches.suse/ext4-add-error-checking-to-ext4_ext_replay_set_ibloc.patch
(stable-5.14.10 bsc#1225304 CVE-2021-47406).
- Update
patches.suse/fbdev-Fix-invalid-page-access-after-closing-deferred.patch
(bsc#1207284 bsc#1224929 CVE-2023-52731).
- Update
patches.suse/fbdev-imsttfb-fix-a-resource-leak-in-probe.patch
(git-fixes bsc#1225031 CVE-2023-52838).
- Update
patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch
(git-fixes bsc#1222770 CVE-2024-26778).
- Update
patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch
(git-fixes bsc#1222765 CVE-2024-26777).
- Update
patches.suse/fbmon-prevent-division-by-zero-in-fb_videomode_from_.patch
(stable-fixes bsc#1224660 CVE-2024-35922).
- Update
patches.suse/firewire-ohci-mask-bus-reset-interrupts-between-ISR-.patch
(stable-fixes CVE-2024-36950).
- Update
patches.suse/fs-jfs-Add-check-for-negative-db_l2nbperpage.patch
(git-fixes bsc#1225557 CVE-2023-52810).
- Update
patches.suse/fs-jfs-Add-validity-check-for-db_maxag-and-db_agpref.patch
(git-fixes bsc#1225550 CVE-2023-52804).
- Update patches.suse/gfs2-ignore-negated-quota-changes.patch
(git-fixes bsc#1225560 CVE-2023-52759).
- Update
patches.suse/hid-cp2112-Fix-duplicate-workqueue-initialization.patch
(git-fixes bsc#1224988 CVE-2023-52853).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes stable-5.14.10 bsc#1225321 CVE-2021-47393).
- Update
patches.suse/hwmon-w83791d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 bsc#1225268 CVE-2021-47386).
- Update
patches.suse/hwmon-w83792d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 bsc#1225210 CVE-2021-47385).
- Update
patches.suse/hwmon-w83793-Fix-NULL-pointer-dereference-by-removin.patch
(stable-5.14.10 bsc#1225209 CVE-2021-47384).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes stable-5.14.12 bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i2c-core-Run-atomic-i2c-xfer-when-preemptible.patch
(git-fixes bsc#1225108 CVE-2023-52791).
- Update
patches.suse/i2c-smbus-fix-NULL-function-pointer-dereference.patch
(git-fixes bsc#1224567 CVE-2024-35984).
- Update
patches.suse/i3c-master-mipi-i3c-hci-Fix-a-kernel-panic-for-acces.patch
(git-fixes bsc#1225570 CVE-2023-52763).
- Update
patches.suse/i3c-mipi-i3c-hci-Fix-out-of-bounds-access-in-hci_dma.patch
(git-fixes CVE-2023-52766).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(jsc#SLE-18378 bsc#1225361 CVE-2021-47501).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(stable-5.14.12 bsc#1225367 CVE-2021-47424).
- Update
patches.suse/i915-perf-Fix-NULL-deref-bugs-with-drm_dbg-calls.patch
(git-fixes bsc#1225106 CVE-2023-52788).
- Update
patches.suse/ice-Avoid-crash-from-unnecessary-IDA-free.patch
(stable-5.14.15 bsc#1225239 CVE-2021-47453).
- Update
patches.suse/ice-Do-not-use-WQ_MEM_RECLAIM-flag-for-workqueue.patch
(jsc#PED-376 bsc#1225003 CVE-2023-52743).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-18375 bsc#1225500 CVE-2021-47563).
- Update
patches.suse/ice-fix-locking-for-Tx-timestamp-tracking-flush.patch
(stable-5.14.14 bsc#1225259 CVE-2021-47449).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-18375 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/ice-switch-fix-potential-memleak-in-ice_add_adv_reci.patch
(jsc#PED-376 bsc#1225095 CVE-2022-48709).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes bsc#1225358 CVE-2021-47499).
- Update
patches.suse/iio-adis16475-fix-deadlock-on-frequency-set.patch
(git-fixes stable-5.14.14 bsc#1225245 CVE-2021-47437).
- Update
patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
(git-fixes bsc#1222960 CVE-2023-52643).
- Update
patches.suse/iio-mma8452-Fix-trigger-reference-couting.patch
(git-fixes bsc#1225360 CVE-2021-47500).
- Update
patches.suse/init-main.c-Fix-potential-static_command_line-memory.patch
(git-fixes bsc#1223747 CVE-2024-26988).
- Update
patches.suse/io_uring-ensure-task_work-gets-run-as-part-of-cancel.patch
(bsc#1205205 bsc#1225382 CVE-2021-47504).
- Update
patches.suse/io_uring-fail-cancellation-for-EXITING-tasks.patch
(bsc#1205205 bsc#1225515 CVE-2021-47569).
- Update
patches.suse/ipack-ipoctal-fix-module-reference-leak.patch
(stable-5.14.10 bsc#1225241 CVE-2021-47403).
- Update
patches.suse/ipack-ipoctal-fix-stack-information-leak.patch
(stable-5.14.10 bsc#1225242 CVE-2021-47401).
- Update
patches.suse/irqchip-gic-v3-its-Fix-potential-VPE-leak-on-error.patch
(stable-5.14.9 bsc#1225190 CVE-2021-47373).
- Update
patches.suse/irqchip-gic-v3-its-Prevent-double-free-on-error.patch
(git-fixes bsc#1224697 CVE-2024-35847).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(stable-5.14.15 bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(stable-5.14.18 bsc#1225198 CVE-2021-47478).
- Update
patches.suse/iwlwifi-Fix-memory-leaks-in-error-handling-path.patch
(git-fixes bsc#1225373 CVE-2021-47529).
- Update
patches.suse/iwlwifi-mvm-Fix-possible-NULL-dereference.patch
(git-fixes stable-5.14.12 bsc#1225335 CVE-2021-47415).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(stable-5.14.10 bsc#1225328 CVE-2021-47399).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbFindLeaf.patch
(git-fixes bsc#1225472 CVE-2023-52799).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diAlloc.patch
(git-fixes bsc#1225553 CVE-2023-52805).
- Update
patches.suse/kprobes-Fix-possible-use-after-free-issue-on-kprobe-registration.patch
(git-fixes bsc#1224676 CVE-2024-35955).
- Update
patches.suse/kunit-fix-reference-count-leak-in-kfree_at_end.patch
(stable-5.14.15 bsc#1225344 CVE-2021-47467).
- Update patches.suse/libbpf-Fix-memory-leak-in-strset.patch
(git-fixes stable-5.14.12 bsc#1225227 CVE-2021-47417).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes stable-5.14.10 bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes stable-5.14.10 bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes stable-5.14.10 bsc#1225326 CVE-2021-47395).
- Update
patches.suse/mcb-fix-error-handling-in-mcb_alloc_bus.patch
(stable-5.14.9 bsc#1225151 CVE-2021-47361).
- Update
patches.suse/md-Don-t-ignore-suspended-array-in-md_check_recovery-1baa.patch
(git-fixes CVE-2024-26758).
- Update
patches.suse/media-bttv-fix-use-after-free-error-due-to-btv-timeo.patch
(git-fixes bsc#1225588 CVE-2023-52847).
- Update
patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
(git-fixes bsc#1223842 CVE-2024-27075).
- Update
patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
(git-fixes bsc#1223844 CVE-2024-27074).
- Update
patches.suse/media-gspca-cpia1-shift-out-of-bounds-in-set_flicker.patch
(git-fixes bsc#1225571 CVE-2023-52764).
- Update
patches.suse/media-imon-fix-access-to-invalid-resource-for-the-se.patch
(git-fixes bsc#1225490 CVE-2023-52754).
- Update
patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
(git-fixes bsc#1223779 CVE-2024-27076).
- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
(git-fixes bsc#1223027 CVE-2024-26829).
- Update
patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
(git-fixes bsc#1223031 CVE-2023-52642).
- Update
patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
(git-fixes bsc#1223843 CVE-2024-27073).
- Update
patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
(git-fixes bsc#1223837 CVE-2024-27072).
- Update
patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
(git-fixes bsc#1223780 CVE-2024-27077).
- Update
patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
(git-fixes bsc#1223781 CVE-2024-27078).
- Update
patches.suse/media-vidtv-mux-Add-check-and-kfree-for-kstrdup.patch
(git-fixes bsc#1225592 CVE-2023-52841).
- Update patches.suse/media-vidtv-psi-Add-check-for-kstrdup.patch
(git-fixes bsc#1225590 CVE-2023-52844).
- Update
patches.suse/mlxsw-spectrum-Protect-driver-from-buggy-firmware.patch
(git-fixes bsc#1225495 CVE-2021-47560).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(stable-5.14.14 bsc#1225224 CVE-2021-47441).
- Update
patches.suse/mm-mempolicy-do-not-allow-illegal-MPOL_F_NUMA_BALANC.patch
(stable-5.14.15 bsc#1225250 CVE-2021-47462).
- Update
patches.suse/mm-secretmem-fix-NULL-page-mapping-dereference-in-pa.patch
(stable-5.14.15 bsc#1225127 CVE-2021-47463).
- Update
patches.suse/mm-slub-fix-potential-memoryleak-in-kmem_cache_open.patch
(stable-5.14.15 bsc#1225342 CVE-2021-47466).
- Update
patches.suse/mm-slub-fix-potential-use-after-free-in-slab_debugfs.patch
(stable-5.14.15 bsc#1225186 CVE-2021-47470).
- Update
patches.suse/mmc-core-Avoid-negative-index-with-array-access.patch
(git-fixes bsc#1224618 CVE-2024-35813).
- Update
patches.suse/mmc-mmc_spi-fix-error-handling-in-mmc_spi_probe.patch
(git-fixes bsc#1225483 CVE-2023-52708).
- Update
patches.suse/mmc-sdhci-msm-pervent-access-to-suspended-controller.patch
(git-fixes bsc#1225708 CVE-2024-36029).
- Update
patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch
(git-fixes bsc#1224956 CVE-2023-52730).
- Update
patches.suse/mptcp-ensure-tx-skbs-always-have-the-MPTCP-ext.patch
(stable-5.14.9 bsc#1225183 CVE-2021-47370).
- Update patches.suse/mptcp-fix-possible-stall-on-recvmsg.patch
(stable-5.14.14 bsc#1225129 CVE-2021-47448).
- Update
patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch
(git-fixes bsc#1222374 CVE-2024-26698).
- Update
patches.suse/msft-hv-2971-net-mana-Fix-Rx-DMA-datasize-and-skb_over_panic.patch
(git-fixes bsc#1224495 CVE-2024-35901).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes bsc#1225386 CVE-2021-47540).
- Update
patches.suse/net-USB-Fix-wrong-direction-WARNING-in-plusb.c.patch
(git-fixes bsc#1225482 CVE-2023-52742).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes stable-5.14.16 bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
(bsc#1215322 bsc#1223049 CVE-2024-26859).
- Update
patches.suse/net-dsa-felix-Fix-memory-leak-in-felix_setup_mmio_fi.patch
(git-fixes bsc#1225380 CVE-2021-47513).
- Update
patches.suse/net-dsa-microchip-Added-the-condition-for-scheduling.patch
(stable-5.14.14 bsc#1225246 CVE-2021-47439).
- Update
patches.suse/net-encx24j600-check-error-in-devm_regmap_init_encx2.patch
(stable-5.14.14 bsc#1225248 CVE-2021-47440).
- Update
patches.suse/net-hns3-do-not-allow-call-hns3_nic_net_open-repeate.patch
(stable-5.14.10 bsc#1225329 CVE-2021-47400).
- Update
patches.suse/net-ll_temac-platform_get_resource-replaced-by-wrong.patch
(git-fixes bsc#1224615 CVE-2024-35796).
- Update patches.suse/net-macb-fix-use-after-free-on-rmmod.patch
(stable-5.14.9 bsc#1225184 CVE-2021-47372).
- Update
patches.suse/net-marvell-prestera-fix-double-free-issue-on-err-pa.patch
(git-fixes bsc#1225501 CVE-2021-47564).
- Update
patches.suse/net-mdiobus-Fix-memory-leak-in-__mdiobus_register.patch
(stable-5.14.15 bsc#1225189 CVE-2021-47472).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(jsc#SLE-19256 bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-mlx5e-Fix-memory-leak-in-mlx5_core_destroy_cq-er.patch
(stable-5.14.14 bsc#1225229 CVE-2021-47438).
- Update
patches.suse/net-openvswitch-fix-possible-memory-leak-in-ovs_mete.patch
(git-fixes bsc#1224945 CVE-2023-52702).
- Update
patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
(git-fixes bsc#1223828 CVE-2024-27047).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch
(git-fixes bsc#1220363 CVE-2024-26597).
- Update
patches.suse/net-sched-flower-protect-fl_walk-with-rcu.patch
(stable-5.14.10 bsc#1225302 CVE-2021-47402).
- Update
patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
(bsc#1207361 bsc#1225424 CVE-2021-47512).
- Update
patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
(bsc#1207361 bsc#1225468 CVE-2021-47557).
- Update
patches.suse/net-sched-sch_taprio-properly-cancel-timer-from-tapr.patch
(stable-5.14.12 bsc#1225338 CVE-2021-47419).
- Update
patches.suse/net-smc-Fix-NULL-pointer-dereferencing-in-smc_vlan_by_tcpsk
(git-fixes bsc#1225396 CVE-2021-47559).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes bsc#1225447 CVE-2021-47536).
- Update
patches.suse/net-stmmac-Disable-Tx-queues-when-reconfiguring-the-.patch
(jsc#SLE-19033 bsc#1225492 CVE-2021-47558).
- Update
patches.suse/net-tls-Fix-flipped-sign-in-tls_err_abort-calls.patch
(stable-5.14.16 bsc#1225354 CVE-2021-47496).
- Update
patches.suse/net-usb-kalmia-Don-t-pass-act_len-in-usb_bulk_msg-er.patch
(git-fixes bsc#1225549 CVE-2023-52703).
- Update
patches.suse/net-vlan-fix-underflow-for-the-real_dev-refcnt.patch
(git-fixes bsc#1225467 CVE-2021-47555).
- Update
patches.suse/net_sched-fix-NULL-deref-in-fifo_set_limit.patch
(stable-5.14.12 bsc#1225337 CVE-2021-47418).
- Update
patches.suse/netfilter-conntrack-serialize-hash-resizes-and-clean.patch
(stable-5.14.10 bsc#1225236 CVE-2021-47408).
- Update
patches.suse/netfilter-nf_tables-skip-netdev-events-generated-on-.patch
(stable-5.14.15 bsc#1225257 CVE-2021-47452).
- Update
patches.suse/netfilter-nf_tables-unlink-table-before-deleting-it.patch
(stable-5.14.10 bsc#1225323 CVE-2021-47394).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(stable-5.14.15 bsc#1225237 CVE-2021-47451).
- Update
patches.suse/nexthop-Fix-division-by-zero-while-replacing-a-resil.patch
(stable-5.14.9 bsc#1225156 CVE-2021-47363).
- Update
patches.suse/nexthop-Fix-memory-leaks-in-nexthop-notification-cha.patch
(stable-5.14.9 bsc#1225167 CVE-2021-47371).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes bsc#1225372 CVE-2021-47518).
- Update
patches.suse/nfc-nci-Fix-uninit-value-in-nci_dev_up-and-nci_ntf_p.patch
(git-fixes bsc#1224479 CVE-2024-35915).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes bsc#1225405 CVE-2021-47507).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes bsc#1225404 CVE-2021-47506).
- Update
patches.suse/nilfs2-fix-underflow-in-second-superblock-position-c.patch
(git-fixes bsc#1225480 CVE-2023-52705).
- Update
patches.suse/nouveau-dmem-handle-kcalloc-allocation-failure.patch
(git-fixes CVE-2024-26943).
- Update
patches.suse/nouveau-fix-instmem-race-condition-around-ptr-stores.patch
(git-fixes bsc#1223633 CVE-2024-26984).
- Update
patches.suse/nvme-fc-do-not-wait-in-vain-when-unloading-module.patch
(git-fixes bsc#1223023 CVE-2024-26846).
- Update
patches.suse/nvme-fix-reconnection-fail-due-to-reserved-tag-alloc.patch
(git-fixes bsc#1224717 CVE-2024-27435).
- Update
patches.suse/nvme-rdma-destroy-cm-id-before-destroy-qp-to-avoid-u.patch
(bsc#1190569 stable-5.14.9 bsc#1225201 CVE-2021-47378).
- Update
patches.suse/nvmem-Fix-shift-out-of-bound-UBSAN-with-byte-size-ce.patch
(stable-5.14.14 bsc#1225355 CVE-2021-47497).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(stable-5.14.15 bsc#1225251 CVE-2021-47460).
- Update
patches.suse/ocfs2-fix-race-between-searching-chunks-and-release-.patch
(stable-5.14.16 bsc#1225439 CVE-2021-47493).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(stable-5.14.15 bsc#1225252 CVE-2021-47458).
- Update
patches.suse/octeontx2-af-Fix-a-memleak-bug-in-rvu_mbox_init.patch
(git-fixes bsc#1225375 CVE-2021-47537).
- Update
patches.suse/octeontx2-af-Fix-possible-null-pointer-dereference.patch
(stable-5.14.16 bsc#1224905 CVE-2021-47484).
- Update
patches.suse/of-Fix-double-free-in-of_parse_phandle_with_args_map.patch
(git-fixes bsc#1224508 CVE-2023-52679).
- Update
patches.suse/padata-Fix-refcnt-handling-in-padata_free_shell.patch
(git-fixes bsc#1225584 CVE-2023-52854).
- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
(git-fixes bsc#1223631 CVE-2024-26977).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 bsc#1225336 CVE-2021-47416).
- Update
patches.suse/pinctrl-core-delete-incorrect-free-in-pinctrl_enable.patch
(git-fixes CVE-2024-36940).
- Update
patches.suse/pinctrl-devicetree-fix-refcount-leak-in-pinctrl_dt_t.patch
(git-fixes CVE-2024-36959).
- Update
patches.suse/pinctrl-single-fix-potential-NULL-dereference.patch
(git-fixes bsc#1224942 CVE-2022-48708).
- Update
patches.suse/platform-x86-wmi-Fix-opening-of-char-device.patch
(git-fixes bsc#1225132 CVE-2023-52864).
- Update
patches.suse/power-supply-bq27xxx-i2c-Do-not-free-non-existing-IR.patch
(git-fixes bsc#1224437 CVE-2024-27412).
- Update
patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
(stable-5.14.12 bsc#1225388 CVE-2021-47429).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(stable-5.14.12 bsc#1225387 CVE-2021-47428).
- Update
patches.suse/powerpc-64s-interrupt-Fix-interrupt-exit-race-with-s.patch
(bsc#1194869 bsc#1225471 CVE-2023-52740).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_pow.patch
(bsc#1181674 ltc#189159 git-fixes bsc#1224601 CVE-2023-52696).
- Update
patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes bsc#1223756
CVE-2022-48669).
- Update
patches.suse/powerpc-pseries-iommu-LPAR-panics-during-boot-up-wit.patch
(bsc#1222011 ltc#205900 CVE-2024-36926).
- Update
patches.suse/powerpc-smp-do-not-decrement-idle-task-preempt-count.patch
(stable-5.14.15 bsc#1225255 CVE-2021-47454).
- Update
patches.suse/ppdev-Add-an-error-check-in-register_device.patch
(git-fixes bsc#1225640 CVE-2024-36015).
- Update
patches.suse/pstore-ram_core-fix-possible-overflow-in-persistent_.patch
(git-fixes bsc#1224728 CVE-2023-52685).
- Update
patches.suse/pstore-zone-Add-a-null-pointer-check-to-the-psz_kmsg.patch
(stable-fixes bsc#1224537 CVE-2024-35940).
- Update
patches.suse/ptp-Fix-possible-memory-leak-in-ptp_clock_register.patch
(stable-5.14.15 bsc#1225254 CVE-2021-47455).
- Update patches.suse/pwm-Fix-double-shift-bug.patch (git-fixes
bsc#1225461 CVE-2023-52756).
- Update patches.suse/qibfs-fix-dentry-leak.patch (git-fixes
CVE-2024-36947).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes stable-5.14.16 bsc#1224907 CVE-2021-47483).
- Update
patches.suse/riscv-Flush-current-cpu-icache-before-other-cpus.patch
(stable-5.14.12 bsc#1225334 CVE-2021-47414).
- Update
patches.suse/riscv-bpf-Fix-potential-NULL-dereference.patch
(stable-5.14.16 bsc#1224903 CVE-2021-47486).
- Update
patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
(bsc#1141539 git-fixes bsc#1223819 CVE-2024-27054).
- Update
patches.suse/s390-cio-Ensure-the-copied-buf-is-NUL-terminated.patch
(git-fixes bsc#1223875 bsc#1225747 CVE-2024-36931).
- Update
patches.suse/s390-dasd-protect-device-queue-against-concurrent-access.patch
(git-fixes bsc#1217515 bsc#1225572 CVE-2023-52774).
- Update
patches.suse/s390-decompressor-specify-__decompress-buf-len-to-avoid-overflow.patch
(git-fixes bsc#1213863 bsc#1225488 CVE-2023-52733).
- Update
patches.suse/s390-qeth-Fix-kernel-panic-after-setting-hsuid.patch
(git-fixes bsc#1223879 bsc#1225775 CVE-2024-36928).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_.patch
(stable-5.14.9 bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery.patch
(stable-5.14.10 bsc#1225207 CVE-2021-47382).
- Update
patches.suse/s390-zcrypt-fix-reference-counting-on-zcrypt-card-objects.patch
(git-fixes bsc#1223595 bsc#1223666 CVE-2024-26957).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes bsc#1225508 CVE-2021-47549).
- Update
patches.suse/sched-psi-Fix-use-after-free-in-ep_remove_wait_queue.patch
(bsc#1209799 bsc#1225109 CVE-2023-52707).
- Update
patches.suse/sched-scs-Reset-task-stack-state-in-bringup_cpu.patch
(git-fixes bsc#1225464 CVE-2021-47553).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is.patch
(stable-5.14.17 bsc#1225322 CVE-2021-47480).
- Update
patches.suse/scsi-hisi_sas-Set-debugfs_dir-pointer-to-NULL-after-removing-debugfs.patch
(git-fixes bsc#1225555 CVE-2023-52808).
- Update
patches.suse/scsi-ibmvfc-Remove-BUG_ON-in-the-case-of-an-empty-ev.patch
(bsc#1209834 ltc#202097 bsc#1225559 CVE-2023-52811).
- Update
patches.suse/scsi-iscsi-Fix-iscsi_task-use-after-free.patch
(stable-5.14.12 bsc#1225225 CVE-2021-47427).
- Update
patches.suse/scsi-libfc-Fix-potential-NULL-pointer-dereference-in-fc_lport_ptp_setup.patch
(git-fixes bsc#1225556 CVE-2023-52809).
- Update
patches.suse/scsi-lpfc-Fix-possible-memory-leak-in-lpfc_rcv_padis.patch
(bsc#1220021 bsc#1224651 CVE-2024-35930).
- Update
patches.suse/scsi-lpfc-Move-NPIV-s-transport-unregistration-to-af.patch
(bsc#1221777 CVE-2024-36952).
- Update
patches.suse/scsi-lpfc-Release-hbalock-before-calling-lpfc_worker.patch
(bsc#1221777 CVE-2024-36924).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes bsc#1225374 CVE-2021-47503).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-q.patch
(stable-5.14.15 bsc#1225192 CVE-2021-47473).
- Update
patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
(bsc1221816 bsc#1223627 CVE-2024-26931).
- Update
patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointer.patch
(bsc1221816 bsc#1223626 CVE-2024-26930).
- Update
patches.suse/sctp-break-out-if-skb_header_pointer-returns-NULL-in.patch
(stable-5.14.10 bsc#1225082 CVE-2021-47397).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/serial-liteuart-Fix-NULL-pointer-dereference-in-remo.patch
(git-fixes bsc#1225376 CVE-2021-47526).
- Update
patches.suse/serial-liteuart-fix-minor-number-leak-on-probe-error.patch
(git-fixes bsc#1225377 CVE-2021-47524).
- Update
patches.suse/serial-liteuart-fix-use-after-free-and-memleak-on-un.patch
(git-fixes bsc#1225441 CVE-2021-47525).
- Update
patches.suse/serial-mxs-auart-add-spinlock-around-changing-cts-st.patch
(git-fixes bsc#1223757 CVE-2024-27000).
- Update
patches.suse/serial-pmac_zilog-Remove-flawed-mitigation-for-rx-ir.patch
(git-fixes bsc#1223754 CVE-2024-26999).
- Update
patches.suse/soc-fsl-qbman-Always-disable-interrupts-when-taking-.patch
(git-fixes bsc#1224699 CVE-2024-35806).
- Update
patches.suse/soc-qcom-llcc-Handle-a-second-device-without-data-co.patch
(git-fixes bsc#1225534 CVE-2023-52871).
- Update patches.suse/speakup-Avoid-crash-on-very-long-word.patch
(git-fixes bsc#1223750 CVE-2024-26994).
- Update
patches.suse/spi-Fix-deadlock-when-adding-SPI-controllers-on-SPI-.patch
(stable-5.14.15 bsc#1225347 CVE-2021-47469).
- Update
patches.suse/spi-spi-mt65xx-Fix-NULL-pointer-access-in-interrupt-.patch
(git-fixes bsc#1223788 CVE-2024-27028).
- Update
patches.suse/staging-greybus-uart-fix-tty-use-after-free.patch
(stable-5.14.9 bsc#1224920 CVE-2021-47358).
- Update
patches.suse/staging-rtl8712-fix-use-after-free-in-rtl8712_dl_fw.patch
(git-fixes stable-5.14.18 bsc#1224911 CVE-2021-47479).
- Update
patches.suse/tcp-fix-page-frag-corruption-on-page-fault.patch
(git-fixes bsc#1225463 CVE-2021-47544).
- Update
patches.suse/thermal-core-prevent-potential-string-overflow.patch
(git-fixes bsc#1225044 CVE-2023-52868).
- Update
patches.suse/tracing-trigger-Fix-to-return-error-if-failed-to-alloc-snapshot.patch
(git-fixes CVE-2024-26920).
- Update
patches.suse/tty-Fix-out-of-bound-vmalloc-access-in-imageblit.patch
(stable-5.14.10 bsc#1225208 CVE-2021-47383).
- Update
patches.suse/tty-n_gsm-fix-possible-out-of-bounds-in-gsm0_receive.patch
(git-fixes bsc#1225642 CVE-2024-36016).
- Update
patches.suse/tty-n_gsm-fix-race-condition-in-status-line-change-o.patch
(git-fixes bsc#1225591 CVE-2023-52872).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-vcc-Add-check-for-kstrdup-in-vcc_probe.patch
(git-fixes bsc#1225180 CVE-2023-52789).
- Update
patches.suse/usb-cdc-wdm-close-race-between-read-and-workqueue.patch
(git-fixes bsc#1224624 CVE-2024-35812).
- Update
patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch
(git-fixes bsc#1222513 CVE-2024-26748).
- Update
patches.suse/usb-cdnsp-Fix-a-NULL-pointer-dereference-in-cdnsp_en.patch
(git-fixes bsc#1225368 CVE-2021-47528).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes stable-5.14.12 bsc#1225333 CVE-2021-47413).
- Update
patches.suse/usb-config-fix-iteration-issue-in-usb_get_bos_descri.patch
(git-fixes bsc#1225092 CVE-2023-52781).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(stable-5.14.11 bsc#1225330 CVE-2021-47409).
- Update
patches.suse/usb-dwc2-fix-possible-NULL-pointer-dereference-cause.patch
(git-fixes bsc#1225583 CVE-2023-52855).
- Update
patches.suse/usb-dwc2-host-Fix-dereference-issue-in-DDMA-completi.patch
(git-fixes bsc#1223741 CVE-2024-26997).
- Update
patches.suse/usb-gadget-f_ncm-Fix-UAF-ncm-object-at-re-bind-after.patch
(stable-fixes bsc#1223752 CVE-2024-26996).
- Update
patches.suse/usb-gadget-ncm-Avoid-dropping-datagrams-of-properly-.patch
(git-fixes bsc#1224423 CVE-2024-27405).
- Update
patches.suse/usb-gadget-ncm-Fix-handling-of-zero-block-length-pac.patch
(git-fixes bsc#1224681 CVE-2024-35825).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes stable-5.14.14 bsc#1225244 CVE-2021-47436).
- Update
patches.suse/usb-typec-tcpm-Check-for-port-partner-validity-befor.patch
(git-fixes bsc#1225748 CVE-2024-36893).
- Update
patches.suse/usb-typec-tcpm-Fix-NULL-pointer-dereference-in-tcpm_.patch
(git-fixes bsc#1224944 CVE-2023-52877).
- Update
patches.suse/usb-udc-remove-warning-when-queue-disabled-ep.patch
(stable-fixes bsc#1224739 CVE-2024-35822).
- Update
patches.suse/usb-xhci-Add-error-handling-in-xhci_map_urb_for_dma.patch
(git-fixes bsc#1223650 CVE-2024-26964).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(stable-5.14.16 bsc#1225351 CVE-2021-47495).
- Update
patches.suse/userfaultfd-fix-a-race-between-writeprotect-and-exit.patch
(stable-5.14.15 bsc#1225249 CVE-2021-47461).
- Update
patches.suse/vdpa_sim-avoid-putting-an-uninitialized-iova_domain.patch
(git-fixes bsc#1225466 CVE-2021-47554).
- Update
patches.suse/virtio-net-fix-pages-leaking-when-building-skb-in-bi.patch
(stable-5.14.9 bsc#1225123 CVE-2021-47367).
- Update
patches.suse/vt-fix-unicode-buffer-corruption-when-deleting-chara.patch
(git-fixes bsc#1224692 CVE-2024-35823).
- Update
patches.suse/wifi-ath11k-decrease-MHI-channel-buffer-length-to-8K.patch
(bsc#1207948 bsc#1224643 CVE-2024-35938).
- Update
patches.suse/wifi-ath11k-fix-dfs-radar-event-locking.patch
(git-fixes bsc#1224947 CVE-2023-52798).
- Update
patches.suse/wifi-ath11k-fix-gtk-offload-status-event-locking.patch
(git-fixes bsc#1224992 CVE-2023-52777).
- Update patches.suse/wifi-ath11k-fix-htt-pktlog-locking.patch
(git-fixes CVE-2023-52800).
- Update
patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
(git-fixes bsc#1222961 CVE-2023-52644).
- Update
patches.suse/wifi-iwlwifi-dbg-tlv-ensure-NUL-termination.patch
(git-fixes bsc#1224731 CVE-2024-35845).
- Update
patches.suse/wifi-iwlwifi-mvm-rfi-fix-potential-response-leaks.patch
(git-fixes bsc#1224487 CVE-2024-35912).
- Update
patches.suse/wifi-libertas-fix-some-memleaks-in-lbs_allocate_cmd_.patch
(git-fixes bsc#1224622 CVE-2024-35828).
- Update
patches.suse/wifi-mac80211-check-clear-fast-rx-for-non-4addr-sta-.patch
(stable-fixes bsc#1224749 CVE-2024-35789).
- Update
patches.suse/wifi-mac80211-don-t-return-unset-power-in-ieee80211_.patch
(git-fixes bsc#1225577 CVE-2023-52832).
- Update
patches.suse/wifi-mt76-mt7921e-fix-crash-in-chip-reset-fail.patch
(bsc#1209980 bsc#1223895 CVE-2022-48705).
- Update
patches.suse/wifi-nl80211-don-t-free-NULL-coalescing-rule.patch
(git-fixes CVE-2024-36941).
- Update
patches.suse/wifi-nl80211-reject-iftype-change-with-mesh-ID-chang.patch
(git-fixes bsc#1224432 CVE-2024-27410).
- Update
patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
(git-fixes bsc#1223829 CVE-2024-27052).
- Update
patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
(git-fixes bsc#1223737 CVE-2024-27053).
- Update
patches.suse/x86-entry-Clear-X86_FEATURE_SMAP-when-CONFIG_X86_SMA.patch
(stable-5.14.12 bsc#1225228 CVE-2021-47430).
- Update
patches.suse/x86-fpu-Keep-xfd_state-in-sync-with-MSR_IA32_XFD.patch
(git-fixes bsc#1224732 CVE-2024-35801).
- Update
patches.suse/x86-mm-Ensure-input-to-pfn_to_kaddr-is-treated-as-a-64-bit-type.patch
(jsc#PED-7167 git-fixes bsc#1224442 CVE-2023-52659).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(stable-5.14.14 bsc#1225232 CVE-2021-47434).
- commit 7e29329
- powerpc/pseries/lparcfg: drop error message from guest name
lookup (bsc#1187716 ltc#193451 git-fixes).
- commit 1d8f6b6
- blacklist.conf: PPC fsl_msi is not used
- commit 346d509
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- powerpc/uaccess: Fix build errors seen with GCC 13/14
(bsc#1194869).
- commit 0f3f8d5
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- commit dd54933
- netfilter: nf_tables: release mutex after nft_gc_seq_end from
abort path (CVE-2024-26925 bsc#1223390).
- commit d38b98f
- cls_rsvp: check user supplied offsets (CVE-2023-42755
bsc#1215702).
- commit b6c6fb3
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
(git-fixes).
- commit 53d4b05
- bpf: fix precision backtracking instruction iteration
(bsc#1225756).
- commit 5aec043
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- nvme: fix miss command type check (git-fixes).
- commit b122221
- nvme: ensure disabling pairs with unquiesce (bsc#1224534).
- commit e08ce4d
- idpf: extend tx watchdog timeout (bsc#1224137).
- commit 65a74c5
- Bluetooth: ISO: Fix not validating setsockopt user input
(bsc#1224581 CVE-2024-35964).
- commit cf9835d
- printk: Update @console_may_schedule in
console_trylock_spinning() (bsc#1225616).
- commit 9f61f12
- Bluetooth: ISO: Add support for BT_PKT_STATUS (bsc#1224581
CVE-2024-35964).
- commit 9488226
- Bluetooth: af_bluetooth: Make BT_PKT_STATUS generic (bsc#1224581
CVE-2024-35964).
- Refresh
patches.suse/Bluetooth-SCO-Fix-not-validating-setsockopt-user-inp.patch.
- commit 07d66e7
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331).
Update patches.kabi/kABI-Work-around-kABI-changes-after-20347fca71a3-swi.patch (jsc#PED-3259, bsc#1224331).
- commit 861d481
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- commit 00a5ac9
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- commit be23e64
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- commit ec1f4ec
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- commit cdb0386
- calipso: fix memory leak in netlbl_calipso_add_pass()
(CVE-2023-52698 bsc#1224621)
- commit 77eb4f6
- blacklist.conf: add commit for config change not needed
- commit 938b50b
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
(git-fixes).
- scsi: sd: Unregister device if device_add_disk() failed in
sd_probe() (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression
(git-fixes).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
(git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: mpt3sas: Prevent sending diag_reset when the controller
is ready (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching
page (git-fixes).
- scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
(git-fixes).
- scsi: libfc: Don't schedule abort twice (git-fixes).
- scsi: arcmsr: Support new PCI device IDs 1883 and 1886
(git-fixes).
- commit f4328c2
- net: atlantic: eliminate double free in error handling logic
(CVE-2023-52664 bsc#1224747).
- Refresh
patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch.
- commit 3161f6b
- blacklist.conf: arm: kernel does not support folios
- commit 44a14d2
- Delete BT and WiFi cleanup patches for netif_rx()
Drop two cleanup patches that are likely broken: SLE15-SP5 kernel has
no prerequisite commit baebdf48c3600 backported (yet):
patches.suse/bluetooth-Use-netif_rx-d33d0dc9.patch
patches.suse/wireless-Atheros-Use-netif_rx.patch
- commit d16d77f
- net: hns3: fix out-of-bounds access may occur when coalesce
info is read via debugfs (CVE-2023-52807 bsc#1225097).
- commit 2628336
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535)
- commit 58a5216
- blacklist.conf: Add c5b0a7eefc70 sched/fair: Remove sysctl_sched_migration_cost condition
- commit 251d591
- cpumap: Zero-initialise xdp_rxq_info struct before running
XDP program (bsc#1224718 CVE-2024-27431).
- commit 1d6e754
- blacklist.conf: optimization, not a fix
- commit 6b6d3e6
- PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes).
- commit 60a3fbf
- PCI: dwc: ep: Fix DBI access failure for drivers requiring
refclk from host (git-fixes).
- PCI: dwc: Detect iATU settings after getting "addr_space"
resource (git-fixes).
- commit a26d4db
- kABI: bpf: struct bpf_link and bpf_link_ops kABI workaround
(bsc#1224531 CVE-2024-35860).
- commit 35186ef
- ppdev: Add an error check in register_device (git-fixes).
- commit cd9959b
- bpf: support deferring bpf_link dealloc to after RCU grace
period (bsc#1224531 CVE-2024-35860).
- commit 5cff30d
- blacklist.conf: kABI
- commit f83467b
- tpm_tis_spi: Account for SPI header when allocating TPM SPI
xfer buffer (git-fixes).
- commit 65639af
- drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 (CVE-2023-52671 bsc#1224729).
- commit d5b1287
- blacklist.conf: Ignore all devicetree schemes changes
We do not use them, so lets silence all git-fixes for them.
- commit c94d164
- drm/amd/display: Prevent crash when disable stream (CVE-2024-35799 bsc#1224740).
- commit 7764a6b
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (CVE-2024-35951 bsc#1224701).
- commit c3405cd
- efi/capsule-loader: fix incorrect allocation size (bsc#1224438
CVE-2024-27413).
- commit bcbd0b7
- Update
patches.suse/ring-buffer-Fix-a-race-between-readers-and-resize-checks.patch
(bsc#1222893).
- commit 7df29b0
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (CVE-2024-35817 bsc#1224736).
- commit 3fd949a
- x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1224525
CVE-2024-35877).
- commit b573b7a
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
(CVE-2024-35969 bsc#1224580)
- commit 217a49b
- Refresh patches.suse/x86-coco-Require-seeding-RNG-with-RDRAND-on-CoCo-systems.patch.
Remove defined but unused variable warning.
- commit 2a387cc
- xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
(CVE-2023-52746 bsc#1225114)
- commit 1a99ba9
- mm/secretmem: fix GUP-fast succeeding on secretmem folios
(CVE-2024-35872 bsc#1224530).
- commit 1a7a850
- Update CVE references (CVE-2024-35935 bsc#1224645)
Update patches.suse/btrfs-send-handle-path-ref-underflow-in-header-itera.patch
(CVE-2024-35935 bsc#1224645).
- commit 1afc656
- Update CVE references (CVE-2024-35936 bsc#1224644)
- Update patches.suse/btrfs-add-missing-mutex_unlock-in-btrfs_relocate_sys.patch
(CVE-2024-35936 bsc#1224644).
- Update patches.suse/btrfs-handle-chunk-tree-lookup-error-in-btrfs_reloca.patch
(CVE-2024-35936 bsc#1224644).
- commit 46ae3a6
- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes).
- Update config files.
- commit 99579af
- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes).
- Update config files.
- commit 6a0eda0
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash
work (CVE-2024-35852 bsc#1224502).
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
(CVE-2024-36006 bsc#1224541).
- mlxsw: spectrum_acl_tcam: Fix warning during rehash
(CVE-2024-36007 bsc#1224543).
- mlxbf_gige: stop interface during shutdown (CVE-2024-35885
bsc#1224519).
- mlxbf_gige: call request_irq() after NAPI initialized
(CVE-2024-35907 bsc#1224492).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes).
- mlxbf_gige: Fix intermittent no ip issue (git-fixes).
- ipvlan: add ipvlan_route_v6_outbound() helper (CVE-2023-52796
bsc#1224930).
- commit de506c4
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
(git-fixes).
- commit 9feb6d7
- ring-buffer: Fix a race between readers and resize checks
(git-fixes).
- commit 1627912
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- commit 8692851
- blacklist.conf: add a not-relevant tracing commit
- commit 784f511
- dma-direct: Leak pages on dma_set_decrypted() failure (bsc#1224535 CVE-2024-35939).
- commit 7213b4b
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665 CVE-2024-35875).
- Refresh patches.suse/suse-hv-cc_attr_cpu_hotplug_disabled.patch.
- commit 234fdb1
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- commit 450733a
- x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes).
- commit bab84b2
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- commit caf6529
- x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes).
- commit 085895e
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- commit 76ca8ec
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- commit 20c646a
- x86/lib: Fix overflow when counting digits (git-fixes).
- commit 5eb97ad
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- commit f16b82f
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes).
- Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch.
- commit 22da5da
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- commit f63acb6
- blacklist.conf: Blacklist broken patch that gets reverted subsequently
- commit 5a2bbf2
- KVM: x86: Mark target gfn of emulated atomic instruction as
dirty (bsc#1224638, CVE-2024-35804).
- commit e14475b
- Rename colliding patches before origin/cve/linux-5.14-LTSS -> SLE15-SP5 merge
- commit ead7031
- KVM: SVM: Flush pages under kvm->lock to fix UAF in
svm_register_enc_region() (bsc#1224725, CVE-2024-35791).
- commit 5b89286
- selinux: avoid dereference of garbage after mount failure
(bsc#1224494 CVE-2024-35904).
- commit dad5bc3
- nilfs2: fix unexpected freezing of nilfs_segctor_sync()
(git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread
(git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client
IBI handler (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during
start frame (git-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code
(stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config
(stable-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- pinctrl: core: handle radix_tree_insert() errors in
pinctrl_register_one_pin() (stable-fixes).
- commit 062f495
- media: rkisp1: Fix IRQ handling due to shared interrupts
(CVE-2023-52660 bsc#1224443).
- commit aadfd1f
- Input: cyapa - add missing input core locking to suspend/resume
functions (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
(git-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
(git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init
(git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using
prescaler (git-fixes).
- serial: 8250_bcm7271: use default_mux_rate if possible
(git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch
(git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
(git-fixes).
- commit 1d7ff63
- kABI workaround for drivers/of/dynamic.c (CVE-2024-35879
bsc#1224524).
- commit 2e9ad08
- pmdomain: ti: Add a null pointer check to the
omap_prm_domain_init (CVE-2024-35943 bsc#1224649).
- commit aa89394
- of: module: prevent NULL pointer dereference in vsnprintf()
(CVE-2024-35878 bsc#1224671).
- commit 715f7d4
- of: dynamic: Synchronize of_changeset_destroy() with the
devlink removals (CVE-2024-35879 bsc#1224524).
- driver core: Introduce device_link_wait_removal()
(CVE-2024-35879 bsc#1224524).
- commit fe69cd8
- drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls()
for hisi_hns3_pmu uninit process (CVE-2023-52860 bsc#1224936).
- commit 1703104
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- commit f0643dd
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (CVE-2024-35959
bsc#1224666).
- Refresh
patches.suse/powerpc-Avoid-nmi_enter-nmi_exit-in-real-mode-interr.patch.
- Refresh
patches.suse/powerpc-eeh-Permanently-disable-the-removed-device.patch.
- commit 2088b29
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during
rehash (CVE-2024-35854 bsc#1224636).
- commit 0674818
- geneve: fix header validation in geneve[6]_xmit_skb
(CVE-2024-35973 bsc#1224586).
- commit ef0dd47
- ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
(CVE-2024-27417 bsc#1224721)
- commit 9d4dafd
- af_unix: annote lockless accesses to unix_tot_inflight &
gc_in_progress (bsc#1223384).
- Refresh
patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch.
- commit 478234c
- Update patch reference for media fix (CVE-2024-35830 bsc#1224680)
- commit aae637c
- regulator: bd71828: Don't overwrite runtime voltages
(git-fixes).
- nfc: nci: Fix handling of zero-length payload packets in
nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns
(git-fixes).
- commit 6c22f99
- bpf: Protect against int overflow for stack access size
(bsc#1224488 CVE-2024-35905).
- bpf: Check bloom filter map value size (bsc#1224488
CVE-2024-35905).
- commit c3a457f
- io_uring: drop any code related to SCM_RIGHTS (git-fixes
CVE-2023-52656 bsc#1224187).
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- commit 2c7c0cc
- autofs: use wake_up() instead of wake_up_interruptible(()
(bsc#1224166).
- commit 63af67f
- Update patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1218447 CVE-2023-6531 CVE-2023-52654 bsc#1224099)
This commit was merged twice, through the net and io_uring maintainer
trees. Add an Alt-commit entry to document that.
- commit 8d7b4ed
- Update patches.suse/scsi-qedf-Wait-for-stag-work-during-unload.patch (bsc#1214852)
- Update patches.suse/scsi-qedf-Don-t-process-stag-work-during-unload.patch (bsc#1214852)
- commit c7be571
- Update patches.suse/afs-Fix-page-leak.patch (stable-5.14.9
CVE-2021-47365 bsc#1224895).
- commit c17c3b1
- Update
patches.suse/afs-Fix-corruption-in-reads-at-fpos-2G-4G-from-an-Op.patch
(stable-5.14.9 CVE-2021-47366 bsc#1225160).
- commit f8c347d
- s390/ipl: Fix incorrect initialization of len fields in nvme
reipl block (git-fixes bsc#1225139).
- commit fa2a3c7
- s390/ipl: Fix incorrect initialization of nvme dump block
(git-fixes bsc#1225138).
- commit 99842eb
- ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()
(CVE-2023-52674 bsc#1224727).
- ALSA: scarlett2: Add missing error checks to *_ctl_get()
(CVE-2023-52680 bsc#1224608).
- ALSA: scarlett2: Add missing error check to
scarlett2_usb_set_config() (CVE-2023-52692 bsc#1224628).
- commit 76e573a
- spmi: hisi-spmi-controller: Do not override device identifier
(git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it
(git-fixes).
- vmci: prevent speculation leaks by sanitizing event in
event_deliver() (git-fixes).
- VMCI: Fix an error handling path in vmci_guest_probe_device()
(git-fixes).
- iio: pressure: dps310: support negative temperature values
(git-fixes).
- iio: core: Leave private pointer NULL when no private data
supplied (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown
(git-fixes).
- serial: sc16is7xx: add proper sched.h include for
sched_set_fifo() (git-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Update uart_driver_registered on driver removal
(git-fixes).
- serial: max3100: Lock port->lock when calling
uart_handle_cts_change() (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock
(git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in
vmci_datagram_invoke_guest_handler() (stable-fixes).
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
(stable-fixes CVE-2024-35944 bsc#1224648).
- spmi: Add a check for remove callback when removing a SPMI
driver (git-fixes).
- commit d71c003
- Update
patches.suse/efi-libstub-Implement-support-for-unaccepted-memory.patch
(jsc#PED-7167, bsc#1224169).
- commit a57eb93
- libsubcmd: Fix parse-options memory leak (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size
(git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
(git-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
(git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
(git-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
(git-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a
safety margin (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by
cpu5wdt_trigger (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- nilfs2: make superblock data array index computation sparse
friendly (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- watchdog: ixp4xx: Make sure restart always works (git-fixes).
- commit 4148cf4
- Update
patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch
(bsc#1209657 CVE-2023-0160 CVE-2024-35895 bsc#1224511).
- Update
patches.suse/fs-aio-Check-IOCB_AIO_RW-before-the-struct-aio_kiocb.patch
(bsc#1222721 CVE-2024-26764 CVE-2024-35815 bsc#1224685).
- Update
patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch
(bsc#1221044 CVE-2023-52591 CVE-2024-35914 bsc#1224482).
- Update
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch
(CVE-2023-47233 bsc#1216702 CVE-2024-35811 bsc#1224592).
- commit 78f49e4
- Update
patches.suse/bpf-Guard-stack-limits-against-32bit-overflow.patch
(git-fixes CVE-2023-52676 bsc#1224730).
- commit bdae745
- Update patches.suse/afs-Fix-page-leak.patch (stable-5.14.9
CVE-2021-47365 bsc#1224895).
- Update
patches.suse/drm-amdgpu-Fix-even-more-out-of-bound-writes-from-de.patch
(bsc#1191949 CVE-2021-42327 stable-5.14.16 CVE-2021-47489
bsc#1224901).
- Update
patches.suse/mm-khugepaged-skip-huge-page-collapse-for-special-fi.patch
(stable-5.14.16 bsc#1193983 CVE-2021-4148 CVE-2021-47491
bsc#1224900).
- Update
patches.suse/mm-thp-bail-out-early-in-collapse_file-for-writeback.patch
(stable-5.14.16 CVE-2021-47492 bsc#1224898).
- commit 9ce4e35
- Update
patches.suse/drm-nouveau-avoid-a-use-after-free-when-BO-init-fail.patch
(git-fixes stable-5.14.12 CVE-2020-36788 bsc#1224816).
- commit 92d2a7f
- Update patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686).
- Update patches.suse/powerpc-powernv-Add-a-null-pointer-check-to-scom_deb.patch
(bsc#1194869 CVE-2023-52690).
- commit 2a79a5d
- blacklist.conf: Add a1fd0b9d751f sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level
- commit b928aae
- blacklist.conf: Add 8b8ace080319 block: fix q->blkg_list corruption during disk rebind
...and its prerequisite.
- commit c97b9f9
- s390/cio: fix tracepoint subchannel type field (git-fixes
bsc#1224796).
- commit 681015b
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes
bsc#1224795).
- commit 99a2b7b
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M
(git-fixes bsc#1224794).
- commit 9db7bb3
- blacklist.conf: add "libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos"
- commit 10a4e51
- scsi: qla2xxx: Fix double free of fcport (bsc#1223715
CVE-2024-26929).
- commit b3136a1
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes
bsc#1222608 CVE-2024-26742).
- commit c1f56fa
- Update
patches.suse/sysv-don-t-call-sb_bread-with-pointers_lock-held.patch
(git-fixes CVE-2023-52699).
- commit ff72612
- Update
patches.suse/ubifs-Set-page-uptodate-in-the-correct-place.patch
(git-fixes CVE-2024-35821).
- commit 06c29ae
- blacklist.conf: ("dt-bindings: iio: health: maxim,max30102: fix compatible check")
- commit 07f5bfe
- blacklist.conf: ("dt-bindings: display: ti,am65x-dss: Add support for common1 region")
- commit a826456
- blacklist.conf: ("dt-bindings: arm: rockchip: Correct vendor for Orange Pi RK3399 board")
- commit f64b409
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- commit 75af646
- blacklist.conf: ("dt-bindings: arm: qcom: drop the superfluous device compatibility")
- commit 98f7e2c
- blacklist.conf: ("dt-bindings: riscv: cpus: Clarify mmu-type interpretation")
- commit 4c1baf8
- blacklist.conf: ("dt-bindings: rtc: qcom-pm8xxx: fix inconsistent example")
- commit 540d1b9
- blacklist.conf: ("dt-bindings: media: renesas,vin: Fix field-even-active spelling")
- commit 22e1af0
- blacklist.conf: ("dt-bindings: iio/adc: qcom,spmi-vadc: fix example node names")
- commit fb5277a
- blacklist.conf: ("dt-bindings: iio/adc: qcom,spmi-iadc: fix example node name")
- commit 543ec38
- blacklist.conf: ("dt-bindings: mfd: hisilicon,hi6421-spmi-pmic: Fix regulator binding")
- commit f5d6a06
- blacklist.conf: ("dt-bindings: mfd: hisilicon,hi6421-spmi-pmic: Fix up binding")
- commit 15133cc
- blacklist.conf: ("dt-bindings: mmc: sdhci-pxa: Fix 'regs' typo")
- commit c7887f6
- blacklist.conf: ("dt-bindings: Remove alt_ref from versal")
- commit a75ae45
- blacklist.conf: ("dt-bindings: thermal: qcom-spmi-adc-tm5/hc: Fix example node names")
- commit 67fe04a
- blacklist.conf: ("dt-bindings: nvmem: mxs-ocotp: Document fsl,ocotp")
- commit 5e81b59
- blacklist.conf: ("dt-bindings: panel-simple-dsi: move LG 5" HD TFT LCD panel into DSI")
- commit 33d5f8a
- blacklist.conf: ("dt-bindings: trivial-devices: Fix MEMSIC MXC4005 compatible string")
- commit 89a2df5
- blacklist.conf: ("dt-bindings: net: mediatek,net: add missing mediatek,mt7621-eth")
- commit 727c548
- blacklist.conf: ("dt-bindings: net: rockchip-dwmac: fix {tx|rx}-delay defaults/range in")
- commit ab68edc
- blacklist.conf: ("dt-bindings: clock: qcom,gcc-sm8250: add missing bi_tcxo_ao clock")
- commit 52da43d
- blacklist.conf: ("dt-bindings: pm8941-misc: Fix usb_id and usb_vbus definitions")
- commit a42a970
- blacklist.conf: ("dt-bindings: iio: ad7192: Add mandatory reference voltage source")
- commit b4e9e96
- blacklist.conf: ("dt-bindings: display/msm: dsi-controller-main: Document qcom,")
- commit bd4cacf
- blacklist.conf: ("dt-bindings: mailbox: qcom,apcs-kpss-global: correct SDX55 clocks")
- commit 2028c09
- blacklist.conf: ("dt-bindings: display: novatek,nt36672a: correct VDDIO supply")
- commit 4857fdf
- blacklist.conf: ("dt-bindings: gpu: mali-bifrost: Fix power-domain-names validation")
- commit db0bde8
- blacklist.conf: ("dt-bindings: mailbox: qcom: correct the list of platforms using")
- commit 0ce56a3
- blacklist.conf: ("dt-bindings: mailbox: qcom: add SDX55 compatible")
- commit a74bad0
- blacklist.conf: ("dt-bindings: phy: amlogic,g12a-usb3-pcie-phy: add missing optional")
- commit 2e226ef
- blacklist.conf: ("ASoC: qcom: dt-bindings: lpass-va-macro: Update clock name")
- commit f62ea0a
- blacklist.conf: ("dt-bindings: phy: g12a-usb2-phy: fix compatible string documentation")
- commit 208b061
- blacklist.conf: ("dt-bindings: phy: g12a-usb3-pcie-phy: fix compatible string")
- commit 8a48b9d
- blacklist.conf: ("dt-bindings: msm: dsi-controller-main: Fix power-domain constraint")
- commit c5566b8
- blacklist.conf: ("dt-bindings: mmc: mtk-sd: Set clocks based on compatible")
- commit 53afd50
- blacklist.conf: ("dt-bindings: PCI: fu740-pci: fix missing clock-names")
- commit 6782e29
- blacklist.conf: ("dt-bindings: mailbox: fix the mpfs' reg property")
- commit bfd3dd0
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-usb: add missing qcom,sc7180-qmp-usb3-phy")
- commit f5485ba
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-usb: add missing child node schema")
- commit 582911b
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-ufs: add missing child node schema")
- commit 15f94b3
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-pcie: add missing child node schema")
- commit b698bb5
- blacklist.conf: ("dt-bindings: phy: qcom,msm8996-qmp-pcie: add missing child node")
- commit 357977a
- blacklist.conf: ("dt-bindings: hwmon: sparx5: use correct clock")
- commit 3cdd468
- blacklist.conf: ("dt-bindings: riscv: fix SiFive l2-cache's cache-sets")
- commit 6986322
- blacklist.conf: ("dt-bindings: arm: qcom: fix Longcheer L8150 compatibles")
- commit e170deb
- blacklist.conf: ("dt-bindings: remoteproc: mediatek: Make l1tcm reg exclusive to mt819x")
- commit 5f209c0
- blacklist.conf: ("dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group")
- commit 3a53ac7
- blacklist.conf: ("dt-bindings: mfd: samsung,exynos5433-lpass: Fix")
- commit 407acb7
- blacklist.conf: ("dt-bindings: net: snps: remove duplicate name")
- commit f7543e1
- blacklist.conf: ("dt-bindings: memory: mtk-smi: Correct minItems to 2 for the gals")
- commit 5970048
- blacklist.conf: ("dt-bindings: memory: mtk-smi: Rename clock to clocks")
- commit 96f85b3
- blacklist.conf: ("Revert "dt-bindings: pinctrl: bcm4708-pinmux: rework binding to use")
- commit 89b2a7f
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- commit 4e2227a
- RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes)
- commit c90aa66
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- commit 101e7e8
- RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes)
- commit 9b195ba
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- commit 8706619
- RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes)
- commit dda4cd3
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- commit 8a7e34d
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- commit babd9f3
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- commit a60c9b0
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- commit dd98c69
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- commit 1491654
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- commit 6714845
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- commit d4ad30e
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- commit 10645e8
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- commit c414cca
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- commit ffe591d
- qibfs: fix dentry leak (git-fixes)
- commit 610d1c4
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- commit 38a61b1
- RDMA/rxe: Fix the problem "mutex_destroy missing" (git-fixes)
- commit e67f56e
- blacklist.conf: Add unaffecting CVE
for branch-reachability CVE checker
- commit c6313c8
- powerpc/pseries/vio: Don't return ENODEV if node or compatible
missing (bsc#1220783).
- commit 1f4ad41
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- commit f8629fb
- 9p: explicitly deny setlease attempts (git-fixes).
- commit 87fc9de
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes).
- commit 5d62c08
- fs/9p: only translate RWX permissions for plain 9P2000
(git-fixes).
- commit 4c1bbf3
- blacklist.conf: Add reverted dmaengine commit entries
- commit c217056
- Bluetooth: qca: fix firmware check error path (git-fixes).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods
(git-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35
(stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation
(stable-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes
(git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values
(git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
(git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable()
(git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf
of GPIOR-T (git-fixes).
- clk: Don't hold prepare_lock when calling kref_put()
(stable-fixes).
- drm/nouveau/dp: Don't probe eDP ports twice harder
(stable-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpu: host1x: Do not setup DMA for virtual devices
(stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and
bottom half (stable-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order
(stable-fixes).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
(stable-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- commit 5c4ce2b
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(bsc#1224174 CVE-2024-27398).
- commit d55ff83
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- commit 2a3dbea
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks
(bsc#1223575).
- commit f1fed0b
- btrfs: fix silent failure when deleting root reference (git-fixes)
- commit f078eaa
- btrfs: add error messages to all unrecognized mount options (git-fixes)
- commit c636d84
- btrfs: repair super block num_devices automatically (git-fixes)
- commit 32923eb
- btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes)
- commit d70817a
- btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes)
- commit ff787e8
- btrfs: fix fallocate to use file_modified to update permissions consistently (git-fixes)
- commit b395410
- btrfs: extend locking to all space_info members accesses (git-fixes)
- commit 4332b8c
- btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes)
- commit 41ad45c
- btrfs: prevent copying too big compressed lzo segment (git-fixes)
- commit bc68d31
- blacklist.conf: btrfs: cleanup, unused variable removal
- commit f116b06
- btrfs: send: in case of IO error log it (git-fixes)
- commit ae97fc7
- btrfs: fix use-after-free after failure to create a snapshot (git-fixes)
- commit 83c095f
- btrfs: tree-checker: check item_size for dev_item (git-fixes)
- commit 8756aca
- btrfs: tree-checker: check item_size for inode_item (git-fixes)
- commit 23fe652
- btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes)
- commit a052f3d
- btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes)
- commit e0cc982
- btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes)
- commit 602c5bc
- btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes)
- commit cb7f515
- btrfs: free exchange changeset on failures (git-fixes)
- commit caf57c7
- blacklist.conf: btrfs: check-integrity not built
- commit ea24c09
- blacklist.conf: btrfs: cleanup, unused variable removal
- commit c0b042e
- blacklist.conf: btrfs: comment removal
- commit de4bb23
- platform/x86/intel-uncore-freq: Don't present root domain on
error (git-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting
key events (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: core: Report error if first mtd_otp_size() call fails in
mtd_otp_nvmem_add() (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain
(git-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video()
(git-fixes).
- media: mc: mark the media devnode as registered from the,
start (git-fixes).
- media: atomisp: ssh_css: Fix a null-pointer dereference in
load_video_binaries (git-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names
(git-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check
(git-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
(git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks
(git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards
(git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm
(git-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup
(git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed
(git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- Revert "drm/bridge: ti-sn65dsi83: Fix enable error path"
(git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original
mode pclk (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24
(git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format,
flags, connector (git-fixes).
- drm/panel: novatek-nt35950: Don't log an error when DSI host
can't be found (git-fixes).
- drm/bridge: dpc3433: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: tc358775: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: lt9611: Don't log an error when DSI host can't be
found (git-fixes).
- drm/bridge: lt8912b: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: icn6211: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: anx7625: Don't log an error when DSI host can't
be found (git-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference
(git-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amd/display: Fix potential index out of bounds in color
transformation function (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer
dereference (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates
(git-fixes).
- drm/panel: atna33xc20: Fix unbalanced regulator in the case
HPD doesn't assert (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware
(git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info()
(git-fixes).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: carl9170: add a proper sanity check for endpoints
(git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath10k: Fix an error code problem in
ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- wifi: ath11k: don't force enable power save on non-running vdevs
(git-fixes).
- wifi: ath10k: poll service ready message before failing
(git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated
(git-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
(git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property
(git-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of
PR_SCHED_CORE_GET (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request
(git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings
(git-fixes).
- Bluetooth: hci_sync: Avoid use-after-free in dbg for
hci_add_adv_monitor() (git-fixes).
- commit b58e70a
- drm/msm/dpu: Add mutex lock in control vblank irq (CVE-2023-52586 bsc#1221081).
- commit 29edf8b
- Move upstreamed patches into sorted section
- commit 5da5b18
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(bsc#1223626 CVE-2024-26930).
- commit dba3cc6
- Update
patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1218447 CVE-2023-6531 CVE-2023-52654 bsc#1224099).
- commit 659f245
- s390/cpum_cf: make crypto counters upward compatible across
machine types (bsc#1224346).
- commit 92b222a
- blacklist.conf: mfd fixes that break KABI and are not relevant
- commit dc96e9c
- net: usb: ax88179_178a: fix link status when link is set to
down/up (git-fixes).
- commit e11b05f
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- commit 3074ef8
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- commit 7392ae5
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- commit b6e5b9b
- powerpc/eeh: Use a goto for recovery failures (bsc#1223991
ltc#205740).
- powerpc/eeh: Small refactor of eeh_handle_normal_event()
(bsc#1223991 ltc#205740).
- Refresh patches.suse/powerpc-eeh-Set-channel-state-after-notifying-the-dr.patch
- commit de617cf
- powerpc/eeh: Permanently disable the removed device (bsc#1223991
ltc#205740).
- commit 2349f02
- iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes)
- commit 440eb05
- iomap: Support partial direct I/O on user copy failures (git-fixes)
- commit 0f43a22
- iomap: Fix inline extent handling in iomap_readpage (git-fixes)
- commit 61ce074
- net: openvswitch: Fix Use-After-Free in ovs_ct_exit (bsc#1224098
CVE-2024-27395).
- commit 9dd8826
- Refresh
patches.suse/powerpc-pseries-iommu-LPAR-panics-during-boot-up-wit.patch.
- Refresh
patches.suse/x86-boot-Ignore-relocations-in-.notes-sections-in-walk_rel.patch.
- commit 9696669
- net: gtp: Fix Use-After-Free in gtp_dellink (bsc#1224096
CVE-2024-27396).
- commit 3a088c1
- usb: dwc3: gadget: Fix NULL pointer dereference in
dwc3_gadget_suspend (bsc#1222561 CVE-2024-26715).
- commit a21446a
- usb: dwc3: Remove DWC3 locking during gadget suspend/resume
(bsc#1222561 CVE-2024-26715).
- Refresh
patches.suse/usb-dwc3-gadget-Improve-dwc3_gadget_suspend-and-dwc3.patch.
- commit a8e6e1a
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- commit 20c1915
- Bluetooth: hci_sync: Don't double print name in add/remove
adv_monitor (bsc#1216358).
- commit c312f28
- usb: ulpi: Fix debugfs directory leak (bsc#1223847
CVE-2024-26919).
- commit 97ae025
- xfs: fix exception caused by unexpected illegal bestcount in
leaf dir (git-fixes).
- commit 354440e
- xfs: Fix false ENOSPC when performing direct write on a delalloc
extent in cow fork (git-fixes).
- commit 09541ce
- xfs: fix inode reservation space for removing transaction
(git-fixes).
- commit 47013bd
- xfs: add missing cmap->br_state = XFS_EXT_NORM update
(git-fixes).
- commit 4d7f88f
- xfs: fix imprecise logic in xchk_btree_check_block_owner
(git-fixes).
- commit 0e818cc
- xfs: shrink failure needs to hold AGI buffer (git-fixes).
- commit 9c49a44
- sysv: don't call sb_bread() with pointers_lock held (git-fixes).
- commit 55f88f8
- jffs2: prevent xattr node from overflowing the eraseblock
(git-fixes).
- commit d6d35af
- nilfs2: fix out-of-range warning (git-fixes).
- commit 5e5e50a
- Update
patches.suse/usb-aqc111-check-packet-for-fixup-for-true-limit.patch
(bsc#1217169 CVE-2023-52655).
Added bugzilla ID and CVE
- commit a741c33
- Update
patches.suse/usb-aqc111-check-packet-for-fixup-for-true-limit.patch
(bsc#1217169 CVE-2023-52655).
Added bugzilla ID and CVE
- commit e177a81
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- commit df207bd
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- firewire: nosy: ensure user_length is taken into account when
fetching packet contents (CVE-2024-27401 bsc#1224181).
- commit c84510f
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- commit 262f224
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- commit 616144a
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- commit 7d4e374
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- commit 7ffe18f
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- commit 41270ad
- md: fix kmemleak of rdev->serial (CVE-2024-26900, bsc#1223046).
- commit 46303cd
- btrfs: send: ensure send_fd is writable (git-fixes)
- commit bb19617
- aoe: avoid potential deadlock at set_capacity (CVE-2024-26775,
bsc#1222627).
- commit 6e30008
- blacklist.conf: add 13f3956eb5681a4045a8dfdef48df5dc4d9f58a6 which
breaks KABI
- commit 61d5c73
- fail_function: fix wrong use of fei_attr_remove().
- commit fbd7566
- KVM: x86: Delete duplicate documentation for
KVM_X86_SET_MSR_FILTER (git-fixes).
- commit db41c1c
- blacklist.conf: pure cleanup
- commit 2720339
- blacklist.conf: relevant only without a config option we always set
- commit b3ed637
- locking/atomic: Make test_and_*_bit() ordered on failure
(git-fixes).
- commit 1d020ff
- blacklist.conf: not relevant in our build
- commit 09d07f3
- cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state
(git-fixes).
- commit 6a4baff
- nfs: fix UAF in direct writes (bsc#1223653 CVE-2024-26958).
- commit e54fcee
- drm/connector: Add \n to message about demoting connector
force-probes (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/amdkfd: don't allow mapping the MMIO HDP page with large
pages (git-fixes).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU
13.0.4/13.0.11 users (git-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- commit 0e34b53
- netfilter: nf_tables: mark set as dead when unbinding anonymous
set with timeout (bsc#1221829 CVE-2024-26643).
- commit cfcc70a
- x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).
- commit 1ace211
- mfd: intel-lpss: Revert "Add missing check for
platform_get_resource" (git-fixes).
- mfd: tqmx86: Specify IO port register range more precisely
(git-fixes).
- mfd: ti_am335x_tscadc: Support the correctly spelled DT property
(git-fixes).
- counter: stm32-timer-cnt: Provide defines for slave mode
selection (git-fixes).
- counter: stm32-lptimer-cnt: Provide defines for clock polarities
(git-fixes).
- commit 763351d
- block/rnbd-srv: Check for unlikely string overflow (bsc#1221615
CVE-2023-52618).
- commit 7417f1e
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us
(git-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a
spinlock (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete()
in ccp_raw_event() (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands
(git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
(git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id
(git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close()
(git-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(git-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- commit 9f11ba4
- Update
patches.suse/xen-netfront-Add-missing-skb_mark_for_recycle.patch
(git-fixes CVE-2024-27393 bsc#1224076).
- commit 80c2241
- kcm: do not sense pfmemalloc status in kcm_sendpage()
(git-fixes bsc#1223959)
- commit 99fbfaf
- net: do not sense pfmemalloc status in skb_append_pagefrags()
(git-fixes bsc#1223959)
- commit 08d0491
- net: introduce __skb_fill_page_desc_noacc
(git-fixes bsc#1223959)
- commit 4746bcf
- tcp: TX zerocopy should not sense pfmemalloc status
(CVE-2022-48689 bsc#1223959)
- commit 04462e7
- net: vmxnet3: Fix NULL pointer dereference in
vmxnet3_rq_rx_complete() (bsc#1223360).
- commit 7acf5e5
- Update
patches.suse/USB-core-Fix-deadlock-in-port-disable-sysfs-attribut.patch
(bsc#1223670 CVE-2024-26933).
- commit 00172be
- netfilter: nf_tables: clean up hook list when offload flags check fails
(CVE-2022-48691 bsc#1223961)
- commit 0430a1c
- netfilter: nf_tables: bail out early if hardware offload is not supported
(git-fixes bsc#1223961)
- commit faaa2c1
- Update
patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
(bsc#1223738 CVE-2024-27059).
Added CVE and bugzilla ID
- commit a7346fe
- drm/amdgpu: Reset IH OVERFLOW_CLEAR bit (bsc#1223207 CVE-2024-26915)
- commit 8adefb2
- Update
patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch
(bsc#1223140 CVE-2024-26877).
CVE and bugzilla id added
- commit 73d8093
- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes).
- Refresh patches.suse/x86-bugs-Fix-BHI-handling-of-RRSBA.patch.
- commit 2155e75
- x86/bugs: Fix BHI retpoline check (git-fixes).
- commit 54de3e2
- x86/bugs: Fix BHI handling of RRSBA (git-fixes).
- commit 7067d06
- x86/bugs: Fix BHI documentation (git-fixes).
- commit c9aeaed
- blacklist.conf: We don't have syscall hardening
- commit 22f583b
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
- commit 7152334
- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
- commit f36b29c
- Fix "drm/amd/display: Fix MST Null Ptr for RV" (CVE-2024-26700 bsc#1222870)
Attibute the patch to the correct bsc# and CVE numbers.
- commit ba486d5
- Update "drm/vmwgfx: Fix possible null pointer derefence with invalid contexts" (CVE-2024-26979 bsc#1223628)
- commit 2fa33a2
- Update
patches.suse/SUNRPC-fix-a-memleak-in-gss_import_v2_context.patch
(git-fixes bsc#1223858).
- commit 5cca6aa
- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
- commit 017ecd8
- Update
patches.suse/sched-debug-fix-dentry-leak-in-update_sched_domain_d.patch
(git-fixes CVE-2022-48699 bsc#1223996).
- commit 201a58f
- USB: core: Add hub_get() and hub_put() routines (git-fixes).
- commit 2f340e7
- btrfs: dev-replace: properly validate device names (CVE-2024-26791 bsc#1222793)
- commit 71c7afc
- Update
patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch
(bsc#1220267 bsc#1222976 CVE-2024-26840).
- commit a7d6da2
- Update patches.suse/aio-fix-mremap-after-fork-null-deref.patch
(git-fixes CVE-2023-52646 bsc#1223432).
- commit 2adb86a
- inet: read sk->sk_family once in inet_recv_error() (bsc#1222385
CVE-2024-26679).
- commit b5f1323
- USB: core: Fix access violation during port device removal
(git-fixes).
- commit 3a8cd11
- USB: core: Fix deadlock in port "disable" sysfs attribute
(git-fixes).
- commit 200e4b0
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- commit 49cc1c1
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
references (CVE-2024-26739 bsc#1222559, drop incorrect references).
- commit 892e634
- Update
patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
a4e7ccdac38e ("drm/i915: Move context management under GEM")
CVE-2022-48662 bsc#1223505).
- commit a7faced
- netfilter: nft_ct: fix l3num expectations with inet pseudo
family (git-fixes).
- commit 87e8a80
- Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
- commit 8f3269f
- Update
patches.suse/1576-drm-amd-display-fix-memory-leak-when-using-debugfs_l.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-48698 bsc#1223956).
- commit a0e3008
- Update patches.suse/ice-Fix-DMA-mappings-leak.patch (jsc#PED-376
CVE-2022-48690 bsc#1223960).
- commit 7e1bf3d
- Update
patches.suse/ALSA-emu10k1-Fix-out-of-bounds-access-in-snd_emu10k1.patch
(git-fixes CVE-2022-48702 bsc#1223923).
- Update
patches.suse/ALSA-usb-audio-Fix-an-out-of-bounds-bug-in-__snd_usb.patch
(git-fixes CVE-2022-48701 bsc#1223921).
- Update
patches.suse/RDMA-irdma-Fix-drain-SQ-hang-with-no-completion.patch
(jsc#SLE-18383 CVE-2022-48694 bsc#1223964).
- Update
patches.suse/RDMA-srp-Set-scmnd-result-only-when-scmnd-is-not-NUL.patch
(git-fixes CVE-2022-48692 bsc#1223962).
- Update
patches.suse/cgroup-Add-missing-cpus_read_lock-to-cgroup_attach_task_all.patch
(bsc#1196869 CVE-2022-48671 bsc#1223929).
- Update
patches.suse/drm-radeon-add-a-force-flush-to-delay-work-when-rade.patch
(git-fixes CVE-2022-48704 bsc#1223932).
- Update
patches.suse/i40e-Fix-kernel-crash-during-module-removal.patch
(jsc#SLE-18378 CVE-2022-48688 bsc#1223953).
- Update
patches.suse/ipv6-sr-fix-out-of-bounds-read-when-setting-HMAC-dat.patch
(bsc#1211592 CVE-2023-2860 CVE-2022-48687 bsc#1223952).
- Update
patches.suse/net-smc-Fix-possible-access-to-freed-memory-in-link-clear
(git-fixes CVE-2022-48673 bsc#1223934).
- Update
patches.suse/nvme-tcp-fix-uaf-when-detecting-digest-errors.patch
(bsc#1200313 bsc#1201489 CVE-2022-48686 bsc#1223948).
- Update patches.suse/nvmet-fix-a-use-after-free.patch (git-fixes
CVE-2022-48697 bsc#1223922).
- Update
patches.suse/of-fdt-fix-off-by-one-error-in-unflatten_dt_nodes.patch
(git-fixes CVE-2022-48672 bsc#1223931).
- Update
patches.suse/scsi-mpt3sas-Fix-use-after-free-warning.patch
(git-fixes CVE-2022-48695 bsc#1223941).
- Update
patches.suse/soc-brcmstb-pm-arm-Fix-refcount-leak-and-__iomem-lea.patch
(git-fixes CVE-2022-48693 bsc#1223963).
- Update
patches.suse/thermal-int340x_thermal-handle-data_vault-when-the-v.patch
(bsc#1201308 CVE-2022-48703 bsc#1223924).
- Update patches.suse/vfio-type1-Unpin-zero-pages.patch (git-fixes
CVE-2022-48700 bsc#1223957).
- commit c8677b5
- packet: annotate data-races around ignore_outgoing
(CVE-2024-26862 bsc#1223111).
- commit 6e591e7
- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
(CVE-2024-0639 bsc#1218917).
- commit 517d4f7
- Update
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(CVE-2022-48662 bsc#1223505).
Unbreak metadata (References: collides with our internal tracking,
switch to Fixes: when referencing a commit).
- commit cd38265
- netfilter: nft_ct: sanitize layer 3 and 4 protocol number in
custom expectations (bsc#1222368 CVE-2024-26673).
- commit 785b7d0
- igc: avoid returning frame twice in XDP_REDIRECT (bsc#1223061
CVE-2024-26853).
- commit 021db33
- net: sparx5: Fix use after free inside sparx5_del_mact_entry
(bsc#1223052 CVE-2024-26856).
- commit fc5c6ad
- fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993 bsc#1223693)
- commit b0c9830
- Update
patches.suse/IB-core-Fix-a-nested-dead-lock-as-part-of-ODP-flow.patch
(git-fixes CVE-2022-48675 bsc#1223894).
- Update
patches.suse/drm-gma500-Fix-BUG-sleeping-function-called-from-inv.patch
(git-fixes CVE-2022-48634 bsc#1223501).
- Update
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(CVE-2022-48662 bsc#1223505a4e7ccdac38e ("drm/i915: Move
context management under GEM") bsc#1223505).
- Update
patches.suse/i2c-mlxbf-prevent-stack-overflow-in-mlxbf_i2c_smbus_.patch
(git-fixes CVE-2022-48632 bsc#1223481).
- Update
patches.suse/ice-Fix-crash-by-keep-old-cfg-when-update-TCs-more-t.patch
(git-fixes CVE-2022-48652 bsc#1223520).
- Update
patches.suse/s390-dasd-fix-Oops-in-dasd_alias_get_start_dev-due-to-missing-pavgroup
(git-fixes CVE-2022-48636 bsc#1223512).
- commit 523501c
- blacklist.conf: add a not-relevant module-loader patch
- commit 90c64db
- ring-buffer: Only update pages_touched when a new page is
touched (git-fixes).
- commit b42aba1
- kprobes: Fix possible use-after-free issue on kprobe
registration (git-fixes).
- commit e007447
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page
in concurrent environment (git-fixes).
- commit 118cfcd
- tracing/net_sched: Fix tracepoints that save qdisc_dev()
as a string (git-fixes).
- commit a272f90
- tracing: Show size of requested perf buffer (git-fixes).
- commit f8d068b
- Bluetooth: Add new quirk for broken read key length on ATS2851
(git-fixes).
- commit 9ac913a
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE
(git-fixes).
- commit 83cd609
- fuse: don't unhash root (bsc#1223951).
- fuse: fix root lookup with nonzero generation (bsc#1223950).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal
(bsc#1223949).
- commit fdf9216
- RDMA/cm: Print the old state when cm_destroy_id gets timeout
(git-fixes).
- commit 9b2934b
- nouveau: lock the client object tree. (bsc#1223834 CVE-2024-27062)
- commit e828498
- drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
- commit 5647172
- drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (CVE-2024-27042 bsc#1223823).
- commit f41733d
- drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini() (CVE-2024-27041 bsc#1223714)
- commit ae6f7a9
- tun: limit printing rate when illegal packet received by tun
dev (bsc#1223745 CVE-2024-27013).
- net/mlx5e: Prevent deadlock while disabling aRFS (bsc#1223735
CVE-2024-27014).
- octeontx2-af: Use separate handlers for interrupts (bsc#1223790
CVE-2024-27030).
- wireguard: netlink: access device through ctx instead of peer
(bsc#1223661 CVE-2024-26950).
- wireguard: netlink: check for dangling peer via is_dead instead
of empty list (bsc#1223660 CVE-2024-26951).
- wireguard: receive: annotate data-race around
receiving_counter.counter (bsc#1223076 CVE-2024-26861).
- nfp: flower: handle acti_netdevs allocation failure (bsc#1223827
CVE-2024-27046).
- commit b495510
- drm/amd/display: Add a dc_state NULL check in dc_state_release (CVE-2024-26948 bsc#1223664)
- commit 211db77
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation
(git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- usb: typec: tcpm: Check for port partner validity before
consuming it (git-fixes).
- usb: typec: tcpm: unregister existing source caps before
re-registration (bsc#1220569).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual
SuperSpeed device (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup
packets (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic
(git-fixes).
- commit d9cff03
- pstore: inode: Only d_invalidate() is needed (bsc#1223705
CVE-2024-27389).
- commit bbe965a
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
(stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops
(stable-fixes).
- commit 86753e0
- ASoC: meson: axg-tdm-interface: manage formatters in trigger
(git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe
(git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of
device_get_named_child_node() (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events
(git-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move()
v2 (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers
in debugfs (git-fixes).
- commit 79c4a57
- wifi: iwlwifi: mvm: ensure offloading TID queue exists
(CVE-2024-27056 bsc#1223822).
- wifi: iwlwifi: mvm: protect TXQ list manipulation
(CVE-2024-27056 bsc#1223822).
- commit 5895d13
- media: edia: dvbdev: fix a use-after-free (CVE-2024-27043
bsc#1223824).
- commit e3d9ce5
- clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()
(CVE-2024-27039 bsc#1223821).
- commit 70ad74a
- clk: Fix clk_core_get NULL dereference (CVE-2024-27038
bsc#1223816).
- commit bcf8ce4
- Rename to
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch.
- commit e953a9a
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes
bsc#1223879).
- commit 1b0c7f2
- s390/mm: Fix storage key clearing for guest huge pages
(git-fixes bsc#1223878).
- commit fc57acc
- s390/mm: Fix clearing storage keys for huge pages (git-fixes
bsc#1223877).
- commit c73273d
- s390/vdso: Add CFI for RA register to asm macro vdso_func
(git-fixes bsc#1223876).
- commit 15b93ff
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes
bsc#1223875).
- commit c670b5d
- NTB: fix possible name leak in ntb_register_device()
(CVE-2023-52652 bsc#1223686).
- commit 206337a
- mm: swap: fix race between free_swap_and_cache() and swapoff()
(CVE-2024-26960 bsc#1223655).
- commit b6bee56
- swap: comments get_swap_device() with usage rule (CVE-2024-26960
bsc#1223655).
- commit 15510e4
- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
- commit 2ecdc0a
- clk: qcom: mmcc-msm8974: fix terminating of frequency table
arrays (CVE-2024-26965 bsc#1223648).
- commit 1dd34df
- clk: qcom: mmcc-apq8084: fix terminating of frequency table
arrays (CVE-2024-26966 bsc#1223646).
- commit a12a96e
- clk: qcom: gcc-ipq8074: fix terminating of frequency table
arrays (CVE-2024-26969 bsc#1223645).
- commit 8dca0be
- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
- commit f5401a7
- drm/bridge: adv7511: fix crash on irq during probe (CVE-2024-26876 bsc#1223119).
- commit baf14c5
- ipv6/addrconf: fix a potential refcount underflow for idev
(git-fixes).
- commit cdd225e
- net: fix skb leak in __skb_tstamp_tx() (git-fixes).
- commit 87fa6a6
- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp
(git-fixes).
- commit 77fb94f
- net: stream: purge sk_error_queue in sk_stream_kill_queues()
(git-fixes).
- commit cb9fa4c
- netfilter: br_netfilter: Drop dst references before setting
(git-fixes).
- commit 28508ef
- net: mld: fix reference count leak in mld_{query |
report}_work() (git-fixes).
- commit 389c7c7
- net: ipv6: ensure we call ipv6_mc_down() at most once
(git-fixes).
- commit e46b1a5
- net: fix a memleak when uncloning an skb dst and its metadata
(git-fixes).
- commit 9e895dd
- net: bridge: vlan: fix memory leak in __allowed_ingress
(git-fixes).
- commit 26122cb
- Update patches.suse/nfsd-use-__fput_sync-to-avoid-delayed-closing-of-fil.patch
(bsc#1223380 bsc#1217408 bsc#1223640).
- commit 48bb894
- netfilter: ipt_CLUSTERIP: fix refcount leak in
clusterip_tg_check() (git-fixes).
- commit 014c7bb
- net: vlan: fix underflow for the real_dev refcnt (git-fixes).
- commit f6e1f81
- x86/sev: Skip ROM range scans and validation for SEV-SNP guests
(jsc#PED-7167 git-fixes).
- Refresh
patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch.
- Refresh
patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch.
- commit 8eb012f
- x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit
type (jsc#PED-7167 git-fixes).
- commit 554f303
- Update
patches.suse/ext4-fix-bug-in-extents-parsing-when-eh_entries-0-an.patch
(bsc#1206881 bsc#1223475 CVE-2022-48631).
- commit 718df1c
- clk: qcom: gcc-ipq6018: fix terminating of frequency table
arrays (CVE-2024-26970 bsc#1223644).
- commit 0c0dddd
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
(stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails
(stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
(stable-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
(stable-fixes).
- serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
(git-fixes).
- serial: core: Provide port lock wrappers (stable-fixes).
- drm-print: add drm_dbg_driver to improve namespace symmetry
(stable-fixes).
- commit ac12ea7
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
(CVE-2024-26852 bsc#1223057)
- commit d89430d
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- commit 4bfffd4
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- commit 1d62037
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- commit 93fb4e2
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- commit 5fec238
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- commit 8f27cd5
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit d2d22f0
- s390/decompressor: fix misaligned symbol build error (git-fixes
bsc#1223785).
- commit 47fb728
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- commit c7b5bd6
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- commit a134662
- s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
- commit bb84f10
- kABI workaround for cec_adapter (CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid recursive cec_claim_log_addrs
(CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid confusing "transmit timed out" message
(CVE-2024-23848 bsc#1219104).
- media: cec: cec-api: add locking in cec_release()
(CVE-2024-23848 bsc#1219104).
- media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
(CVE-2024-23848 bsc#1219104).
- commit 70ecf73
- mm/slub: fix to return errno if kmalloc() fails (CVE-2022-48659
bsc#1223498).
- commit d72759d
- drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() (CVE-2023-52585 bsc#1221080).
- commit cde7c84
- bonding: fix NULL deref in bond_rr_gen_slave_id (bsc#1223499
CVE-2022-48640).
- commit 9f14266
- media: cec: abort if the current transmit was canceled
(CVE-2024-23848 bsc#1219104).
- commit e51b978
- Squashfs: check the inode number is not the invalid value of
zero (bsc#1223634 CVE-2024-26982).
- commit 8ad2647
- Update
patches.suse/ubifs-ubifs_symlink-Fix-memleak-of-inode-i_link-in-error-path.patch
(git-fixes CVE-2024-26972 bsc#1223643).
- commit c1d0983
- Update
patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
(git-fixes CVE-2024-26955 bsc#1223657).
- commit 59db655
- Update
patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
(git-fixes CVE-2024-26956 bsc#1223663).
- commit b968ba7
- Update patches.suse/nilfs2-fix-OOB-in-nilfs_set_de_type.patch
(git-fixes CVE-2024-26981 bsc#1223668).
- commit 7b2eba5
- ASoC: SOF: Add some bounds checking to firmware data
(CVE-2024-26927 bsc#1223525).
- commit 797ef67
- Update
patches.suse/gpio-mockup-fix-NULL-pointer-dereference-when-removi.patch
(git-fixes CVE-2022-48663 bsc#1223523).
- commit fb50f4d
- Update
patches.suse/cgroup-cgroup_get_from_id-must-check-the-looked-up-kn-is-a-directory.patch
(bsc#1203906 CVE-2022-48638 bsc#1223522).
- commit 1b1d545
- Update
patches.suse/sfc-fix-TX-channel-offset-when-using-legacy-interrup.patch
(git-fixes CVE-2022-48647 bsc#1223519).
- commit 2df3009
- Update
patches.suse/smb3-fix-temporary-data-corruption-in-insert-range.patch
(bsc#1193629 CVE-2022-48667 bsc#1223518).
- commit 2544640
- Update
patches.suse/bnxt-prevent-skb-UAF-after-handing-over-to-PTP-worke.patch
(jsc#SLE-18978 CVE-2022-48637 bsc#1223517).
- commit 8af9f52
- Update
patches.suse/smb3-fix-temporary-data-corruption-in-collapse-range.patch
(bsc#1193629 CVE-2022-48668 bsc#1223516).
- commit ea57df6
- drm/i915/gem: Really move i915_gem_context.link under ref
protection (CVE-2022-48662 bsc#1223505).
- commit 1ea0422
- Update
patches.suse/net-sched-taprio-avoid-disabling-offload-when-it-was.patch
(bsc#1207361 CVE-2022-48644 bsc#1223511).
- commit 32036dc
- Update
patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
jsc#PED-2849a4e7ccdac38e ("drm/i915: Move context management
under GEM") CVE-2022-48662 bsc#1223505).
- commit 16b0082
- netfilter: nf_tables: disallow timeout for anonymous sets
(CVE-2023-52620 bsc#1221825).
- commit 19a9222
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
(bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit a4b4019
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
(bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit ecd523c
- Update
patches.suse/sfc-fix-null-pointer-dereference-in-efx_hard_start_x.patch
(git-fixes CVE-2022-48648 bsc#1223503).
- commit 2cd307a
- Update
patches.suse/sfc-siena-fix-null-pointer-dereference-in-efx_hard_s.patch
(jsc#PED-1565 CVE-2022-48646 bsc#1223502).
- commit 54704c0
- Update
patches.suse/net-sched-fix-possible-refcount-leak-in-tc_new_tfilt.patch
(bsc#1207361 CVE-2022-48639 bsc#1223490).
- commit 1b88973
- Update
patches.suse/gpiolib-cdev-Set-lineevent_state-irq-after-IRQ-regis.patch
(git-fixes CVE-2022-48660 bsc#1223487).
- commit 30d7811
- Update
patches.suse/arm64-topology-fix-possible-overflow-in-amu_fie_setu.patch
(git-fixes CVE-2022-48657 bsc#1223484).
- commit d7e1659
- Update
patches.suse/netfilter-nfnetlink_osf-fix-possible-bogus-match-in-.patch
(bsc#1204614 CVE-2022-48654 bsc#1223482).
- commit a8a2952
- Update
patches.suse/dmaengine-ti-k3-udma-private-Fix-refcount-leak-bug-i.patch
(git-fixes CVE-2022-48656 bsc#1223479).
- commit 90546f3
- netfilter: nf_tables: fix percpu memory leak at
nf_tables_addchain() (bsc#1223478 CVE-2022-48642).
- commit 839888a
- blacklist.conf: code refactoring
- commit f72ed44
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
- commit 15c6bc2
- printk: Avoid non-panic CPUs writing to ringbuffer
(bsc#1223574).
- commit d14ad8e
- Update
patches.suse/ice-Don-t-double-unplug-aux-on-peer-initiated-reset.patch
(git-fixes CVE-2022-48653 bsc#1223474).
- commit dba84ad
- blacklist.conf: refactoring, not a fix
- commit ef0f94f
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
- commit ed11fe0
- printk: Disable passing console lock owner completely during
panic() (bsc#1223574).
- commit d98358d
- s390/zcrypt: fix reference counting on zcrypt card objects
(git-fixes bsc#1223595).
- commit 0483eb1
- Update
patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch
(git-fixes CVE-2024-26875 bsc#1223118).
- commit fd5a947
- printk: ringbuffer: Skip non-finalized records in panic
(bsc#1223574).
- commit c9df6e3
- printk: Wait for all reserved records with pr_flush()
(bsc#1223574).
- commit d04f93d
- Update
patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch
(git-fixes CVE-2024-26872 bsc#1223115).
- commit 66d99f5
- printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
- commit a92ce86
- printk: Add this_cpu_in_panic() (bsc#1223574).
- commit 0b039ad
- quota: Fix potential NULL pointer dereference (bsc#1223060
CVE-2024-26878).
- commit 93c484c
- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
(bsc#1223198 CVE-2024-26901).
- commit a397ff1
- blk-mq: fix IO hang from sbitmap wakeup race (bsc#1222357
CVE-2024-26671).
- commit 9908e06
- ext4: avoid allocating blocks from corrupted group in
ext4_mb_find_by_goal() (bsc#1222613 CVE-2024-26772).
- commit be73fd6
- printk: Rename abandon_console_lock_in_panic() to
other_cpu_in_panic() (bsc#1223574).
- commit 6336c25
- Update
patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
(bsc#1141539 git-fixes).
- commit 111a038
- printk: Drop console_sem during panic (bsc#1223574).
- commit 725427c
- clk: meson: Add missing clocks to axg_clk_regmaps
(CVE-2024-26879 bsc#1223066).
- commit 46eee50
- printk: ringbuffer: Clarify special lpos values (bsc#1223574).
- commit 0f13b5c
- printk: ringbuffer: Do not skip non-finalized records with
prb_next_seq() (bsc#1223574).
- commit 28b403a
- printk: ringbuffer: Improve prb_next_seq() performance
(bsc#1223574).
- commit 6a93375
- Update
patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch
(git-fixes CVE-2024-26820 bsc#1223078).
- commit d0bb689
- Update
patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch
(git-fixes CVE-2024-26825 bsc#1223065).
- commit 4685711
- wifi: wfx: fix memory leak when starting AP (CVE-2024-26896
bsc#1223042).
- commit f3e25cb
- Update
patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch
(git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056).
- commit f3895d7
- printk: Use prb_first_seq() as base for 32bit seq macros
(bsc#1223574).
- commit e3b59e0
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- commit 7e7615e
- printk: Adjust mapping for 32bit seq macros (bsc#1223574).
- commit 6dcabeb
- printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
- commit c13f8d3
- PM / devfreq: Fix buffer overflow in trans_stat_show
(CVE-2023-52614 bsc#1221617).
- commit 43b7d5b
- Update
patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch
(git-fixes CVE-2024-26891 bsc#1223037).
- commit 7b52ba2
- Update
patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch
(git-fixes CVE-2024-26833 bsc#1223036).
- commit 6c18411
- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
(bsc#1223513 CVE-2022-48651).
- commit c96a663
- net: hns3: fix kernel crash when 1588 is received on HIP08
devices (bsc#1223041 CVE-2024-26881).
- net: ice: Fix potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051 CVE-2024-26855).
- geneve: make sure to pull inner header in geneve_rx()
(bsc#1223058 CVE-2024-26857).
- ppp_async: limit MRU to 64K (bsc#1222379 CVE-2024-26675).
- commit 61a60e2
- Update
patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch
(git-fixes CVE-2024-26843 bsc#1223014).
- commit 3f9577f
- net: usb: ax88179_178a: stop lying about skb->truesize
(git-fixes).
- commit 416a90a
- Update
patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch
(git-fixes CVE-2024-26897 bsc#1223323).
- commit 938950f
- drm/amd/display: Fix MST Null Ptr for RV (CVE-2021-47200 bsc#1222838)
- commit 3d0cc91
- Update
patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch
(git-fixes CVE-2024-26895 bsc#1223197).
- commit 73cb93c
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (CVE-2024-26817 bsc#1222812)
- commit 5946a4f
- Update patches.suse/firmware-arm_scmi-Harden-accesses-to-the-reset-domai.patch (git-fixes CVE-2022-48655 bsc#1223477)
- commit 2dabafb
- mm: slub: fix flush_cpu_slab()/__free_slab() invocations in
task context (CVE-2022-48658 bsc#1223496).
- commit 3480d23
- firmware: arm_scmi: Fix double free in SMC transport cleanup
path (CVE-2024-26893 bsc#1223196).
- commit 689202d
- nfsd: use __fput_sync() to avoid delayed closing of files
(bsc#1223380 bsc#1217408).
- commit aa925bb
- Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)." (bsc#1223275)
This reverts commit b92b60703522e3531f77c5af2f34b4b165007b3a.
This commit was reverted upstream by commit 0ecff05e6c59dd82dbcb9706db911f7fd9f40fb8
with note:
ice_check_vf_ready_for_cfg() already contain waiting for reset.
New condition in ice_check_vf_ready_for_reset() causing only problems.
- commit 33e8bb2
- Sort recent BHI patches
- Refresh patches.suse/KVM-x86-Add-BHI_NO.patch.
- Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch.
- Refresh
patches.suse/x86-bhi-Add-support-for-clearing-branch-history-at-syscall.patch.
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- Refresh
patches.suse/x86-bhi-Enumerate-Branch-History-Injection-BHI-bug.patch.
- Refresh patches.suse/x86-bhi-Mitigate-KVM-by-default.patch.
- commit 065fb7d
- Update patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch
(jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
- commit 29ca2f7
- x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word (bsc#1217339 CVE-2024-2201).
- Refresh
patches.suse/x86-bhi-Add-support-for-clearing-branch-history-at-syscall.patch.
- Delete
patches.suse/x86-cpufeature-Add-missing-leaf-enumeration.patch.
- commit b2ddc32
- livepatch: Fix missing newline character in
klp_resolve_symbols() (bsc#1223539).
- commit ccf2afb
- blacklist.conf: cosmetic; kind of code documentation
- commit 6c8cbf7
- blacklist.conf: workqueue: prevent false circular dependency by lockdep,
code churn, primary useful when developing new code, lockdep is
disabled on production kernels (bsc#1223536)
- commit 6ab7164
- Update
patches.suse/spi-spi-zynqmp-gqspi-Handle-error-for-dma_set_mask.patch
(git-fixes CVE-2021-47047 bsc#1220761).
- commit 1f6461d
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
(CVE-2023-52616 bsc#1221612).
- commit 6fa74bc
- mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone
index (bsc#1222615 CVE-2024-26783).
- commit d2a6383
- mm/vmscan: make sure wakeup_kswapd with managed zone
(bsc#1223473).
- commit c954567
- x86/boot: Ignore relocations in .notes sections in walk_relocs() too (bsc#1222624 CVE-2024-26816).
- commit 9c9dbbd
- x86, relocs: Ignore relocations in .notes section (bsc#1222624 CVE-2024-26816).
- commit 9bcfc48
- hugetlb, userfaultfd: fix reservation restore on userfaultfd
error (bsc#1222710 CVE-2021-47214).
- commit 4a75d88
- drm/amdgpu: fix use-after-free bug (CVE-2024-26656 bsc#1222307)
- commit 2c0e8cb
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
(git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- idma64: Don't try to serve interrupts when device is powered
off (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions
(stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support
(stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product
(stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650
(stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models
(stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants
(stable-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume
(stable-fixes).
- thunderbolt: Fix wake configurations after device unplug
(stable-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb
ep transport error (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused
(git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- arm64: hibernate: Fix level3 translation fault in swsusp_save()
(git-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with
ALC269VC (stable-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/amd/display: Do not recursively call manual trigger
programming (stable-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11
(stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go
(stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support
(stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support
(stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages
(stable-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB
(stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct
(stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- clk: Print an info line before disabling unused clocks
(stable-fixes).
- drm/amdgpu: fix incorrect active rb bitmap for gfx11
(stable-fixes).
- clk: remove extra empty line (stable-fixes).
- clk: Mark 'all_lists' as const (stable-fixes).
- commit 2a4676e
- i40e: Fix VF MAC filter removal (git-fixes).
- commit 03f8d56
- mmc: sdhci-msm: pervent access to suspended controller
(git-fixes).
- fbdev: fix incorrect address computation in deferred IO
(git-fixes).
- wifi: nl80211: don't free NULL coalescing rule (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
(git-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new
one (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend
(git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports
(git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized
dev->devc (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow
(git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer
(git-fixes).
- commit eb0d29c
- blacklist.conf: Add 246f80a0b17f8 ("sh: push-switch: Reorder cleanup operations to avoid use-after-free bug")
- commit 701f2ea
- Update
patches.suse/aoe-fix-the-potential-use-after-free-problem-in-aoec.patch
(bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016).
- commit 5a56f33
- i40e: Do not allow untrusted VF to remove administratively
set MAC (git-fixes CVE-2024-26830 bsc#1223012).
- commit 67a5cff
- net: ip_tunnel: make sure to pull inner header in
ip_tunnel_rcv() (git-fixes CVE-2024-26882 bsc#1223034).
- commit 1915836
- PM / devfreq: Synchronize devfreq_monitor_[start/stop]
(CVE-2023-52635 bsc#1222294).
- commit 6f88f1b
- powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369
ltc#205888).
- powerpc/rtas: define pr_fmt and convert printk call sites
(bsc#1223369 ltc#205888).
- commit 13f68b5
- Update
patches.suse/Bluetooth-rfcomm-Fix-null-ptr-deref-in-rfcomm_check_.patch
(bsc#1219170 CVE-2024-22099 CVE-2024-26903 bsc#1223187).
- commit 1a4ee0a
- Renamepatches before cve/linux-5.14-LTSS
- commit 0b096bb
- PCI: rpaphp: Error out on busy status from get-sensor-state
(bsc#1223369 ltc#205888).
- commit f9716ef
- bpf: Fix stackmap overflow check on 32-bit arches (bsc#1223035
CVE-2024-26883).
- bpf: Fix hashtab overflow check on 32-bit arches (bsc#1223189
CVE-2024-26884).
- bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190 CVE-2024-26885).
- commit c435af8
- Update
patches.suse/scsi-target-pscsi-Fix-bio_put-for-error-case.patch
(bsc#1222596 cve-2024-26760), updating CVE number.
- commit 0b78c9a
- powerpc/kasan: Don't instrument non-maskable or raw interrupts
(bsc#1223191).
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
- Refresh patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
- commit 8a00767
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt
(bsc#1221645 ltc#205739 bsc#1223191).
- commit caf6e20
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood
(git-fixes).
- serial: mxs-auart: add spinlock around changing cts state
(git-fixes).
- Revert "usb: cdc-wdm: close race between read and workqueue"
(git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow
(git-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- commit 28e1f50
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- commit e92aa40
- blacklist.conf: We don't support FRED
- commit ce7dd35
- clk: Remove prepare_lock hold assertion in __clk_release()
(git-fixes).
- commit 7812d3f
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- commit 236cddf
- drm/panel: visionox-rm69299: don't unregister DSI device
(git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference
(git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- nouveau: fix instmem race condition around ptr stores
(git-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations
more clearly (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- commit d2ecf52
- pmdomain: mediatek: fix race conditions with genpd
(CVE-2023-52645 bsc#1223033).
- commit 9a65bfe
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call
(CVE-2024-26866 bsc#1223024).
- commit 1408e84
- spi: lpspi: Avoid potential use-after-free in probe()
(CVE-2024-26866 bsc#1223024).
- commit 233d8aa
- platform/x86: think-lmi: Fix password opcode ordering for
workstations (CVE-2024-26836 bsc#1222968).
- platform/x86: think-lmi: Enable opcode support on BIOS settings
(CVE-2024-26836 bsc#1222968).
- commit 13fd3e3
- net: usb: ax88179_178a: avoid writing the mac address before
first reading (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed()
(git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex
(stable-fixes).
- nouveau: fix function cast warning (git-fixes).
- Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316
(stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11
(stable-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure
(stable-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used
(stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are
active (git-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete()
(git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT
(git-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of
probe (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack
(stable-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn
establishes (stable-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
(stable-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not
attached (stable-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
changes (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode()
(stable-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
(stable-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms
(stable-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and
MM0110113M (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product
(stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100
(stable-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
(stable-fixes).
- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
(git-fixes).
- phy: tegra: xusb: Add API to retrieve the port number of phy
(stable-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is
defined (stable-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible
(stable-fixes).
- ahci: asm1064: asm1166: don't limit reported ports (git-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for
"phys" fails (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: cec: core: remove length check of Timer Status
(stable-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets
as data block counter (stable-fixes).
- Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle
by default" (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant
of the Chuwi Vi8 tablet (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle
(stable-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided
IDs (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini
(stable-fixes).
- drm/vc4: don't check if plane->state->fb == state->fb
(stable-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version
(stable-fixes).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan()
(stable-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read
(stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- Documentation: Add missing documentation for EXPORT_OP flags
(stable-fixes).
- HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running
(stable-fixes).
- docs: Document the FAN_FS_ERROR event (stable-fixes).
- commit 5f4b68d
- Update
patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch
(git-fixes CVE-2024-26798 bsc#1222798).
- commit 3f5154a
- Update
patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
(bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
- Update
patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch
(bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
(CVE-2024-26733 bsc#1222585 CVE-2024-26739 bsc#1222559).
- commit ac0df3e
- Update
patches.suse/ALSA-gus-fix-null-pointer-dereference-on-pointer-blo.patch
(git-fixes CVE-2021-47207 bsc#1222790).
- Update
patches.suse/ALSA-usb-audio-fix-null-pointer-dereference-on-point.patch
(bsc#1192354 CVE-2021-47211 bsc#1222869).
- Update
patches.suse/RDMA-core-Set-send-and-receive-CQ-before-forwarding-.patch
(jsc#SLE-19249 CVE-2021-47196 bsc#1222773).
- Update
patches.suse/arm64-dts-qcom-msm8998-Fix-CPU-L2-idle-state-latency.patch
(git-fixes CVE-2021-47187 bsc#1222703).
- Update
patches.suse/cfg80211-call-cfg80211_stop_ap-when-switch-from-P2P_.patch
(git-fixes CVE-2021-47194 bsc#1222829).
- Update
patches.suse/clk-sunxi-ng-Unregister-clocks-resets-when-unbinding.patch
(git-fixes CVE-2021-47205 bsc#1222888).
- Update
patches.suse/drm-prime-Fix-use-after-free-in-mmap-with-drm_gem_tt.patch
(git-fixes CVE-2021-47200 bsc#1222838).
- Update
patches.suse/i40e-Fix-NULL-ptr-dereference-on-VSI-filter-sync.patch
(jsc#SLE-18378 CVE-2021-47184 bsc#1222666).
- Update
patches.suse/iavf-free-q_vectors-before-queues-in-iavf_disable_vf.patch
(jsc#SLE-18385 CVE-2021-47201 bsc#1222792).
- Update
patches.suse/msft-hv-2480-x86-hyperv-Fix-NULL-deref-in-set_hv_tscchange_cb-if-.patch
(git-fixes CVE-2021-47217 bsc#1222836).
- Update
patches.suse/net-dpaa2-eth-fix-use-after-free-in-dpaa2_eth_remove.patch
(git-fixes CVE-2021-47204 bsc#1222787).
- Update
patches.suse/net-mlx5-Update-error-handler-for-UCTX-and-UMEM.patch
(jsc#SLE-19253 CVE-2021-47212 bsc#1222709).
- Update
patches.suse/net-mlx5e-CT-Fix-multiple-allocations-and-memleak-of.patch
(jsc#SLE-19253 CVE-2021-47199 bsc#1222785).
- Update
patches.suse/net-mlx5e-kTLS-Fix-crash-in-RX-resync-flow.patch
(jsc#SLE-19253 CVE-2021-47215 bsc#1222704).
- Update
patches.suse/net-mlx5e-nullify-cq-dbg-pointer-in-mlx5_debug_cq_re.patch
(jsc#SLE-19253 CVE-2021-47197 bsc#1222776).
- Update
patches.suse/sched-fair-Prevent-dead-task-groups-from-regaining-cfs_rq-s.patch
(bsc#1192837 CVE-2021-47209 bsc#1222796).
- Update patches.suse/scsi-advansys-Fix-kernel-pointer-leak.patch
(git-fixes CVE-2021-47216 bsc#1222876).
- Update
patches.suse/scsi-core-sysfs-Fix-hang-when-device-state-is-set-via-sysfs
(git-fixes CVE-2021-47192 bsc#1222867).
- Update
patches.suse/scsi-lpfc-Fix-list_add-corruption-in-lpfc_drain_txq.patch
(bsc#1190576 CVE-2021-47203 bsc#1222881).
- Update
patches.suse/scsi-lpfc-Fix-use-after-free-in-lpfc_unreg_rpi-routi.patch
(bsc#1192145 CVE-2021-47198 bsc#1222883).
- Update
patches.suse/scsi-pm80xx-Fix-memory-leak-during-rmmod.patch
(git-fixes CVE-2021-47193 bsc#1222879).
- Update
patches.suse/scsi-scsi_debug-Fix-out-of-bound-read-in-resp_readcap16.patch
(git-fixes CVE-2021-47191 bsc#1222866).
- Update
patches.suse/scsi-scsi_debug-Fix-out-of-bound-read-in-resp_report_tgtpgs.patch
(git-fixes CVE-2021-47219 bsc#1222824).
- Update patches.suse/scsi-ufs-core-Improve-SCSI-abort-handling
(git-fixes CVE-2021-47188 bsc#1222671).
- Update
patches.suse/selinux-fix-NULL-pointer-dereference-when-hashtab-al.patch
(git-fixes CVE-2021-47218 bsc#1222791).
- Update
patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch
(stable-5.14.21 CVE-2021-47202 bsc#1222878).
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185 bsc#1222669).
- Update
patches.suse/usb-host-ohci-tmio-check-return-value-after-calling-.patch
(git-fixes CVE-2021-47206 bsc#1222894).
- Update
patches.suse/usb-typec-tipd-Remove-WARN_ON-in-tps6598x_block_read.patch
(git-fixes CVE-2021-47210 bsc#1222901).
- commit 48b69db
- iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
(git-fixes).
- Refresh
patches.suse/coresight-etm-Override-TRCIDR3.CCITMIN-on-errata-affected-cpus.patch.
- commit d93f0f0
- Update
patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
(git-fixes CVE-2024-26779 bsc#1222772).
- commit c8c8675
- wifi: wfx: fix possible NULL pointer dereference in
wfx_set_mfp_ap() (CVE-2023-52593 bsc#1221042).
- commit 846e85e
- iommu/mediatek: Flush IOTLB completely only if domain has
been attached (git-fixes).
- commit 623c929
- media: rkisp1: Fix IRQ disable race issue (CVE-2023-52589
bsc#1221084).
- commit e4627b0
- iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
- commit b3bdbef
- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424)
- commit 9b2027c
- iommu/amd: Don't block updates to GATag if guest mode is on
(git-fixes).
- commit 9ffdfc7
- iommu/rockchip: Fix unwind goto issue (git-fixes).
- commit c8c9239
- wifi: iwlwifi: fix a memory corruption (CVE-2024-26610
bsc#1221299).
- commit e7967c5
- iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
- commit 6d1aa27
- iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c
(git-fixes).
- commit 452d862
- iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
(git-fixes).
- commit 161366f
- x86/xen: add CPU dependencies for 32-bit build (git-fixes).
- commit b3ada40
- xen/events: close evtchn after mapping cleanup (CVE-2024-26687,
bsc#1222435).
- commit eb41ab9
- xen/xenbus: document will_handle argument for
xenbus_watch_path() (git-fixes).
- commit c749895
- blacklist.conf: Append 'drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()''
- commit f765ec7
- Update patches.suse/arp-Prevent-overflow-in-arp_req_get.patch
- fix build warning
- commit b98055d
- blacklist.conf: Append 'drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()''
- commit 182dade
- ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
- libceph: init the cursor when preparing sparse read in msgr2
(bsc#1222247 CVE-2023-52636).
- ceph: switch to corrected encoding of max_xattr_size in mdsmap
(bsc#1223067).
- libceph: just wait for more data to be available on the socket
(bsc#1222247 CVE-2023-52636).
- libceph: rename read_sparse_msg_*() to
read_partial_sparse_msg_*() (bsc#1222247 CVE-2023-52636).
- commit c683288
- serial: sc16is7xx: convert from _raw_ to _noinc_ regmap
functions for FIFO (bsc#1221162 CVE-2023-52488).
- commit 0ac4803
- iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
- commit aa65491
- Refresh patches.kabi/kabi-allow-extra-bugints.patch. (bsc#1222952)
- commit a04a1a9
- iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
configuration in IRTE (git-fixes).
- commit 9b574c1
- afs: Fix endless loop in directory parsing (bsc#1223030
CVE-2024-26848).
- commit 38522d0
- iommu/vt-d: Allow zero SAGAW if second-stage not supported
(git-fixes).
- commit 9bb9de0
- ext4: regenerate buddy after block freeing failed if under fc
replay (bsc#1220342 CVE-2024-26601).
- commit c12e20f
- iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
- commit f532194
- iommu/amd: Add a length limitation for the ivrs_acpihid
command-line parameter (git-fixes).
- commit 8f23b5e
- x86/xen: fix percpu vcpu_info allocation (git-fixes).
- commit 87554ac
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- commit 6fc55b4
- blacklist.conf: Blacklist 83e80a6e3543f3
- commit 62a580e
- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
(bsc#1222721 CVE-2024-26764).
- commit b81d662
- fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via
libaio (bsc#1222721 CVE-2024-26764).
- commit 6f0ed6e
- ext4: avoid allocating blocks from corrupted group in
ext4_mb_try_best_found() (bsc#1222618 CVE-2024-26773).
- commit 821043d
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- commit 78b0780
- xen-netback: properly sync TX responses (git-fixes).
- commit b347f75
- xen/gntdev: Fix the abuse of underlying struct page in DMA-buf
import (git-fixes).
- commit 78d5534
- Update patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch (stable-5.14.21 CVE-2021-47202 bsc#1222878)
- commit 9b2ed28
- drm/amd/display: Implement bounds check for stream encoder creation (bsc#1222266 CVE-2024-26660)
- commit 3a8faf0
- iommu/amd: Fix error handling for pdev_pri_ats_enable()
(git-fixes).
- commit 9598a5a
- Update
patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch
(bsc#1222609 CVE-2024-26747).
Added CVE reference
- commit c356fce
- iommu/vt-d: Fix error handling in sva enable/disable paths
(git-fixes).
- commit a7d0d80
- iommu/iova: Fix alloc iova overflows issue (git-fixes).
- commit 997077c
- iommu/vt-d: Allocate local memory for page request queue
(git-fixes).
- commit 29949ff
- powerpc/pseries/iommu: LPAR panics when rebooted with a frozen
PE (bsc#1222011 ltc#205900).
- commit 92932bc
- Update references in
patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch
(bsc#1221044 bsc#1221088 CVE-2023-52591 CVE-2023-52590).
- commit 6a6852e
- Update patches.suse/spi-fix-use-after-free-of-the-add_lock-mutex.patch (git-fixes CVE-2021-47195 bsc#1222832)
- commit e8d48f1
- mm/vmalloc: huge vmalloc backing pages should be split rather
than compound (bsc#1217829).
- commit 539be83
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
(bsc#1222630 CVE-2024-26805).
- commit 62396b0
- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (bsc#1222726 CVE-2024-26766)
- commit dc4bba0
- spi: cadence-qspi: fix pointer reference in runtime PM hooks (CVE-2024-26807 bsc#1222801)
- commit 4dd5f9f
- Update
patches.suse/nvmet-fc-avoid-deadlock-on-delete-association-path.patch
(git-fixes CVE-2024-26769 bsc#1222727).
- commit fb3505a
- Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch
(git-fixes bsc#1222449 CVE-2024-26744)
- Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch
(git-fixes bsc#1222677 CVE-2024-26743)
- Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch
(git-fixes bsc#1222726 CVE-2024-26766)
- commit c5a8a5e
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- commit 1af9c1e
- NFS: avoid spurious warning of lost lock that is being unlocked
(bsc#1221791).
- commit 1efde72
- gtp: fix use-after-free and null-ptr-deref in
gtp_genl_dump_pdp() (bsc#1222428 CVE-2024-26793 bsc#1222632
CVE-2024-26754).
- commit eebe79d
- Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781)
- commit 3445a30
- Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784)
- commit fa581a2
- Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764)
- commit 97121f5
- iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. (CVE-2023-52627 bsc#1222051)
- commit e5bef1f
- dm: don't lock fs when the map is NULL during suspend or resume
(git-fixes).
- commit 78ef342
- blacklist.conf: add a commit for bcache typo fix.
- commit 22e6069
- dm integrity: fix out-of-range warning (git-fixes).
- dm: call the resume method on internal suspend (git-fixes).
- dm raid: fix false positive for requeue needed during reshape
(git-fixes).
- dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes).
- md: don't clear MD_RECOVERY_FROZEN for new dm-raid until resume
(git-fixes).
- md/raid1: fix choose next idle in read_balance() (git-fixes).
- md: Don't clear MD_CLOSING when the raid is about to stop
(git-fixes).
- dm-verity, dm-crypt: align "struct bvec_iter" correctly
(git-fixes).
- dm-crypt: don't modify the data when using authenticated
encryption (bsc#1222720, CVE-2024-26763).
- dm-crypt, dm-verity: disable tasklets (bsc#1222416, CVE-2024-26718).
- dm-integrity: don't modify bio's immutable bio_vec in
integrity_metadata() (git-fixes).
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
- dm-verity: align struct dm_verity_fec_io properly (git-fixes).
- dm verity: don't perform FEC for failed readahead IO
(git-fixes).
- bcache: avoid NULL checking to c->root in run_cache_set()
(git-fixes).
- bcache: add code comments for bch_btree_node_get() and
__bch_btree_node_alloc() (git-fixes).
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
btree_gc_coalesce() (git-fixes).
- bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up
race (git-fixes).
- bcache: fixup lock c->root error (git-fixes).
- bcache: fixup init dirty data errors (git-fixes).
- bcache: prevent potential division by zero error (git-fixes).
- bcache: remove redundant assignment to variable cur_idx
(git-fixes).
- bcache: check return value from btree_node_alloc_replacement()
(git-fixes).
- bcache: avoid oversize memory allocation by small stripe_size
(git-fixes).
- dm-delay: fix a race between delay_presuspend and delay_bio
(git-fixes).
- nd_btt: Make BTT lanes preemptible (git-fixes).
- libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and
check its return value (git-fixes).
- dm zoned: free dmz->ddev array in dmz_put_zoned_devices
(git-fixes).
- nvdimm: Fix dereference after free in register_nvdimm_pmu()
(git-fixes).
- nvdimm: Fix memleak of pmu attr_groups in
unregister_nvdimm_pmu() (git-fixes).
- dm cache policy smq: ensure IO doesn't prevent cleaner policy
progress (git-fixes).
- dm raid: clean up four equivalent goto tags in raid_ctr()
(git-fixes).
- dm raid: fix missing reconfig_mutex unlock in raid_ctr()
error paths (git-fixes).
- dm integrity: reduce vmalloc space footprint on 32-bit
architectures (git-fixes).
- dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client
(git-fixes).
- bcache: fixup btree_cache_wait list damage (git-fixes).
- bcache: Fix __bch_btree_node_alloc to make the failure behavior
consistent (git-fixes).
- bcache: Remove unnecessary NULL point check in node allocations
(git-fixes).
- bcache: Remove dead references to cache_readaheads (git-fixes).
- dm thin metadata: check fail_io before using data_sm
(git-fixes).
- dm: don't lock fs when the map is NULL in process of resume
(git-fixes).
- dm flakey: fix a crash with invalid table line (git-fixes).
- dm integrity: call kmem_cache_destroy() in dm_integrity_init()
error path (git-fixes).
- dm clone: call kmem_cache_destroy() in dm_clone_init() error
path (git-fixes).
- dm verity: fix error handling for check_at_most_once on FEC
(git-fixes).
- dm stats: check for and propagate alloc_percpu failure
(git-fixes).
- dm crypt: avoid accessing uninitialized tasklet (git-fixes).
- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
- commit 876bda1
- dm thin: fix deadlock when swapping to thin device
(bsc#1177529).
- Use above upstream patch, delete in-house patch,
patches.suse/Avoid-deadlock-for-recursive-I-O-on-dm-thin-when-used-as-swap-4905.patch.
- commit f651b2e
- dm cache: add cond_resched() to various workqueue loops
(git-fixes).
- dm thin: add cond_resched() to various workqueue loops
(git-fixes).
- dm: add cond_resched() to dm_wq_work() (git-fixes).
- dm: remove flush_scheduled_work() during local_exit()
(git-fixes).
- dm: send just one event on resize, not two (git-fixes).
- dm flakey: fix logic when corrupting a bio (git-fixes).
- dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
- dm flakey: don't corrupt the zero page (git-fixes).
- dm init: add dm-mod.waitfor to wait for asynchronously probed
block devices (git-fixes).
- libnvdimm/region: Allow setting align attribute on regions
without mappings (git-fixes).
- bcache:: fix repeated words in comments (git-fixes).
- bcache: bset: Fix comment typos (git-fixes).
- bcache: remove unused bch_mark_cache_readahead function def
in stats.h (git-fixes).
- bcache: remove unnecessary flush_workqueue (git-fixes).
- nvdimm/namespace: drop nested variable in
create_namespace_pmem() (git-fixes).
- bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous
device registration' (git-fixes).
- nvdimm: Fix badblocks clear off-by-one error (git-fixes).
- nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
- nvdimm: Allow overwrite in the presence of disabled dimms
(git-fixes).
- bcache: use default_groups in kobj_type (git-fixes).
- bcache: fixup bcache_dev_sectors_dirty_add() multithreaded
CPU false sharing (git-fixes).
- bcache: use bvec_kmap_local in bio_csum (git-fixes).
- bcache: fix NULL pointer reference in cached_dev_detach_finish
(git-fixes).
- bcache: replace snprintf in show functions with sysfs_emit
(git-fixes).
- bcache: move uapi header bcache.h to bcache code directory
(git-fixes).
- bcache: remove bch_crc64_update (git-fixes).
- bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
- commit fd7b7d9
- bcache: remove the backing_dev_name field from struct cached_dev
(git-fixes).
- Rebased for the above change,
patches.suse/0017-bcache-avoid-unnecessary-soft-lockup-in-kworker-upda.patch.
- commit fddbf12
- bcache: remove the cache_dev_name field from struct cache
(git-fixes).
- bcache: move calc_cached_dev_sectors to proper place on backing
device detach (git-fixes).
- bcache: fix error info in register_bcache() (git-fixes).
- commit b239072
- scsi: target: pscsi: Fix bio_put() for error case (bsc#1222596
cve-2024-267600).
- commit 54b96d8
- arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as (CVE-2023-52561 bsc#1220935)
- commit 003c2c9
- selftests/bpf: Test racing between bpf_timer_cancel_and_free
and bpf_timer_cancel (bsc#1222557 CVE-2024-26737).
- bpf: Fix racing between bpf_timer_cancel_and_free and
bpf_timer_cancel (bsc#1222557 CVE-2024-26737).
- commit 141641a
- iio: adc: ad7091r: Allow users to configure device events (CVE-2023-52627 bsc#1222051)
- commit 4afaad3
- ARM: ep93xx: Add terminator to gpiod_lookup_table (CVE-2024-26751 bsc#1222724)
- commit 9f7da20
- Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610)
- commit fb21423
- Update
patches.suse/btrfs-fix-memory-ordering-between-normal-and-ordered-work-functions.patch
(git-fixes CVE-2021-47189 bsc#1222706).
- commit 95bc72d
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
Properly check whether the feature we are patching in the alternatives
is a feature or a bug. This was broken because in apply_alternative()
boot_cpu_has is used and if we have an alternative that depends on a bug
bit (such as X86_BUG_SYSRET_SS_ATTRS) the boot_cpu_has will erroneously
check if this bit is set in the feature ints rather than the bug ints.
While at it ensure that static_cpu_has isn't called with extended
bugs features as those aren't supported right now.
- commit 793068f
- Refresh
patches.kabi/PCI-Add-locking-to-RMW-PCI-Express-Capability-Regist.patch.
Drop a bogus hunk. It was introduced by mistake.
Fixes: acf0d9920aee
- commit 3a754ef
- Update
patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch
(git-fixes CVE-2024-26749 bsc#1222680).
- commit 515d996
- Update
patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch
(bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678).
- commit 3731b61
- blacklist.conf: Add f7ec1cd5cc7e getrusage: use sig->stats_lock rather than lock_task_sighand()
and its prereqs
- commit 0650209
- tee: amdtee: fix use-after-free vulnerability in
amdtee_close_session (bsc#1220915 CVE-2023-52503).
- commit 926b64b
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- Delete
patches.suse/RAS-AMD-FMPM-Fix-build-when-debugfs-is-not-enabled.patch.
- commit bf0e61f
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185).
- commit de9e1db
- Update
patches.suse/scsi-lpfc-Fix-link-down-processing-to-address-NULL-p.patch
(bsc#1192145 CVE-2021-47183 bsc#1222664).
- commit 720685d
- blacklist.conf: Add d9b3ce8769e3 mm: writeback: ratelimit stat flush from mem_cgroup_wb_stats
- commit 3201b4c
- Update
patches.suse/scsi-core-Fix-scsi_mode_sense-buffer-length-handling.patch
(git-fixes CVE-2021-47182 bsc#1222662).
- commit 641c737
- Update
patches.suse/usb-musb-tusb6010-check-return-value-after-calling-p.patch
(git-fixes CVE-2021-47181 bsc#1222660).
- commit 27da195
- ceph: prevent use-after-free in encode_cap_msg() (CVE-2024-26689
bsc#1222503).
- commit c307f9b
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
(bsc#1222619).
- commit 3d3186c
- PCI/PM: Drain runtime-idle callbacks before driver removal
(git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
(git-fixes).
- PCI/AER: Block runtime suspend when handling errors (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
(git-fixes).
- PCI/DPC: Quirk PIO log size for certain Intel Root Ports
(git-fixes).
- Refresh
patches.suse/PCI-Lengthen-reset-delay-for-VideoPropulsion-Torrent.patch.
- PCI: Drop pci_device_remove() test of pci_dev->driver
(git-fixes).
- commit 1625155
- arp: Prevent overflow in arp_req_get() (CVE-2024-26733
bsc#1222585).
- commit aed9764
- net/sched: act_mirred: don't override retval if we already
lost the skb (CVE-2024-26733 bsc#1222585).
- commit 57213f3
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- commit aa158b4
- kprobes: Fix double free of kretprobe_holder (bsc#1220901).
- commit 7ab1530
- Update
patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch
(git-fixes CVE-2024-26736 bsc#1222586).
- commit 95b873b
- Update
patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch
(bsc#1219126 CVE-2024-23850 CVE-2024-26727 bsc#1222536).
- commit 9619dfe
- Update
patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes.patch
(git-fixes CVE-2024-26697 bsc#1222550).
- commit a10bcda
- nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
(bsc#1222549 CVE-2024-26696).
- commit b7a4096
- Update
patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch
(git-fixes CVE-2024-26722 bsc#1222520).
- commit 227851b
- blacklist.conf: kABI
- commit b7c2dcf
- blacklist.conf: kABI
- commit 4fed026
- blacklist.conf: kABI
- commit 9643918
- ring-buffer: Make wake once of ring_buffer_wait() more robust
(git-fixes).
- commit 9369b70
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- commit 0c26abb
- ext4: fix double-free of blocks due to wrong extents moved_len
(bsc#1222422 CVE-2024-26704).
- commit 4e96ad3
- net: stmmac: xgmac: use #define for string constants
(bsc#1222445 CVE-2024-26684).
- net: stmmac: xgmac: fix a typo of register name in DPP safety
handling (bsc#1222445 CVE-2024-26684).
- commit d142965
- netdevsim: avoid potential loop in nsim_dev_trap_report_work()
(git-fixes CVE-2024-26681 bsc#1222431).
- commit 6e625f6
- References update
- commit e2989ce
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit 4edf006
- net: stmmac: xgmac: fix handling of DPP safety error for DMA
channels (bsc#1222445 CVE-2024-26684).
- commit f5bac1a
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
(bsc#1222428 CVE-2024-26793).
- net: atlantic: Fix DMA mapping for PTP hwts ring (bsc#1222427
CVE-2024-26680).
- commit 8477f57
- ring-buffer: Use wait_event_interruptible() in
ring_buffer_wait() (git-fixes).
- commit a852b18
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- commit a44bf56
- ring-buffer: Do not set shortest_full when full target is hit
(git-fixes).
- commit 4381c01
- tracing: Use .flush() call to wake up readers (git-fixes).
- commit d993c13
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- commit 966f555
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- commit 676cf24
- tracing: Remove precision vsnprintf() check from print event
(git-fixes).
- commit 6b7c133
- tracing: Have saved_cmdlines arrays all in one allocation
(git-fixes).
- commit 49f31e7
- blacklist.conf: We don't have annotate_noendbr in this kernel
So shut up the warning.
- commit f6d75ac
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
- commit eb744cd
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit fe3c052
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit aa8204a
- nilfs2: fix potential bug in end_buffer_async_write (bsc#1222437
CVE-2024-26685).
- commit dafe6fe
- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
CVE-2023-52591).
- commit a849be1
- blacklist.conf: kABI
- commit 94d8026
- net: usb: ax88179_178a: avoid the interface always configured
as random address (git-fixes).
- commit c53377c
- pci_iounmap(): Fix MMIO mapping leak (git-fixes).
- commit 629693d
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- Drivers: hv: vmbus: Calculate ring buffer size for more
efficient use of memory (git-fixes).
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER
missed (git-fixes).
- hv_netvsc: Fix race condition between netvsc_probe and
netvsc_remove (git-fixes).
- scsi: storvsc: Fix ring buffer size calculation (git-fixes).
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not
4 Kbytes (git-fixes).
- commit 82617ea
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- commit 22061fc
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- commit a61527a
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card")
- commit 4b90502
- arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes)
- commit b828266
- blacklist.conf: add a couple of PCI git-fixes
- commit 37743ca
- ata: sata_mv: Fix PCI device ID table declaration compilation
warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
(git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling
(git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
(git-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support
headset with microphone (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the
CCS (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- commit 56ef24f
- scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
cve-2023-52500).
- commit fc88013
- KVM: x86: Add BHI_NO (bsc#1217339 CVE-2024-2201).
- commit c0e1ffe
- Update
patches.suse/ALSA-sh-aica-reorder-cleanup-operations-to-avoid-UAF.patch
(git-fixes CVE-2024-26654 bsc#1222304).
- Update
patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch
(git-fixes CVE-2024-26717 bsc#1222360).
- Update
patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch
(bsc#1219443 CVE-2024-26670 bsc#1222356).
- Update
patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch
(git-fixes CVE-2024-26695 bsc#1222373).
- Update
patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch
(git-fixes CVE-2024-26667 bsc#1222331).
- Update
patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch
(git-fixes CVE-2024-26664 bsc#1222355).
- Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch
(bsc#1218968 CVE-2024-26629 bsc#1221379).
- Update
patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch
(git-fixes CVE-2024-26599 bsc#1220365).
- Update
patches.suse/sched-membarrier-reduce-the-ability-to-hammer-on-sys.patch
(git-fixes bsc1220398 CVE-2024-26602 bsc#1220398).
- Update
patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch
(git-fixes CVE-2024-26627 bsc#1221090).
- Update
patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch
(git-fixes CVE-2024-26651 bsc#1221337).
- Update
patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch
(git-fixes CVE-2024-26645 bsc#1222056).
- Update
patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch
(git-fixes CVE-2024-26659 bsc#1222317).
- commit bd16cf6
- Update
patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch
(git-fixes CVE-2023-52518 bsc#1221056).
- Update
patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2023-52604 bsc#1221067).
- Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch
(git-fixes CVE-2023-52587 bsc#1221082).
- Update
patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch
(git-fixes bsc#1220393 CVE-2023-52639 bsc#1222300).
- Update
patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch
(git-fixes CVE-2023-52617 bsc#1221613).
- Update
patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch
(git-fixes CVE-2023-52623 bsc#1222060).
- Update
patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch
(git-fixes CVE-2023-52603 bsc#1221066).
- Update
patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch
(git-fixes CVE-2023-52494 bsc#1221273).
- Update
patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch
(git-fixes CVE-2023-52493 bsc#1221274).
- Update
patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch
(git-fixes CVE-2023-52637 bsc#1222291).
- Update
patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch
(git-fixes CVE-2023-52612 bsc#1221616).
- Update
patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch
(git-fixes CVE-2023-52486 bsc#1221277).
- Update
patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch
(git-fixes CVE-2023-52632 bsc#1222274).
- Update
patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch
(git-fixes CVE-2023-52563 bsc#1220937).
- Update
patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch
(git-fixes CVE-2023-52615 bsc#1221614).
- Update
patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch
(bsc#1215921 CVE-2023-52484 bsc#1220797).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2023-52601 bsc#1221068).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch
(git-fixes CVE-2023-52599 bsc#1221062).
- Update
patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch
(git-fixes CVE-2023-52602 bsc#1221070).
- Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch
(git-fixes CVE-2023-52600 bsc#1221071).
- Update
patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch
(bsc#1218958 CVE-2023-52450 bsc#1220237).
- Update
patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch
(git-fixes CVE-2023-52619 bsc#1221618).
- Update
patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch
(git-fixes CVE-2023-52500 bsc#1220883).
- Update
patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch
(git-fixes CVE-2023-52594 bsc#1221045).
- Update
patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch
(git-fixes CVE-2023-52595 bsc#1221046).
- commit b1046c1
- Update
patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
(CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- commit fd3aabc
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- commit a7b445d
- mm,page_owner: Fix accounting of pages when migrating
(bsc#1222366).
- commit 37b3731
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- commit 4dc29b0
- iommu/mediatek: Fix forever loop in error handling (git-fixes).
- commit 21d467e
- selinux: saner handling of policy reloads (bsc#1222230 bsc#1221044
CVE-2023-52591).
- commit 66a189d
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- commit b2b2b31
- mm,page_owner: fix recursion (bsc#1222366).
- commit 4517a6d
- mm,page_owner: drop unnecessary check (bsc#1222366).
- commit 0c42427
- mm,page_owner: check for null stack_record before bumping its
refcount (bsc#1222366).
- commit 81f3531
- Update patches metadata
- commit f6df04d
- x86/bhi: Mitigate KVM by default (bsc#1217339 CVE-2024-2201).
- commit e8a52ff
- x86/bhi: Add BHI mitigation knob (bsc#1217339 CVE-2024-2201).
- Update config files.
- commit 66b3207
- x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1217339 CVE-2024-2201).
- commit 797a250
- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (bsc#1217339 CVE-2024-2201).
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- commit d9a50a1
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1217339 CVE-2024-2201).
- commit c5355fd
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
Extend existing functionality to allow adding extra feature words in
addition to extra bug words. This code is adjusted from SLE12-SP5 patch.
- commit 44177f4
- x86/bhi: Add support for clearing branch history at syscall entry (bsc#1217339 CVE-2024-2201).
- commit 7297553
- x86/cpufeature: Add missing leaf enumeration (bsc#1217339 CVE-2024-2201).
- commit 72a3a61
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails
(git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2
(stable-fixes).
- drm/amd/display: Return the correct HDCP error code
(stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
(stable-fixes).
- drm/exynos: do not return negative values from .get_modes()
(stable-fixes).
- drm/panel: do not return negative error codes from
drm_panel_get_modes() (stable-fixes).
- drm/probe-helper: warn about negative .get_modes()
(stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook
(stable-fixes).
- ALSA: hda/realtek - Add Headset Mic supported Acer NB platform
(stable-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting
(stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges
(stable-fixes).
- commit 9310237
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- blacklist.conf: omit previous incomplete sockmap fix
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t
(git-fixes).
- commit 9a86a18
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- commit f738a42
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- commit 989b8c6
- blacklist.conf: omit reverted sockmap deadlock fix
- commit 397323e
- netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642 bsc#1221830).
- commit 02a907f
- netfilter: ctnetlink: fix possible refcount leak in
ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit 0b47032
- usb: typec: ucsi: Check for notifications after init
(git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock
(git-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds
(git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface()
(git-fixes).
- staging: vc04_services: fix information leak in
create_component() (git-fixes).
- commit 74f6b3e
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/qxl: remove unused variable from
`qxl_process_single_command()` (git-fixes).
- drm/qxl: remove unused `count` variable from
`qxl_surface_id_alloc()` (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if
needed (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object()
in acpi_db_walk_for_fields() (git-fixes).
- commit 22f136e
- README.BRANCH: Remove copy of branch name
- commit 4834fba
- README.BRANCH: Remove copy of branch name
- commit 9b22290
- thermal: intel: hfi: Add syscore callbacks for system-wide PM
(CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Disable an HFI instance when all its CPUs
go offline (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Enable an HFI instance from its first
online CPU (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Refactor enabling code into helper
functions (CVE-2024-26646 bsc#1222070).
- commit 8d3563b
- ASoC: meson: t9015: fix function pointer type mismatch
(git-fixes).
- drm/tegra: hdmi: Fix some error handling paths in
tegra_hdmi_probe() (git-fixes).
- drm/tegra: dsi: Fix some error handling paths in
tegra_dsi_probe() (git-fixes).
- net/x25: fix incorrect parameter validation in the
x25_getsockopt() function (git-fixes).
- Bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- wifi: wilc1000: fix RCU usage in connect path (git-fixes).
- wifi: wilc1000: fix declarations ordering (stable-fixes).
- lib/cmdline: Fix an invalid format specifier in an assertion
msg (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio
(stable-fixes).
- firewire: core: use long bus reset on gap count error
(stable-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
(stable-fixes).
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
(stable-fixes).
- drm/tegra: hdmi: Convert to devm_platform_ioremap_resource()
(stable-fixes).
- drm/tegra: dsi: Make use of the helper function dev_err_probe()
(stable-fixes).
- commit 2335ed9
- ACPI: resource: Add Infinity laptops to
irq1_edge_low_force_override (stable-fixes).
- Refresh
patches.suse/ACPI-resource-Add-MAIBENBEN-X577-to-irq1_edge_low_fo.patch.
- commit a322c3a
- ASoC: meson: aiu: fix function pointer type mismatch
(git-fixes).
- ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
(stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops
(stable-fixes).
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
(stable-fixes).
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono
mode (stable-fixes).
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
(stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi
Vi8 tablet (stable-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise
(stable-fixes).
- ASoC: meson: Use dev_err_probe() helper (stable-fixes).
- commit 8f94a4d
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- ALSA: aoa: avoid false-positive format truncation warning
(git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
(git-fixes).
- wifi: iwlwifi: fw: don't always use FW dump trig (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks
(git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function
(git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
(git-fixes).
- ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
(stable-fixes).
- commit a43d7a1
- ipv6: init the accept_queue's spinlocks in inet6_create
(bsc#1221293 CVE-2024-26614).
- commit 0ab8c0f
- net/bnx2x: Prevent access to a freed page in page_pool
(bsc#1215322).
- commit 6d39ac9
- tcp: make sure init the accept_queue's spinlocks once
(bsc#1221293 CVE-2024-26614).
- commit 943f002
- powerpc/boot: Disable power10 features after BOOTAFLAGS
assignment (bsc#1194869).
- commit 17f8de7
- powerpc/boot: Fix boot wrapper code generation with
CONFIG_POWER10_CPU (bsc#1194869).
- commit 9b67460
- powerpc/lib: Validate size for vector operations (bsc#1194869 CVE-2023-52606 bsc#1221069).
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
(CVE-2023-52607 bsc#1221061).
- powerpc: add compile-time support for lbarx, lharx
(bsc#1194869).
- Update config files.
- powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
- Update config files.
- powerpc/sstep: Use bitwise instead of arithmetic operator for
flags (bsc#1194869).
- powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
- powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__
(bsc#1194869).
- powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
- powerpc/lib/sstep: Don't use __{get/put}_user() on kernel
addresses (bsc#1194869).
- commit b17389a
- RDMA/mlx5: Relax DEVX access upon modify commands (git-fixes)
- commit 9423a91
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (git-fixes)
- commit 16e4eca
- Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d.
This fixes bsc#1221814
- commit bc3a73c
- Update
patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch
(git-fixes CVE-2023-52519 bsc#1220920).
- Update
patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch
(git-fixes CVE-2023-52529 bsc#1220929).
- Update
patches.suse/IB-hfi1-Fix-bugs-with-non-PAGE_SIZE-end-multi-iovec-.patch
(git-fixes CVE-2023-52474 bsc#1220445).
- Update
patches.suse/RDMA-siw-Fix-connection-failure-handling.patch
(git-fixes CVE-2023-52513 bsc#1221022).
- Update
patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch
(git-fixes CVE-2023-52515 bsc#1221048).
- Update
patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch
(git-fixes CVE-2023-52564 bsc#1220938).
- Update
patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch
(bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073).
- Update
patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch
(git-fixes CVE-2023-52510 bsc#1220898).
- Update
patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch
(git-fixes CVE-2023-52524 bsc#1220927).
- Update
patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch
(git-fixes CVE-2023-52528 bsc#1220843).
- Update
patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch
(git-fixes CVE-2023-52507 bsc#1220833).
- Update
patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch
(git-fixes CVE-2023-52566 bsc#1220940).
- Update
patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
(bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch
(git-fixes CVE-2023-52520 bsc#1220921).
- Update
patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
(bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch
(git-fixes CVE-2023-52501 bsc#1220885).
- Update
patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch
(git-fixes CVE-2023-52567 bsc#1220839).
- Update
patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch
(git-fixes CVE-2023-52517 bsc#1221055).
- Update
patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch
(git-fixes CVE-2023-52511 bsc#1221012).
- Update
patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch
(git-fixes CVE-2023-52525 bsc#1220840).
- Update
patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch
(git-fixes CVE-2023-52504 bsc#1221553).
- Update
patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
(git-fixes CVE-2023-52575 bsc#1220871).
- commit 5f353b0
- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
(bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- Update
patches.suse/crypto-qcom-rng-ensure-buffer-for-generate-is-comple.patch
(git-fixes CVE-2022-48629 bsc#1220989).
- Update
patches.suse/crypto-qcom-rng-fix-infinite-loop-on-requests-not-mu.patch
(git-fixes CVE-2022-48630 bsc#1220990).
- commit f8cf886
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-harden-detection-of-controll.patch
(git-fixes CVE-2021-46926 bsc#1220478).
- Update
patches.suse/ALSA-rawmidi-fix-the-uninitalized-user_pversion.patch
(git-fixes CVE-2021-47096 bsc#1220981).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(git-fixes CVE-2021-47104 bsc#1220960).
- Update
patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
(git-fixes CVE-2021-47097 bsc#1220982).
- Update
patches.suse/KVM-x86-mmu-Don-t-advance-iterator-after-restart-due.patch
(git-fixes CVE-2021-47094 bsc#1221551).
- Update patches.suse/NFSD-Fix-READDIR-buffer-overflow.patch
(git-fixes bsc#1196346 CVE-2021-47107 bsc#1220965).
- Update
patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
(git-fixes CVE-2021-47101 bsc#1220987).
- Update
patches.suse/drm-mediatek-hdmi-Perform-NULL-pointer-check-for-mtk.patch
(git-fixes CVE-2021-47108 bsc#1220986).
- Update
patches.suse/hwmon-lm90-Prevent-integer-overflow-underflow-in-hys.patch
(git-fixes CVE-2021-47098 bsc#1220983).
- Update
patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
(git-fixes CVE-2021-47100 bsc#1220985).
- Update
patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
(bsc#1193490 CVE-2021-47095 bsc#1220979).
- Update
patches.suse/mac80211-fix-locking-in-ieee80211_start_ap-error-pat.patch
(git-fixes CVE-2021-47091 bsc#1220959).
- Update
patches.suse/net-fix-use-after-free-in-tw_timer_handler.patch
(bsc#1217195 CVE-2021-46936 bsc#1220439).
- Update
patches.suse/net-marvell-prestera-fix-incorrect-structure-access.patch
(git-fixes CVE-2021-47102 bsc#1221009).
- Update
patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock
(git-fixes CVE-2021-46925 bsc#1220466).
- Update
patches.suse/nitro_enclaves-Use-get_user_pages_unlocked-call-to-handle-mmap-assert.patch
(git fixes (mm/gup) CVE-2021-46927 bsc#1220443).
- Update
patches.suse/platform-x86-intel_pmc_core-fix-memleak-on-registrat.patch
(git-fixes CVE-2021-47093 bsc#1220978).
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
(CVE-2022-20154 bsc#1200599 CVE-2021-46929 bsc#1220482).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
(jsc#SLE-21844 CVE-2021-47087 bsc#1220954).
- Update
patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
(bsc#1209635 CVE-2022-4744 git-fixes CVE-2021-47082
bsc#1220969).
- Update
patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
(git-fixes CVE-2021-46933 bsc#1220487).
- Update patches.suse/usb-mtu3-fix-list_head-check-warning.patch
(git-fixes CVE-2021-46930 bsc#1220484).
- Update
patches.suse/veth-ensure-skb-entering-GRO-are-not-cloned.patch
(git-fixes CVE-2021-47099 bsc#1220955).
- commit b15f74e
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- commit 1bac2ee
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- commit 0a6b09b
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- commit 11123f1
- selftests/bpf: add generic BPF program tester-loader
(bsc#1222033).
- Refresh patches.suse/selftests-bpf-convenience-macro-for-use-with-asm-vol.patch
- commit fac2b7e
- crypto: qat - avoid division by zero (git-fixes).
- crypto: qat - resolve race condition during AER recovery
(git-fixes).
- crypto: qat - fix deadlock in backlog processing (git-fixes).
- crypto: qat - fix double free during reset (git-fixes).
- crypto: qat - increase size of buffers (git-fixes).
- crypto: qat - fix unregistration of compression algorithms
(git-fixes).
- crypto: qat - fix unregistration of crypto algorithms
(git-fixes).
- crypto: qat - ignore subsequent state up commands (git-fixes).
- commit 57086a4
- crypto: qat - fix state machines cleanup paths (bsc#1218321).
- commit b45a9b9
- PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
(git-fixes).
- PCI: rockchip: Use 64-bit mask on MSI 64-bit PCI address
(git-fixes).
- commit 71917a0
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit 30c5680
- s390/vtime: fix average steal time calculation (git-fixes
bsc#1221951).
- commit dcc65eb
- s390/ptrace: handle setting of fpc register correctly
(CVE-2023-52598 bsc#1221060 git-fixes).
- commit 997994b
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
CVE-2023-7042).
- commit 1784f9f
- ubi: Check for too small LEB size in VTBL code (bsc#1219834
CVE-2024-25739).
- commit ad7e175
- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
(git-fixes).
- commit 617f4f7
- PCI: rockchip: Fix window mapping and address translation for
endpoint (git-fixes).
- Refresh
patches.suse/PCI-rockchip-Use-u32-variable-to-access-32-bit-regis.patch.
- commit ebc378b
- PCI: qcom: Enable BDF to SID translation properly (git-fixes).
- PCI: mediatek-gen3: Fix translation window size calculation
(git-fixes).
- PCI: mediatek: Clear interrupt status before dispatching handler
(git-fixes).
- PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment
support (git-fixes).
- PCI: Lengthen reset delay for VideoPropulsion Torrent QN16e card
(git-fixes).
- Revert "PCI: tegra194: Enable support for 256 Byte payload"
(git-fixes).
- PCI: fu740: Set the number of MSI vectors (git-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL
(git-fixes).
- PCI: Add locking to RMW PCI Express Capability Register
accessors (git-fixes).
- kABI: PCI: Add locking to RMW PCI Express Capability Register
accessors (kabi).
- PCI: qcom: Use DWC helpers for modifying the read-only DBI
registers (git-fixes).
- commit 150da46
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- commit 20654b5
- wifi: ath11k: decrease MHI channel buffer length to 8KB
(bsc#1207948).
- commit ccda276
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- commit 76719ba
- nvme: fix reconnection fail due to reserved tag allocation
(git-fixes).
- commit 08c50ef
- blacklist.conf: add a couple of PCI ones
- commit 37e30e0
- bpf, scripts: Correct GPL license name (git-fixes).
- commit b7a1062
- Refresh
patches.suse/nfsd4-add-refcount-for-nfsd4_blocked_lock.patch.
Add another commit id
- commit 6697f38
- blacklist.conf: add unwanted nfs commit
- commit a4cc44e
- NFSv4.2: fix wrong shrinker_id (git-fixes).
- commit 5ba59c3
- Add cherry-picked id of amdgpu patch (git-fixes)
- commit 3498702
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
(git-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- nouveau: reset the bo resource bus info after an eviction
(git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
(git-fixes).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
(git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end
of file (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx()
API (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- serial: 8250_exar: Don't remove GPIO device on suspend
(git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
(git-fixes).
- serial: max310x: fix syntax error in IRQ error message
(git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- usb: gadget: net2272: Use irqflags in the call to
net2272_probe_fin (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma
(git-fixes).
- usb: audio-v2: Correct comments for struct
uac_clock_selector_descriptor (git-fixes).
- commit d110a91
- blacklist.conf: add usb gadget patch to be reverted later
- commit d1cbd2f
- Add cherry-picked id to amdgpu patch
- commit 2d7799f
- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 02ed75a
- ubifs: Queue up space reservation tasks if retrying many times
(git-fixes).
- commit 061dcaa
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed
(git-fixes).
- commit 493a02c
- ubifs: Remove unreachable code in dbg_check_ltab_lnum
(git-fixes).
- commit 2771652
- ubifs: fix sort function prototype (git-fixes).
- commit 6125609
- Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes bsc#1221276 CVE-2023-52492)
- commit 7007f7d
- ubifs: Set page uptodate in the correct place (git-fixes).
- commit 219703b
- iommu/vt-d: Allow to use flush-queue when first level is
default (git-fixes).
- commit 1821f9c
- iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
- commit 23b5322
- iommu/vt-d: Set No Execute Enable bit in PASID table entry
(git-fixes).
- commit 3ba9d71
- iommu/mediatek-v1: Fix an error handling path in
mtk_iommu_v1_probe() (git-fixes).
- commit 3b5ce5d
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(bsc#1219170 CVE-2024-22099).
- commit ece27a6
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Change debug message during driver unload
(bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored
(bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- commit ac0c897
- scsi: lpfc: Copyright updates for 14.4.0.1 patches
(bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3
ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr
(bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr
(bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state
(bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in
lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
(bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling
(bsc#1221777 bsc#1217959).
- scsi: lpfc: Move NPIV's transport unregistration to after
resource clean up (bsc#1221777).
- scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset()
(bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- commit 173a64c
- firmware: arm_scmi: Check mailbox/SMT channel for consistency (bsc#1221375 CVE-2023-52608)
- commit f829935
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- commit dfc50d6
- ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
- commit c06fc74
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- commit b983475
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
(git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
(git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is
shut down (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work
(git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount
(git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE
(git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian
(git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- nfsd: use vfs setgid helper (git-fixes).
- commit 90396a4
- clk: zynq: Prevent null pointer dereference caused by kmalloc
failure (git-fixes).
- commit 6c59283
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
(git-fixes).
- commit c2aa41d
- iommu/dma: Trace bounce buffer usage when mapping buffers
(git-fixes).
- commit e3645be
- media: staging: ipu3-imgu: Set fields before
media_entity_pads_init() (git-fixes).
- commit 5978536
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- commit 936859f
- Drop temporarily amdgpu patch (to be reapplied later)
- commit 809ae8f
- RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes)
- commit 373361b
- RDMA/device: Fix a race between mad_client and cm_client init (git-fixes)
- commit 5b52744
- RDMA/hns: Fix mis-modifying default congestion control algorithm (git-fixes)
- commit 95141c0
- RDMA/srpt: Do not register event handler until srpt device is fully setup (git-fixes)
- commit 5d33595
- RDMA/irdma: Remove duplicate assignment (git-fixes)
- commit 9841c04
- blacklist.conf: cleanup only
- commit ecab69c
- blacklist.conf: kABI
- commit 94731b9
- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
(git-fixes).
- commit dc89308
- drm/amd/display: Fix possible underflow for displays with
large vblank (git-fixes).
- drm/amd/display: Revert vblank change that causes null pointer
crash (git-fixes).
- commit 7e422d7
- Revert "Revert "drm/amdgpu/display: change pipe policy for
DCN 2.0"" (git-fixes).
- drm/amd/display: perform a bounds check before filling dirty
rectangles (git-fixes).
- commit 7922bac
- Refresh patches.suse/drm-amd-display-always-switch-off-ODM-before-committ.patch
Add cherry-pickd id
- commit feac6cf
- Refresh patches.suse/drm-amd-display-Write-to-correct-dirty_rect.patch
Add cherry-picked id
- commit d1b610a
- drm/amd/display: For prefetch mode > 0, extend prefetch if
possible (git-fixes).
- drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
(git-fixes).
- drm/amd/display: Increase frame warning limit with KASAN or
KCSAN in dml (git-fixes).
- drm/amd: Enable PCIe PME from D3 (git-fixes).
- drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
- drm/amd/display: fix ABM disablement (git-fixes).
- drm/amd/display: Update min Z8 residency time to 2100 for DCN314
(git-fixes).
- drm/amd/display: Remove min_dst_y_next_start check for Z8
(git-fixes).
- drm/amd/display: Use DRAM speed from validation for dummy
p-state (git-fixes).
- drm/amdgpu: Force order between a read and write to the same
address (git-fixes).
- drm/amd/display: Include udelay when waiting for INBOX0 ACK
(git-fixes).
- drm/i915: Call intel_pre_plane_updates() also for pipes getting
enabled (git-fixes).
- drm/panel: auo,b101uan08.3: Fine tune the panel power sequence
(git-fixes).
- drm/amd/display: Enable fast plane updates on DCN3.2 and above
(git-fixes).
- drm/amd/display: fix a NULL pointer dereference in
amdgpu_dm_i2c_xfer() (git-fixes).
- drm/amd/display: Guard against invalid RPTR/WPTR being set
(git-fixes).
- drm/amdgpu: lower CS errors to debug severity (git-fixes).
- drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
- drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
- drm/i915: Add missing CCS documentation (git-fixes).
- drm/amdgpu: Unset context priority is now invalid (git-fixes).
- drm/panel: Move AUX B116XW03 out of panel-edp back to
panel-simple (git-fixes).
- Revert "drm/amd: Disable S/G for APUs when 64GB or more host
memory" (git-fixes).
- drm/amd/display: always switch off ODM before committing more
streams (git-fixes).
- drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for
DCN31 (git-fixes).
- drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK
(git-fixes).
- drm/amd/display: Fix a bug when searching for insert_above_mpcc
(git-fixes).
- commit e9791f4
- Refresh patches.suse/drm-amdgpu-vcn-Disable-indirect-SRAM-on-Vangogh-brok.patch (git-fixes)
Alt-commit
- commit 633cb3b
- Refresh patches.suse/1398-drm-i915-pass-a-pointer-for-tlb-seqno-at-vma_invalid.patch (git-fixes)
Alt-commit
- commit 4cec8c9
- Refresh patches.suse/1866-drm-i915-ttm-fix-32b-build.patch (git-fixes)
Alt-commit
- commit a1a2486
- drm/amd/display: ensure async flips are only accepted for fast
updates (git-fixes).
- drm/exynos: fix a possible null-pointer dereference due to
data race in exynos_drm_crtc_atomic_disable() (git-fixes).
- drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
(git-fixes).
- drm/amd/display: Fix underflow issue on 175hz timing
(git-fixes).
- drm/amd/display: dc.h: eliminate kernel-doc warnings
(git-fixes).
- drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
- drm/bridge: tc358762: Instruct DSI host to generate HSE packets
(git-fixes).
- drm/amdgpu: Match against exact bootloader status (git-fixes).
- drm/amd/display: Exit idle optimizations before attempt to
access PHY (git-fixes).
- drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family
(git-fixes).
- drm/amd/smu: use AverageGfxclkFrequency* to replace previous
GFX Curr Clock (git-fixes).
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
- drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
(git-fixes).
- drm/ttm: Don't leak a resource on eviction error (git-fixes).
- drm/amd/display: Fix the delta clamping for shaper LUT
(git-fixes).
- Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON"
(git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Phoenix (git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Rembrandt (git-fixes).
- drm/amd/display: Update correct DCN314 register header
(git-fixes).
- drm/amd/display: Fix possible underflow for displays with
large vblank (git-fixes).
- drm/amd/display: update extended blank for dcn314 onwards
(git-fixes).
- drm/amd/display: Restore rptr/wptr for DMCUB as workaround
(git-fixes).
- drm/amd/display: Add FAMS validation before trying to use it
(git-fixes).
- drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence
(git-fixes).
- drm/amd/display: add ODM case when looking for first split pipe
(git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"
(git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.1"
(git-fixes).
- commit 5e1df8b
- drm/amd/display: Keep PHY active for dp config (git-fixes).
- drm/ttm: Don't print error message if eviction was interrupted
(git-fixes).
- Revert "drm/vc4: hdmi: Enforce the minimum rate at
runtime_resume" (git-fixes).
- drm/amd/display: Write to correct dirty_rect (git-fixes).
- drm/amd/display: clean code-style issues in
dcn30_set_mpc_shaper_3dlut (git-fixes).
- drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
- drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
- drm/amd/display: set per pipe dppclk to 0 when dpp is off
(git-fixes).
- drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
- drm/amd/display: fix unbounded requesting for high pixel rate
modes on dcn315 (git-fixes).
- drm/amd/display: use low clocks for no plane configs
(git-fixes).
- drm/amd/display: Use min transition for all SubVP plane
add/remove (git-fixes).
- drm/amd/display: Rework comments on dc file (git-fixes).
- drm/amd/display: Expand kernel doc for DC (git-fixes).
- drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
(git-fixes).
- drm/amd/display: Update OTG instance in the commit stream
(git-fixes).
- drm/amd/display: Handle seamless boot stream (git-fixes).
- drm/amd/display: Add function for validate and update new stream
(git-fixes).
- drm/amd/display: Handle virtual hardware detect (git-fixes).
- drm/amd/display: Include surface of unaffected streams
(git-fixes).
- drm/amd/display: Copy DC context in the commit streams
(git-fixes).
- drm/amd/display: Enable new commit sequence only for DCN32x
(git-fixes).
- drm/amd/display: Rework context change check (git-fixes).
- drm/amd/display: Check if link state is valid (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Acer Switch V 10
(SW5-017) (git-fixes).
- drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
(git-fixes).
- drm/vc4: Add module dependency on hdmi-codec (git-fixes).
- drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
(git-fixes).
- commit 17a985c
- watchdog: stm32_iwdg: initialize default timeout (git-fixes).
- crypto: arm/sha - fix function cast warnings (git-fixes).
- crypto: xilinx - call finalize with bh disabled (git-fixes).
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
(git-fixes).
- mtd: rawnand: meson: fix scrambling mode value in command macro
(git-fixes).
- mtd: maps: physmap-core: fix flash size larger than 32-bit
(git-fixes).
- media: usbtv: Remove useless locks in usbtv_video_free()
(git-fixes).
- media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
- media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
- media: dvb-frontends: avoid stack overflow warnings with clang
(git-fixes).
- media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
- media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
- media: pvrusb2: remove redundant NULL check (git-fixes).
- media: go7007: add check of return value of go7007_read_addr()
(git-fixes).
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
(git-fixes).
- media: sun8i-di: Fix chroma difference threshold (git-fixes).
- media: sun8i-di: Fix power on/off sequences (git-fixes).
- media: sun8i-di: Fix coefficient writes (git-fixes).
- media: edia: dvbdev: fix a use-after-free (git-fixes).
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
(git-fixes).
- media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
- media: em28xx: annotate unchecked call to
media_device_register() (git-fixes).
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
(git-fixes).
- media: staging: ipu3-imgu: Set fields before
media_entity_pads_init() (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop
(git-fixes).
- mmc: mmci: stm32: fix DMA API overlapping mappings warning
(git-fixes).
- drm/amd/display: Wrong colorimetry workaround (git-fixes).
- mmc: mmci: stm32: use a buffer for unaligned DMA requests
(git-fixes).
- commit 6d10a8f
- blacklist.conf: kABI
- commit 6018730
- blacklist.conf: merely a cleanup
- commit f35d79c
- xhci: handle isoc Babble and Buffer Overrun events properly
(git-fixes).
- commit b33a274
- xhci: process isoc TD properly when there was a transaction
error mid TD (git-fixes).
- commit ef9dcf9
- Refresh patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch (git-fixes)
Alt-commit
- commit 51173ed
- Refresh patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes)
Alt-commit
- commit 9a337ae
- Refresh patches.suse/drm-amdgpu-display-Initialize-gamma-correction-mode-.patch (git-fixes)
Alt-commit
- commit ae35079
- Refresh patches.suse/drm-amd-display-Fix-possible-NULL-dereference-on-dev.patch (git-fixes)
Alt-commit
- commit 968007a
- Refresh patches.suse/Revert-drm-amd-display-increased-min_dcfclk_mhz-and-.patch (git-fixes)
Alt-commit
- commit 29d289f
- Refresh patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes)
Alt-commit
- commit 6c8d470
- Refresh patches.suse/drm-amd-display-Fix-possible-buffer-overflow-in-find.patch (git-fixes)
Alt-commit
- commit d66904a
- Refresh patches.suse/drm-amdgpu-Fix-missing-error-code-in-gmc_v6-7-8-9_0_.patch (git-fixes)
Alt-commit
- commit 17a587a
- Refresh patches.suse/drm-bridge-sii902x-Fix-probing-race-issue.patch (git-fixes)
Alt-commit
- commit 0c6bf24
- Refresh patches.suse/drm-i915-dp-Fix-passing-the-correct-DPCD_REV-for-drm.patch (git-fixes)
Alt-commit
- commit eeb30fc
- Refresh patches.suse/drm-amd-Disable-ASPM-for-VI-w-all-Intel-systems.patch (git-fixes)
Alt-commit
- commit 2b0efc6
- Refresh patches.suse/drm-amd-Fix-detection-of-_PR3-on-the-PCIe-root-port.patch (git-fixes)
Alt-commit
- commit 0458ace
- Refresh patches.suse/drm-amd-display-fix-the-white-screen-issue-when-64GB.patch (git-fixes)
Alt-commit
- commit 46ed395
- Refresh patches.suse/drm-amd-display-prevent-potential-division-by-zero-e.patch (git-fixes)
Alt-commit
- commit b7ab8de
- Refresh patches.suse/drm-amd-display-enable-cursor-degamma-for-DCN3-DRM-l.patch (git-fixes)
Alt-commit
- commit 885580e
- Refresh patches.suse/drm-amd-display-Remove-wait-while-locked.patch (git-fixes)
Alt-commit
- commit 43c45c5
- Refresh patches.suse/drm-amd-display-Add-smu-write-msg-id-fail-retry-proc.patch (git-fixes)
Alt-commit
- commit b800d81
- Refresh patches.suse/drm-amd-display-register-edp_backlight_control-for-D.patch (git-fixes)
Alt-commit
- commit 164cdf4
- Refresh patches.suse/drm-amdgpu-fix-Null-pointer-dereference-error-in-amd.patch (git-fixes)
Alt-commit
- commit c814bba
- Refresh patches.suse/drm-amdgpu-gfx10-Disable-gfxoff-before-disabling-pow.patch (git-fixes)
Alt-commit
- commit e937913
- Refresh patches.suse/drm-amd-pm-parse-pp_handle-under-appropriate-conditi.patch (git-fixes)
Alt-commit
- commit f5d987c
- Refresh patches.suse/drm-amd-display-fix-access-hdcp_workqueue-assert.patch (git-fixes)
Alt-commit
- commit 0906f4d
- Refresh patches.suse/drm-amdgpu-nv-Apply-ASPM-quirk-on-Intel-ADL-AMD-Navi.patch (git-fixes)
Alt-commit
- commit c25da25
- Refresh patches.suse/drm-amdgpu-Correct-the-power-calcultion-for-Renior-C.patch (git-fixes)
Alt-commit
- commit bb8f92f
- Refresh patches.suse/0549-drm-amdgpu-enable-Vangogh-VCN-indirect-sram-mode.patch (git-fixes)
Alt-commit
- commit aa42634
- Refresh patches.suse/drm-i915-Never-return-0-if-not-all-requests-retired.patch (git-fixes)
Alt-commit
- commit bf8aa0c
- Refresh patches.suse/drm-i915-Fix-negative-value-passed-as-remaining-time.patch (git-fixes)
Alt-commit
- commit 33c3117
- Refresh patches.suse/drm-display-dp_mst-Fix-drm_dp_mst_add_affected_dsc_c.patch (git-fixes)
Alt-commit
- commit 5f0e59c
- Refresh patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch (git-fixes)
Alt-commit
- commit ae7a01a
- Refresh patches.suse/drm-amdgpu-dm-dp_mst-Don-t-grab-mst_mgr-lock-when-co.patch (git-fixes)
Alt-commit
- commit a480119
- Refresh patches.suse/drm-amdgpu-dm-mst-Use-the-correct-topology-mgr-point.patch (git-fixes)
Alt-commit
- commit cfd3d6f
- Refresh patches.suse/1625-drm-i915-vdsc-Set-VDSC-PIC_HEIGHT-before-using-for-D.patch (git-fixes)
Alt-commit
- commit 0691a9b
- Refresh patches.suse/1585-drm-i915-slpc-Let-s-fix-the-PCODE-min-freq-table-set.patch (git-fixes)
Alt-commit
- commit b19cad4
- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
Alt-commit
- commit fb1fad7
- Refresh patches.suse/1396-drm-i915-gt-Batch-TLB-invalidations.patch (git-fixes)
Alt-commit
- commit 1d66c31
- Refresh patches.suse/1394-drm-i915-gt-Invalidate-TLB-of-the-OA-unit-at-TLB-inv.patch (git-fixes)
Alt-commit
- commit 5c89722
- Refresh patches.suse/1393-drm-i915-gt-Ignore-TLB-invalidations-on-idle-engines.patch (git-fixes)
Alt-commit
- commit 43ab4df
- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
Alt-commit
- commit 9329ad7
- Refresh patches.suse/1859-drm-i915-selftests-fix-subtraction-overflow-bug.patch (git-fixes)
Alt-commit
- commit 3943b71
- Refresh patches.suse/1855-drm-i915-ttm-fix-sg_table-construction.patch (git-fixes)
Alt-commit
- commit d989f7a
- Refresh patches.suse/1644-i915-guc-reset-Make-__guc_reset_context-aware-of-gui.patch (git-fixes)
Alt-commit
- commit 4511955
- Refresh patches.suse/1639-drm-amd-Don-t-reset-dGPUs-if-the-system-is-going-to-.patch (git-fixes)
Alt-commit
- commit 69ca555
- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
CVE-2023-52476).
- commit c52b506
- fs: introduce lock_rename_child() helper (bsc#1221044
CVE-2023-52591).
Refresh patches.suse/fs-Establish-locking-order-for-unrelated-directories.patch
- commit 86376e0
- rename(): avoid a deadlock in the case of parents having no
common ancestor (bsc#1221044 CVE-2023-52591).
- commit 16e3098
- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit 8b8deef
- rename(): fix the locking of subdirectories (bsc#1221044
CVE-2023-52591).
- commit 146d81f
- f2fs: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 5344280
- ext4: don't access the source subdirectory content on
same-directory rename (bsc#1221044 CVE-2023-52591).
- commit b2b6374
- ext2: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 2edcc11
- udf_rename(): only access the child content on cross-directory
rename (bsc#1221044 CVE-2023-52591).
- commit 0257614
- ocfs2: Avoid touching renamed directory if parent does not
change (bsc#1221044 CVE-2023-52591).
- commit e786f3a
- reiserfs: Avoid touching renamed directory if parent does not
change (git-fixes bsc#1221044 CVE-2023-52591).
Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit 523ddca
- fs: don't assume arguments are non-NULL (bsc#1221044
CVE-2023-52591).
- commit 2177893
- fs: Restrict lock_two_nondirectories() to non-directory inodes
(bsc#1221044 CVE-2023-52591).
- commit a59a7cb
- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 8c6576f
- s390/pai: fix attr_event_free upper limit for pai device drivers
(git-fixes bsc#1221633).
- commit dcd390e
- KVM: s390: only deliver the set service event bits (git-fixes
bsc#1221631).
- commit 6e3593c
- Update
patches.suse/s390-vfio-ap-always-filter-entire-AP-matrix.patch
(git-fixes bsc#1219012 CVE-2024-26620 bsc#1221298).
- commit 4fb9779
- iommu/vt-d: Don't issue ATS Invalidation request when device
is disconnected (git-fixes).
- commit 4c37f6f
- net/sched: Add module alias for sch_fq_pie (bsc#1210335 CVE-2023-1829).
- commit a69d933
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- commit 961c535
- nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
- nilfs2: fix failure to detect DAT corruption in btree and
direct mappings (git-fixes).
- ALSA: usb-audio: Stop parsing channels bits when all channels
are found (git-fixes).
- ALSA: aaci: Delete unused variable in aaci_do_suspend
(git-fixes).
- ASoC: meson: axg-tdm-interface: add frame rate constraint
(git-fixes).
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
(git-fixes).
- ASoC: amd: acp: Add missing error handling in sof-mach
(git-fixes).
- ALSA: seq: fix function cast warnings (git-fixes).
- ALSA: aw2: avoid casting function pointers (git-fixes).
- ALSA: ctxfi: avoid casting function pointers (git-fixes).
- PCI: dwc: endpoint: Fix advertised resizable BAR size
(git-fixes).
- PCI: switchtec: Fix an error handling path in
switchtec_pci_probe() (git-fixes).
- PCI/P2PDMA: Fix a sleeping issue in a RCU read section
(git-fixes).
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
(git-fixes).
- PCI/DPC: Print all TLP Prefixes, not just the first (git-fixes).
- PCI/AER: Fix rootport attribute paths in ABI docs (git-fixes).
- platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check
(git-fixes).
- leds: aw2013: Unlock mutex before destroying it (git-fixes).
- backlight: lp8788: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: lm3639: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: da9052: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: lm3630a: Don't set bl->props.brightness in
get_brightness (git-fixes).
- backlight: lm3630a: Initialize backlight_properties on init
(git-fixes).
- mfd: altera-sysmgr: Call of_node_put() only when
of_parse_phandle() takes a ref (git-fixes).
- mfd: syscon: Call of_node_put() only when of_parse_phandle()
takes a ref (git-fixes).
- pinctrl: mediatek: Drop bogus slew rate register range for
MT8192 (git-fixes).
- HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
(git-fixes).
- HID: amd_sfh: Update HPD sensor structure elements (git-fixes).
- commit d46946b
- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
This is an optimisation patch which got added late so there's no hurry
to merge it.
- commit 69db574
- Properly sort already upstream patches
- Refresh
patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
patches.suse/x86-entry-ia32-Ensure-s32-is-sign-extended-to-s64.patch.
- Refresh
patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit fe7e19d
- iommu/amd: Mark interrupt as managed (git-fixes).
- commit 7365cc3
- arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
- commit e4605be
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL")
- commit 037b20c
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pull resistors for SD card")
- commit a5753b4
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals")
- commit 1c17a18
- arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
- commit f4fdf95
- arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
- commit a51708e
- arm64: mm: fix VA-range sanity check (git-fixes)
- commit dd606ae
- arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
- commit 4c81404
- arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
- commit 59dc2f8
- arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
- commit b5996a2
- arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
- commit 499e8df
- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
(jsc#PED-7167 bsc#1218643 bsc#1221338 bsc#1220114).
- commit 727559f
- Make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
- commit d2f65b3
- drm/msm/dpu: add division of drm_display_mode's hskew parameter
(git-fixes).
- drm/etnaviv: Restore some id values (git-fixes).
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of
atom_get_src_int() (git-fixes).
- drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is
enabled (git-fixes).
- drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN
(git-fixes).
- drm/msm/dpu: improve DSC allocation (git-fixes).
- drm/mediatek: Fix a null pointer crash in
mtk_drm_crtc_finish_page_flip (git-fixes).
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
(git-fixes).
- drm/tidss: Fix sync-lost issue with two displays (git-fixes).
- drm/tidss: Fix initial plane zpos values (git-fixes).
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create
(git-fixes).
- drm/radeon/ni: Fix wrong firmware size logging in
ni_init_microcode() (git-fixes).
- drm/amd/display: Fix a potential buffer overflow in
'dp_dsc_clock_en_read()' (git-fixes).
- drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
- drm/radeon: remove dead code in ni_mc_load_microcode()
(git-fixes).
- drm/vmwgfx: Fix possible null pointer derefence with invalid
contexts (git-fixes).
- media: tc358743: register v4l2 async device only after
successful setup (git-fixes).
- drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
- PM: suspend: Set mem_sleep_current during kernel command line
setup (git-fixes).
- mmc: core: Fix switch on gp3 partition (git-fixes).
- mmc: wmt-sdmmc: remove an incorrect release_mem_region()
call in the .remove function (git-fixes).
- mmc: tmio: avoid concurrent runs of mmc_request_done()
(git-fixes).
- pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data
(git-fixes).
- commit 7758a76
- drm/panel-edp: use put_sync in unprepare (git-fixes).
- drm/rockchip: lvds: do not print scary message when probing
defer (git-fixes).
- drm/rockchip: lvds: do not overwrite error code (git-fixes).
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
- drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
- drm/tegra: output: Fix missing i2c_put_adapter() in the error
handling paths of tegra_output_probe() (git-fixes).
- drm/tegra: rgb: Fix missing clk_put() in the error handling
paths of tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: rgb: Fix some error handling paths in
tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error
handling path of tegra_dsi_probe() (git-fixes).
- drm/tegra: dpaux: Fix PM disable depth imbalance in
tegra_dpaux_probe (git-fixes).
- drm/tegra: dsi: Add missing check for of_find_device_by_node
(git-fixes).
- ACPI: processor_idle: Fix memory leak in
acpi_processor_power_exit() (git-fixes).
- ACPI: resource: Add MAIBENBEN X577 to
irq1_edge_low_force_override (git-fixes).
- ACPI: scan: Fix device check notification handling (git-fixes).
- ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors
(git-fixes).
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's
return value (git-fixes).
- cpufreq: amd-pstate: Fix min_perf assignment in
amd_pstate_adjust_perf() (git-fixes).
- commit 1cf1fe2
- RAS: Export helper to get ras_debugfs_dir (jsc#PED-7619).
- commit 2d174a0
- powerpc/pseries: Fix potential memleak in papr_get_attr()
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
- commit 3aea930
- RAS/AMD/FMPM: Fix off by one when unwinding on error (jsc#PED-7619).
- commit b104443
- RAS/AMD/FMPM: Add debugfs interface to print record entries (jsc#PED-7619).
- commit 0fb8312
- RAS/AMD/FMPM: Save SPA values (jsc#PED-7619).
- commit 749cc57
- Sort the AMD edac patches
- Refresh
patches.suse/Documentation-RAS-Add-index-and-address-translation-sectio.patch.
- Refresh
patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Add-MI300-DRAM-to-normalized-address-translati.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Add-MI300-row-retirement-support.patch.
- Refresh patches.suse/RAS-AMD-ATL-Add-MI300-support.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Fix-array-overflow-in-get_logical_coh_st_fabri.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Fix-bit-overflow-in-denorm_addr_df4_np2.patch.
- Refresh
patches.suse/RAS-Introduce-AMD-Address-Translation-Library.patch.
- Refresh
patches.suse/RAS-Introduce-a-FRU-memory-poison-manager.patch.
- commit 9e22745
- net: phy: fix phy_get_internal_delay accessing an empty array
(git-fixes).
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
(git-fixes).
- Bluetooth: mgmt: Remove leftover queuing of power_off work
(git-fixes).
- Bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
- wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use
(git-fixes).
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init
is complete (git-fixes).
- wifi: brcmsmac: avoid function pointer casts (git-fixes).
- wifi: wilc1000: prevent use-after-free on vif when cleaning
up all interfaces (git-fixes).
- wifi: iwlwifi: mvm: don't set replay counters to 0xff
(git-fixes).
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
(git-fixes).
- wifi: iwlwifi: mvm: use FW rate for non-data only on new devices
(git-fixes).
- wifi: iwlwifi: fix EWRD table validity check (git-fixes).
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
- wifi: iwlwifi: mvm: report beacon protection failures
(git-fixes).
- wifi: brcmfmac: fix copyright year mentioned in platform_data
header (git-fixes).
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
- can: softing: remove redundant NULL check (git-fixes).
- wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
- wifi: wilc1000: fix multi-vif management when deleting a vif
(git-fixes).
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
(git-fixes).
- wifi: b43: Disable QoS for bcm4331 (git-fixes).
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
(git-fixes).
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is
disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is
disabled (git-fixes).
- doc-guide: kernel-doc: tell about object-like macros
(git-fixes).
- commit 15851fa
- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (git-fixes).
- NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(git-fixes).
- commit 407c3c5
- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
Add git-commit info
- commit bc859f9
- pNFS: Fix the pnfs block driver's calculation of layoutget size
(git-fixes).
- NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
(git-fixes).
- blocklayoutdriver: Fix reference leak of pnfs_device_node
(git-fixes).
- SUNRPC: Fix a suspicious RCU usage warning (git-fixes).
- nfsd: fix file memleak on client_opens_release (git-fixes).
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
(git-fixes).
- NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
- SUNRPC: Add an IS_ERR() check back to where it was (git-fixes).
- SUNRPC: ECONNRESET might require a rebind (git-fixes).
- svcrdma: Drop connection after an RDMA Read error (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same
fs (git-fixes).
- pNFS/flexfiles: Check the layout validity in
ff_layout_mirror_prepare_stats (git-fixes).
- pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
- Revert "SUNRPC dont update timeout value on connection reset"
(git-fixes).
- NFSv4: Fix a state manager thread deadlock regression
(git-fixes).
- NFSv4: Fix a nfs4_state_manager() race (git-fixes).
- NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(git-fixes).
- NFS: rename nfs_client_kset to nfs_kset (git-fixes).
- commit dc5b918
- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
Fix for kABI workaround.
- commit 6ba2f5d
- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
CVE-2023-52583).
- commit 1a81018
- sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
- commit ee86051
- Update
patches.suse/netfs-fscache-Prevent-Oops-in-fscache_put_cache.patch
(bsc#1220003 bsc#1221291 CVE-2024-26612).
- commit 0607d13
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit dfd082b
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit b301f9c
- Refresh
patches.suse/mm-ima-kexec-of-use-memblock_free_late-from-ima_free.patch.
Fix:
* Section mismatch (function ima_free_kexec_buffer()) in modpost: vmlinux.o in ima_free_kexec_buffer()
WARNING: modpost: vmlinux.o(.text+0xac1250): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late()
- commit 5522f01
- scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
- commit 1d550ca
- sched/rt: sysctl_sched_rr_timeslice show default timeslice
after reset (bsc#1220176).
- commit 4ac46cd
- powerpc/pseries/iommu: IOMMU table is not initialized for
kdump over SR-IOV (bsc#1220492 ltc#205270).
- commit 27b28f5
- Update
patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
(bsc#1220790 CVE-2023-52477).
- commit d33bab7
- nvmet-fc: take ref count on tgtport before delete assoc
(git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- commit 4d1e993
- raid1: fix use-after-free for original bio in
raid1_write_request() (bsc#1221097).
- md: fix data corruption for raid456 when reshape restart while
grow up (git-fixes).
- commit 35ee14b
- i2c: aspeed: Fix the dummy irq expected print (git-fixes).
- i2c: wmt: Fix an error handling path in wmt_i2c_probe()
(git-fixes).
- i2c: i801: Avoid potential double call to
gpiod_remove_lookup_table (git-fixes).
- comedi: comedi_test: Prevent timers rescheduling during deletion
(git-fixes).
- iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS
is enabled (git-fixes).
- vt: fix unicode buffer corruption when deleting characters
(git-fixes).
- usb: port: Don't try to peer unused USB ports based on location
(git-fixes).
- usb: gadget: ncm: Fix handling of zero block length packets
(git-fixes).
- USB: usb-storage: Prevent divide-by-0 error in
isd200_ata_command (git-fixes).
- Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
(git-fixes).
- ASoC: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
- ASoC: madera: Fix typo in madera_set_fll_clks shift value
(git-fixes).
- ALSA: hda/realtek - Fix headset Mic no show at resume back
for Lenovo ALC897 platform (git-fixes).
- drm/i915/selftests: Fix dependency of some timeouts on HZ
(git-fixes).
- drm/i915: Check before removing mm notifier (git-fixes).
- commit 5e91dbb
- s390/vfio-ap: wire in the vfio_device_ops request callback
(bsc#1205316).
- commit dc0bc15
- s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl
(bsc#1205316).
- commit 17d9de4
- Fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775)
Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function.
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit 8983adc
- raid1: fix use-after-free for original bio in
raid1_write_request() (bsc#1221097).
- commit 5154c94
- s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl
(bsc#1205316).
- commit dbbf2ae
- ALSA: hda/realtek: fix mute/micmute LED For HP mt440
(git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
(git-fixes).
- commit d4f6f9f
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit 9d7d799
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit f4f0cf4
- coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775)
- commit 4473cfd
- coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit ef5cdf7
- IB/ipoib: Fix mcast list locking (git-fixes)
- commit 8d1c71a
- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (git-fixes)
- commit c54bb31
- coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
- commit fba33fc
- group-source-files.pl: Quote filenames (boo#1221077).
The kernel source now contains a file with a space in the name.
Add quotes in group-source-files.pl to avoid splitting the filename.
Also use -print0 / -0 when updating timestamps.
- commit a005e42
- mm,ima,kexec,of: use memblock_free_late from
ima_free_kexec_buffer (bsc#1220872 CVE-2023-52576).
- commit b1b1c9a
- PCI/MSI: Prevent MSI hardware interrupt number truncation (bsc#1218777)
- commit 5410859
- Update patches.suse/phy-ti-phy-omap-usb2-Fix-NULL-pointer-dereference-fo.patch (git-fixes,bsc#1220340,CVE-2024-26600)
- commit e321d5a
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit 78e2b4a
- erofs: fix lz4 inplace decompression (CVE-2023-52497
bsc#1220879).
- commit ddeedf9
- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
CVE-2023-52605).
- commit 635c481
- Update patches.suse/arm64-errata-Add-Cortex-A520-speculative-unprivileged-load-workaround.patch (bsc#1219443, bsc#1220887, CVE-2023-52481)
- commit 52243ca
- kernel-binary: Fix i386 build
Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351
- btrfs: remove BUG() after failure to insert delayed dir index
item (bsc#1220918 CVE-2023-52569).
- btrfs: improve error message after failure to add delayed dir
index item (bsc#1220918 CVE-2023-52569).
- commit 53e1d2d
- net: nfc: fix races in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 8c33586
- kabi: team: Hide new member header_ops (bsc#1220870
CVE-2023-52574).
- commit 9f49992
- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392
bsc#1221040 CVE-2023-52597).
- commit a90b87c
- tracing: Inform kmemleak of saved_cmdlines allocation
(git-fixes).
- commit bb07230
- Update
patches.suse/ceph-drop-messages-from-MDS-when-unmounting.patch
(jsc#SES-1880 CVE-2022-48628 bsc#1220848).
- commit 187fa94
- kernel-binary: vdso: fix filelist for non-usrmerged kernel
Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221
- bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
(bsc#1220926 CVE-2023-52523).
- commit 90d9f50
- md: Make sure md_do_sync() will set MD_RECOVERY_DONE
(git-fixes).
- md: Don't ignore suspended array in md_check_recovery()
(git-fixes).
- md: Whenassemble the array, consult the superblock of the
freshest device (git-fixes).
- md: don't leave 'MD_RECOVERY_FROZEN' in error path of
md_set_readonly() (git-fixes).
- md/raid6: use valid sector values to determine if an I/O should
wait on the reshape (git-fixes).
- md/raid5: release batch_last before waiting for another
stripe_head (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
(git-fixes).
- md: introduce md_ro_state (git-fixes).
- commit cef73db
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
(bsc#1218562 CVE-2023-6270).
- commit 57a4cd4
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit eed7fb0
- topology: Fix up build warning in topology_is_visible()
(jsc#PED-7618).
- commit 6c82a8d
- topology/sysfs: Hide PPIN on systems that do not support it
(jsc#PED-7618).
- commit d8d9717
- blacklist.conf: add non-backport md git-fixes commits
- commit b13564d
- iommu/vt-d: Avoid memory allocation in iommu_suspend()
(CVE-2023-52559 bsc#1220933).
- commit c9b01ef
- Refresh patches.suse/0001-powerpc-pseries-memhp-Fix-access-beyond-end-of-drmem.patch.
- update to upstream version
- rename to same name as SLE15 SP5
- commit 1d2def1
- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514 CVE-2023-35827).
- team: fix null-ptr-deref when team device type is changed
(bsc#1220870 CVE-2023-52574).
- commit 2cc53f5
- Update
patches.suse/ice-xsk-return-xsk-buffers-back-to-pool-when-cleanin.patch
(jsc#SLE-18375 bsc#1220961 CVE-2021-47105).
- Update patches.suse/net-mana-Fix-TX-CQE-error-handling.patch
(bsc#1215986 bsc#1220932 CVE-2023-52532).
- Update
patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
(jsc#SLE-19253 bsc#1220486 CVE-2021-46931).
Added CVE references.
- commit 3e396c2
- Input: pm8941-powerkey - fix debounce on gen2+ PMICs
(git-fixes).
- commit bbebd44
- Input: pm8941-pwrkey - add support for PON GEN3 base addresses
(git-fixes).
- commit 7ab5a9e
- Update patches.suse/i2c-validate-user-data-in-compat-ioctl.patch
(git-fixes bsc#1220469 CVE-2021-46934).
Add bug and CVE references.
- commit 3a04060
- bpf: fix check for attempt to corrupt spilled pointer
(bsc#1220325 CVE-2023-52462).
- commit 34faa5d
- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- commit 6793acf
- containerd
-
- Revert noarch for devel subpackage
Switching to noarch causes issues on SLES maintenance updates, reverting it
fixes our image builds
- Update to containerd v1.7.17. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.17>
- Switch back to using tar_scm service. Aside from obs_scm using more bandwidth
and storage than a locally-compressed tar.xz, it seems there's some weird
issue with paths in obscpio that break our SLE-12-only patch.
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.16. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.16>
CVE-2023-45288 bsc#1221400
- Use obs_scm service instead of tar_scm
- Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch
(merged upstream at
<https://github.com/containerd/containerd/pull/9571>)
- Update to containerd v1.7.15. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.15>
- Update to containerd v1.7.14. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.14>
- Update to containerd v1.7.13. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.13>
- Update to containerd v1.7.12. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.12>
- Update to containerd v1.7.11. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.11>
GHSA-jq35-85cj-fj4p bsc#1224323
- Use %patch -P N instead of deprecated %patchN.
- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
- coreutils
-
- ls: avoid triggering automounts (bsc#1221632)
- add coreutils-ls-avoid-triggering-automounts.patch
- crmsh
-
- Update to version 4.5.1+20240719.bda4d1e:
* Dev: prun: add more possible libexec PATH for sftp-server
* Fix: qdevice: config "tls" should accept value "required" (bsc#1227649)
* Fix: bootstrap: refine the wording in the question asking TLS config for qdevice (bsc#1227649)
* Fix: qdevice: TLS certs should always be generated for qnetd (bsc#1227649)
* Fix: upgradeutil: refine error handling (bsc#1226147, bsc#1223371)
- Update to version 4.5.1+20240531.f62a43e:
* Fix: cmd_status: call crm_mon without shell (#1429)
* Dev: utils: Add info when property is newly added
* Fix: healthcheck: KeyError when local nodename not found in cib (bsc#1223438)
- Update to version 4.5.1+20240422.f23940c3:
* Fix: bootstrap: Remove unused -i option when calling csync2_remote and ssh_remote stage (bsc#1212080)
* Fix: utils: pass env to child process explicitly (bsc#1205925)
* Fix: utils: set env `CIB_shadow` using `os.environ` (bsc#1205925)
* Fix: pass env to child process explicitly (bsc#1205925)
* Fix: term: unset env `COLUMNS` and `ROWS` (bsc#1205925)
- cups
-
- Require the exact matching version-release of all libcups*
sub-packages (bsc#1226192)
- cups-2.2.7-CVE-2024-35235.patch is derived
from the upstream patch against master (CUPS 2.5)
to behave backward compatible for CUPS 2.2.7
in SLE15 and openSUSE Leap 15 to fix CVE-2024-35235
"cupsd Listen port arbitrary chmod 0140777"
without the more secure but backward-incompatible behaviour
of the upstream patch for CUPS 2.5
that ignores domain sockets specified in 'Listen' entries
in /etc/cups/cupsd.conf when cupsd is lauched via systemd
(in particular when launched on-demand by systemd)
https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
bsc#1225365
- cups-2.2.7-web-ui-kerberos-authentication.patch, update
patch to handle local 'Negotiate' authentication response
for cli clients. (bsc#1223179).
- Remove '--enable-debug-printfs' from configure options, see
https://github.com/OpenPrinting/cups/issues/875
(bsc#1217119).
- desktop-data-SLE
-
- Fix typo in the desktop files for some of the wallpapers
(bsc#1222146).
- docker
-
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.6-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2506>
- This update includes a fix for CVE-2024-41110. bsc#1228324
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
* 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
symlinks. Backport of <https://github.com/moby/buildkit/pull/4896> and
<https://github.com/moby/buildkit/pull/5060>. bsc#1221916
+ 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- Write volume options atomically so sudden system crashes won't result in
future Docker starts failing due to empty files. Backport of
<https://github.com/moby/moby/pull/48034>. bsc#1214855
+ 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.5-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2505> bsc#1223409
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- Update --add-runtime to point to correct binary path.
- dracut
-
- Update to version 055+suse.388.g70c21afa:
* feat(crypt): force the inclusion of crypttab entries with x-initrd.attach (bsc#1226529)
* fix(mdraid): try to assemble the missing raid device (bsc#1226412)
* fix(dracut-install): continue parsing if ldd prints "cannot be preloaded" (bsc#1208690)
- e2fsprogs
-
EA Inode handling fixes:
- ext2fs-avoid-re-reading-inode-multiple-times.patch: ext2fs: avoid re-reading
inode multiple times (bsc#1223596)
- e2fsck-fix-potential-out-of-bounds-read-in-inc_ea_in.patch: e2fsck: fix
potential out-of-bounds read in inc_ea_inode_refs() (bsc#1223596)
- e2fsck-add-more-checks-for-ea-inode-consistency.patch: e2fsck: add more
checks for ea inode consistency (bsc#1223596)
- e2fsck-fix-golden-output-of-several-tests.patch: e2fsck: fix golden output of
several tests (bsc#1223596)
- fdupes
-
- Do not use sqlite, as this pulls sqlite into Ring0 at no real
benefit performance wise: the cache is not reused between runs.
+ Drop sqlite-devel BuildRequires
+ Pass --without-sqlite to configure
- Update to 2.3.0:
* Add --cache option to speed up file comparisons.
* Use nanosecond precision for file times, if available.
* Fix compilation issue on OpenBSD.
* Other changes like fixing typos, wording, etc.
- update to 2.2.1:
* Fix bug in code meant to skip over the current log file when --log option is given.
* Updates to copyright notices in source code.
* Add --deferconfirmation option.
* Check that files marked as duplicates haven't changed during program execution before deleting them.
* Update documentation to indicate units for SIZE in command-line options.
* Move some configuration settings to configure.ac file.
- Fixes for the new wrapper:
* Order duplicates by name, to get a reproducible file set
(boo#1197484).
* Remove redundant order parameter from fdupes invocation.
* Modernize code, significantly reduce allocations.
* Exit immediately when mandatory parameters are missing.
* Remove obsolete buildroot parameter
* Add some tests for the wrapper
- A more correct approach to creating symlinks (old bug actually):
Do not link the files as given by fdupes, but turn them into
relative links (it works by chance if given a buildroot, but
fails if running on a subdirectory)
- Support multiple directories given (as glob to the macro)
- Handle symlinks (-s argument) correctly
- Simplify macros.fdupes with a call to a C++ program that does
the same within a fraction of a second what the shell loop did
in many seconds (bsc#1195709)
- gdk-pixbuf
-
- Enable test suite on x86_64 (other arches seem too flaky for now):
+ Add %check section and call %meson_test
+ Add gdk-pixbuf-jpeg-slow.patch: allow pixbuf-jpeg to run for
more than 30s, by marking it as a slow test
(glgo#GNOME/gdk-pixbuf!174).
- Migrate package to a regular obs_scm service, no longer password
protecting a zip file. The originally reported bsc#1159337 seems
no longer be applicable and we prefer the easier route.
- Drop unzip BuildRequires and pre_checkin.sh script.
- Update to version 2.42.12:
+ Fix a build failure,
+ Fix occasional build failures,
+ ani: Reject files with multiple INA or IART chunks,
+ ani: Reject files with multiple anih chunks (CVE-2022-48622),
+ ani: validate chunk size,
+ Updated translations.
- Drop 238893d8cd6f9c2616a05ab521a29651a17a38c2.patch: fixed
upstream.
- Pass -Dothers=enabled to meson: enable other image loaders (most
notably beeded seems xpm,xbm). This is in line with upstreams
recommendation for now, but won't be working past version 2.43.x.
The loaders will likely be split out into a separate repo.
(boo#1223903, glgo#GNOME/gdk-pixbuf!169).
- Add 238893d8cd6f9c2616a05ab521a29651a17a38c2.patch: Fix test
suite with other loaders enabled.
- Update to version 2.42.11:
+ Disable fringe loaders by default.
+ Introspection fixes.
+ Updated translations.
- Fix path to gdk-pixbuf-query-loader in pkg-config file: we rename
the loader to be multi-arch compatible and thus also need to
adjust the .pc file to have build-systems find it.
- Update to version 2.42.10:
+ Search for rst2man.py.
+ Update the memory size limit for JPEG images.
+ Updated translations.
- Drop patch fixed upstream (with different limit):
+ 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch
- glib2
-
- Add patches to fix CVE-2024-34397 (boo#1224044):
glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
- glibc
-
- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
addgetnetgrentX (CVE-2024-33602, bsc#1223425)
- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
for _start routine (bsc#1221940)
- glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch:
nscd: Stack-based buffer overflow in netgroup cache
(CVE-2024-33599, bsc#1223423, BZ #31677)
- glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch:
nscd: Avoid null pointer crashes after notfound response
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch:
nscd: Do not send missing not-found response in addgetnetgrentX
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch:
netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601,
CVE-2024-33602, bsc#1223425, BZ #31680)
- gtk2
-
- Add CVE-2024-6655.patch: CVE-2024-6655 Stop looking for modules
in cwd (bsc#1228120).
- ipset
-
- Fix build with latest kernel, bsc#1223370
* bsc1223370.patch
- iputils
-
- Update 0002-arping-Fix-unsolicited-ARP-regressions-on-c-1.patch
after upstream merged the fix, update git commit hashes.
- Backport proposed fix for regression in upstream commit 4db1de6 (bsc#1224877)
0002-arping-Fix-unsolicited-ARP-regressions-on-c-1.patch
- Backport upstream fix for bsc#1224877
4db1de6 ("arping: Fix 1s delay on exit for unsolicited arpings")
0001-arping-Fix-1s-delay-on-exit-for-unsolicited-arpings.patch
- kdump
-
- spec: return success from pre, post, preun and postun scriplets
(bsc#1222228, bsc#1191410)
- spec: differentiate between uninstall and upgrade in postun/preun
(bsc#1191410)
- krb5
-
- Fix vulnerabilities in GSS message token handling, add patch
0011-Fix-vulnerabilities-in-GSS-message-token-handling.patch
* CVE-2024-37370, bsc#1227186
* CVE-2024-37371, bsc#1227187
- resource-agents
-
- Azure-lb fails if IPv6 disabled (bsc#1223554)
Add upstream patch
Add a new parameter: listen
This parameter can have following walues:
default: Neither -4 nor -6 will be used. The default behavior of socat and nc will be used.
socat: Listen only on IPv4 addresses
nc: If net.ipv6.bindv6only = 0 => Listen on both IPv4 and IP6 addresses
If net.ipv6.bindv6only = 1 => Listen only on IPv4 addresses
ipv4only: Listen only on IPv4 addresses.
ipv6enable: Enable TCP6 support.
nc: Listen only on IPv6 adresses independent of net.ipv6.bindv6only
socat: If net.ipv6.bindv6only = 0 => Listen on both IPv4 and IP6 addresses.
If net.ipv6.bindv6only = 1 => Listen only on IPv6 adresses.
Add patch:
0001-Azure-lb-fails-if-IPv6-disabled.patch
- less
-
- Fix CVE-2024-32487, mishandling of \n character in paths when
LESSOPEN is set leads to OS command execution
(CVE-2024-32487, bsc#1222849)
* CVE-2024-32487.patch
- llvm15
-
- Manage clang-cpp with update-alternatives like other binaries.
Solves upgrade issues from Leap 15.5 to 15.6. [boo#1221183]
- libqt5-qtbase
-
- Add patch from upstream to fix a regression in the ODBC driver
(bsc#1227513, QTBUG-112375):
* 0001-QSQL-ODBC-fix-regression-trailing-NUL.patch
* 0002-SQL-ODBC-Pass-correct-length-to-SQLColAttribute.patch
- abseil-cpp
-
- SLE-only: import upstream patch to fix build with gcc7 in C++17
mode: hash-fix-gcc7-cpp17-build.patch (bsc#1222261)
+ Upstream commit bb83aceacb554e79e7cd2404856f0be30bd00303
- update to 20240116.1:
* Add absl::NoDestructor<T> to simplify defining static types
that do not need to be destructed upon program exit.
* Add configurable verbose logging (also known as VLOG).
* Added absl::Overload(), which returns a functor that provides
overloads based on the functors passed to it. Note that this
functionality requires C++17 or newer.
* Breaking Change: AbslHashValue() no longer accepts C-style
arrays as a parameter, caller need to wrap C-string literals in
absl::string_view.
* Breaking Change: absl::weak_equality and absl::strong_equality
have been removed. The corresponding std types were removed
before C++20 was finalized
- gcc13
-
- Update to GCC 13.3 release
- Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761
- Removed gcc13-pr111731.patch now included upstream
- Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from
the GCN offload compiler as that is requiring Code Object version 3
which is no longer supported by llvm18.
- Add gcc13-pr101523.patch to avoid combine spending too much
compile-time and memory doing nothing on s390x. [boo#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- util-linux
-
- lscpu: Add more ARM cores (bsc#1223605,
util-linux-lscpu-add-more-ARM-cores-1.patch,
util-linux-lscpu-add-more-ARM-cores-2.patch,
util-linux-lscpu-add-more-ARM-cores-3.patch,
util-linux-lscpu-add-more-ARM-cores-4.patch,
util-linux-lscpu-add-more-ARM-cores-5.patch,
util-linux-lscpu-add-more-ARM-cores-6.patch).
- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609,
util-linux-chcpu-document-zVM-limitations.patch).
- bsc#1220117: Processes not cleaned up after failed SSH session are using up 100% CPU
+ util-linux-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch
- libbpf
-
- Fix null pointer dereference in bpf_object__collect_prog_relos()
(bsc#1221101)
* Add libbpf-Fix-NULL-pointer-dereference-in-bpf_object__c.patch
- cairo
-
- Add cairo-fix-infinite-loop-bsc1122321-CVE-2019-6462.patch: This
fixes a potentially infinite loop (bsc#1122321, CVE-2019-6462,
glfo#cairo/cairo#155).
- mozilla-nss
-
- Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh
depends on it and will create a broken, empty config, if sed is
missing (bsc#1227918)
- update to NSS 3.101.2
* bmo#1905691 - ChaChaXor to return after the function
- Added nss-fips-safe-memset.patch, fixing bsc#1222811.
- Removed some dead code from nss-fips-constructor-self-tests.patch.
- Rebased nss-fips-approved-crypto-non-ec.patch on above changes.
- Added nss-fips-aes-gcm-restrict.patch, fixing bsc#1222830.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222813,
bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118.
- Updated nss-fips-approved-crypto-non-ec.patch and
nss-fips-constructor-self-tests.patch, fixing bsc#1222807,
bsc#1222828, bsc#1222834.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222804,
bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116.
- update to NSS 3.101.1
* bmo#1901932 - missing sqlite header.
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
- update to NSS 3.101
* bmo#1900413 - add diagnostic assertions for SFTKObject refcount.
* bmo#1899759 - freeing the slot in DeleteCertAndKey if authentication failed
* bmo#1899883 - fix formatting issues.
* bmo#1889671 - Add Firmaprofesional CA Root-A Web to NSS.
* bmo#1899593 - remove invalid acvp fuzz test vectors.
* bmo#1898830 - pad short P-384 and P-521 signatures gtests.
* bmo#1898627 - remove unused FreeBL ECC code.
* bmo#1898830 - pad short P-384 and P-521 signatures.
* bmo#1898825 - be less strict about ECDSA private key length.
* bmo#1854439 - Integrate HACL* P-521.
* bmo#1854438 - Integrate HACL* P-384.
* bmo#1898074 - memory leak in create_objects_from_handles.
* bmo#1898858 - ensure all input is consumed in a few places in mozilla::pkix
* bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
* bmo#1748105 - clean up escape handling
* bmo#1896353 - Use lib::pkix as default validator instead of the old-one
* bmo#1827444 - Need to add high level support for PQ signing.
* bmo#1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation
* bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
* bmo#1893404 - Allow for non-full length ecdsa signature when using softoken
* bmo#1830415 - Modification of .taskcluster.yml due to mozlint indent defects
* bmo#1793811 - Implement support for PBMAC1 in PKCS#12
* bmo#1897487 - disable VLA warnings for fuzz builds.
* bmo#1895032 - remove redundant AllocItem implementation.
* bmo#1893334 - add PK11_ReadDistrustAfterAttribute.
* bmo#215997 - Clang-formatting of SEC_GetMgfTypeByOidTag update
* bmo#1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
* bmo#1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile.
* bmo#1830415 - Switch to the mozillareleases/image_builder image
- Follow upstream changes in nss-fips-constructor-self-tests.patch (switch from ec_field_GFp to ec_field_plain)
- Remove part of nss-fips-zeroization.patch that got removed upstream
- update to NSS 3.100
- bmo#1893029 - merge pk11_kyberSlotList into pk11_ecSlotList for
faster Xyber operations.
- bmo#1893752 - remove ckcapi.
- bmo#1893162 - avoid a potential PK11GenericObject memory leak.
- bmo#671060 - Remove incomplete ESDH code.
- bmo#215997 - Decrypt RSA OAEP encrypted messages.
- bmo#1887996 - Fix certutil CRLDP URI code.
- bmo#1890069 - Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
- bmo#676118 - Add ability to encrypt and decrypt CMS messages using ECDH.
- bmo#676100 - Correct Templates for key agreement in smime/cmsasn.c.
- bmo#1548723 - Moving the decodedCert allocation to NSS.
- bmo#1885404 - Allow developers to speed up repeated local execution
of NSS tests that depend on certificates.
- update to NSS 3.99
* Removing check for message len in ed25519 (bmo#1325335)
* add ed25519 to SECU_ecName2params. (bmo#1884276)
* add EdDSA wycheproof tests. (bmo#1325335)
* nss/lib layer code for EDDSA. (bmo#1325335)
* Adding EdDSA implementation. (bmo#1325335)
* Exporting Certificate Compression types (bmo#1881027)
* Updating ACVP docker to rust 1.74 (bmo#1880857)
* Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335)
* Add NSS_CMSRecipient_IsSupported. (bmo#1877730)
- update to NSS 3.98
* bmo#1780432 - (CVE-2023-5388) Timing attack against RSA decryption
in TLS
* bmo#1879513 - Certificate Compression: enabling the check that
the compression was advertised
* bmo#1831552 - Move Windows workers to nss-1/b-win2022-alpha
* bmo#1879945 - Remove Email trust bit from OISTE WISeKey
Global Root GC CA
* bmo#1877344 - Replace `distutils.spawn.find_executable` with
`shutil.which` within `mach` in `nss`
* bmo#1548723 - Certificate Compression: Updating nss_bogo_shim to
support Certificate compression
* bmo#1548723 - TLS Certificate Compression (RFC 8879) Implementation
* bmo#1875356 - Add valgrind annotations to freebl kyber operations
for constant-time execution tests
* bmo#1870673 - Set nssckbi version number to 2.66
* bmo#1874017 - Add Telekom Security roots
* bmo#1873095 - Add D-Trust 2022 S/MIME roots
* bmo#1865450 - Remove expired Security Communication RootCA1 root
* bmo#1876179 - move keys to a slot that supports concatenation in
PK11_ConcatSymKeys
* bmo#1876800 - remove unmaintained tls-interop tests
* bmo#1874937 - bogo: add support for the -ipv6 and -shim-id shim
flags
* bmo#1874937 - bogo: add support for the -curves shim flag and
update Kyber expectations
* bmo#1874937 - bogo: adjust expectation for a key usage bit test
* bmo#1757758 - mozpkix: add option to ignore invalid subject
alternative names
* bmo#1841029 - Fix selfserv not stripping `publicname:` from -X value
* bmo#1876390 - take ownership of ecckilla shims
* bmo#1874458 - add valgrind annotations to freebl/ec.c
* bmo#864039 - PR_INADDR_ANY needs PR_htonl before assignment to inet.ip
* bmo#1875965 - Update zlib to 1.3.1
- Use %patch -P N instead of deprecated %patchN.
- update to NSS 3.97
* bmo#1875506 - make Xyber768d00 opt-in by policy
* bmo#1871631 - add libssl support for xyber768d00
* bmo#1871630 - add PK11_ConcatSymKeys
* bmo#1775046 - add Kyber and a PKCS#11 KEM interface to softoken
* bmo#1871152 - add a FreeBL API for Kyber
* bmo#1826451 - part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff
* bmo#1826451 - part 1: add a script for vendoring kyber from pq-crystals repo
* bmo#1835828 - Removing the calls to RSA Blind from loader.*
* bmo#1874111 - fix worker type for level3 mac tasks
* bmo#1835828 - RSA Blind implementation
* bmo#1869642 - Remove DSA selftests
* bmo#1873296 - read KWP testvectors from JSON
* bmo#1822450 - Backed out changeset dcb174139e4f
* bmo#1822450 - Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation
* bmo#1871219 - Wrap CC shell commands in gyp expansions
- update to NSS 3.96.1
* bmo#1869408 - Use pypi dependencies for MacOS worker in ./build_gyp.sh
* bmo#1830978 - p7sign: add -a hash and -u certusage (also p7verify cleanups)
* bmo#1867408 - add a defensive check for large ssl_DefSend return values
* bmo#1869378 - Add dependency to the taskcluster script for Darwin
* bmo#1869378 - Upgrade version of the MacOS worker for the CI
- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
explicit default trust flags" test needs longer than the allowed
6 seconds on s390x
- update to NSS 3.95
* bmo#1842932 - Bump builtins version number.
* bmo#1851044 - Remove Email trust bit from Autoridad de Certificacion
Firmaprofesional CIF A62634068 root cert.
* bmo#1855318 - Remove 4 DigiCert (Symantec/Verisign) Root Certificates
* bmo#1851049 - Remove 3 TrustCor Root Certificates from NSS.
* bmo#1850982 - Remove Camerfirma root certificates from NSS.
* bmo#1842935 - Remove old Autoridad de Certificacion Firmaprofesional
Certificate.
* bmo#1860670 - Add four Commscope root certificates to NSS.
* bmo#1850598 - Add TrustAsia Global Root CA G3 and G4 root certificates.
* bmo#1863605 - Include P-384 and P-521 Scalar Validation from HACL*
* bmo#1861728 - Include P-256 Scalar Validation from HACL*.
* bmo#1861265 - After the HACL 256 ECC patch, NSS incorrectly encodes
256 ECC without DER wrapping at the softoken level
* bmo#1837987 - Add means to provide library parameters to C_Initialize
* bmo#1573097 - clang format
* bmo#1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
* bmo#1858241 - Typo in ssl3_AppendHandshakeNumber
* bmo#1858241 - Introducing input check of ssl3_AppendHandshakeNumber
* bmo#1573097 - Fix Invalid casts in instance.c
- update to NSS 3.94
* bmo#1853737 - Updated code and commit ID for HACL*
* bmo#1840510 - update ACVP fuzzed test vector: refuzzed with
current NSS
* bmo#1827303 - Softoken C_ calls should use system FIPS setting
to select NSC_ or FC_ variants
* bmo#1774659 - NSS needs a database tool that can dump the low level
representation of the database
* bmo#1852179 - declare string literals using char in pkixnames_tests.cpp
* bmo#1852179 - avoid implicit conversion for ByteString
* bmo#1818766 - update rust version for acvp docker
* bmo#1852011 - Moving the init function of the mpi_ints before
clean-up in ec.c
* bmo#1615555 - P-256 ECDH and ECDSA from HACL*
* bmo#1840510 - Add ACVP test vectors to the repository
* bmo#1849077 - Stop relying on std::basic_string<uint8_t>
* bmo#1847845 - Transpose the PPC_ABI check from Makefile to gyp
- rebased patches
- added nss-fips-test.patch to fix broken test
- Update to NSS 3.93:
* bmo#1849471 - Update zlib in NSS to 1.3.
* bmo#1848183 - softoken: iterate hashUpdate calls for long inputs.
* bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980).
- Rebase nss-fips-pct-pubkeys.patch.
- update to NSS 3.92
* bmo#1822935 - Set nssckbi version number to 2.62
* bmo#1833270 - Add 4 Atos TrustedRoot Root CA certificates to NSS
* bmo#1839992 - Add 4 SSL.com Root CA certificates
* bmo#1840429 - Add Sectigo E46 and R46 Root CA certificates
* bmo#1840437 - Add LAWtrust Root CA2 (4096)
* bmo#1822936 - Remove E-Tugra Certification Authority root
* bmo#1827224 - Remove Camerfirma Chambers of Commerce Root.
* bmo#1840505 - Remove Hongkong Post Root CA 1
* bmo#1842928 - Remove E-Tugra Global Root CA ECC v3 and RSA v3
* bmo#1842937 - Avoid redefining BYTE_ORDER on hppa Linux
- update to NSS 3.91
* bmo#1837431 - Implementation of the HW support check for ADX instruction
* bmo#1836925 - Removing the support of Curve25519
* bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
* bmo#1839327 - Adding args to enable-legacy-db build
* bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
default trust flags"
* bmo#1837617 - Initialize flags in slot structures
* bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
* bmo#1829112 - Followup Fixes
* bmo#1784253 - avoid processing unexpected inputs by checking for
m_exptmod base sign
* bmo#1826652 - add a limit check on order_k to avoid infinite loop
* bmo#1834851 - Update HACL* to commit 5f6051d2
* bmo#1753026 - add SHA3 to cryptohi and softoken
* bmo#1753026 - HACL SHA3
* bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch
- update to NSS 3.90.3
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
* bmo#1748105 - clean up escape handling.
* bmo#1895032 - remove redundant AllocItem implementation.
* bmo#1836925 - Disable ASM support for Curve25519.
* bmo#1836781 - Disable ASM support for Curve25519 for all but X86_64.
- remove upstreamed nss-fix-bmo1836925.patch
- Adding nss-fips-bsc1223724.patch to fix startup crash of Firefox
when using FIPS-mode (bsc#1223724).
- Added "Provides: nss" so other RPMs that require 'nss' can
be installed (jira PED-6358).
- jitterentropy
-
- Fix a stack corruption on s390x: [bsc#1209627]
* Output size of the STCKE command on s390x is 16 bytes, compared
to 8 bytes of the STCK command. Fix a stack corruption in the
s390x version of jent_get_nstime(). Add some more detailed
information on the STCKE command.
* github.com/smuellerDD/jitterentropy-library/commit/7bf9f85
* Add jitterentropy-fix-a-stack-corruption-on-s390x.patch
- openssl-1_1
-
- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
security vulnerability. Calling the function SSL_free_buffers()
potentially caused memory to be accessed that was previously
freed in some situations and a malicious attacker could attempt
to engineer a stituation where this occurs to facilitate a
denial-of-service attack. [CVE-2024-4741, bsc#1225551]
- Security fix: [bsc#1222548, CVE-2024-2511]
* Fix unconstrained session cache growth in TLSv1.3
* Add openssl-CVE-2024-2511.patch
- libqb
-
- ipc: Retry receiving credentials if the the message is short (gh#ClusterLabs/libqb#476, rh#2111711, bsc#1224183)
* bsc#1224183-0001-ipc-Retry-receiving-credentials-if-the-the-message-i.patch
- libsolv
-
- add a conflict to older libsolv-tools to libsolv-tools-base
- improve updating of installed multiversion packages
- fix decision introspection going into an endless loop in some
cases
- added experimental lua bindings
- bump version to 0.7.29
- split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- suseconnect-ng
-
- Update version to 1.11
- Added uname as collector
- Added SAP workload detection
- Added detection of container runtimes
- Multiple fixes on ARM64 detection
- Use `read_values` for the CPU collector on Z
- Fixed data collection for ppc64le
- Grab the home directory from /etc/passwd if needed (bsc#1226128)
- Update version to 1.10.0
* Build zypper-migration and zypper-packages-search as standalone
binaries rather then one single binary
* Add --gpg-auto-import-keys flag before action in zypper command (bsc#1219004)
* Include /etc/products.d in directories whose content are backed
up and restored if a zypper-migration rollback happens. (bsc#1219004)
* Add the ability to upload the system uptime logs, produced by the
suse-uptime-tracker daemon, to SCC/RMT as part of keepalive report.
(jsc#PED-7982) (jsc#PED-8018)
* Add support for third party packages in SUSEConnect
* Refactor existing system information collection implementation
- Update to version 1.9.0
* Fix certificate import for Yast when using a registration proxy with
self-signed SSL certificate (bsc#1223107)
- tiff
-
- security update:
* CVE-2023-3164 [bsc#1212233]
Fix heap buffer overflow in tiffcrop
+ tiff-CVE-2023-3164.patch
- tpm2-0-tss
-
- add 0001-FAPI-Fix-check-of-magic-number-in-verify-quote.patch: fixes
CVE-2024-29040 (bsc#1223690): Missing verification of the magic number in
Fapi_VerifyQuote(), which might allow an attacker to generate arbitrary
quote data, which would not be detected by Fapi_VerifyQuote().
- libvirt
-
- rpc: Don't warn about "max_client_requests" in single-threaded
daemons
boo#1224327
- security: Ensure file exists before attempting to restore label
bsc#1220714
- libxml2
-
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
xmlHTMLPrintFileContext in xmllint.c
* Added libxml2-CVE-2024-34459.patch
- libzypp
-
- zypp-tui: Make sure translated texts use the correct textdomain
(fixes #551)
- Skip libproxy1 requires for tumbleweed.
- version 17.34.1 (34)
- don't require libproxy1 on tumbleweed, it is optional now
- version 17.34.0 (34)
- Fix versioning scheme
- version 17.33.4 (35)
- add one more missing export for libyui-qt-pkg
- Revert eintrSafeCall behavior to setting errno to 0.
- version 17.33.3 (34)
- fix up requires_eq usage for libsolv-tools-base
- add one more missing export for PackageKit
- version 17.33.2
- version 17.33.1 (33)
- switch to reduced size libsolv-tools-base (jsc#PED-8153)
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- Add ZYPP_API for exported functions and switch to
visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- version 17.33.0 (33)
- Fix download from gpgkey URL (bsc#1223430, fixes openSUSE/zypper#546)
- version 17.32.6 (32)
- Don't try to refresh volatile media as long as raw metadata are
present (bsc#1223094)
- version 17.32.5 (32)
- shadow
-
- bsc#1228770: Fix not copying of skel files
Update shadow-CVE-2013-4235.patch
- bsc#916845 (CVE-2013-4235): Fix TOCTOU race condition
Add shadow-CVE-2013-4235.patch
- ocfs2-tools
-
- OCFS2 writes delay on large volumes - slow la window lookup from global_bitmap (bsc#1219224)
* bsc1219224-debugfs.ocfs2-support-recording-gd-bg_contig_free_bi.patch
- fsck.ocfs2: add the ability to clear jbd2 errno (bsc#1216834)
+ bsc1216834-fsck.ocfs2-add-the-ability-to-clear-jbd2-errno.patch
- pacemaker
-
- tools: CIB clients retry signon upon an EAGAIN error (gh#ClusterLabs/pacemaker#3567, bsc#1224183)
* bsc#1224183-0002-Fix-tools-CIB-clients-retry-signon-upon-an-EAGAIN-er.patch
- libcib: new function cib__signon_attempts() (gh#ClusterLabs/pacemaker#3567, bsc#1224183)
* bsc#1224183-0001-Refactor-libcib-new-function-cib__signon_attempts.patch
- libcrmcommon: reject ISO 8601 duration without any values (gh#ClusterLabs/pacemaker#3517)
* pacemaker#3517-0002-Low-libcrmcommon-reject-ISO-8601-duration-without-an.patch
- libstonithd: prevent to free 'op_reply' repeatedly in 'stonith_send_command' (gh#ClusterLabs/pacemaker#3517)
* pacemaker#3517-0001-prevent-to-free-op_reply-repeatedly-in-stonith_send_.patch
- libpacemaker: correctly retrieve any existing fail-count for increment (gh#ClusterLabs/pacemaker#3513)
* pacemaker#3513-0001-Fix-libpacemaker-correctly-retrieve-any-existing-fai.patch
- tools: make crm_mon exit upon loss of the attached pseudo-terminal (bsc#1220229, gh#ClusterLabs/pacemaker#3430)
* bsc#1220229-0001-Fix-tools-make-crm_mon-exit-upon-loss-of-the-attache.patch
- libcib: Don't incorrectly expand "++" and "+=" in XML attr values (gh#ClusterLabs/pacemaker#3413)
* pacemaker#3413-0003-Fix-libcib-Don-t-incorrectly-expand-and-in-XML-attr-.patch
- cts-cli: Update for pcmk__inject_failcount() setting integer value (gh#ClusterLabs/pacemaker#3413)
* pacemaker#3413-0002-Test-cts-cli-Update-for-pcmk__inject_failcount-setti.patch
- libpacemaker: pcmk__inject_failcount should set an integer value (gh#ClusterLabs/pacemaker#3413)
* pacemaker#3413-0001-Low-libpacemaker-pcmk__inject_failcount-should-set-a.patch
- scheduler: log unknown nodes in location constraints (gh#ClusterLabs/pacemaker#3409, CLBZ#5415)
* pacemaker#3409-0007-Log-scheduler-log-unknown-nodes-in-location-constrai.patch
- scheduler: correct lifetime deprecation warning (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0006-Log-scheduler-correct-lifetime-deprecation-warning.patch
- tools: honor rules when getting utilization attributes with crm_resource (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0005-Fix-tools-honor-rules-when-getting-utilization-attri.patch
- scheduler: deprecate support for default instance attributes (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0004-Low-scheduler-deprecate-support-for-default-instance.patch
- scheduler: use default timeout (20s) if user configures 0 (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0003-Fix-scheduler-use-default-timeout-20s-if-user-config.patch
- tools: crm_resource should ignore resource meta-attribute node expressions (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0001-Fix-tools-crm_resource-should-ignore-resource-meta-a.patch
- fencer: always format time_t values as long long (gh#ClusterLabs/pacemaker#3407)
* pacemaker#3407-0001-Log-fencer-always-format-time_t-values-as-long-long.patch
- libcrmcommon: NULL-check strdup() in pcmk__register_message() (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0004-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch
- libcrmcommon: NULL-check strdup() in pcmk__register_format() (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0003-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch
- libpacemaker: Correctly free graphs and synapses (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0002-Low-libpacemaker-Correctly-free-graphs-and-synapses.patch
- libcrmcommon: Initialize some variables (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0001-Low-libcrmcommon-Initialize-some-variables.patch
- HealthSMART:fix the description of temp_lower_limit (gh#ClusterLabs/pacemaker#3392)
* pacemaker#3392-0001-Doc-HealthSMART-fix-the-description-of-temp_lower_li.patch
- cibsecret: Use 'ps axww' to avoid truncating issue (gh#ClusterLabs/pacemaker#3384)
* pacemaker#3384-0001-Fix-cibsecret-Use-ps-axww-to-avoid-truncating-issue.patch
- libcrmcommon: Don't try to parse XML from bad .bz2 file (gh#ClusterLabs/pacemaker#3361)
* pacemaker#3361-0001-Low-libcrmcommon-Don-t-try-to-parse-XML-from-bad-.bz.patch
- libcrmcommon: use uint32_t for 32-bit magic numbers (gh#ClusterLabs/pacemaker#3381)
* pacemaker#3381-0001-Fix-libcrmcommon-use-uint32_t-for-32-bit-magic-numbe.patch
- libcrmcommon: Use free_xml in html_free_priv. (gh#ClusterLabs/pacemaker#3380)
* pacemaker#3380-0003-Low-libcrmcommon-Use-free_xml-in-html_free_priv.patch
- libcrmcommon: Free error strings in html/xml outputters. (gh#ClusterLabs/pacemaker#3380)
* pacemaker#3380-0002-Low-libcrmcommon-Free-error-strings-in-html-xml-outp.patch
- libcrmcommon: Free text/curses private list data. (gh#ClusterLabs/pacemaker#3380)
* pacemaker#3380-0001-Low-libcrmcommon-Free-text-curses-private-list-data.patch
- tools: Fix argument validation for crm_attribute update. (gh#ClusterLabs/pacemaker#3379)
* pacemaker#3379-0001-Low-tools-Fix-argument-validation-for-crm_attribute-.patch
- pam_pkcs11
-
- Fix for bsc#1221255:
* Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch
- patterns-base
-
- Added a fips-certified pattern matching the exact certified
FIPS versions
- perl
-
- fix space calculation issues in pp_pack.c [bnc#1082216]
[CVE-2018-6913]
* new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
[CVE-2018-6798]
new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
new patch: perl-net-ftp-tls13.diff
- python-Jinja2
-
- Add CVE-2024-34064.patch upstream patch
(CVE-2024-34064, bsc#1223980, gh#pallets/jinja@0668239dc6b4)
Also fixes (CVE-2024-22195, bsc#1218722)
- python3-lxml
-
- Add libexpat-2.6.0-backport.patch to fix compatibility with system
libexpat in tests (bsc#1222075, CVE-2023-52425).
- python-requests
-
- Update CVE-2024-35195.patch to allow the usage of "verify" parameter
as a directory, bsc#1225912
- Add CVE-2024-35195.patch (CVE-2024-35195, bsc#1224788)
- Add httpbin.patch to fix a test failure caused by the previous patch.
- salt
-
- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master
- Mark python3-CherryPy as recommended package for the testsuite
- Added:
* skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
* make-reactor-engine-less-blocking-the-eventpublisher.patch
* remove-unused-import-causing-delays-on-starting-salt.patch
* make-logging-calls-lighter.patch
* remove-redundant-_file_find-call-to-the-master.patch
* prevent-possible-exception-in-tornado.concurrent.fut.patch
* do-not-call-the-async-wrapper-calls-with-the-separat.patch
* add-missing-contextvars-dependency-in-salt.version.patch
* prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
* speed-up-salt.matcher.confirm_top-by-using-__context.patch
* improve-broken-events-catching-and-reporting.patch
* make-salt-master-self-recoverable-on-killing-eventpu.patch
- Make "man" a recommended package instead of required
- Convert oscap output to UTF-8
- Make Salt compatible with Python 3.11
- Ignore non-ascii chars in oscap output (bsc#1219001)
- Fix detected issues in Salt tests when running on VMs
- Make importing seco.range thread safe (bsc#1211649)
- Fix problematic tests and allow smooth tests executions
on containers
- Discover Ansible playbook files as "*.yml" or "*.yaml"
files (bsc#1211888)
- Provide user(salt)/group(salt) capabilities for RPM 4.19
- Extend dependencies for python3-salt-testsuite
and python3-salt packages
- Improve Salt and testsuite packages multibuild
- Enable multibuilld and create test flavor
- Prevent exceptions with fileserver.update when called
via state (bsc#1218482)
- Improve pip target override condition with VENV_PIP_TARGET
environment variable (bsc#1216850)
- Fixed KeyError in logs when running a state that fails
- Added:
* make-importing-seco.range-thread-safe-bsc-1211649.patch
* fixed-keyerror-in-logs-when-running-a-state-that-fai.patch
* allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch
* decode-oscap-byte-stream-to-string-bsc-1219001.patch
* fix-problematic-tests-and-allow-smooth-tests-executi.patch
* discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch
* fix-salt-warnings-and-testuite-for-python-3.11-635.patch
* switch-oscap-encoding-to-utf-8-639.patch
* fix-tests-failures-and-errors-when-detected-on-vm-ex.patch
* improve-pip-target-override-condition-with-venv_pip_.patch
- python-urllib3
-
- Add CVE-2024-37891.patch (bsc#1226469, CVE-2024-37891)
- python-PyNaCl
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- python-six not required
- python-bcrypt
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- Removed not needed C build dependencies
- Enable for all archs by default
- Update to 4.0.1:
* We now build PyPy manylinux wheels.
* Fixed a bug where passing an invalid salt to checkpw could result in a
pyo3_runtime.PanicException. It now correctly raises a ValueError.
- 4.0.0:
* bcrypt is now implemented in Rust. Users building from source will need to
have a Rust compiler available. Nothing will change for users downloading
wheels.
* We no longer ship manylinux2010 wheels. Users should upgrade to the latest
pip to ensure this doesn’t cause issues downloading wheels on their
platform. We now ship manylinux_2_28 wheels for users on new enough
platforms.
* NUL bytes are now allowed in inputs.
- Remove not needed python-six dependency
- update to 3.2.2:
* Fixed packaging of ``py.typed`` files in wheels so that ``mypy`` works.
* Added support for compilation on z/OS
* The next release of ``bcrypt`` with be 4.0 and it will require Rust at
compile time, for users building from source. There will be no additional
requirement for users who are installing from wheels. Users on most
platforms will be able to obtain a wheel by making sure they have an up to
date ``pip``. The minimum supported Rust version will be 1.56.0.
- python-boto3
-
- Drop Provides for SLE 15 SP4 and openSUSE Leap 15.4 and later
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371)
- Switch to wheel build
- Update to 1.34.31
* api-change:``datazone``: [``botocore``] Add new skipDeletionCheck to
DeleteDomain. Add new skipDeletionCheck to DeleteProject which also
automatically deletes dependent objects
* api-change:``route53``: [``botocore``] Update the SDKs for text changes
in the APIs.
- From 1.34.30
* api-change:``autoscaling``: [``botocore``] EC2 Auto Scaling customersi
who use attribute based instance-type selection can now intuitively
define their Spot instances price protection limit as a percentage of
the lowest priced On-Demand instance type.
* api-change:``comprehend``: [``botocore``] Comprehend PII analysis now
supports Spanish input documents.
* api-change:``ec2``: [``botocore``] EC2 Fleet customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
* api-change:``mwaa``: [``botocore``] This release adds MAINTENANCE
environment status for Amazon MWAA environments.
* api-change:``rds``: [``botocore``] Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods.
This provides enhanced error handling, ensuring a more robust experience.
* api-change:``snowball``: [``botocore``] Modified description of
createaddress to include direction to add path when providing a JSON file.
- From 1.34.29
* api-change:``connect``: [``botocore``] Update list and string length
limits for predefined attributes.
* api-change:``inspector2``: [``botocore``] This release adds ECR container
image scanning based on their lastRecordedPullTime.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Automatic
Model Tuning now provides an API to programmatically delete tuning jobs.
- From 1.34.28
* api-change:``acm-pca``: [``botocore``] AWS Private CA now supports an
option to omit the CDP extension from issued certificates, when CRL
revocation is enabled.
* api-change:``lightsail``: [``botocore``] This release adds support for
IPv6-only instance plans.
- From 1.34.27
* api-change:``ec2``: [``botocore``] Introduced a new clientToken request
parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken
parameter allows idempotent operations on the APIs.
* api-change:``ecs``: [``botocore``] Documentation updates for Amazon ECS.
* api-change:``outposts``: [``botocore``] DeviceSerialNumber parameter is
now optional in StartConnection API
* api-change:``rds``: [``botocore``] This release adds support for Aurora
Limitless Database.
* api-change:``storagegateway``: [``botocore``] Add DeprecationDate and
SoftwareVersion to response of ListGateways.
- From 1.34.26
* api-change:``inspector2``: [``botocore``] This release adds support for
CIS scans on EC2 instances.
- From 1.34.25
* enhancement:documentation: [``botocore``] Updates the GitHub issue
creation link in our README
- From 1.34.24
* api-change:``appconfigdata``: [``botocore``] Fix FIPS Endpoints in
aws-us-gov.
* api-change:``cloud9``: [``botocore``] Doc-only update around removing AL1
from list of available AMIs for Cloud9
* api-change:``cloudfront-keyvaluestore``: [``botocore``] This release
improves upon the DescribeKeyValueStore API by returning two additional
fields, Status of the KeyValueStore and the FailureReason in case of
failures during creation of KeyValueStore.
* api-change:``connectcases``: [``botocore``] This release adds the ability
to view audit history on a case and introduces a new parameter,
performedBy, for CreateCase and UpdateCase API's.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``ecs``: [``botocore``] This release adds support for
Transport Layer Security (TLS) and Configurable Timeout to ECS Service
Connect. TLS facilitates privacy and data security for inter-service
communications, while Configurable Timeout allows customized per-request
timeout and idle timeout for Service Connect services.
* api-change:``finspace``: [``botocore``] Allow customer to set zip default
through command line arguments.
* api-change:``organizations``: [``botocore``] Doc only update for quota
increase change
* api-change:``rds``: [``botocore``] Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules
client to latest version
- From 1.34.23
* api-change:``athena``: [``botocore``] Introducing new
NotebookS3LocationUri parameter to Athena ImportNotebook API. Payload is
no longer required and either Payload or NotebookS3LocationUri needs to be
provided (not both) for a successful ImportNotebook API call. If both are
provided, an InvalidRequestException will be thrown.
* api-change:``codebuild``: [``botocore``] Release CodeBuild Reserved
Capacity feature
* api-change:``dynamodb``: [``botocore``] This release adds support for
including ApproximateCreationDateTimePrecision configurations in
EnableKinesisStreamingDestination API, adds the same as an optional field
in the response of DescribeKinesisStreamingDestination, and adds support
for a new UpdateKinesisStreamingDestination API.
* api-change:``qconnect``: [``botocore``] Increased Quick Response name max
length to 100
- From 1.34.22
* api-change:``b2bi``: [``botocore``] Increasing TestMapping inputFileContent
file size limit to 5MB and adding file size limit 250KB for TestParsing
input file. This release also includes exposing InternalServerException
for Tag APIs.
* api-change:``cloudtrail``: [``botocore``] This release adds a new API
ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
* api-change:``connect``: [``botocore``] GetMetricDataV2 now supports 3
groupings
* api-change:``drs``: [``botocore``] Removed invalid and unnecessary
default values.
* api-change:``firehose``: [``botocore``] Allow support for Snowflake as
a Kinesis Data Firehose delivery destination.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Increase
BatchGetRecord limits from 10 items to 100 items
- From 1.34.21
* api-change:``dynamodb``: [``botocore``] Updating note for enabling streams
for UpdateTable.
* api-change:``keyspaces``: [``botocore``] This release adds support for
Multi-Region Replication with provisioned tables, and Keyspaces auto
scaling APIs
- From 1.34.20
* api-change:``iot``: [``botocore``] Revert release of LogTargetTypes
* api-change:``iotfleetwise``: [``botocore``] Updated APIs: SignalNodeType
query parameter has been added to ListSignalCatalogNodesRequest and
ListVehiclesResponse has been extended with attributes field.
* api-change:``macie2``: [``botocore``] This release adds support for
analyzing Amazon S3 objects that are encrypted using dual-layer
server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support
for reporting DSSE-KMS details in statistics and metadata about
encryption settings for S3 buckets and objects.
* api-change:``payment-cryptography``: [``botocore``] Provide an additional
option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31
in ImportKey and ExportKey operations. Added new key usage (type)
TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane
operations with ISO9797 Algorithm 1 MAC calculations.
* api-change:``personalize-runtime``: [``botocore``] Documentation updates
for Amazon Personalize
* api-change:``personalize``: [``botocore``] Documentation updates for
Amazon Personalize.
* api-change:``rekognition``: [``botocore``] This release adds ContentType
and TaxonomyLevel attributes to DetectModerationLabels and
GetMediaAnalysisJob API responses.
* api-change:``securityhub``: [``botocore``] Documentation updates for
AWS Security Hub
- From 1.34.19
* api-change:``sagemaker``: [``botocore``] This release will have
ValidationException thrown if certain invalid app types are provided. The
release will also throw ValidationException if more than 10 account ids
are provided in VpcOnlyTrustedAccounts.
- From 1.34.18
* api-change:``connect``: [``botocore``] Supervisor Barge for Chat is now
supported through the MonitorContact API.
* api-change:``connectparticipant``: [``botocore``] Introduce new
Supervisor participant role
* api-change:``location``: [``botocore``] Location SDK documentation update.
Added missing fonts to the MapConfiguration data type. Updated note for
the SubMunicipality property in the place data type.
* api-change:``mwaa``: [``botocore``] This Amazon MWAA feature release
includes new fields in CreateWebLoginToken response model. The new fields
IamIdentity and AirflowIdentity will let you match identifications, as
the Airflow identity length is currently hashed to 64 characters.
* api-change:``s3control``: [``botocore``] S3 On Outposts team adds
dualstack endpoints support for S3Control and S3Outposts API calls.
* api-change:``supplychain``: [``botocore``] This release includes APIs
CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
* api-change:``transfer``: [``botocore``] AWS Transfer Family now supports
static IP addresses for SFTP & AS2 connectors and for async MDNs on AS2
servers.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.17
* api-change:``ec2``: [``botocore``] This release adds support for adding
an ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``ecs``: [``botocore``] This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``events``: [``botocore``] Update events client to latest
version
* api-change:``iot``: [``botocore``] Add ConflictException to Update APIs of
AWS IoT Software Package Catalog
* api-change:``iotfleetwise``: [``botocore``] The following dataTypes have
been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType;
CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason;
CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in
NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
* api-change:``secretsmanager``: [``botocore``] Doc only update for Secrets
Manager
* api-change:``workspaces``: [``botocore``] Added AWS Workspaces
RebootWorkspaces API - Extended Reboot documentation update
- From 1.34.16
* api-change:``connectcampaigns``: [``botocore``] Minor pattern updates
for Campaign and Dial Request API fields.
* api-change:``location``: [``botocore``] This release adds API support for
custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
* api-change:``logs``: [``botocore``] Add support for account level
subscription filter policies to PutAccountPolicy, DescribeAccountPolicies,
and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been
modified with new optional "selectionCriteria" parameter for resource
selection.
* api-change:``qconnect``: [``botocore``] QueryAssistant and
GetRecommendations will be discontinued starting June 1, 2024. To receive
generative responses after March 1, 2024 you will need to create a new
Assistant in the Connect console and integrate the Amazon Q in Connect
JavaScript library (amazon-q-connectjs) into your applications.
* api-change:``redshift-serverless``: [``botocore``] Updates to
ConfigParameter for RSS workgroup, removal of use_fips_ssl
* api-change:``route53``: [``botocore``] Route53 now supports geoproximity
routing in AWS regions
* api-change:``wisdom``: [``botocore``] QueryAssistant and GetRecommendations
will be discontinued starting June 1, 2024. To receive generative responses
after March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
- From 1.34.15
* api-change:``codebuild``: [``botocore``] Aws CodeBuild now supports new
compute type BUILD_GENERAL1_XLARGE
* api-change:``ec2``: [``botocore``] Amazon EC2 R7iz bare metal instances
are powered by custom 4th generation Intel Xeon Scalable processors.
* api-change:``route53resolver``: [``botocore``] This release adds support
for query type configuration on firewall rules that enables customers for
granular action (ALLOW, ALERT, BLOCK) by DNS query type.
- From 1.34.14
* api-change:``connect``: [``botocore``] Minor trait updates for User APIs
* api-change:``kms``: [``botocore``] Documentation updates for AWS Key
Management Service (KMS).
* api-change:``redshift-serverless``: [``botocore``] use_fips_ssl and
require_ssl parameter support for Workgroup, UpdateWorkgroup, and
CreateWorkgroup
-From 1.34.13
* api-change:``config``: [``botocore``] Updated ResourceType enum with new
resource types onboarded by AWS Config in November and December 2023.
* api-change:``docdb``: [``botocore``] Adding PerformanceInsightsEnabled and
PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.
* api-change:``ecs``: [``botocore``] This release adds support for managed
instance draining which facilitates graceful termination of Amazon ECS
instances.
* api-change:``es``: [``botocore``] This release adds support for new or
existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with
perfect forward secrecy cipher suites for domain endpoints.
* api-change:``lightsail``: [``botocore``] This release adds support to set
up an HTTPS endpoint on an instance.
* api-change:``opensearch``: [``botocore``] This release adds support for
new or existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2
with perfect forward secrecy cipher suites for domain endpoints.
* api-change:``sagemaker``: [``botocore``] Adding support for provisioned
throughput mode for SageMaker Feature Groups
* api-change:``servicecatalog``: [``botocore``] Added Idempotency token
support to Service Catalog AssociateServiceActionWithProvisioningArtifact,
DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.12
* api-change:``connect``: [``botocore``] Amazon Connect, Contact Lens
Evaluation API increase evaluation notes max length to 3072.
* api-change:``mediaconvert``: [``botocore``] This release includes video
engine updates including HEVC improvements, support for ingesting VP9
encoded video in MP4 containers, and support for user-specified 3D LUTs.
- From 1.34.11
* api-change:``apprunner``: [``botocore``] AWS App Runner adds Python 3.11
and Node.js 18 runtimes.
* api-change:``location``: [``botocore``] This release introduces a new
parameter to bypasses an API key's expiry conditions and delete the key.
* api-change:``quicksight``: [``botocore``] Add LinkEntityArn support for
different partitions; Add UnsupportedUserEditionException in
UpdateDashboardLinks API; Add support for New Reader Experience Topics
- From 1.34.10
* api-change:``codestar-connections``: [``botocore``] New integration with
the GitLab self-managed provider type.
* api-change:``kinesis-video-archived-media``: [``botocore``]
NoDataRetentionException thrown when GetImages requested for a Stream
that does not retain data (that is, has a DataRetentionInHours of 0).
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Studio now
supports Docker access from within app container
- From 1.34.9
* api-change:``emr``: [``botocore``] Update emr client to latest version
- From 1.34.8
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity
and Access Management (IAM).
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules
client to latest version
- From 1.34.7
* api-change:``bedrock-agent``: [``botocore``] Adding Claude 2.1 support to
Bedrock Agents
* api-change:``glue``: [``botocore``] This release adds additional
configurations for Query Session Context on the following APIs:
GetUnfilteredTableMetadata, GetUnfilteredPartitionMetadata,
GetUnfilteredPartitionsMetadata.
* api-change:``lakeformation``: [``botocore``] This release adds additional
configurations on GetTemporaryGlueTableCredentials for Query Session
Context.
* api-change:``mediaconnect``: [``botocore``] This release adds the
DescribeSourceMetadata API. This API can be used to view the stream
information of the flow's source.
* api-change:``networkmonitor``: [``botocore``] CloudWatch Network Monitor
is a new service within CloudWatch that will help network administrators
and operators continuously monitor network performance metrics such as
round-trip-time and packet loss between their AWS-hosted applications and
their on-premises locations.
* api-change:``omics``: [``botocore``] Provides minor corrections and an
updated description of APIs.
* api-change:``secretsmanager``: [``botocore``] Update endpoint rules and
examples.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.6
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.19
* api-change:``amp``: [``botocore``] This release updates Amazon Managed
Service for Prometheus APIs to support customer managed KMS keys.
* api-change:``appintegrations``: [``botocore``] The Amazon AppIntegrations
service adds DeleteApplication API for deleting applications, and updates
APIs to support third party applications reacting to workspace events and
make data requests to Amazon Connect for agent and contact events.
* api-change:``bedrock-agent``: [``botocore``] This release introduces
Amazon Aurora as a vector store on Knowledge Bases for Amazon Bedrock
* api-change:``codecommit``: [``botocore``] AWS CodeCommit now supports
customer managed keys from AWS Key Management Service.
UpdateRepositoryEncryptionKey is added for updating the key configuration.
CreateRepository, GetRepository, BatchGetRepositories are updated with new
input or output parameters.
* api-change:``connect``: [``botocore``] Adds APIs to manage User
Proficiencies and Predefined Attributes. Enhances StartOutboundVoiceContact
API input. Introduces SearchContacts API. Enhances DescribeContact API.
Adds an API to update Routing Attributes in QueuePriority and
QueueTimeAdjustmentSeconds.
* api-change:``medialive``: [``botocore``] MediaLive now supports the ability
to configure the audio that an AWS Elemental Link UHD device produces, when
the device is configured as the source for a flow in AWS Elemental
MediaConnect.
* api-change:``neptune-graph``: [``botocore``] Adds Waiters for successful
creation and deletion of Graph, Graph Snapshot, Import Task and Private
Endpoints for Neptune Analytics
* api-change:``rds-data``: [``botocore``] This release adds support for
using RDS Data API with Aurora PostgreSQL Serverless v2 and provisioned DB
clusters.
* api-change:``rds``: [``botocore``] This release adds support for using RDS
Data API with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Training now
provides model training container access for debugging purposes. Amazon
SageMaker Search now provides the ability to use visibility conditions to
limit resource access to a single domain or multiple domains.
- From 1.34.5
* api-change:``appstream``: [``botocore``] This release introduces
configurable clipboard, allowing admins to specify the maximum length of
text that can be copied by the users from their device to the remote
session and vice-versa.
* api-change:``eks``: [``botocore``] Add support for cluster insights, new
EKS capability that surfaces potentially upgrade impacting issues.
* api-change:``guardduty``: [``botocore``] This release 1) introduces a new
API: GetOrganizationStatistics , and 2) adds a new UsageStatisticType
TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API
* api-change:``managedblockchain-query``: [``botocore``] Adding Confirmation
Status and Execution Status to GetTransaction Response.
* api-change:``mediatailor``: [``botocore``] Adds the ability to configure
time shifting on MediaTailor channels using the TimeShiftConfiguration
field
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the
Canada West (Calgary) Region (ca-west-1) for latency records, geoproximity
records, and private DNS for Amazon VPCs in that region.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.4
* api-change:``appsync``: [``botocore``] This release adds additional
configurations on GraphQL APIs for limits on query depth, resolver count,
and introspection
* api-change:``chime-sdk-meetings``: [``botocore``] Add meeting features to
specify a maximum camera resolution, a maximum content sharing resolution,
and a maximum number of attendees for a given meeting.
* api-change:``ec2``: [``botocore``] Provision BYOIPv4 address ranges and
advertise them by specifying the network border groups option in
Los Angeles, Phoenix and Dallas AWS Local Zones.
* api-change:``fsx``: [``botocore``] Added support for FSx for OpenZFS
on-demand data replication across AWS accounts and/or regions.Added the
IncludeShared attribute for DescribeSnapshots.Added the CopyStrategy
attribute for OpenZFSVolumeConfiguration.
* api-change:``marketplace-catalog``: [``botocore``] AWS Marketplace now
supports a new API, BatchDescribeEntities, which returns metadata and
content for multiple entities.
* api-change:``rds``: [``botocore``] RDS - The release adds two new APIs:
DescribeDBRecommendations and ModifyDBRecommendation
- From 1.34.3
* api-change:``cognito-idp``: [``botocore``] Amazon Cognito now supports
trigger versions that define the fields in the request sent to pre token
generation Lambda triggers.
* api-change:``eks``: [``botocore``] Add support for EKS Cluster Access
Management.
* api-change:``quicksight``: [``botocore``] A docs-only release to add
missing entities to the API reference.
* api-change:``route53resolver``: [``botocore``] Add DOH protocols in
resolver endpoints.
- From 1.34.2
* api-change:``cloud9``: [``botocore``] Updated Cloud9 API documentation for
AL2023 release
* api-change:``connect``: [``botocore``] Adds relatedContactId field to
StartOutboundVoiceContact API input. Introduces PauseContact API and
ResumeContact API for Task contacts. Adds pause duration, number of pauses,
timestamps for last paused and resumed events to DescribeContact API
response. Adds new Rule type and new Rule action.
* api-change:``connectcases``: [``botocore``] Increase number of fields that
can be included in CaseEventIncludedData from 50 to 200
* api-change:``kms``: [``botocore``] Documentation updates for AWS Key
Management Service
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation by
adding code examples
* api-change:``sagemaker``: [``botocore``] This release 1) introduces a new
API: DeleteCompilationJob , and 2) adds InfraCheckConfig for
Create/Describe training job API
- From 1.34.1
* api-change:``appstream``: [``botocore``] This release includes support for
images of Windows Server 2022 platform.
* api-change:``b2bi``: [``botocore``] Documentation updates for AWS B2B Data
Interchange
* api-change:``billingconductor``: [``botocore``] Billing Conductor is
releasing a new API, GetBillingGroupCostReport, which provides the ability
to retrieve/view the Billing Group Cost Report broken down by attributes
for a specific billing group.
* api-change:``connect``: [``botocore``] This release adds support for more
granular billing using tags (key:value pairs)
* api-change:``controltower``: [``botocore``] Documentation updates for
AWS Control Tower.
* api-change:``firehose``: [``botocore``] This release, 1) adds configurable
buffering hints for the Splunk destination, and 2) reduces the minimum
configurable buffering interval for supported destinations
* api-change:``gamelift``: [``botocore``] Amazon GameLift adds the ability
to add and update the game properties of active game sessions.
* api-change:``iot``: [``botocore``] This release adds the ability to
self-manage certificate signing in AWS IoT Core fleet provisioning using
the new certificate provider resource.
* api-change:``neptune-graph``: [``botocore``] This is the initial SDK
release for Amazon Neptune Analytics
* api-change:``opensearch``: [``botocore``] Updating documentation for Amazon
OpenSearch Service support for new zero-ETL integration with Amazon S3.
* api-change:``quicksight``: [``botocore``] Update Dashboard Links support;
SingleAxisOptions support; Scatterplot Query limit support.
* api-change:``workspaces``: [``botocore``] Updated note to ensure customers
understand running modes.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- From 1.34.0
* feature:Python: End of support for Python 3.7
* feature:Python: [``botocore``] End of support for Python 3.7
* api-change:``drs``: [``botocore``] Adding AgentVersion to SourceServer and
RecoveryInstance structures
- From 1.33.13
* api-change:``imagebuilder``: [``botocore``] This release adds the Image
Workflows feature to give more flexibility and control over the image
building and testing process.
* api-change:``location``: [``botocore``] This release 1) adds
sub-municipality field in Places API for searching and getting places
information, and 2) allows optimizing route calculation based on expected
arrival time.
* api-change:``logs``: [``botocore``] This release introduces the
StartLiveTail API to tail ingested logs in near real time.
- From 1.33.12
* api-change:``neptune``: [``botocore``] This release adds a new parameter
configuration setting to the Neptune cluster related APIs that can be
leveraged to switch between the underlying supported storage modes.
* api-change:``pinpoint``: [``botocore``] This release includes Amazon
Pinpoint API documentation updates pertaining to campaign message sending
rate limits.
* api-change:``securityhub``: [``botocore``] Added new resource detail
objects to ASFF, including resources for AwsDynamoDbTable,
AwsEc2ClientVpnEndpoint, AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client
to latest version
- Update to 1.33.11:
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``ec2``: [``botocore``] M2 Mac instances are built on Apple M2 Mac mini computers. I4i
instances are powered by 3rd generation Intel Xeon Scalable processors. C7i compute optimized, M7i
general purpose and R7i memory optimized instances are powered by custom 4th Generation Intel Xeon
Scalable processors.
* api-change:``finspace``: [``botocore``] Releasing Scaling Group, Dataview, and Volume APIs
- from version 1.33.10
* api-change:``codedeploy``: [``botocore``] This release adds support for two new CodeDeploy
features: 1) zonal deployments for Amazon EC2 in-place deployments, 2) deployments triggered by
Auto Scaling group termination lifecycle hook events.
- from version 1.33.9
* api-change:``backup``: [``botocore``] AWS Backup - Features: Add VaultType to the output of
DescribeRecoveryPoint, ListRecoveryPointByBackupVault API and add ResourceType to the input of
ListRestoreJobs API
* api-change:``comprehend``: [``botocore``] Documentation updates for Trust and Safety features.
* api-change:``connect``: [``botocore``] Releasing Tagging Support for Instance Management APIS
* api-change:``ec2``: [``botocore``] Releasing the new cpuManufacturer attribute within the
DescribeInstanceTypes API response which notifies our customers with information on who the
Manufacturer is for the processor attached to the instance, for example: Intel.
* api-change:``payment-cryptography``: [``botocore``] AWS Payment Cryptography IPEK feature release
- from version 1.33.8
* api-change:``athena``: [``botocore``] Adding IdentityCenter enabled request for interactive query
* api-change:``cleanroomsml``: [``botocore``] Updated service title from cleanroomsml to
CleanRoomsML.
* api-change:``cloudformation``: [``botocore``] Documentation update, December 2023
* api-change:``ec2``: [``botocore``] Adds A10G, T4G, and H100 as accelerator name options and
Habana as an accelerator manufacturer option for attribute based selection
- from version 1.33.7
* api-change:``billingconductor``: [``botocore``] This release adds the ability to specify a linked
account of the billing group for the custom line item resource.
* api-change:``braket``: [``botocore``] This release enhances service support to create quantum
tasks and hybrid jobs associated with Braket Direct Reservations.
* api-change:``cloud9``: [``botocore``] This release adds the requirement to include the imageId
parameter in the CreateEnvironmentEC2 API call.
* api-change:``cloudformation``: [``botocore``] Including UPDATE_* states as a success status for
CreateStack waiter.
* api-change:``finspace``: [``botocore``] Release General Purpose type clusters
* api-change:``medialive``: [``botocore``] Adds support for custom color correction on channels
using 3D LUT files.
* api-change:``servicecatalog-appregistry``: [``botocore``] Documentation-only updates for Dawn
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.6
* api-change:``qconnect``: [``botocore``] This release adds the PutFeedback API and allows
providing feedback against the specified assistant for the specified target.
* api-change:``rbin``: [``botocore``] Added resource identifier in the output and updated error
handling.
* api-change:``verifiedpermissions``: [``botocore``] Adds description field to PolicyStore API's
and namespaces field to GetSchema.
- from version 1.33.5
* api-change:``arc-zonal-shift``: [``botocore``] This release adds a new capability, zonal
autoshift. You can configure zonal autoshift so that AWS shifts traffic for a resource away from an
Availability Zone, on your behalf, when AWS determines that there is an issue that could
potentially affect customers in the Availability Zone.
* api-change:``glue``: [``botocore``] Adds observation and analyzer support to the
GetDataQualityResult and BatchGetDataQualityResult APIs.
* api-change:``sagemaker``: [``botocore``] This release adds support for 1/ Code Editor, based on
Code-OSS, Visual Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/
JupyterLab, a new fully managed JupyterLab IDE experience in SageMaker Studio
- from version 1.33.4
* bugfix:``s3transfer``: Raise floor for ``s3transfer`` to 0.8.2 to avoid any conflicts with the
awscrt
* api-change:``marketplace-agreement``: [``botocore``] The AWS Marketplace Agreement Service
provides an API interface that helps AWS Marketplace sellers manage their agreements, including
listing, filtering, and viewing details about their agreements.
* api-change:``marketplace-catalog``: [``botocore``] This release enhances the ListEntities API to
support new entity type-specific strongly typed filters in the request and entity type-specific
strongly typed summaries in the response.
* api-change:``marketplace-deployment``: [``botocore``] AWS Marketplace Deployment is a new service
that provides essential features that facilitate the deployment of software, data, and services
procured through AWS Marketplace.
* api-change:``redshift-serverless``: [``botocore``] This release adds the following support for
Amazon Redshift Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3)
scheduling snapshot creation, and 4) restoring tables from a recovery point.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.3
* api-change:``application-autoscaling``: [``botocore``] Amazon SageMaker customers can now use
Application Auto Scaling to automatically scale the number of Inference Component copies across an
endpoint to meet the varying demand of their workloads.
* api-change:``cleanrooms``: [``botocore``] AWS Clean Rooms now provides differential privacy to
protect against user-identification attempts and machine learning modeling to allow two parties to
identify similar users in their data.
* api-change:``cleanroomsml``: [``botocore``] Public Preview SDK release of AWS Clean Rooms ML APIs
* api-change:``opensearch``: [``botocore``] Launching Amazon OpenSearch Service support for new
zero-ETL integration with Amazon S3. Customers can now manage their direct query data sources to
Amazon S3 programatically
* api-change:``opensearchserverless``: [``botocore``] Amazon OpenSearch Serverless collections
support an additional attribute called standby-replicas. This allows to specify whether a
collection should have redundancy enabled.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: [``botocore``] This release adds following support 1/ Improved SDK
tooling for model deployment. 2/ New Inference Component based features to lower inference costs
and latency 3/ SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in
Autopilot
* api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.2
* api-change:``accessanalyzer``: [``botocore``] This release adds support for external access
findings for S3 directory buckets to help you easily identify cross-account access. Updated service
API, documentation, and paginators.
* api-change:``bedrock-agent-runtime``: [``botocore``] This release introduces Agents for Amazon
Bedrock Runtime
* api-change:``bedrock-agent``: [``botocore``] This release introduces Agents for Amazon Bedrock
* api-change:``bedrock-runtime``: [``botocore``] This release adds support for minor
versions/aliases for invoke model identifier.
* api-change:``bedrock``: [``botocore``] This release adds support for customization types, model
life cycle status and minor versions/aliases for model identifiers.
* api-change:``connect``: [``botocore``] Added support for following capabilities: Amazon Connect's
in-app, web, and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics
feature. Amazon Connect Analytics Datalake capability. Capability to configure real time chat rules.
* api-change:``customer-profiles``: [``botocore``] This release introduces DetectProfileObjectType
API to auto generate object type mapping.
* api-change:``qbusiness``: [``botocore``] Amazon Q - a generative AI powered application that your
employees can use to ask questions and get answers from knowledge spread across disparate content
repositories, summarize reports, write articles, take actions, and much more - all within their
company's connected content repositories.
* api-change:``qconnect``: [``botocore``] Amazon Q in Connect, an LLM-enhanced evolution of Amazon
Connect Wisdom. This release adds generative AI support to Amazon Q Connect QueryAssistant and
GetRecommendations APIs.
* api-change:``s3``: [``botocore``] Adds support for S3 Express One Zone.
* api-change:``s3control``: [``botocore``] Adds support for S3 Express One Zone, and
InvocationSchemaVersion 2.0 for S3 Batch Operations.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.33.1
* api-change:``elasticache``: [``botocore``] Launching Amazon ElastiCache Serverless that enables
you to create a cache in under a minute without any capacity management. ElastiCache Serverless
monitors the cache's memory, CPU, and network usage and scales both vertically and horizontally to
support your application's requirements.
- from version 1.33.0
* enhancement:Versioning: Bump boto3 from 1.29.7 to 1.33.0 to match Botocore versioning scheme.
* feature:``s3``: Boto3 will now opt into using the awscrt on select EC2 instance types for s3
transfers.
* feature:Versioning: [``botocore``] With the release of Botocore 1.33.0, Boto3 and Botocore will
share the same version number.
* api-change:``appsync``: [``botocore``] This update enables introspection of Aurora cluster
databases using the RDS Data API
* api-change:``b2bi``: [``botocore``] This is the initial SDK release for AWS B2B Data Interchange.
* api-change:``backup``: [``botocore``] AWS Backup now supports restore testing, a new feature that
allows customers to automate restore testing and validating their backups. Additionally, this
release adds support for EBS Snapshots Archive tier.
* api-change:``controltower``: [``botocore``] This release adds the following support: 1. The
EnableControl API can configure controls that are configurable. 2. The GetEnabledControl API shows
the configured parameters on an enabled control. 3. The new UpdateEnabledControl API can change
parameters on an enabled control.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``fis``: [``botocore``] AWS FIS adds support for multi-account experiments & empty
target resolution. This release also introduces the CreateTargetAccountConfiguration API that
allows experiments across multiple AWS accounts, and the ListExperimentResolvedTargets API to list
target details.
* api-change:``glue``: [``botocore``] add observations support to DQ CodeGen config model + update
document for connectiontypes supported by ConnectorData entities
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for support for RDS for Db2.
* api-change:``securityhub``: [``botocore``] Adds and updates APIs to support central
configuration. This feature allows the Security Hub delegated administrator to configure Security
Hub for their entire AWS Org across multiple regions from a home Region. With this release,
findings also include account name and application metadata.
* api-change:``transcribe``: [``botocore``] This release adds support for AWS HealthScribe APIs
within Amazon Transcribe
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.7
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.17
* api-change:``accessanalyzer``: [``botocore``] IAM Access Analyzer now continuously monitors IAM
roles and users in your AWS account or organization to generate findings for unused access.
Additionally, IAM Access Analyzer now provides custom policy checks to validate that IAM policies
adhere to your security standards ahead of deployments.
* api-change:``amp``: [``botocore``] This release adds support for the Amazon Managed Service for
Prometheus collector, a fully managed, agentless Prometheus metrics scraping capability.
* api-change:``bcm-data-exports``: [``botocore``] Users can create, read, update, delete Exports of
billing and cost management data. Users can get details of Export Executions and details of Tables
for exporting. Tagging support is provided for Exports
* api-change:``cloudtrail``: [``botocore``] CloudTrail Lake now supports federating event data
stores. giving users the ability to run queries against their event data using Amazon Athena.
* api-change:``codestar-connections``: [``botocore``] This release adds support for the
CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template
stored in a Git repository.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate recommendations with customization and discounts preferences.
* api-change:``config``: [``botocore``] Support Periodic Recording for Configuration Recorder
* api-change:``controltower``: [``botocore``] Add APIs to create and manage a landing zone.
* api-change:``cost-optimization-hub``: [``botocore``] This release launches Cost Optimization Hub,
a new AWS Billing and Cost Management feature that helps you consolidate and prioritize cost
optimization recommendations across your AWS Organizations member accounts and AWS Regions, so that
you can get the most out of your AWS spend.
* api-change:``detective``: [``botocore``] Added new APIs in Detective to support resource
investigations
* api-change:``ecs``: [``botocore``] Adds a new 'type' property to the Setting structure. Adds a
new AccountSetting - guardDutyActivate for ECS.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``eks-auth``: [``botocore``] This release adds support for EKS Pod Identity feature.
EKS Pod Identity makes it easy for customers to obtain IAM permissions for their applications
running in the EKS clusters.
* api-change:``eks``: [``botocore``] This release adds support for EKS Pod Identity feature. EKS
Pod Identity makes it easy for customers to obtain IAM permissions for the applications running in
their EKS clusters.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``freetier``: [``botocore``] This is the initial SDK release for the AWS Free Tier
GetFreeTierUsage API
* api-change:``fsx``: [``botocore``] Added support for FSx for ONTAP scale-out file systems and
FlexGroup volumes. Added the HAPairs field and ThroughputCapacityPerHAPair for filesystem. Added
AggregateConfiguration (containing Aggregates and ConstituentsPerAggregate) and SizeInBytes for
volume.
* api-change:``guardduty``: [``botocore``] Add support for Runtime Monitoring for ECS and ECS-EC2.
* api-change:``iotfleetwise``: [``botocore``] AWS IoT FleetWise introduces new APIs for vision
system data, such as data collected from cameras, radars, and lidars. You can now model and decode
complex data types.
* api-change:``lakeformation``: [``botocore``] This release adds four new APIs
"DescribeLakeFormationIdentityCenterConfiguration",
"CreateLakeFormationIdentityCenterConfiguration",
"DescribeLakeFormationIdentityCenterConfiguration", and
"DeleteLakeFormationIdentityCenterConfiguration", and also updates the corresponding documentation.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
* api-change:``logs``: [``botocore``] Added APIs to Create, Update, Get, List and Delete
LogAnomalyDetectors and List and Update Anomalies in Detector. Added LogGroupClass attribute for
LogGroups to classify loggroup as Standard loggroup with all capabilities or InfrequentAccess
loggroup with limited capabilities.
* api-change:``managedblockchain``: [``botocore``] Add optional NetworkType property to Accessor
APIs
* api-change:``personalize-events``: [``botocore``] This release enables PutActions and
PutActionInteractions
* api-change:``personalize-runtime``: [``botocore``] Enables metadata in recommendations and next
best action recommendations
* api-change:``personalize``: [``botocore``] Enables metadata in recommendations, recommendations
with themes, and next best action recommendations
* api-change:``quicksight``: [``botocore``] This release launches new APIs for trusted identity
propagation setup and supports creating datasources using trusted identity propagation as
authentication method for QuickSight accounts configured with IAM Identity Center.
* api-change:``redshift``: [``botocore``] This release adds support for multi-data warehouse writes
through data sharing.
* api-change:``repostspace``: [``botocore``] Initial release of AWS re:Post Private
* api-change:``s3``: [``botocore``] Adding new params - Key and Prefix, to S3 API operations for
supporting S3 Access Grants. Note - These updates will not change any of the existing S3 API
functionality.
* api-change:``s3control``: [``botocore``] Introduce Amazon S3 Access Grants, a new S3 access
control feature that maps identities in directories such as Active Directory, or AWS Identity and
Access Management (IAM) Principals, to datasets in S3.
* api-change:``secretsmanager``: [``botocore``] AWS Secrets Manager has released the
BatchGetSecretValue API, which allows customers to fetch up to 20 Secrets with a single request
using a list of secret names or filters.
* api-change:``securityhub``: [``botocore``] Adds and updates APIs to support customizable security
controls. This feature allows Security Hub customers to provide custom parameters for security
controls. With this release, findings for controls that support custom parameters will include the
parameters used to generate the findings.
* api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
* api-change:``transcribe``: [``botocore``] This release adds support for transcriptions from audio
sources in 64 new languages and introduces generative call summarization in Transcribe Call
Analytics (Post call)
* api-change:``workspaces-thin-client``: [``botocore``] Initial release of Amazon WorkSpaces Thin
Client
* api-change:``workspaces``: [``botocore``] The release introduces Multi-Region Resilience one-way
data replication that allows you to replicate data from your primary WorkSpace to a standby
WorkSpace in another AWS Region. DescribeWorkspaces now returns the status of data replication.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- Update BuildRequires and Requires from setup.py
- Update to 1.29.6:
* bugfix:sqs: [``botocore``] Rolled back recent change to wire format protocol
* api-change:``kinesis``: [``botocore``] This release adds support for resource based policies on
streams and consumers.
* api-change:``s3control``: [``botocore``] Amazon S3 Batch Operations now manages buckets or
prefixes in a single step.
* api-change:``sagemaker``: [``botocore``] This feature adds the end user license agreement status
as a model access configuration parameter.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.5
* api-change:``cloudfront-keyvaluestore``: [``botocore``] This release adds support for CloudFront
KeyValueStore, a globally managed key value datastore associated with CloudFront Functions.
* api-change:``cloudfront``: [``botocore``] This release adds support for CloudFront KeyValueStore,
a globally managed key value datastore associated with CloudFront Functions.
* api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
* api-change:``inspector-scan``: [``botocore``] This release adds support for the new Amazon
Inspector Scan API. The new Inspector Scan API can synchronously scan SBOMs adhering to the
CycloneDX v1.5 format.
* api-change:``iotsitewise``: [``botocore``] Adds 1/ user-defined unique identifier for asset and
model metadata, 2/ asset model components, and 3/ query API for asset metadata and telemetry data.
Supports 4/ multi variate anomaly detection using Amazon Lookout for Equipment, 5/ warm storage
tier, and 6/ buffered ingestion of time series data.
* api-change:``iottwinmaker``: [``botocore``] This release adds following support. 1. New APIs for
metadata bulk operations. 2. Modify the component type API to support composite component types -
nesting component types within one another. 3. New list APIs for components and properties. 4.
Support the larger scope digital twin modeling.
* api-change:``s3``: [``botocore``] Add support for automatic date based partitioning in S3 Server
Access Logs.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.4
* enhancement:IMDS: [``botocore``] Adds a config option to opt out of IMDSv1 fallback
* api-change:``codestar-connections``: [``botocore``] This release updates a few CodeStar
Connections related APIs.
* api-change:``docdb``: [``botocore``] Amazon DocumentDB updates for new cluster storage
configuration: Amazon DocumentDB I/O-Optimized.
* api-change:``ec2``: [``botocore``] This release adds support for Security group referencing over
Transit gateways, enabling you to simplify Security group management and control of
instance-to-instance traffic across VPCs that are connected by Transit gateway.
- from version 1.29.3
* api-change:``macie``: [``botocore``] The macie client has been removed following the deprecation
of the service.
* api-change:``appmesh``: [``botocore``] Change the default value of these fields from 0 to null:
MaxConnections, MaxPendingRequests, MaxRequests, HealthCheckThreshold, PortNumber, and
HealthCheckPolicy -> port. Users are not expected to perceive the change, except that
badRequestException is thrown when required fields missing configured.
* api-change:``athena``: [``botocore``] Adding SerivicePreProcessing time metric
* api-change:``cloud9``: [``botocore``] A minor doc only update related to changing the date of an
API change.
* api-change:``cloudformation``: [``botocore``] This release adds a new flag
ImportExistingResources to CreateChangeSet. Specify this parameter on a CREATE- or UPDATE-type
change set to import existing resources with custom names instead of recreating them.
* api-change:``codepipeline``: [``botocore``] CodePipeline now supports overriding source revisions
to achieve manual re-deploy of a past revision
* api-change:``codestar-connections``: [``botocore``] This release adds support for the
CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template
stored in a Git repository.
* api-change:``connect``: [``botocore``] This release adds WISDOM_QUICK_RESPONSES as new
IntegrationType of Connect IntegrationAssociation resource and bug fixes.
* api-change:``dlm``: [``botocore``] Added support for SAP HANA in Amazon Data Lifecycle Manager
EBS snapshot lifecycle policies with pre and post scripts.
* api-change:``ec2``: [``botocore``] This release adds new features for Amazon VPC IP Address
Manager (IPAM) Allowing a choice between Free and Advanced Tiers, viewing public IP address
insights across regions and in Amazon Cloudwatch, use IPAM to plan your subnet IPs within a VPC and
bring your own autonomous system number to IPAM.
* api-change:``ecr``: [``botocore``] Documentation and operational updates for Amazon ECR, adding
support for pull through cache rules for upstream registries that require authentication.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``internetmonitor``: [``botocore``] Adds new querying capabilities for running data
queries on a monitor
* api-change:``ivs``: [``botocore``] type & defaulting refinement to various range properties
* api-change:``ivschat``: [``botocore``] type & defaulting refinement to various range properties
* api-change:``kinesisvideo``: [``botocore``] Docs only build to bring up-to-date with public docs.
* api-change:``location``: [``botocore``] Remove default value and allow nullable for request
parameters having minimum value larger than zero.
* api-change:``medialive``: [``botocore``] MediaLive has now added support for per-output static
image overlay.
* api-change:``mgn``: [``botocore``] Removed invalid and unnecessary default values.
* api-change:``osis``: [``botocore``] Add support for enabling a persistent buffer when creating or
updating an OpenSearch Ingestion pipeline. Add tags to Pipeline and PipelineSummary response models.
* api-change:``pipes``: [``botocore``] TargetParameters now properly supports
BatchJobParameters.ArrayProperties.Size and BatchJobParameters.RetryStrategy.Attempts being
optional, and EcsTaskParameters.Overrides.EphemeralStorage.SizeInGiB now properly required when
setting EphemeralStorage
* api-change:``rds``: [``botocore``] This release adds support for option groups and replica
enhancements to Amazon RDS Custom.
* api-change:``redshift-serverless``: [``botocore``] Updated SDK for Amazon Redshift Serverless,
which provides the ability to configure a connection with IAM Identity Center to manage user and
group access to databases.
* api-change:``redshift``: [``botocore``] Updated SDK for Amazon Redshift, which you can use to
configure a connection with IAM Identity Center to manage access to databases. With these, you can
create a connection through a managed application. You can also change a managed application,
delete it, or get information about an existing one.
* api-change:``s3``: [``botocore``] Removes all default 0 values for numbers and false values for
booleans
* api-change:``sso-admin``: [``botocore``] Improves support for configuring RefreshToken and
TokenExchange grants on applications.
* api-change:``sso-oidc``: [``botocore``] Adding support for `sso-oauth:CreateTokenWithIAM`.
* api-change:``sts``: [``botocore``] API updates for the AWS Security Token Service
* api-change:``trustedadvisor``: [``botocore``] AWS Trusted Advisor introduces new APIs to enable
you to programmatically access Trusted Advisor best practice checks, recommendations, and
prioritized recommendations. Trusted Advisor APIs enable you to integrate Trusted Advisor with your
operational tools to automate your workloads.
* api-change:``verifiedpermissions``: [``botocore``] Adding BatchIsAuthorized API which supports
multiple authorization requests against a PolicyStore
* api-change:``wisdom``: [``botocore``] This release adds QuickResponse as a new Wisdom resource
and Wisdom APIs for import, create, read, search, update and delete QuickResponse resources.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.2
* api-change:``codecatalyst``: [``botocore``] This release includes updates to the Dev Environment
APIs to include an optional vpcConnectionName parameter that supports using Dev Environments with
Amazon VPC.
* api-change:``dlm``: [``botocore``] This release adds support for Amazon Data Lifecycle Manager
default policies for EBS snapshots and EBS-backed AMIs.
* api-change:``ec2``: [``botocore``] Enable use of tenant-specific PublicSigningKeyUrl from device
trust providers and onboard jumpcloud as a new device trust provider.
* api-change:``fsx``: [``botocore``] Enables customers to update their PerUnitStorageThroughput on
their Lustre file systems.
* api-change:``glue``: [``botocore``] Introduces new column statistics APIs to support statistics
generation for tables within the Glue Data Catalog.
* api-change:``imagebuilder``: [``botocore``] This release adds the Image Lifecycle Management
feature to automate the process of deprecating, disabling and deleting outdated images and their
associated resources.
* api-change:``iot``: [``botocore``] GA release the ability to index and search devices based on
their GeoLocation data. With GeoQueries you can narrow your search to retrieve devices located in
the desired geographic boundary.
* api-change:``ivs-realtime``: [``botocore``] This release introduces server side composition and
recording for stages.
* api-change:``kafka``: [``botocore``] Added a new API response field which determines if there is
an action required from the customer regarding their cluster.
* api-change:``lambda``: [``botocore``] Adds support for logging configuration in Lambda Functions.
Customers will have more control how their function logs are captured and to which cloud watch log
group they are delivered also.
* api-change:``macie2``: [``botocore``] This release adds support for configuring Macie to assume
an IAM role when retrieving sample occurrences of sensitive data reported by findings.
* api-change:``mediapackage``: [``botocore``] DRM_TOP_LEVEL_COMPACT allows placing content
protection elements at the MPD level and referenced at the AdaptationSet level
* api-change:``pinpoint-sms-voice-v2``: [``botocore``] Amazon Pinpoint now offers additional
operations as part of version 2 of the SMS and voice APIs. This release includes 26 new APIs to
create and manage phone number registrations, add verified destination numbers, and request sender
IDs.
* api-change:``polly``: [``botocore``] Add new engine - long-form - dedicated for longer content,
such as news articles, training materials, or marketing videos.
* api-change:``quicksight``: [``botocore``] Custom permission support for QuickSight roles; Three
new datasources STARBURST, TRINO, BIGQUERY; Lenient mode changes the default behavior to allow for
exporting and importing with certain UI allowed errors, Support for permissions and tags export and
import.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Studio now supports Trainium instance
types - trn1.2xlarge, trn1.32xlarge, trn1n.32xlarge.
* api-change:``ssm-incidents``: [``botocore``] Introduces new APIs ListIncidentFindings and
BatchGetIncidentFindings to use findings related to an incident.
* api-change:``ssm``: [``botocore``] This release introduces the ability to filter automation
execution steps which have parent steps. In addition, runbook variable information is returned by
GetAutomationExecution and parent step information is returned by the
DescribeAutomationStepExecutions API.
* api-change:``sso-admin``: [``botocore``] Instances bound to a single AWS account, API operations
for managing instances and applications, and assignments to applications are now supported. Trusted
identity propagation is also supported, with new API operations for managing trusted token issuers
and application grants and scopes.
* api-change:``transfer``: [``botocore``] Introduced S3StorageOptions for servers to enable
directory listing optimizations and added Type fields to logical directory mappings.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.29.1
* enhancement:Package Size: [``botocore``] The botocore .whl file distributed on PyPI now provides
compressed service models to improve total size on disk.
* api-change:``autoscaling``: [``botocore``] This release introduces Instance Maintenance Policy, a
new EC2 Auto Scaling capability that allows customers to define whether instances are launched
before or after existing instances are terminated during instance replacement operations.
* api-change:``cloudtrail``: [``botocore``] The Lake Repricing feature lets customers configure a
BillingMode for an event data store. The BillingMode determines the cost for ingesting and storing
events and the default and maximum retention period for the event data store.
* api-change:``codecatalyst``: [``botocore``] This release adds functionality for retrieving
information about workflows and workflow runs and starting workflow runs in Amazon CodeCatalyst.
* api-change:``ec2``: [``botocore``] AWS EBS now supports Snapshot Lock, giving users the ability
to lock an EBS Snapshot to prohibit deletion of the snapshot. This release introduces the
LockSnapshot, UnlockSnapshot & DescribeLockedSnapshots APIs to manage lock configuration for
snapshots. The release also includes the dl2q_24xlarge.
* api-change:``finspace-data``: [``botocore``] Adding deprecated trait to APIs in this name space.
* api-change:``finspace``: [``botocore``] Adding deprecated trait on Dataset Browser Environment
APIs
* api-change:``lambda``: [``botocore``] Add Java 21 (java21) support to AWS Lambda
* api-change:``mwaa``: [``botocore``] This Amazon MWAA release adds support for customer-managed
VPC endpoints. This lets you choose whether to create, and manage your environment's VPC endpoints,
or to have Amazon MWAA create, and manage them for you.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for support for upgrading RDS
for MySQL snapshots from version 5.7 to version 8.0.
* api-change:``redshift``: [``botocore``] The custom domain name SDK for Amazon Redshift
provisioned clusters is updated with additional required parameters for modify and delete
operations. Additionally, users can provide domain names with longer top-level domains.
* api-change:``s3control``: [``botocore``] Add 5 APIs to create, update, get, list, delete S3
Storage Lens group(eg. CreateStorageLensGroup), 3 APIs for
tagging(TagResource,UntagResource,ListTagsForResource), and update to StorageLensConfiguration to
allow metrics to be aggregated on Storage Lens groups.
* api-change:``ssm-sap``: [``botocore``] Update the default value of MaxResult to 50.
- from version 1.29.0
* feature:ContainerProvider: [``botocore``] Added Support for EKS container credentials
* api-change:``backup``: [``botocore``] AWS Backup - Features: Provide Job Summary for your backup
activity.
* api-change:``cleanrooms``: [``botocore``] This feature provides the ability for the collaboration
creator to configure either the member who can run queries or a different member in the
collaboration to be billed for query compute costs.
* api-change:``connect``: [``botocore``] Introducing SegmentAttributes parameter for
StartChatContact API
* api-change:``glue``: [``botocore``] Introduces new storage optimization APIs to support automatic
compaction of Apache Iceberg tables.
* api-change:``iot``: [``botocore``] This release introduces new attributes in API
CreateSecurityProfile, UpdateSecurityProfile and DescribeSecurityProfile to support management of
Metrics Export for AWS IoT Device Defender Detect.
* api-change:``lambda``: [``botocore``] Add Python 3.12 (python3.12) support to AWS Lambda
* api-change:``mediatailor``: [``botocore``] Removed unnecessary default values.
* api-change:``pipes``: [``botocore``] Added support (via new LogConfiguration field in CreatePipe
and UpdatePipe APIs) for logging to Amazon CloudWatch Logs, Amazon Simple Storage Service (Amazon
S3), and Amazon Kinesis Data Firehose
* api-change:``resource-explorer-2``: [``botocore``] Resource Explorer supports multi-account
search. You can now use Resource Explorer to search and discover resources across AWS accounts
within your organization or organizational unit.
* api-change:``sagemaker``: [``botocore``] This release makes Model Registry Inference
Specification fields as not required.
* api-change:``signer``: [``botocore``] Documentation updates for AWS Signer
* api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.85
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.12
* api-change:``dataexchange``: [``botocore``] Removed Required trait for
DataSet.OriginDetails.ProductId.
* api-change:``dms``: [``botocore``] Added new Db2 LUW Target endpoint with related endpoint
settings. New executeTimeout endpoint setting for mysql endpoint. New ReplicationDeprovisionTime
field for serverless describe-replications.
* api-change:``ec2``: [``botocore``] Adds the new EC2 DescribeInstanceTopology API, which you can
use to retrieve the network topology of your running instances on select platform types to
determine their relative proximity to each other.
* api-change:``ecs``: [``botocore``] Adds a Client Token parameter to the ECS RunTask API. The
Client Token parameter allows for idempotent RunTask requests.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``servicecatalog-appregistry``: [``botocore``] When the customer associates a resource
collection to their application with this new feature, then a new application tag will be applied
to all supported resources that are part of that collection. This allows customers to more easily
find the application that is associated with those resources.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.84
* enhancement:AWSCRT: [``botocore``] Update awscrt version to 0.19.10
* api-change:``controltower``: [``botocore``] AWS Control Tower supports tagging for enabled
controls. This release introduces TagResource, UntagResource and ListTagsForResource APIs to manage
tags in existing enabled controls. It updates EnabledControl API to tag resources at creation time.
* api-change:``cur``: [``botocore``] This release adds support for tagging and customers can now
tag report definitions. Additionally, ReportStatus is now added to report definition to show when
the last delivered time stamp and if it succeeded or not.
* api-change:``ec2``: [``botocore``] EC2 adds API updates to enable ENA Express at instance launch
time.
* api-change:``fms``: [``botocore``] Adds optimizeUnassociatedWebACL flag to ManagedServiceData,
updates third-party firewall examples, and other minor documentation updates.
* api-change:``marketplace-entitlement``: [``botocore``] Update marketplace-entitlement client to
latest version
* api-change:``mediaconvert``: [``botocore``] This release includes the ability to specify any
input source as the primary input for corresponding follow modes, and allows users to specify fit
and fill behaviors without resizing content.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for zero-ETL integrations.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.83
* api-change:``cloudformation``: [``botocore``] Added new ConcurrencyMode feature for AWS
CloudFormation StackSets for faster deployments to target accounts.
* api-change:``cloudtrail``: [``botocore``] The Insights in Lake feature lets customers enable
CloudTrail Insights on a source CloudTrail Lake event data store and create a destination event
data store to collect Insights events based on unusual management event activity in the source
event data store.
* api-change:``comprehend``: [``botocore``] This release adds support for toxicity detection and
prompt safety classification.
* api-change:``connect``: [``botocore``] This release adds the ability to integrate customer lambda
functions with Connect attachments for scanning and updates the ListIntegrationAssociations API to
support filtering on IntegrationArn.
* api-change:``ec2``: [``botocore``] AWS EBS now supports Block Public Access for EBS Snapshots.
This release introduces the EnableSnapshotBlockPublicAccess, DisableSnapshotBlockPublicAccess and
GetSnapshotBlockPublicAccessState APIs to manage account-level public access settings for EBS
Snapshots in an AWS Region.
* api-change:``eks``: [``botocore``] Adding EKS Anywhere subscription related operations.
* api-change:``lambda``: [``botocore``] Add Custom runtime on Amazon Linux 2023 (provided.al2023)
support to AWS Lambda.
* api-change:``logs``: [``botocore``] Update to support new APIs for delivery of logs from AWS
services.
* api-change:``omics``: [``botocore``] Support UBAM filetype for Omics Storage and make
referenceArn optional
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.82
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol and bug fix.
- from version 1.28.81
* api-change:``connect``: [``botocore``] This release clarifies in our public documentation that
InstanceId is a requirement for SearchUsers API requests.
* api-change:``connectcases``: [``botocore``] This release adds the ability to add/view comment
authors through CreateRelatedItem and SearchRelatedItems API. For more information see
https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``datasync``: [``botocore``] This change allows for 0 length access keys and secret
keys for object storage locations. Users can now pass in empty string credentials.
* api-change:``guardduty``: [``botocore``] Added API support for new GuardDuty EKS Audit Log
finding types.
* api-change:``lambda``: [``botocore``] Add Node 20 (nodejs20.x) support to AWS Lambda.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``omics``: [``botocore``] Adding Run UUID and Run Output URI: GetRun and StartRun API
response has two new fields "uuid" and "runOutputUri".
* api-change:``rds``: [``botocore``] This Amazon RDS release adds support for patching the OS of an
RDS Custom for Oracle DB instance. You can now upgrade the database or operating system using the
modify-db-instance command.
* api-change:``redshift-serverless``: [``botocore``] Added a new parameter in the workgroup that
helps you control your cost for compute resources. This feature provides a ceiling for RPUs that
Amazon Redshift Serverless can scale up to. When automatic compute scaling is required, having a
higher value for MaxRPU can enhance query throughput.
* api-change:``resiliencehub``: [``botocore``] AWS Resilience Hub enhances Resiliency Score,
providing actionable recommendations to improve application resilience. Amazon Elastic Kubernetes
Service (EKS) operational recommendations have been added to help improve the resilience posture of
your applications.
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.80
* api-change:``dataexchange``: [``botocore``] Updated SendDataSetNotificationRequest Comment to be
maximum length 4096.
* api-change:``dlm``: [``botocore``] Added support for pre and post scripts in Amazon Data
Lifecycle Manager EBS snapshot lifecycle policies.
* api-change:``rds``: [``botocore``] This Amazon RDS release adds support for the multi-tenant
configuration. In this configuration, an RDS DB instance can contain multiple tenant databases. In
RDS for Oracle, a tenant database is a pluggable database (PDB).
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.79
* api-change:``ce``: [``botocore``] This release extends the GetReservationPurchaseRecommendation
API to support recommendations for Amazon MemoryDB reservations.
* api-change:``codebuild``: [``botocore``] AWS CodeBuild now supports AWS Lambda compute.
* api-change:``connect``: [``botocore``] Added new API that allows Amazon Connect Outbound
Campaigns to create contacts in Amazon Connect when ingesting your dial requests.
* api-change:``docdb``: [``botocore``] Update the input of CreateDBInstance and ModifyDBInstance to
support setting CA Certificates. Update the output of DescribeDBInstance and
DescribeDBEngineVersions to show current and supported CA certificates.
* api-change:``iam``: [``botocore``] Add partitional endpoint for iso-e.
* api-change:``mwaa``: [``botocore``] This release adds support for Apache Airflow version 2.7.2.
This version release includes support for deferrable operators and triggers.
* api-change:``polly``: [``botocore``] Amazon Polly adds new US English voices - Danielle and
Gregory. Danielle and Gregory are available as Neural voices only.
* api-change:``route53``: [``botocore``] Add partitional endpoints for iso-e and iso-f.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.78
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in October 2023.
* api-change:``connect``: [``botocore``] Amazon Connect Chat introduces Create Persistent Contact
Association API, allowing customers to choose when to resume previous conversations from previous
chats, eliminating the need to repeat themselves and allowing agents to provide personalized
service with access to entire conversation history.
* api-change:``iotwireless``: [``botocore``] Added LoRaWAN version 1.0.4 support
* api-change:``launch-wizard``: [``botocore``] AWS Launch Wizard is a service that helps reduce the
time it takes to deploy applications to the cloud while providing a guided deployment experience.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.77
* api-change:``apprunner``: [``botocore``] AWS App Runner now supports using dual-stack address
type for the public endpoint of your incoming traffic.
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Update to include new metrics
PERCENT_NON_TALK_TIME, PERCENT_TALK_TIME, PERCENT_TALK_TIME_AGENT, PERCENT_TALK_TIME_CUSTOMER
* api-change:``gamelift``: [``botocore``] Amazon GameLift adds support for shared credentials,
which allows applications that are deployed on managed EC2 fleets to interact with other AWS
resources.
* api-change:``glue``: [``botocore``] This release introduces Google BigQuery Source and Target in
AWS Glue CodeGenConfigurationNode.
* api-change:``network-firewall``: [``botocore``] This release introduces the stateless rule
analyzer, which enables you to analyze your stateless rules for asymmetric routing.
* api-change:``quicksight``: [``botocore``] This release introduces Float Decimal Type as SubType
in QuickSight SPICE datasets and Custom week start and Custom timezone options in Analysis and
Dashboard
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.76
* api-change:``connect``: [``botocore``] Adds the BatchGetFlowAssociation API which returns flow
associations (flow-resource) corresponding to the list of resourceArns supplied in the request.
This release also adds IsDefault, LastModifiedRegion and LastModifiedTime fields to the responses
of several Describe and List APIs.
* api-change:``globalaccelerator``: [``botocore``] Global Accelerator now support accelerators with
cross account endpoints.
* api-change:``rds``: [``botocore``] This release adds support for customized networking resources
to Amazon RDS Custom.
* api-change:``redshift``: [``botocore``] Added support for Multi-AZ deployments for Provisioned
RA3 clusters that provide 99.99% SLA availability.
* api-change:``sagemaker``: [``botocore``] Support for batch transform input in Model dashboard
- from version 1.28.75
* api-change:``amplify``: [``botocore``] Add backend field to CreateBranch and UpdateBranch
requests. Add pagination support for ListApps, ListDomainAssociations, ListBranches, and ListJobs
* api-change:``application-insights``: [``botocore``] Automate attaching managed policies
* api-change:``ec2``: [``botocore``] Capacity Blocks for ML are a new EC2 purchasing option for
reserving GPU instances on a future date to support short duration machine learning (ML) workloads.
Capacity Blocks automatically place instances close together inside Amazon EC2 UltraClusters for
low-latency, high-throughput networking.
* api-change:``m2``: [``botocore``] Added name filter ability for ListDataSets API, added
ForceUpdate for Updating environment and BatchJob submission using S3BatchJobIdentifier
* api-change:``neptunedata``: [``botocore``] Minor change to not retry CancelledByUserException
* api-change:``translate``: [``botocore``] Added support for Brevity translation settings feature.
- from version 1.28.74
* api-change:``connect``: [``botocore``] This release adds InstanceId field for phone number APIs.
* api-change:``dataexchange``: [``botocore``] We added a new API action: SendDataSetNotification.
* api-change:``datasync``: [``botocore``] Platform version changes to support AL1 deprecation
initiative.
* api-change:``finspace``: [``botocore``] Introducing new API UpdateKxClusterCodeConfiguration,
introducing new cache types for clusters and introducing new deployment modes for updating clusters.
* api-change:``mediapackagev2``: [``botocore``] This feature allows customers to create a
combination of manifest filtering, startover and time delay configuration that applies to all
egress requests by default.
* api-change:``rds``: [``botocore``] This release launches the CreateIntegration,
DeleteIntegration, and DescribeIntegrations APIs to manage zero-ETL Integrations.
* api-change:``redshift-serverless``: [``botocore``] Added support for custom domain names for
Amazon Redshift Serverless workgroups. This feature enables customers to create a custom domain
name and use ACM to generate fully secure connections to it.
* api-change:``resiliencehub``: [``botocore``] Introduced the ability to filter applications by
their last assessment date and time and have included metrics for the application's estimated
workload Recovery Time Objective (RTO) and estimated workload Recovery Point Objective (RPO).
* api-change:``s3outposts``: [``botocore``] Updated ListOutpostsWithS3 API response to include
S3OutpostArn for use with AWS RAM.
* api-change:``wisdom``: [``botocore``] This release added necessary API documents on creating a
Wisdom knowledge base to integrate with S3.
- from version 1.28.73
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``neptune``: [``botocore``] Update TdeCredentialPassword type to SensitiveString
* api-change:``pinpoint``: [``botocore``] Updated documentation to describe the case insensitivity
for EndpointIds.
* api-change:``redshift``: [``botocore``] added support to create a dual stack cluster
* api-change:``wafv2``: [``botocore``] Updates the descriptions for the calls that manage web ACL
associations, to provide information for customer-managed IAM policies.
- from version 1.28.72
* api-change:``appstream``: [``botocore``] This release introduces multi-session fleets, allowing
customers to provision more than one user session on a single fleet instance.
* api-change:``ec2``: [``botocore``] Launching GetSecurityGroupsForVpc API. This API gets security
groups that can be associated by the AWS account making the request with network interfaces in the
specified VPC.
* api-change:``network-firewall``: [``botocore``] Network Firewall now supports inspection of
outbound SSL/TLS traffic.
* api-change:``opensearch``: [``botocore``] You can specify ipv4 or dualstack IPAddressType for
cluster endpoints. If you specify IPAddressType as dualstack, the new endpoint will be visible
under the 'EndpointV2' parameter and will support IPv4 and IPv6 requests. Whereas, the 'Endpoint'
will continue to serve IPv4 requests.
* api-change:``redshift``: [``botocore``] Add Redshift APIs GetResourcePolicy,
DeleteResourcePolicy, PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift
Zero-ETL integration feature, which can be used to control data ingress into Redshift namespace,
and view inbound integrations.
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Autopilot now supports Text Generation
jobs.
* api-change:``sns``: [``botocore``] Message Archiving and Replay is now supported in Amazon SNS
for FIFO topics.
* api-change:``ssm-sap``: [``botocore``] AWS Systems Manager for SAP added support for registration
and discovery of SAP ABAP applications
* api-change:``transfer``: [``botocore``] No API changes from previous release. This release
migrated the model to Smithy keeping all features unchanged.
* api-change:``endpoint-rules``: [``botocore``] Update endpoint-rules client to latest version
- from version 1.28.71
* enhancement:Configuration: [``botocore``] Adds client context params support to ``Config``.
* api-change:``connectcases``: [``botocore``] Increase maximum length of CommentBody to 3000, and
increase maximum length of StringValue to 1500
* api-change:``groundstation``: [``botocore``] This release will allow KMS alias names to be used
when creating Mission Profiles
* api-change:``iam``: [``botocore``] Updates to GetAccessKeyLastUsed action to replace NoSuchEntity
error with AccessDeniedException error.
- from version 1.28.70
* api-change:``codepipeline``: [``botocore``] Add ability to trigger pipelines from git tags,
define variables at pipeline level and new pipeline type V2.
* api-change:``ec2``: [``botocore``] This release updates the documentation for
InstanceInterruptionBehavior and HibernationOptionsRequest to more accurately describe the behavior
of these two parameters when using Spot hibernation.
* api-change:``eks``: [``botocore``] Added support for Cluster Subnet and Security Group mutability.
* api-change:``iam``: [``botocore``] Add the partitional endpoint for IAM in iso-f.
* api-change:``migrationhub-config``: [``botocore``] This release introduces
DeleteHomeRegionControl API that customers can use to delete the Migration Hub Home Region
configuration
* api-change:``migrationhubstrategy``: [``botocore``] This release introduces multi-data-source
feature in Migration Hub Strategy Recommendations. This feature now supports vCenter as a data
source to fetch inventory in addition to ADS and Import from file workflow that is currently
supported with MHSR collector.
* api-change:``opensearchserverless``: [``botocore``] This release includes the following new APIs:
CreateLifecyclePolicy, UpdateLifecyclePolicy, BatchGetLifecyclePolicy, DeleteLifecyclePolicy,
ListLifecyclePolicies and BatchGetEffectiveLifecyclePolicy to support the data lifecycle management
feature.
- from version 1.28.69
* api-change:``marketplacecommerceanalytics``: [``botocore``] The StartSupportDataExport operation
has been deprecated as part of the Product Support Connection deprecation. As of December 2022,
Product Support Connection is no longer supported.
* api-change:``networkmanager``: [``botocore``] This release adds API support for Tunnel-less
Connect (NoEncap Protocol) for AWS Cloud WAN
* api-change:``redshift-serverless``: [``botocore``] This release adds support for customers to see
the patch version and workgroup version in Amazon Redshift Serverless.
* api-change:``rekognition``: [``botocore``] Amazon Rekognition introduces StartMediaAnalysisJob,
GetMediaAnalysisJob, and ListMediaAnalysisJobs operations to run a bulk analysis of images with a
Detect Moderation model.
- from version 1.28.68
* api-change:``appconfig``: [``botocore``] Update KmsKeyIdentifier constraints to support AWS KMS
multi-Region keys.
* api-change:``appintegrations``: [``botocore``] Updated ScheduleConfig to be an optional input to
CreateDataIntegration to support event driven downloading of files from sources such as Amazon s3
using Amazon Connect AppIntegrations.
* api-change:``connect``: [``botocore``] This release adds support for updating phone number
metadata, such as phone number description.
* api-change:``discovery``: [``botocore``] This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``medical-imaging``: [``botocore``] Updates on documentation links
* api-change:``ssm``: [``botocore``] This release introduces a new API: DeleteOpsItem. This allows
deletion of an OpsItem.
- from version 1.28.67
* api-change:``gamesparks``: [``botocore``] The gamesparks client has been removed following the
deprecation of the service.
* api-change:``ec2``: [``botocore``] Amazon EC2 C7a instances, powered by 4th generation AMD EPYC
processors, are ideal for high performance, compute-intensive workloads such as high performance
computing. Amazon EC2 R7i instances are next-generation memory optimized and powered by custom 4th
Generation Intel Xeon Scalable processors.
* api-change:``managedblockchain-query``: [``botocore``] This release adds support for Ethereum
Sepolia network
* api-change:``neptunedata``: [``botocore``] Doc changes to add IAM action mappings for the data
actions.
* api-change:``omics``: [``botocore``] This change enables customers to retrieve failure reasons
with detailed status messages for their failed runs
* api-change:``opensearch``: [``botocore``] Added Cluster Administrative options for node restart,
opensearch process restart and opensearch dashboard restart for Multi-AZ without standby domains
* api-change:``quicksight``: [``botocore``] This release adds the following: 1) Trino and Starburst
Database Connectors 2) Custom total for tables and pivot tables 3) Enable restricted folders 4) Add
rolling dates for time equality filters 5) Refine DataPathValue and introduce DataPathType 6) Add
SeriesType to ReferenceLineDataConfiguration
* api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
* api-change:``servicecatalog``: [``botocore``] Introduce support for EXTERNAL product and
provisioning artifact type in CreateProduct and CreateProvisioningArtifact APIs.
* api-change:``verifiedpermissions``: [``botocore``] Improving Amazon Verified Permissions Create
experience
* api-change:``workspaces``: [``botocore``] Documentation updates for WorkSpaces
- from version 1.28.66
* api-change:``cloud9``: [``botocore``] Update to imageId parameter behavior and dates updated.
* api-change:``dynamodb``: [``botocore``] Updating descriptions for several APIs.
* api-change:``kendra``: [``botocore``] Changes for a new feature in Amazon Kendra's Query API to
Collapse/Expand query results
* api-change:``rds``: [``botocore``] This release adds support for upgrading the storage file
system configuration on the DB instance using a blue/green deployment or a read replica.
* api-change:``wisdom``: [``botocore``] This release adds an max limit of 25 recommendation ids for
NotifyRecommendationsReceived API.
- from version 1.28.65
* api-change:``codepipeline``: [``botocore``] Add retryMode ALL_ACTIONS to RetryStageExecution API
that retries a failed stage starting from first action in the stage
* api-change:``discovery``: [``botocore``] This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``ecs``: [``botocore``] Documentation only updates to address Amazon ECS tickets.
* api-change:``globalaccelerator``: [``botocore``] Fixed error where
ListCustomRoutingEndpointGroups did not have a paginator
* api-change:``guardduty``: [``botocore``] Add domainWithSuffix finding field to dnsRequestAction
* api-change:``kafka``: [``botocore``] AWS Managed Streaming for Kafka is launching MSK Replicator,
a new feature that enables customers to reliably replicate data across Amazon MSK clusters in same
or different AWS regions. You can now use SDK to create, list, describe, delete, update, and manage
tags of MSK Replicators.
* api-change:``route53-recovery-cluster``: [``botocore``] Adds Owner field to ListRoutingControls
API.
* api-change:``route53-recovery-control-config``: [``botocore``] Adds permissions for
GetResourcePolicy to support returning details about AWS Resource Access Manager resource policies
for shared resources.
- from version 1.28.64
* api-change:``cloudformation``: [``botocore``] SDK and documentation updates for
UpdateReplacePolicy
* api-change:``drs``: [``botocore``] Updated exsiting API to allow AWS Elastic Disaster Recovery
support of launching recovery into existing EC2 instances.
* api-change:``entityresolution``: [``botocore``] This launch expands our matching techniques to
include provider-based matching to help customer match, link, and enhance records with minimal data
movement. With data service providers, we have removed the need for customers to build bespoke
integrations,.
* api-change:``managedblockchain-query``: [``botocore``] This release introduces two new APIs:
GetAssetContract and ListAssetContracts. This release also adds support for Bitcoin Testnet.
* api-change:``mediapackagev2``: [``botocore``] This release allows customers to manage
MediaPackage v2 resource using CloudFormation.
* api-change:``opensearch``: [``botocore``] This release allows customers to list and associate
optional plugin packages with compatible Amazon OpenSearch Service clusters for enhanced
functionality.
* api-change:``redshift-serverless``: [``botocore``] Added support for managing credentials of
serverless namespace admin using AWS Secrets Manager.
* api-change:``redshift``: [``botocore``] Added support for managing credentials of provisioned
cluster admin using AWS Secrets Manager.
* api-change:``sesv2``: [``botocore``] This release provides enhanced visibility into your SES
identity verification status. This will offer you more actionable insights, enabling you to
promptly address any verification-related issues.
* api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family
* api-change:``xray``: [``botocore``] This releases enhances GetTraceSummaries API to support new
TimeRangeType Service to query trace summaries by segment end time.
- from version 1.28.63
* api-change:``auditmanager``: [``botocore``] This release introduces a new limit to the
awsAccounts parameter. When you create or update an assessment, there is now a limit of 200 AWS
accounts that can be specified in the assessment scope.
* api-change:``autoscaling``: [``botocore``] Update the NotificationMetadata field to only allow
visible ascii characters. Add paginators to DescribeInstanceRefreshes, DescribeLoadBalancers, and
DescribeLoadBalancerTargetGroups
* api-change:``config``: [``botocore``] Add enums for resource types supported by Config
* api-change:``controltower``: [``botocore``] Added new EnabledControl resource details to
ListEnabledControls API and added new GetEnabledControl API.
* api-change:``customer-profiles``: [``botocore``] Adds sensitive trait to various shapes in
Customer Profiles Calculated Attribute API model.
* api-change:``ec2``: [``botocore``] This release adds Ubuntu Pro as a supported platform for
On-Demand Capacity Reservations and adds support for setting an Amazon Machine Image (AMI) to
disabled state. Disabling the AMI makes it private if it was previously shared, and prevents new
EC2 instance launches from it.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``glue``: [``botocore``] Extending version control support to GitLab and Bitbucket
from AWSGlue
* api-change:``inspector2``: [``botocore``] Add MacOs ec2 platform support
* api-change:``ivs-realtime``: [``botocore``] Update GetParticipant to return additional metadata.
* api-change:``lambda``: [``botocore``] Adds support for Lambda functions to access Dual-Stack
subnets over IPv6, via an opt-in flag in CreateFunction and UpdateFunctionConfiguration APIs
* api-change:``location``: [``botocore``] This release adds endpoint updates for all AWS Location
resource operations.
* api-change:``machinelearning``: [``botocore``] This release marks Password field as sensitive
* api-change:``pricing``: [``botocore``] Documentation updates for Price List
* api-change:``rds``: [``botocore``] This release adds support for adding a dedicated log volume to
open-source RDS instances.
* api-change:``rekognition``: [``botocore``] Amazon Rekognition introduces support for Custom
Moderation. This allows the enhancement of accuracy for detect moderation labels operations by
creating custom adapters tuned on customer data.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Canvas adds KendraSettings and
DirectDeploySettings support for CanvasAppSettings
* api-change:``textract``: [``botocore``] This release adds 9 new APIs for adapter and adapter
version management, 3 new APIs for tagging, and updates AnalyzeDocument and StartDocumentAnalysis
API parameters for using adapters.
* api-change:``transcribe``: [``botocore``] This release is to enable m4a format to customers
* api-change:``workspaces``: [``botocore``] Updated the CreateWorkspaces action documentation to
clarify that the PCoIP protocol is only available for Windows bundles.
- from version 1.28.62
* enhancement:Dependencies: [``botocore``] Add support for urllib3 2.0 for Python 3.10+
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``fsx``: [``botocore``] After performing steps to repair the Active Directory
configuration of a file system, use this action to initiate the process of attempting to recover to
the file system.
* api-change:``marketplace-catalog``: [``botocore``] This release adds support for Document type as
an alternative for stringified JSON for StartChangeSet, DescribeChangeSet and DescribeEntity APIs
* api-change:``quicksight``: [``botocore``] NullOption in FilterListConfiguration; Dataset
schema/table max length increased; Support total placement for pivot table visual; Lenient mode
relaxes the validation to create resources with definition; Data sources can be added to folders;
Redshift data sources support IAM Role-based authentication
* api-change:``transfer``: [``botocore``] This release updates the max character limit of
PreAuthenticationLoginBanner and PostAuthenticationLoginBanner to 4096 characters
- Update BuildRequires and Requires from setup.py
- Update to 1.31.61:
* api-change:``omics``: [``botocore``] Add Etag Support for Omics Storage in ListReadSets and
GetReadSetMetadata API
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for corrections and minor
improvements.
* api-change:``route53``: [``botocore``] Add hostedzonetype filter to ListHostedZones API.
* api-change:``securityhub``: [``botocore``] Added new resource detail objects to ASFF, including
resources for AwsEventsEventbus, AwsEventsEndpoint, AwsDmsEndpoint, AwsDmsReplicationTask,
AwsDmsReplicationInstance, AwsRoute53HostedZone, and AwsMskCluster
* api-change:``storagegateway``: [``botocore``] Add SoftwareVersion to response of
DescribeGatewayInformation.
* api-change:``workspaces``: [``botocore``] This release introduces Manage applications. This
feature allows users to manage their WorkSpaces applications by associating or disassociating their
WorkSpaces with applications. The DescribeWorkspaces API will now additionally return
OperatingSystemName in its responses.
- from version 1.28.60
* api-change:``appconfig``: [``botocore``] AWS AppConfig introduces KMS customer-managed key (CMK)
encryption support for data saved to AppConfig's hosted configuration store.
* api-change:``datazone``: [``botocore``] Initial release of Amazon DataZone
* api-change:``mediatailor``: [``botocore``] Updates DescribeVodSource to include a list of ad
break opportunities in the response
* api-change:``mgn``: [``botocore``] This release includes the following new APIs: ListConnectors,
CreateConnector, UpdateConnector, DeleteConnector and UpdateSourceServer to support the source
action framework feature.
* api-change:``sagemaker``: [``botocore``] Adding support for AdditionalS3DataSource, a data source
used for training or inference that is in addition to the input dataset or model data.
- from version 1.28.59
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Update to include new metrics
CONTACTS_RESOLVED_IN_X , AVG_HOLD_TIME_ALL_CONTACTS , AVG_RESOLUTION_TIME , ABANDONMENT_RATE ,
AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS with added features: Interval Period, TimeZone, Negate
MetricFilters, Extended date time range.
* api-change:``location``: [``botocore``] Amazon Location Service adds support for bounding polygon
queries. Additionally, the GeofenceCount field has been added to the DescribeGeofenceCollection API
response.
* api-change:``mediaconvert``: [``botocore``] This release adds the ability to replace video frames
without modifying the audio essence.
* api-change:``oam``: [``botocore``] This release adds support for sharing
AWS::ApplicationInsights::Application resources.
* api-change:``sagemaker``: [``botocore``] This release allows users to run Selective Execution in
SageMaker Pipelines without SourcePipelineExecutionArn if selected steps do not have any dependent
steps.
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected now supports Review Templates
that allows you to create templates with pre-filled answers for Well-Architected and Custom Lens
best practices.
- from version 1.28.58
* api-change:``bedrock-runtime``: [``botocore``] Add model timeout exception for
InvokeModelWithResponseStream API and update validator for invoke model identifier.
* api-change:``bedrock``: [``botocore``] Provisioned throughput feature with Amazon and third-party
base models, and update validators for model identifier and taggable resource ARNs.
* api-change:``ec2``: [``botocore``] Introducing Amazon EC2 R7iz instances with 3.9 GHz sustained
all-core turbo frequency and deliver up to 20% better performance than previous generation z1d
instances.
* api-change:``managedblockchain``: [``botocore``] Remove Rinkeby as option from Ethereum APIs
* api-change:``rds``: [``botocore``] Adds DefaultCertificateForNewLaunches field in the
DescribeCertificates API response.
* api-change:``sso``: [``botocore``] Fix FIPS Endpoints in aws-us-gov.
* api-change:``sts``: [``botocore``] STS API updates for assumeRole
* api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family
- from version 1.28.57
* api-change:``bedrock-runtime``: [``botocore``] Run Inference: Added support to run the inference
on models. Includes set of APIs for running inference in streaming and non-streaming mode.
* api-change:``bedrock``: [``botocore``] Model Invocation logging added to enable or disable logs
in customer account. Model listing and description support added. Provisioned Throughput feature
added. Custom model support added for creating custom models. Also includes list, and delete
functions for custom model.
* api-change:``budgets``: [``botocore``] Update DescribeBudgets and
DescribeBudgetNotificationsForAccount MaxResults limit to 1000.
* api-change:``ec2``: [``botocore``] Adds support for Customer Managed Key encryption for Amazon
Verified Access resources
* api-change:``iotfleetwise``: [``botocore``] AWS IoT FleetWise now supports encryption through a
customer managed AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs
were added.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Feature Store supports read/write
of records with collection type features.
* api-change:``sagemaker``: [``botocore``] Online store feature groups supports Standard and
InMemory tier storage types for low latency storage for real-time data retrieval. The InMemory tier
supports collection types List, Set, and Vector.
* api-change:``wafv2``: [``botocore``] Correct and improve the documentation for the FieldToMatch
option JA3 fingerprint.
- from version 1.28.56
* api-change:``cognito-idp``: [``botocore``] The UserPoolType Status field is no longer used.
* api-change:``firehose``: [``botocore``] Features : Adding support for new data ingestion source
to Kinesis Firehose - AWS Managed Services Kafka.
* api-change:``iot``: [``botocore``] Added support for IoT Rules Engine Kafka Action Headers
* api-change:``textract``: [``botocore``] This release adds new feature - Layout to Analyze
Document API which can automatically extract layout elements such as titles, paragraphs, headers,
section headers, lists, page numbers, footers, table areas, key-value areas and figure areas and
order the elements as a human would read.
- from version 1.28.55
* api-change:``appintegrations``: [``botocore``] The Amazon AppIntegrations service adds a set of
APIs (in preview) to manage third party applications to be used in Amazon Connect agent workspace.
* api-change:``apprunner``: [``botocore``] This release allows an App Runner customer to specify a
custom source directory to run the build & start command. This change allows App Runner to support
monorepo based repositories
* api-change:``codedeploy``: [``botocore``] CodeDeploy now supports In-place and Blue/Green EC2
deployments with multiple Classic Load Balancers and multiple Target Groups.
* api-change:``connect``: [``botocore``] This release updates a set of Amazon Connect APIs that
provides the ability to integrate third party applications in the Amazon Connect agent workspace.
* api-change:``dynamodb``: [``botocore``] Amazon DynamoDB now supports Incremental Export as an
enhancement to the existing Export Table
* api-change:``ec2``: [``botocore``] The release includes AWS verified access to support FIPs
compliance in North America regions
* api-change:``lakeformation``: [``botocore``] This release adds three new API support
"CreateLakeFormationOptIn", "DeleteLakeFormationOptIn" and "ListLakeFormationOptIns", and also
updates the corresponding documentation.
* api-change:``pinpoint``: [``botocore``] Update documentation for RemoveAttributes to more
accurately reflect its behavior when attributes are deleted.
* api-change:``s3``: [``botocore``] This release adds a new field COMPLETED to the
ReplicationStatus Enum. You can now use this field to validate the replication status of S3 objects
using the AWS SDK.
- from version 1.28.54
* api-change:``amplifyuibuilder``: [``botocore``] Support for generating code that is compatible
with future versions of amplify project dependencies.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] Adds support for sending WebRTC audio to
Amazon Kineses Video Streams.
* api-change:``emr-serverless``: [``botocore``] This release adds support for application-wide
default job configurations.
* api-change:``finspace-data``: [``botocore``] Adding sensitive trait to attributes. Change max
SessionDuration from 720 to 60. Correct "ApiAccess" attribute to "apiAccess" to maintain
consistency between APIs.
* api-change:``quicksight``: [``botocore``] Added ability to tag users upon creation.
* api-change:``ssm``: [``botocore``] This release updates the enum values for ResourceType in SSM
DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output.
* api-change:``wafv2``: [``botocore``] You can now perform an exact match against the web request's
JA3 fingerprint.
- from version 1.28.53
* api-change:``braket``: [``botocore``] This release adds support to view the device queue depth
(the number of queued quantum tasks and hybrid jobs on a device) and queue position for a quantum
task and hybrid job.
* api-change:``dms``: [``botocore``] new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and
Redshift
* api-change:``ec2``: [``botocore``] EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini
computers featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and
uniquely enabled by the AWS Nitro System through high-speed Thunderbolt connections.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``guardduty``: [``botocore``] Add `EKS_CLUSTER_NAME` to filter and sort key.
* api-change:``mediaconvert``: [``botocore``] This release supports the creation of of audio-only
tracks in CMAF output groups.
- from version 1.28.52
* api-change:``appconfig``: [``botocore``] Enabling boto3 paginators for list APIs and adding
documentation around ServiceQuotaExceededException errors
* api-change:``apprunner``: [``botocore``] This release adds improvements for managing App Runner
auto scaling configuration resources. New APIs: UpdateDefaultAutoScalingConfiguration and
ListServicesForAutoScalingConfiguration. Updated API: DeleteAutoScalingConfiguration.
* api-change:``codeartifact``: [``botocore``] Add support for the Swift package format.
* api-change:``kinesisvideo``: [``botocore``] Updated DescribeMediaStorageConfiguration,
StartEdgeConfigurationUpdate, ImageGenerationConfiguration$SamplingInterval, and
UpdateMediaStorageConfiguration to match AWS Docs.
* api-change:``logs``: [``botocore``] Add ClientToken to QueryDefinition CFN Handler in CWL
* api-change:``s3``: [``botocore``] Fix an issue where the SDK can fail to unmarshall response due
to NumberFormatException
* api-change:``servicediscovery``: [``botocore``] Adds a new DiscoverInstancesRevision API and also
adds InstanceRevision field to the DiscoverInstances API response.
* api-change:``sso-oidc``: [``botocore``] Update FIPS endpoints in aws-us-gov.
- from version 1.28.51
* api-change:``ec2``: [``botocore``] This release adds support for C7i, and R7a instance types.
* api-change:``outposts``: [``botocore``] This release adds the InstanceFamilies field to the
ListAssets response.
* api-change:``sagemaker``: [``botocore``] This release adds support for one-time model monitoring
schedules that are executed immediately without delay, explicit data analysis windows for model
monitoring schedules and exclude features attributes to remove features from model monitor analysis.
- from version 1.28.50
* api-change:``discovery``: [``botocore``] Add sensitive protection for customer information
* api-change:``macie2``: [``botocore``] This release changes the default
managedDataIdentifierSelector setting for new classification jobs to RECOMMENDED. By default, new
classification jobs now use the recommended set of managed data identifiers.
* api-change:``workmail``: [``botocore``] This release includes four new APIs UpdateUser,
UpdateGroup, ListGroupsForEntity and DescribeEntity, along with RemoteUsers and some enhancements
to existing APIs.
- from version 1.28.49
* api-change:``appstream``: [``botocore``] This release introduces app block builder, allowing
customers to provision a resource to package applications into an app block
* api-change:``connect``: [``botocore``] New rule type (OnMetricDataUpdate) has been added
* api-change:``datasync``: [``botocore``] Documentation-only updates for AWS DataSync.
* api-change:``sagemaker``: [``botocore``] This release introduces Skip Model Validation for Model
Packages
- from version 1.28.48
* api-change:``appstream``: [``botocore``] This release introduces multi-session fleets, allowing
customers to provision more than one user session on a single fleet instance.
* api-change:``cloudformation``: [``botocore``] Documentation updates for AWS CloudFormation
* api-change:``entityresolution``: [``botocore``] Changed "ResolutionTechniques" and
"MappedInputFields" in workflow and schema mapping operations to be required fields.
* api-change:``lookoutequipment``: [``botocore``] This release adds APIs for the new scheduled
retraining feature.
- from version 1.28.47
* api-change:``cloud9``: [``botocore``] Update to include information on Ubuntu 18 deprecation.
* api-change:``drs``: [``botocore``] Updated existing APIs and added new ones to support using AWS
Elastic Disaster Recovery post-launch actions. Added support for new regions.
* api-change:``firehose``: [``botocore``] DocumentIdOptions has been added for the Amazon
OpenSearch destination.
* api-change:``guardduty``: [``botocore``] Add `managementType` field to ListCoverage API response.
* api-change:``internetmonitor``: [``botocore``] This release updates the Amazon CloudWatch
Internet Monitor API domain name.
* api-change:``ivs-realtime``: [``botocore``] Doc only update that changes description for
ParticipantToken.
* api-change:``simspaceweaver``: [``botocore``] Edited the introductory text for the API reference.
* api-change:``xray``: [``botocore``] Add StartTime field in GetTraceSummaries API response for
each TraceSummary.
- from version 1.28.46
* api-change:``ec2``: [``botocore``] This release adds support for restricting public sharing of
AMIs through AMI Block Public Access
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``kendra``: [``botocore``] Amazon Kendra now supports confidence score buckets for
retrieved passage results using the Retrieve API.
- from version 1.28.45
* api-change:``ecr``: [``botocore``] This release will have ValidationException be thrown from ECR
LifecyclePolicy APIs in regions LifecyclePolicy is not supported, this includes existing Amazon
Dedicated Cloud (ADC) regions. This release will also change Tag: TagValue and Tag: TagKey to
required.
* api-change:``medialive``: [``botocore``] AWS Elemental Link now supports attaching a Link UHD
device to a MediaConnect flow.
* api-change:``quicksight``: [``botocore``] This release launches new updates to QuickSight KPI
visuals - support for sparklines, new templated layout and new targets for conditional formatting
rules.
- from version 1.28.44
* api-change:``fsx``: [``botocore``] Amazon FSx documentation fixes
* api-change:``sagemaker``: [``botocore``] Autopilot APIs will now support holiday featurization
for Timeseries models. The models will now hold holiday metadata and should be able to accommodate
holiday effect during inference.
* api-change:``sso-admin``: [``botocore``] Content updates to IAM Identity Center API for China
Regions.
* api-change:``workspaces``: [``botocore``] A new field "ErrorDetails" will be added to the output
of "DescribeWorkspaceImages" API call. This field provides in-depth details about the error
occurred during image import process. These details include the possible causes of the errors and
troubleshooting information.
- from version 1.28.43
* api-change:``neptunedata``: [``botocore``] Minor changes to send unsigned requests to Neptune
clusters
* api-change:``securityhub``: [``botocore``] Documentation updates for AWS Security Hub
* api-change:``simspaceweaver``: [``botocore``] BucketName and ObjectKey are now required for the
S3Location data type. BucketName is now required for the S3Destination data type.
- from version 1.28.42
* api-change:``appflow``: [``botocore``] Adding OAuth2.0 support for servicenow connector.
* api-change:``ec2``: [``botocore``] This release adds 'outpost' location type to the
DescribeInstanceTypeOfferings API, allowing customers that have been allowlisted for outpost to
query their offerings in the API.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``medialive``: [``botocore``] Adds advanced Output Locking options for Epoch Locking:
Custom Epoch and Jam Sync Time
* api-change:``wafv2``: [``botocore``] The targeted protection level of the Bot Control managed
rule group now provides optional, machine-learning analysis of traffic statistics to detect some
bot-related activity. You can enable or disable the machine learning functionality through the API.
- from version 1.28.41
* api-change:``billingconductor``: [``botocore``] This release adds support for line item filtering
in for the custom line item resource.
* api-change:``cloud9``: [``botocore``] Added support for Ubuntu 22.04 that was not picked up in a
previous Trebuchet request. Doc-only update.
* api-change:``compute-optimizer``: [``botocore``] This release adds support to provide
recommendations for G4dn and P3 instances that use NVIDIA GPUs.
* api-change:``ec2``: [``botocore``] Introducing Amazon EC2 C7gd, M7gd, and R7gd Instances with up
to 3.8 TB of local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton3
processors, delivering up to 25% better performance over Graviton2-based instances.
* api-change:``ecs``: [``botocore``] Documentation only update for Amazon ECS.
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``rds``: [``botocore``] Add support for feature integration with AWS Backup.
* api-change:``sagemaker``: [``botocore``] SageMaker Neo now supports data input shape derivation
for Pytorch 2.0 and XGBoost compilation job for cloud instance targets. You can skip
DataInputConfig field during compilation job creation. You can also access derived information from
model in DescribeCompilationJob response.
* api-change:``vpc-lattice``: [``botocore``] This release adds Lambda event structure version
config support for LAMBDA target groups. It also adds newline support for auth policies.
- from version 1.28.40
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds support for the Voice
Analytics feature for customer-owned KVS streams as part of the Amazon Chime SDK call analytics.
* api-change:``connect``: [``botocore``] Amazon Connect adds the ability to read, create, update,
delete, and list view resources, and adds the ability to read, create, delete, and list view
versions.
* api-change:``identitystore``: [``botocore``] New Identity Store content for China Region launch
* api-change:``neptunedata``: [``botocore``] Removed the descriptive text in the introduction.
- from version 1.28.39
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds support for feature
Voice Enhancement for Call Recording as part of Amazon Chime SDK call analytics.
* api-change:``cloudhsm``: [``botocore``] Deprecating CloudHSM Classic API Service.
* api-change:``connectcampaigns``: [``botocore``] Amazon Connect outbound campaigns has launched
agentless dialing mode which enables customers to make automated outbound calls without agent
engagement. This release updates three of the campaign management API's to support the new
agentless dialing mode and the new dialing capacity field.
* api-change:``connectparticipant``: [``botocore``] Amazon Connect Participant Service adds the
ability to get a view resource using a view token, which is provided in a participant message, with
the release of the DescribeView API.
* api-change:``customer-profiles``: [``botocore``] Adds sensitive trait to various shapes in
Customer Profiles API model.
* api-change:``ecs``: [``botocore``] This release adds support for an account-level setting that
you can use to configure the number of days for AWS Fargate task retirement.
* api-change:``grafana``: [``botocore``] Marking SAML RoleValues attribute as sensitive and
updating VpcConfiguration attributes to match documentation.
* api-change:``health``: [``botocore``] Adds new API DescribeEntityAggregatesForOrganization that
retrieves entity aggregates across your organization. Also adds support for resource status
filtering in DescribeAffectedEntitiesForOrganization, resource status aggregates in the
DescribeEntityAggregates response, and new resource statuses.
* api-change:``ivs``: [``botocore``] Updated "type" description for CreateChannel, UpdateChannel,
Channel, and ChannelSummary.
* api-change:``kafkaconnect``: [``botocore``] Minor model changes for Kafka Connect as well as
endpoint updates.
* api-change:``payment-cryptography-data``: [``botocore``] Make KeyCheckValue field optional when
using asymmetric keys as Key Check Values typically only apply to symmetric keys
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
- from version 1.28.38
* api-change:``appflow``: [``botocore``] Add SAP source connector parallel and pagination feature
* api-change:``apprunner``: [``botocore``] App Runner adds support for Bitbucket. You can now
create App Runner connection that connects to your Bitbucket repositories and deploy App Runner
service with the source code stored in a Bitbucket repository.
* api-change:``auditmanager``: [``botocore``] This release marks some assessment metadata as
sensitive. We added a sensitive trait to the following attributes: assessmentName, emailAddress,
scope, createdBy, lastUpdatedBy, and userName.
* api-change:``cleanrooms``: [``botocore``] This release decouples member abilities in a
collaboration. With this change, the member who can run queries no longer needs to be the same as
the member who can receive results.
* api-change:``datasync``: [``botocore``] AWS DataSync introduces Task Reports, a new feature that
provides detailed reports of data transfer operations for each task execution.
* api-change:``neptunedata``: [``botocore``] Allows customers to execute data plane actions like
bulk loading graphs, issuing graph queries using Gremlin and openCypher directly from the SDK.
* api-change:``network-firewall``: [``botocore``] Network Firewall increasing pagination token
string length
* api-change:``pca-connector-ad``: [``botocore``] The Connector for AD allows you to use a
fully-managed AWS Private CA as a drop-in replacement for your self-managed enterprise CAs without
local agents or proxy servers. Enterprises that use AD to manage Windows environments can reduce
their private certificate authority (CA) costs and complexity.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Canvas adds
IdentityProviderOAuthSettings support for CanvasAppSettings
- from version 1.28.37
* api-change:``cognito-idp``: [``botocore``] Added API example requests and responses for several
operations. Fixed the validation regex for user pools Identity Provider name.
* api-change:``fsx``: [``botocore``] Documentation updates for project quotas.
* api-change:``omics``: [``botocore``] Add RetentionMode support for Runs.
* api-change:``sesv2``: [``botocore``] Adds support for the new Export and Message Insights
features: create, get, list and cancel export jobs; get message insights.
- from version 1.28.36
* api-change:``backup``: [``botocore``] Add support for customizing time zone for backup window in
backup plan rules.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate licensing optimization recommendations for sql server running on EC2 instances.
* api-change:``organizations``: [``botocore``] Documentation updates for permissions and links.
* api-change:``securitylake``: [``botocore``] Remove incorrect regex enforcement on pagination
tokens.
* api-change:``service-quotas``: [``botocore``] Service Quotas now supports viewing the applied
quota value and requesting a quota increase for a specific resource in an AWS account.
* api-change:``workspaces-web``: [``botocore``] WorkSpaces Web now enables Admins to configure
which cookies are synchronized from an end-user's local browser to the in-session browser. In
conjunction with a browser extension, this feature enables enhanced Single-Sign On capability by
reducing the number of times an end-user has to authenticate.
- from version 1.28.35
* api-change:``cloudtrail``: [``botocore``] Add ThrottlingException with error code 429 to handle
CloudTrail Delegated Admin request rate exceeded on organization resources.
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``detective``: [``botocore``] Added protections to interacting with fields containing
customer information.
- from version 1.28.34
* api-change:``ec2``: [``botocore``] Amazon EC2 M7a instances, powered by 4th generation AMD EPYC
processors, deliver up to 50% higher performance compared to M6a instances. Amazon EC2 Hpc7a
instances, powered by 4th Gen AMD EPYC processors, deliver up to 2.5x better performance compared
to Amazon EC2 Hpc6a instances.
* api-change:``glue``: [``botocore``] Added API attributes that help in the monitoring of sessions.
* api-change:``mediaconvert``: [``botocore``] This release includes additional audio channel tags
in Quicktime outputs, support for film grain synthesis for AV1 outputs, ability to create
audio-only FLAC outputs, and ability to specify Amazon S3 destination storage class.
* api-change:``medialive``: [``botocore``] MediaLive now supports passthrough of KLV data to a HLS
output group with a TS container. MediaLive now supports setting an attenuation mode for AC3 audio
when the coding mode is 3/2 LFE. MediaLive now supports specifying whether to include filler NAL
units in RTMP output group settings.
* api-change:``mediatailor``: [``botocore``] Adds new source location AUTODETECT_SIGV4 access type.
* api-change:``quicksight``: [``botocore``] Excel support in Snapshot Export APIs. Removed Required
trait for some insight Computations. Namespace-shared Folders support. Global Filters support.
Table pin Column support.
* api-change:``rds``: [``botocore``] This release updates the supported versions for Percona
XtraBackup in Aurora MySQL.
* api-change:``s3control``: [``botocore``] Updates to endpoint ruleset tests to address Smithy
validation issues and standardize the capitalization of DualStack.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions.
- from version 1.28.33
* api-change:``apigateway``: [``botocore``] This release adds RootResourceId to GetRestApi response.
* api-change:``ec2``: [``botocore``] Marking fields as sensitive on BundleTask and GetPasswordData
* api-change:``polly``: [``botocore``] Amazon Polly adds 1 new voice - Zayd (ar-AE)
- from version 1.28.32
* api-change:``ce``: [``botocore``] This release adds the LastUpdatedDate and LastUsedDate
timestamps to help you manage your cost allocation tags.
* api-change:``globalaccelerator``: [``botocore``] Global Accelerator now supports Client Ip
Preservation for Network Load Balancer endpoints.
* api-change:``rds``: [``botocore``] Adding parameters to CreateCustomDbEngineVersion reserved for
future use.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions. Increases max results per page for ListPolicyStores, ListPolicies, and
ListPolicyTemplates APIs from 20 to 50.
- Update BuildRequires and Requires from setup.py
- Update to 1.28.36:
* api-change:``backup``: [``botocore``] Add support for customizing time zone for backup window in
backup plan rules.
* api-change:``compute-optimizer``: [``botocore``] This release enables AWS Compute Optimizer to
analyze and generate licensing optimization recommendations for sql server running on EC2 instances.
* api-change:``organizations``: [``botocore``] Documentation updates for permissions and links.
* api-change:``securitylake``: [``botocore``] Remove incorrect regex enforcement on pagination
tokens.
* api-change:``service-quotas``: [``botocore``] Service Quotas now supports viewing the applied
quota value and requesting a quota increase for a specific resource in an AWS account.
* api-change:``workspaces-web``: [``botocore``] WorkSpaces Web now enables Admins to configure
which cookies are synchronized from an end-user's local browser to the in-session browser. In
conjunction with a browser extension, this feature enables enhanced Single-Sign On capability by
reducing the number of times an end-user has to authenticate.
- from version 1.28.35
* api-change:``cloudtrail``: [``botocore``] Add ThrottlingException with error code 429 to handle
CloudTrail Delegated Admin request rate exceeded on organization resources.
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``detective``: [``botocore``] Added protections to interacting with fields containing
customer information.
- from version 1.28.34
* api-change:``ec2``: [``botocore``] Amazon EC2 M7a instances, powered by 4th generation AMD EPYC
processors, deliver up to 50% higher performance compared to M6a instances. Amazon EC2 Hpc7a
instances, powered by 4th Gen AMD EPYC processors, deliver up to 2.5x better performance compared
to Amazon EC2 Hpc6a instances.
* api-change:``glue``: [``botocore``] Added API attributes that help in the monitoring of sessions.
* api-change:``mediaconvert``: [``botocore``] This release includes additional audio channel tags
in Quicktime outputs, support for film grain synthesis for AV1 outputs, ability to create
audio-only FLAC outputs, and ability to specify Amazon S3 destination storage class.
* api-change:``medialive``: [``botocore``] MediaLive now supports passthrough of KLV data to a HLS
output group with a TS container. MediaLive now supports setting an attenuation mode for AC3 audio
when the coding mode is 3/2 LFE. MediaLive now supports specifying whether to include filler NAL
units in RTMP output group settings.
* api-change:``mediatailor``: [``botocore``] Adds new source location AUTODETECT_SIGV4 access type.
* api-change:``quicksight``: [``botocore``] Excel support in Snapshot Export APIs. Removed Required
trait for some insight Computations. Namespace-shared Folders support. Global Filters support.
Table pin Column support.
* api-change:``rds``: [``botocore``] This release updates the supported versions for Percona
XtraBackup in Aurora MySQL.
* api-change:``s3control``: [``botocore``] Updates to endpoint ruleset tests to address Smithy
validation issues and standardize the capitalization of DualStack.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions.
- from version 1.28.33
* api-change:``apigateway``: [``botocore``] This release adds RootResourceId to GetRestApi response.
* api-change:``ec2``: [``botocore``] Marking fields as sensitive on BundleTask and GetPasswordData
* api-change:``polly``: [``botocore``] Amazon Polly adds 1 new voice - Zayd (ar-AE)
- from version 1.28.32
* api-change:``ce``: [``botocore``] This release adds the LastUpdatedDate and LastUsedDate
timestamps to help you manage your cost allocation tags.
* api-change:``globalaccelerator``: [``botocore``] Global Accelerator now supports Client Ip
Preservation for Network Load Balancer endpoints.
* api-change:``rds``: [``botocore``] Adding parameters to CreateCustomDbEngineVersion reserved for
future use.
* api-change:``verifiedpermissions``: [``botocore``] Documentation updates for Amazon Verified
Permissions. Increases max results per page for ListPolicyStores, ListPolicies, and
ListPolicyTemplates APIs from 20 to 50.
- from version 1.28.31
* api-change:``cloud9``: [``botocore``] Doc only update to add Ubuntu 22.04 as an Image ID option
for Cloud9
* api-change:``ec2``: [``botocore``] The DeleteKeyPair API has been updated to return the keyPairId
when an existing key pair is deleted.
* api-change:``finspace``: [``botocore``] Allow customers to manage outbound traffic from their Kx
Environment when attaching a transit gateway by providing network acl entries. Allow the customer
to choose how they want to update the databases on a cluster allowing updates to possibly be faster
than usual.
* api-change:``rds``: [``botocore``] Adding support for RDS Aurora Global Database Unplanned
Failover
* api-change:``route53domains``: [``botocore``] Fixed typos in description fields
- from version 1.28.30
* api-change:``codecommit``: [``botocore``] Add new ListFileCommitHistory operation to retrieve
commits which introduced changes to a specific file.
* api-change:``securityhub``: [``botocore``] Added Inspector Lambda code Vulnerability section to
ASFF, including GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.
- from version 1.28.29
* api-change:``ec2``: [``botocore``] Adds support for SubnetConfigurations to allow users to select
their own IPv4 and IPv6 addresses for Interface VPC endpoints
* api-change:``gamelift``: [``botocore``] Amazon GameLift updates its instance types support.
- from version 1.28.28
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
- Update BuildRequires and Requires from setup.py
- Update to 1.28.27:
* enhancement:Python: Added provisional Python 3.12 support to Boto3
* enhancement:Python: [``botocore``] Added provisional Python 3.12 support to Botocore
* api-change:``chime-sdk-meetings``: [``botocore``] Updated API documentation to include additional
exceptions.
* api-change:``ec2``: [``botocore``] Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``glue``: [``botocore``] AWS Glue Crawlers can now accept SerDe overrides from a
custom csv classifier. The two SerDe options are LazySimpleSerDe and OpenCSVSerDe. In case, the
user wants crawler to do the selection, "None" can be selected for this purpose.
* api-change:``pi``: [``botocore``] AWS Performance Insights for Amazon RDS is launching
Performance Analysis On Demand, a new feature that allows you to analyze database performance
metrics and find out the performance issues. You can now use SDK to create, list, get, delete, and
manage tags of performance analysis reports.
* api-change:``route53domains``: [``botocore``] Provide explanation if CheckDomainTransferability
return false. Provide requestId if a request is already submitted. Add sensitive protection for
customer information
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender now provides
SupportedResponseMIMETypes from DescribeInferenceRecommendationsJob response
- from version 1.28.26
* api-change:``mediapackage``: [``botocore``] Fix SDK logging of certain fields.
* api-change:``omics``: [``botocore``] This release provides support for annotation store
versioning and cross account sharing for Omics Analytics
* api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family
- from version 1.28.25
* api-change:``amplifybackend``: [``botocore``] Adds sensitive trait to required input shapes.
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in July 2023.
* api-change:``ec2``: [``botocore``] Amazon EC2 P5 instances, powered by the latest NVIDIA H100
Tensor Core GPUs, deliver the highest performance in EC2 for deep learning (DL) and HPC
applications. M7i-flex and M7i instances are next-generation general purpose instances powered by
custom 4th Generation Intel Xeon Scalable processors.
* api-change:``quicksight``: [``botocore``] New Authentication method for Account subscription -
IAM Identity Center. Hierarchy layout support, default column width support and related style
properties for pivot table visuals. Non-additive topic field aggregations for Topic API
* api-change:``ses``: [``botocore``] Update ses client to latest version
* api-change:``swf``: [``botocore``] This release adds new API parameters to override workflow task
list for workflow executions.
- from version 1.28.24
* api-change:``cloudtrail``: [``botocore``] Documentation updates for CloudTrail.
* api-change:``connect``: [``botocore``] This release adds APIs to provision agents that are global
/ available in multiple AWS regions and distribute them across these regions by percentage.
* api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
* api-change:``omics``: [``botocore``] This release adds instanceType to GetRunTask & ListRunTasks
responses.
* api-change:``secretsmanager``: [``botocore``] Add additional InvalidRequestException to list of
possible exceptions for ListSecret.
* api-change:``transfer``: [``botocore``] Documentation updates for AW Transfer Family
- from version 1.28.23
* api-change:``chime-sdk-voice``: [``botocore``] Updating CreatePhoneNumberOrder, UpdatePhoneNumber
and BatchUpdatePhoneNumbers APIs, adding phone number name
* api-change:``fsx``: [``botocore``] For FSx for Lustre, add new data repository task type,
RELEASE_DATA_FROM_FILESYSTEM, to release files that have been archived to S3. For FSx for Windows,
enable support for configuring and updating SSD IOPS, and for updating storage type. For FSx for
OpenZFS, add new deployment type, MULTI_AZ_1.
* api-change:``globalaccelerator``: [``botocore``] Documentation update for dualstack EC2 endpoint
support
* api-change:``guardduty``: [``botocore``] Added autoEnable ALL to UpdateOrganizationConfiguration
and DescribeOrganizationConfiguration APIs.
* api-change:``sagemaker``: [``botocore``] This release adds support for cross account access for
SageMaker Model Cards through AWS RAM.
- from version 1.28.22
* api-change:``backup``: [``botocore``] This release introduces a new logically air-gapped vault
(Preview) in AWS Backup that stores immutable backup copies, which are locked by default and
isolated with encryption using AWS owned keys. Logically air-gapped vault (Preview) allows secure
recovery of application data across accounts.
* api-change:``elasticache``: [``botocore``] Added support for cluster mode in online migration and
test migration API
* api-change:``servicecatalog``: [``botocore``] Introduce support for HashiCorp Terraform Cloud in
Service Catalog by addying TERRAFORM_CLOUD product type in CreateProduct and
CreateProvisioningArtifact API.
- from version 1.28.21
* api-change:``detective``: [``botocore``] Updated the email validation regex to be in line with
the TLD name specifications.
* api-change:``ivs-realtime``: [``botocore``] Add QUOTA_EXCEEDED and PUBLISHER_NOT_FOUND to
EventErrorCode for stage health events.
* api-change:``kinesis-video-archived-media``: [``botocore``] This release enables minimum of
Images SamplingInterval to be as low as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``kinesisvideo``: [``botocore``] This release enables minimum of Images
SamplingInterval to be as low as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``rekognition``: [``botocore``] This release adds code snippets for Amazon Rekognition
Custom Labels.
- from version 1.28.20
* api-change:``acm-pca``: [``botocore``] Documentation correction for AWS Private CA
* api-change:``connect``: [``botocore``] Added a new API UpdateRoutingProfileAgentAvailabilityTimer
to update agent availability timer of a routing profile.
* api-change:``datasync``: [``botocore``] Display cloud storage used capacity at a cluster level.
* api-change:``ecs``: [``botocore``] This is a documentation update to address various tickets.
* api-change:``sagemaker``: [``botocore``] Including DataCaptureConfig key in the Amazon Sagemaker
Search's transform job object
- from version 1.28.19
* api-change:``autoscaling``: [``botocore``] Documentation changes related to Amazon EC2 Auto
Scaling APIs.
* api-change:``cloud9``: [``botocore``] Updated the deprecation date for Amazon Linux. Doc only
update.
* api-change:``dms``: [``botocore``] The release makes public API for DMS Schema Conversion feature.
* api-change:``ec2``: [``botocore``] This release adds new parameter isPrimaryIPv6 to allow
assigning an IPv6 address as a primary IPv6 address to a network interface which cannot be changed
to give equivalent functionality available for network interfaces with primary IPv4 address.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker now supports running training jobs on
p5.48xlarge instance types.
- from version 1.28.18
* api-change:``budgets``: [``botocore``] As part of CAE tagging integration we need to update our
budget names regex filter to prevent customers from using "/action/" in their budget names.
* api-change:``cognito-idp``: [``botocore``] New feature that logs Cognito user pool error messages
to CloudWatch logs.
* api-change:``glue``: [``botocore``] This release includes additional Glue Streaming KAKFA SASL
property types.
* api-change:``resiliencehub``: [``botocore``] Drift Detection capability added when applications
policy has moved from a meet to breach state. Customers will be able to exclude operational
recommendations and receive credit in their resilience score. Customers can now add ARH permissions
to an existing or new role.
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender introduces a new API
GetScalingConfigurationRecommendation to recommend auto scaling policies based on completed
Inference Recommender jobs.
- from version 1.28.17
* api-change:``batch``: [``botocore``] This release adds support for price capacity optimized
allocation strategy for Spot Instances.
* api-change:``dms``: [``botocore``] Adding new API describe-engine-versions which provides
information about the lifecycle of a replication instance's version.
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon
CloudWatch Internet Monitor that enables customers to set custom thresholds, for performance and
availability drops, for impact limited to a single city-network to trigger creation of a health
event.
* api-change:``medialive``: [``botocore``] AWS Elemental Link devices now report their Availability
Zone. Link devices now support the ability to change their Availability Zone.
* api-change:``polly``: [``botocore``] Amazon Polly adds new French Belgian voice - Isabelle.
Isabelle is available as Neural voice only.
* api-change:``rds``: [``botocore``] Added support for deleted clusters PiTR.
* api-change:``sagemaker``: [``botocore``] Add Stairs TrafficPattern and FlatInvocations to
RecommendationJobStoppingConditions
- from version 1.28.16
* api-change:``amplifyuibuilder``: [``botocore``] Amplify Studio releases GraphQL support for
codegen job action.
* api-change:``autoscaling``: [``botocore``] You can now configure an instance refresh to set its
status to 'failed' when it detects that a specified CloudWatch alarm has gone into the ALARM state.
You can also choose to roll back the instance refresh automatically when the alarm threshold is met.
* api-change:``cleanrooms``: [``botocore``] This release introduces custom SQL queries - an
expanded set of SQL you can run. This release adds analysis templates, a new resource for storing
pre-defined custom SQL queries ahead of time. This release also adds the Custom analysis rule,
which lets you approve analysis templates for querying.
* api-change:``codestar-connections``: [``botocore``] New integration with the Gitlab provider type.
* api-change:``drs``: [``botocore``] Add support for in-aws right sizing
* api-change:``inspector2``: [``botocore``] This release adds 1 new API: BatchGetFindingDetails to
retrieve enhanced vulnerability intelligence details for findings.
* api-change:``lookoutequipment``: [``botocore``] This release includes new import resource, model
versioning and resource policy features.
* api-change:``omics``: [``botocore``] Add CreationType filter for ListReadSets
* api-change:``rds``: [``botocore``] This release adds support for Aurora MySQL local write
forwarding, which allows for forwarding of write operations from reader DB instances to the writer
DB instance.
* api-change:``route53``: [``botocore``] Amazon Route 53 now supports the Israel (Tel Aviv) Region
(il-central-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that
region.
* api-change:``scheduler``: [``botocore``] This release introduces automatic deletion of schedules
in EventBridge Scheduler. If configured, EventBridge Scheduler automatically deletes a schedule
after the schedule has completed its last invocation.
- from version 1.28.15
* enhancement:HTTP: [``botocore``] Move 100-continue behavior to use `HTTPConnections` request
interface.
* api-change:``application-insights``: [``botocore``] This release enable customer to
add/remove/update more than one workload for a component
* api-change:``cloudformation``: [``botocore``] This SDK release is for the feature launch of AWS
CloudFormation RetainExceptOnCreate. It adds a new parameter retainExceptOnCreate in the following
APIs: CreateStack, UpdateStack, RollbackStack, ExecuteChangeSet.
* api-change:``cloudfront``: [``botocore``] Add a new JavaScript runtime version for CloudFront
Functions.
* api-change:``connect``: [``botocore``] This release adds support for new number types.
* api-change:``kafka``: [``botocore``] Amazon MSK has introduced new versions of
ListClusterOperations and DescribeClusterOperation APIs. These v2 APIs provide information and
insights into the ongoing operations of both MSK Provisioned and MSK Serverless clusters.
* api-change:``pinpoint``: [``botocore``] Added support for sending push notifications using the
FCM v1 API with json credentials. Amazon Pinpoint customers can now deliver messages to Android
devices using both FCM v1 API and the legacy FCM/GCM API
- from version 1.28.14
* enhancement:compression: [``botocore``] Adds support for the ``requestcompression`` operation
trait.
* api-change:``sqs``: [``botocore``] Documentation changes related to SQS APIs.
- from version 1.28.13
* api-change:``autoscaling``: [``botocore``] This release updates validation for instance types
used in the AllowedInstanceTypes and ExcludedInstanceTypes parameters of the InstanceRequirements
property of a MixedInstancesPolicy.
* api-change:``ebs``: [``botocore``] SDK and documentation updates for Amazon Elastic Block Store
API
* api-change:``ec2``: [``botocore``] SDK and documentation updates for Amazon Elastic Block Store
APIs
* api-change:``eks``: [``botocore``] Add multiple customer error code to handle customer caused
failure when managing EKS node groups
* api-change:``sagemaker``: [``botocore``] Expose ProfilerConfig attribute in SageMaker Search API
response.
- from version 1.28.12
* api-change:``cloudcontrol``: [``botocore``] Updates the documentation for CreateResource.
* api-change:``entityresolution``: [``botocore``] AWS Entity Resolution can effectively match a
source record from a customer relationship management (CRM) system with a source record from a
marketing system containing campaign information.
* api-change:``glue``: [``botocore``] Release Glue Studio Snowflake Connector Node for SDK/CLI
* api-change:``healthlake``: [``botocore``] Updating the HealthLake service documentation.
* api-change:``managedblockchain-query``: [``botocore``] Amazon Managed Blockchain (AMB) Query
provides serverless access to standardized, multi-blockchain datasets with developer-friendly APIs.
* api-change:``mediaconvert``: [``botocore``] This release includes general updates to user
documentation.
* api-change:``omics``: [``botocore``] The service is renaming as a part of AWS Health.
* api-change:``opensearchserverless``: [``botocore``] This release adds new collection type
VectorSearch.
* api-change:``polly``: [``botocore``] Amazon Polly adds 1 new voice - Lisa (nl-BE)
* api-change:``route53``: [``botocore``] Update that corrects the documents for received feedback.
- from version 1.28.11
* api-change:``billingconductor``: [``botocore``] Added support for Auto-Assocate Billing Groups
for CreateBillingGroup, UpdateBillingGroup, and ListBillingGroups.
* api-change:``customer-profiles``: [``botocore``] Amazon Connect Customer Profiles now supports
rule-based resolution to match and merge similar profiles into unified profiles, helping companies
deliver faster and more personalized customer service by providing access to relevant customer
information for agents and automated experiences.
* api-change:``datasync``: [``botocore``] AWS DataSync now supports Microsoft Azure Blob Storage
locations.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB
* api-change:``ec2``: [``botocore``] This release adds an instance's peak and baseline network
bandwidth as well as the memory sizes of an instance's inference accelerators to
DescribeInstanceTypes.
* api-change:``emr-serverless``: [``botocore``] This release adds support for publishing
application logs to CloudWatch.
* api-change:``lambda``: [``botocore``] Add Python 3.11 (python3.11) support to AWS Lambda
* api-change:``rds``: [``botocore``] This release adds support for monitoring storage optimization
progress on the DescribeDBInstances API.
* api-change:``sagemaker``: [``botocore``] Mark ContentColumn and TargetLabelColumn as required
Targets in TextClassificationJobConfig in CreateAutoMLJobV2API
* api-change:``securityhub``: [``botocore``] Add support for CONTAINS and NOT_CONTAINS comparison
operators for Automation Rules string filters and map filters
* api-change:``sts``: [``botocore``] API updates for the AWS Security Token Service
* api-change:``transfer``: [``botocore``] This release adds support for SFTP Connectors.
* api-change:``wisdom``: [``botocore``] This release added two new data types:
AssistantIntegrationConfiguration, and SessionIntegrationConfiguration to support Wisdom
integration with Amazon Connect Chat
- from version 1.28.10
* api-change:``apigatewayv2``: [``botocore``] Documentation updates for Amazon API Gateway.
* api-change:``ce``: [``botocore``] This release introduces the new API
'GetSavingsPlanPurchaseRecommendationDetails', which retrieves the details for a Savings Plan
recommendation. It also updates the existing API 'GetSavingsPlansPurchaseRecommendation' to include
the recommendation detail ID.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] AWS Media Pipeline compositing
enhancement and Media Insights Pipeline auto language identification.
* api-change:``cloudformation``: [``botocore``] This release supports filtering by DRIFT_STATUS for
existing API ListStackInstances and adds support for a new API ListStackInstanceResourceDrifts.
Customers can now view resource drift information from their StackSet management accounts.
* api-change:``ec2``: [``botocore``] Add "disabled" enum value to SpotInstanceState.
* api-change:``glue``: [``botocore``] Added support for Data Preparation Recipe node in Glue Studio
jobs
* api-change:``quicksight``: [``botocore``] This release launches new Snapshot APIs for CSV and PDF
exports, adds support for info icon for filters and parameters in Exploration APIs, adds modeled
exception to the DeleteAccountCustomization API, and introduces AttributeAggregationFunction's
ability to add UNIQUE_VALUE aggregation in tooltips.
- from version 1.28.9
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Crawler with Apache
Hudi Tables, allowing Crawlers to discover Hudi Tables in S3 and register them in Glue Data Catalog
for query engines to query against.
* api-change:``mediaconvert``: [``botocore``] This release includes improvements to Preserve 444
handling, compatibility of HEVC sources without frame rates, and general improvements to MP4
outputs.
* api-change:``rds``: [``botocore``] Adds support for the DBSystemID parameter of CreateDBInstance
to RDS Custom for Oracle.
* api-change:``workspaces``: [``botocore``] Fixed VolumeEncryptionKey descriptions
- from version 1.28.8
* api-change:``codecatalyst``: [``botocore``] This release adds support for updating and deleting
spaces and projects in Amazon CodeCatalyst. It also adds support for creating, getting, and
deleting source repositories in CodeCatalyst projects.
* api-change:``connectcases``: [``botocore``] This release adds the ability to assign a case to a
queue or user.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``route53resolver``: [``botocore``] This release adds support for Route 53 On
Outposts, a new feature that allows customers to run Route 53 Resolver and Resolver endpoints
locally on their Outposts.
* api-change:``s3``: [``botocore``] Improve performance of S3 clients by simplifying and optimizing
endpoint resolution.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Cross account support for SageMaker
Feature Store
* api-change:``sagemaker``: [``botocore``] Cross account support for SageMaker Feature Store
* api-change:``securitylake``: [``botocore``] Adding support for Tags on Create and Resource
Tagging API.
* api-change:``transcribe``: [``botocore``] Added API argument --toxicity-detection to
startTranscriptionJob API, which allows users to view toxicity scores of submitted audio.
- from version 1.28.7
* enhancement:AWSCRT: [``botocore``] Upgrade awscrt version to 0.16.26
* api-change:``savingsplans``: [``botocore``] Savings Plans endpoints update
- from version 1.28.6
* api-change:``cloudformation``: [``botocore``] SDK and documentation updates for
GetTemplateSummary API (unrecognized resources)
* api-change:``ec2``: [``botocore``] Amazon EC2 documentation updates.
* api-change:``grafana``: [``botocore``] Amazon Managed Grafana now supports grafanaVersion update
for existing workspaces with UpdateWorkspaceConfiguration API. DescribeWorkspaceConfiguration API
additionally returns grafanaVersion. A new ListVersions API lists available versions or, if given a
workspaceId, the versions it can upgrade to.
* api-change:``medical-imaging``: [``botocore``] General Availability (GA) release of AWS Health
Imaging, enabling customers to store, transform, and analyze medical imaging data at petabyte-scale.
* api-change:``ram``: [``botocore``] This release adds support for securely sharing with AWS
service principals.
* api-change:``ssm-sap``: [``botocore``] Added support for SAP Hana High Availability discovery
(primary and secondary nodes) and Backint agent installation with SSM for SAP.
* api-change:``wafv2``: [``botocore``] Added the URI path to the custom aggregation keys that you
can specify for a rate-based rule.
- from version 1.28.5
* api-change:``codeguru-security``: [``botocore``] Documentation updates for CodeGuru Security.
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Update to include Contact Lens
Conversational Analytics Metrics
* api-change:``es``: [``botocore``] Regex Validation on the ElasticSearch Engine Version attribute
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``m2``: [``botocore``] Allows UpdateEnvironment to update the environment to 0 host
capacity. New GetSignedBluinsightsUrl API
* api-change:``snowball``: [``botocore``] Adds support for RACK_5U_C. This is the first AWS Snow
Family device designed to meet U.S. Military Ruggedization Standards (MIL-STD-810H) with 208 vCPU
device in a portable, compact 5U, half-rack width form-factor.
* api-change:``translate``: [``botocore``] Added DOCX word document support to TranslateDocument API
- from version 1.28.4
* api-change:``codeartifact``: [``botocore``] Doc only update for AWS CodeArtifact
* api-change:``docdb``: [``botocore``] Added major version upgrade option in ModifyDBCluster API
* api-change:``ec2``: [``botocore``] Add Nitro TPM support on DescribeInstanceTypes
* api-change:``glue``: [``botocore``] Adding new supported permission type flags to get-unfiltered
endpoints that callers may pass to indicate support for enforcing Lake Formation fine-grained
access control on nested column attributes.
* api-change:``ivs``: [``botocore``] This release provides the flexibility to configure what
renditions or thumbnail qualities to record when creating recording configuration.
* api-change:``lakeformation``: [``botocore``] Adds supports for ReadOnlyAdmins and
AllowFullTableExternalDataAccess. Adds NESTED_PERMISSION and NESTED_CELL_PERMISSION to
SUPPORTED_PERMISSION_TYPES enum. Adds CREATE_LF_TAG on catalog resource and ALTER, DROP, and
GRANT_WITH_LF_TAG_EXPRESSION on LF Tag resource.
- from version 1.28.3
* api-change:``cognito-idp``: [``botocore``] API model updated in Amazon Cognito
* api-change:``connect``: [``botocore``] Add support for deleting Queues and Routing Profiles.
* api-change:``datasync``: [``botocore``] Added LunCount to the response object of
DescribeStorageSystemResourcesResponse, LunCount represents the number of LUNs on a storage system
resource.
* api-change:``dms``: [``botocore``] Enhanced PostgreSQL target endpoint settings for providing
Babelfish support.
* api-change:``ec2``: [``botocore``] This release adds support for the C7gn and Hpc7g instances.
C7gn instances are powered by AWS Graviton3 processors and the fifth-generation AWS Nitro Cards.
Hpc7g instances are powered by AWS Graviton 3E processors and provide up to 200 Gbps network
bandwidth.
* api-change:``fsx``: [``botocore``] Amazon FSx for NetApp ONTAP now supports SnapLock, an ONTAP
feature that enables you to protect your files in a volume by transitioning them to a write once,
read many (WORM) state.
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
(IAM).
* api-change:``mediatailor``: [``botocore``] Adds categories to MediaTailor channel assembly alerts
* api-change:``personalize``: [``botocore``] This release provides ability to customers to change
schema associated with their datasets in Amazon Personalize
* api-change:``proton``: [``botocore``] This release adds support for deployment history for Proton
provisioned resources
* api-change:``s3``: [``botocore``] S3 Inventory now supports Object Access Control List and Object
Owner as available object metadata fields in inventory reports.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Canvas adds WorkspeceSettings support
for CanvasAppSettings
* api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
- Update BuildRequires and Requires from setup.py
- Update to 1.28.2:
* bugfix:s3: [``botocore``] Fix s3 presigned URLs for operations with query components (`#2962
<https://github.com/boto/botocore/issues/2962>`__)
* api-change:``cognito-idp``: [``botocore``] API model updated in Amazon Cognito
- from version 1.28.1
* api-change:``dms``: [``botocore``] Releasing DMS Serverless. Adding support for PostgreSQL 15.x
as source and target endpoint. Adding support for DocDB Elastic Clusters with sharded collections,
PostgreSQL datatype mapping customization and disabling hostname validation of the certificate
authority in Kafka endpoint settings
* api-change:``glue``: [``botocore``] This release enables customers to create new Apache Iceberg
tables and associated metadata in Amazon S3 by using native AWS Glue CreateTable operation.
* api-change:``logs``: [``botocore``] Add CMK encryption support for CloudWatch Logs Insights query
result data
* api-change:``medialive``: [``botocore``] This release enables the use of Thumbnails in AWS
Elemental MediaLive.
* api-change:``mediatailor``: [``botocore``] The AWS Elemental MediaTailor SDK for Channel Assembly
has added support for EXT-X-CUE-OUT and EXT-X-CUE-IN tags to specify ad breaks in HLS outputs,
including support for EXT-OATCLS, EXT-X-ASSET, and EXT-X-CUE-OUT-CONT accessory tags.
- from version 1.28.0
* enhancement:configprovider: [``botocore``] Always use shallow copy of session config value store
for clients
* feature:configuration: [``botocore``] Configure the endpoint URL in the shared configuration file
or via an environment variable for a specific AWS service or all AWS services.
* bugfix:configprovider: [``botocore``] Fix bug when deep copying config value store where
overrides were not preserved
* api-change:``ec2``: [``botocore``] Add Nitro Enclaves support on DescribeInstanceTypes
* api-change:``location``: [``botocore``] This release adds support for authenticating with Amazon
Location Service's Places & Routes APIs with an API Key. Also, with this release developers can
publish tracked device position updates to Amazon EventBridge.
* api-change:``outposts``: [``botocore``] Added paginator support to several APIs. Added the
ISOLATED enum value to AssetState.
* api-change:``quicksight``: [``botocore``] This release includes below three changes: small
multiples axes improvement, field based coloring, removed required trait from Aggregation function
for TopBottomFilter.
* api-change:``rds``: [``botocore``] Updates Amazon RDS documentation for creating DB instances and
creating Aurora global clusters.
- from version 1.27.1
* api-change:``comprehendmedical``: [``botocore``] Update to Amazon Comprehend Medical
documentation.
* api-change:``connect``: [``botocore``] GetMetricDataV2 API: Channels filters do not count towards
overall limitation of 100 filter values.
* api-change:``kms``: [``botocore``] Added Dry Run Feature to cryptographic and cross-account
mutating KMS APIs (14 in all). This feature allows users to test their permissions and parameters
before making the actual API call.
* api-change:``mgn``: [``botocore``] This release introduces the Global view feature and new
Replication state APIs.
* api-change:``securityhub``: [``botocore``] Documentation updates for AWS Security Hub
- from version 1.27.0
* feature:Useragent: [``botocore``] Update User-Agent header format
* api-change:``batch``: [``botocore``] This feature allows customers to use AWS Batch with Linux
with ARM64 CPU Architecture and X86_64 CPU Architecture with Windows OS on Fargate Platform.
* api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender now accepts new fields
SupportedEndpointType and ServerlessConfiguration to support serverless endpoints.
- from version 1.26.165
* api-change:``amp``: [``botocore``] AWS SDK service model generation tool version upgrade.
* api-change:``ecs``: [``botocore``] Added new field "credentialspecs" to the ecs task definition
to support gMSA of windows/linux in both domainless and domain-joined mode
* api-change:``ivs``: [``botocore``] Corrects the HTTP response code in the generated docs for
PutMetadata and DeleteRecordingConfiguration APIs.
* api-change:``mediaconvert``: [``botocore``] This release includes improved color handling of
overlays and general updates to user documentation.
* api-change:``sagemaker``: [``botocore``] This release adds support for rolling deployment in
SageMaker Inference.
* api-change:``transfer``: [``botocore``] Add outbound Basic authentication support to AS2
connectors
* api-change:``verifiedpermissions``: [``botocore``] This release corrects several broken links in
the documentation.
- from version 1.26.164
* api-change:``appstream``: [``botocore``] This release introduces app block builder, allowing
customers to provision a resource to package applications into an app block
* api-change:``chime``: [``botocore``] The Amazon Chime SDK APIs in the Chime namespace are no
longer supported. Customers should use APIs in the dedicated Amazon Chime SDK namespaces:
ChimeSDKIdentity, ChimeSDKMediaPipelines, ChimeSDKMeetings, ChimeSDKMessaging, and ChimeSDKVoice.
* api-change:``cleanrooms``: [``botocore``] This release adds support for the OR operator in RSQL
join match conditions and the ability to control which operators (AND, OR) are allowed in a join
match condition.
* api-change:``dynamodb``: [``botocore``] This release adds ReturnValuesOnConditionCheckFailure
parameter to PutItem, UpdateItem, DeleteItem, ExecuteStatement, BatchExecuteStatement and
ExecuteTransaction APIs. When set to ALL_OLD, API returns a copy of the item as it was when a
conditional write failed
* api-change:``gamelift``: [``botocore``] Amazon GameLift now supports game builds that use the
Amazon Linux 2023 (AL2023) operating system.
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Crawler with Iceberg
Tables, allowing Crawlers to discover Iceberg Tables in S3 and register them in Glue Data Catalog
for query engines to query against.
* api-change:``sagemaker``: [``botocore``] Adding support for timeseries forecasting in the
CreateAutoMLJobV2 API.
- Update BuildRequires and Requires from setup.py
- Update to 1.26.163:
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon
CloudWatch Internet Monitor that enables customers to set custom thresholds, for performance and
availability drops, for triggering when to create a health event.
* api-change:``kinesisanalyticsv2``: [``botocore``] Support for new runtime environment in Kinesis
Data Analytics Studio: Zeppelin-0.10, Apache Flink-1.15
* api-change:``lambda``: [``botocore``] Surface ResourceConflictException in
DeleteEventSourceMapping
* api-change:``omics``: [``botocore``] Add Common Workflow Language (CWL) as a supported language
for Omics workflows
* api-change:``rds``: [``botocore``] Amazon Relational Database Service (RDS) now supports joining
a RDS for SQL Server instance to a self-managed Active Directory.
* api-change:``s3``: [``botocore``] The S3 LISTObjects, ListObjectsV2 and ListObjectVersions API
now supports a new optional header x-amz-optional-object-attributes. If header contains
RestoreStatus as the value, then S3 will include Glacier restore status i.e. isRestoreInProgress
and RestoreExpiryDate in List response.
* api-change:``sagemaker``: [``botocore``] This release adds support for Model Cards Model Registry
integration.
- from version 1.26.162
* bugfix:Parsers: [``botocore``] Fixes datetime parse error handling for out-of-range and negative
timestamps (`#2564 <https://github.com/boto/botocore/issues/2564>`__).
* api-change:``appfabric``: [``botocore``] Initial release of AWS AppFabric for connecting SaaS
applications for better productivity and security.
* api-change:``appflow``: [``botocore``] This release adds support to bypass SSO with the SAPOData
connector when connecting to an SAP instance.
* api-change:``emr-serverless``: [``botocore``] This release adds support to update the release
label of an EMR Serverless application to upgrade it to a different version of Amazon EMR via
UpdateApplication API.
* api-change:``ivs``: [``botocore``] IVS customers can now revoke the viewer session associated
with an auth token, to prevent and stop playback using that token.
* api-change:``kinesisvideo``: [``botocore``] General Availability (GA) release of Kinesis Video
Streams at Edge, enabling customers to provide a configuration for the Kinesis Video Streams
EdgeAgent running on an on-premise IoT device. Customers can now locally record from cameras and
stream videos to the cloud on a configured schedule.
* api-change:``macie2``: [``botocore``] This release adds support for configuring new
classification jobs to use the set of managed data identifiers that we recommend for jobs. For the
managed data identifier selection type (managedDataIdentifierSelector), specify RECOMMENDED.
* api-change:``privatenetworks``: [``botocore``] This release allows Private5G customers to choose
different commitment plans (60-days, 1-year, 3-years) when placing new orders, enables automatic
renewal option for 1-year and 3-years commitments. It also allows customers to update the
commitment plan of an existing radio unit.
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] Introducing TTL for online store
records for feature groups.
* api-change:``sagemaker``: [``botocore``] Introducing TTL for online store records in feature
groups.
* api-change:``ssm``: [``botocore``] Systems Manager doc-only update for June 2023.
* api-change:``verifiedpermissions``: [``botocore``] This update fixes several broken links to the
Cedar documentation.
- from version 1.26.161
* api-change:``connect``: [``botocore``] This release provides a way to search for existing tags
within an instance. Before tagging a resource, ensure consistency by searching for pre-existing
key:value pairs.
* api-change:``glue``: [``botocore``] Timestamp Starting Position For Kinesis and Kafka Data
Sources in a Glue Streaming Job
* api-change:``guardduty``: [``botocore``] Add support for user.extra.sessionName in Kubernetes
Audit Logs Findings.
* api-change:``iam``: [``botocore``] Support for a new API "GetMFADevice" to present MFA device
metadata such as device certifications
* api-change:``pinpoint``: [``botocore``] Added time zone estimation support for journeys
- from version 1.26.160
* api-change:``devops-guru``: [``botocore``] This release adds support for encryption via customer
managed keys.
* api-change:``fsx``: [``botocore``] Update to Amazon FSx documentation.
* api-change:``rds``: [``botocore``] Documentation improvements for create, describe, and modify DB
clusters and DB instances.
* api-change:``verifiedpermissions``: [``botocore``] Added improved descriptions and new code
samples to SDK documentation.
- from version 1.26.159
* api-change:``chime-sdk-identity``: [``botocore``] AppInstanceBots can be configured to be invoked
or not using the Target or the CHIME.mentions attribute for ChannelMessages
* api-change:``chime-sdk-messaging``: [``botocore``] ChannelMessages can be made visible to sender
and intended recipient rather than all channel members with the target attribute. For example, a
user can send messages to a bot and receive messages back in a group channel without other members
seeing them.
* api-change:``kendra``: [``botocore``] Introducing Amazon Kendra Retrieve API that can be used to
retrieve relevant passages or text excerpts given an input query.
* api-change:``stepfunctions``: [``botocore``] Update stepfunctions client to latest version
- from version 1.26.158
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``inspector2``: [``botocore``] This release adds support for Software Bill of
Materials (SBOM) export and the general availability of code scanning for AWS Lambda functions.
* api-change:``mediaconvert``: [``botocore``] This release introduces the bandwidth reduction
filter for the HEVC encoder, increases the limits of outputs per job, and updates support for the
Nagra SDK to version 1.14.7.
* api-change:``mq``: [``botocore``] The Cross Region Disaster Recovery feature allows to replicate
a brokers state from one region to another in order to provide customers with multi-region
resiliency in the event of a regional outage.
* api-change:``sagemaker``: [``botocore``] This release provides support in SageMaker for output
files in training jobs to be uploaded without compression and enable customer to deploy
uncompressed model from S3 to real-time inference Endpoints. In addition, ml.trn1n.32xlarge is
added to supported instance type list in training job.
* api-change:``transfer``: [``botocore``] This release adds a new parameter
StructuredLogDestinations to CreateServer, UpdateServer APIs.
- from version 1.26.157
* api-change:``appflow``: [``botocore``] This release adds new API to reset connector metadata cache
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in May 2023.
* api-change:``ec2``: [``botocore``] Adds support for targeting Dedicated Host allocations by
assetIds in AWS Outposts
* api-change:``lambda``: [``botocore``] This release adds RecursiveInvocationException to the
Invoke API and InvokeWithResponseStream API.
* api-change:``redshift``: [``botocore``] Added support for custom domain names for Redshift
Provisioned clusters. This feature enables customers to create a custom domain name and use ACM to
generate fully secure connections to it.
- from version 1.26.156
* api-change:``cloudformation``: [``botocore``] Specify desired CloudFormation behavior in the
event of ChangeSet execution failure using the CreateChangeSet OnStackFailure parameter
* api-change:``ec2``: [``botocore``] API changes to AWS Verified Access to include data from trust
providers in logs
* api-change:``ecs``: [``botocore``] Documentation only update to address various tickets.
* api-change:``glue``: [``botocore``] This release adds support for creating cross region
table/database resource links
* api-change:``pricing``: [``botocore``] This release updates the PriceListArn regex pattern.
* api-change:``route53domains``: [``botocore``] Update MaxItems upper bound to 1000 for
ListPricesRequest
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Autopilot releases CreateAutoMLJobV2
and DescribeAutoMLJobV2 for Autopilot customers with ImageClassification, TextClassification and
Tabular problem type config support.
- from version 1.26.155
* api-change:``account``: [``botocore``] Improve pagination support for ListRegions
* api-change:``connect``: [``botocore``] Updates the *InstanceStorageConfig APIs to support a new
ResourceType: SCREEN_RECORDINGS to enable screen recording and specify the storage configurations
for publishing the recordings. Also updates DescribeInstance and ListInstances APIs to include
InstanceAccessUrl attribute in the API response.
* api-change:``discovery``: [``botocore``] Add Amazon EC2 instance recommendations export
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
(IAM).
* api-change:``s3``: [``botocore``] This release adds SDK support for request-payer request header
and request-charged response header in the "GetBucketAccelerateConfiguration",
"ListMultipartUploads", "ListObjects", "ListObjectsV2" and "ListObjectVersions" S3 APIs.
- from version 1.26.154
* api-change:``auditmanager``: [``botocore``] This release introduces 2 Audit Manager features: CSV
exports and new manual evidence options. You can now export your evidence finder results in CSV
format. In addition, you can now add manual evidence to a control by entering free-form text or
uploading a file from your browser.
* api-change:``efs``: [``botocore``] Update efs client to latest version
* api-change:``guardduty``: [``botocore``] Updated descriptions for some APIs.
* api-change:``location``: [``botocore``] Amazon Location Service adds categories to places,
including filtering on those categories in searches. Also, you can now add metadata properties to
your geofences.
- Update BuildRequires and Requires from setup.py
- Update to 1.26.153:
* api-change:``cloudtrail``: [``botocore``] This feature allows users to view dashboards for
CloudTrail Lake event data stores.
* api-change:``codeguru-security``: [``botocore``] Initial release of Amazon CodeGuru Security APIs
* api-change:``drs``: [``botocore``] Added APIs to support network replication and recovery using
AWS Elastic Disaster Recovery.
* api-change:``ec2``: [``botocore``] This release introduces a new feature, EC2 Instance Connect
Endpoint, that enables you to connect to a resource over TCP, without requiring the resource to
have a public IPv4 address.
* api-change:``imagebuilder``: [``botocore``] Change the Image Builder ImagePipeline dateNextRun
field to more accurately describe the data.
* api-change:``lightsail``: [``botocore``] This release adds pagination for the Get Certificates
API operation.
* api-change:``s3``: [``botocore``] Integrate double encryption feature to SDKs.
* api-change:``securityhub``: [``botocore``] Add support for Security Hub Automation Rules
* api-change:``simspaceweaver``: [``botocore``] This release fixes using aws-us-gov ARNs in API
calls and adds documentation for snapshot APIs.
* api-change:``verifiedpermissions``: [``botocore``] GA release of Amazon Verified Permissions.
* api-change:``wafv2``: [``botocore``] You can now detect and block fraudulent account creation
attempts with the new AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule
group AWSManagedRulesACFPRuleSet.
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected now supports Profiles that
help customers prioritize which questions to focus on first by providing a list of prioritized
questions that are better aligned with their business goals and outcomes.
- from version 1.26.152
* api-change:``amplifyuibuilder``: [``botocore``] AWS Amplify UIBuilder is launching Codegen UI, a
new feature that enables you to generate your amplify uibuilder components and forms.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB
* api-change:``dynamodbstreams``: [``botocore``] Update dynamodbstreams client to latest version
* api-change:``fsx``: [``botocore``] Amazon FSx for NetApp ONTAP now supports joining a storage
virtual machine (SVM) to Active Directory after the SVM has been created.
* api-change:``opensearch``: [``botocore``] This release adds support for SkipUnavailable
connection property for cross cluster search
* api-change:``rekognition``: [``botocore``] This release adds support for improved accuracy with
user vector in Amazon Rekognition Face Search. Adds new APIs: AssociateFaces, CreateUser,
DeleteUser, DisassociateFaces, ListUsers, SearchUsers, SearchUsersByImage. Also adds new face
metadata that can be stored: user vector.
* api-change:``sagemaker``: [``botocore``] Sagemaker Neo now supports compilation for inferentia2
(ML_INF2) and Trainium1 (ML_TRN1) as available targets. With these devices, you can run your
workloads at highest performance with lowest cost. inferentia2 (ML_INF2) is available in CMH and
Trainium1 (ML_TRN1) is available in IAD currently
- from version 1.26.151
* api-change:``acm-pca``: [``botocore``] Document-only update to refresh CLI documentation for AWS
Private CA. No change to the service.
* api-change:``connect``: [``botocore``] This release adds search APIs for Prompts, Quick Connects
and Hours of Operations, which can be used to search for those resources within a Connect Instance.
- from version 1.26.150
* api-change:``athena``: [``botocore``] You can now define custom spark properties at start of the
session for use cases like cluster encryption, table formats, and general Spark tuning.
* api-change:``comprehendmedical``: [``botocore``] This release supports a new set of entities and
traits.
* api-change:``payment-cryptography-data``: [``botocore``] Initial release of AWS Payment
Cryptography DataPlane Plane service for performing cryptographic operations typically used during
card payment processing.
* api-change:``payment-cryptography``: [``botocore``] Initial release of AWS Payment Cryptography
Control Plane service for creating and managing cryptographic keys used during card payment
processing.
* api-change:``servicecatalog``: [``botocore``] New parameter added in ServiceCatalog
DescribeProvisioningArtifact api - IncludeProvisioningArtifactParameters. This parameter can be
used to return information about the parameters used to provision the product
* api-change:``timestream-write``: [``botocore``] This release adds the capability for customers to
define how their data should be partitioned, optimizing for certain access patterns. This
definition will take place as a part of the table creation.
- from version 1.26.149
* api-change:``cloudformation``: [``botocore``] AWS CloudFormation StackSets is updating the
deployment experience for all stackset operations to skip suspended AWS accounts during
deployments. StackSets will skip target AWS accounts that are suspended and set the Detailed Status
of the corresponding stack instances as SKIPPED_SUSPENDED_ACCOUNT
* api-change:``customer-profiles``: [``botocore``] This release introduces event stream related
APIs.
* api-change:``directconnect``: [``botocore``] This update corrects the jumbo frames mtu values
from 9100 to 8500 for transit virtual interfaces.
* api-change:``emr-containers``: [``botocore``] EMR on EKS adds support for log rotation of Spark
container logs with EMR-6.11.0 onwards, to the StartJobRun API.
* api-change:``iotdeviceadvisor``: [``botocore``] AWS IoT Core Device Advisor now supports new
Qualification Suite test case list. With this update, customers can more easily create new
qualification test suite with an empty rootGroup input.
* api-change:``logs``: [``botocore``] This change adds support for account level data protection
policies using 3 new APIs, PutAccountPolicy, DeleteAccountPolicy and DescribeAccountPolicy.
DescribeLogGroup API has been modified to indicate if account level policy is applied to the
LogGroup via "inheritedProperties" list in the response.
- from version 1.26.148
* api-change:``connect``: [``botocore``] GetMetricDataV2 API is now available in AWS GovCloud(US)
region.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``iam``: [``botocore``] This release updates the AccountAlias regex pattern with the
same length restrictions enforced by the length constraint.
* api-change:``inspector2``: [``botocore``] Adds new response properties and request parameters for
'last scanned at' on the ListCoverage operation. This feature allows you to search and view the
date of which your resources were last scanned by Inspector.
* api-change:``iot-data``: [``botocore``] Update thing shadow name regex to allow '$' character
* api-change:``iot``: [``botocore``] Adding IoT Device Management Software Package Catalog APIs to
register, store, and report system software packages, along with their versions and metadata in a
centralized location.
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``quicksight``: [``botocore``] QuickSight support for pivot table field collapse
state, radar chart range scale and multiple scope options in conditional formatting.
* api-change:``signer``: [``botocore``] AWS Signer is launching Container Image Signing, a new
feature that enables you to sign and verify container images. This feature enables you to validate
that only container images you approve are used in your enterprise.
* api-change:``sqs``: [``botocore``] Amazon SQS adds three new APIs - StartMessageMoveTask,
CancelMessageMoveTask, and ListMessageMoveTasks to automate redriving messages from dead-letter
queues to source queues or a custom destination.
- from version 1.26.147
* api-change:``cloudformation``: [``botocore``] AWS CloudFormation StackSets provides customers
with three new APIs to activate, deactivate, and describe AWS Organizations trusted access which is
needed to get started with service-managed StackSets.
* api-change:``ec2``: [``botocore``] Making InstanceTagAttribute as the required parameter for the
DeregisterInstanceEventNotificationAttributes and RegisterInstanceEventNotificationAttributes APIs.
* api-change:``finspace``: [``botocore``] Releasing new Managed kdb Insights APIs
* api-change:``frauddetector``: [``botocore``] Added new variable types, new DateTime data type,
and new rules engine functions for interacting and working with DateTime data types.
* api-change:``keyspaces``: [``botocore``] This release adds support for MRR GA launch, and
includes multiregion support in create-keyspace, get-keyspace, and list-keyspace.
* api-change:``kms``: [``botocore``] This release includes feature to import customer's asymmetric
(RSA and ECC) and HMAC keys into KMS. It also includes feature to allow customers to specify
number of days to schedule a KMS key deletion as a policy condition key.
* api-change:``lambda``: [``botocore``] Add Ruby 3.2 (ruby3.2) Runtime support to AWS Lambda.
* api-change:``mwaa``: [``botocore``] This release adds ROLLING_BACK and CREATING_SNAPSHOT
environment statuses for Amazon MWAA environments.
- from version 1.26.146
* api-change:``athena``: [``botocore``] This release introduces the DeleteCapacityReservation API
and the ability to manage capacity reservations using CloudFormation
* api-change:``cloudtrail``: [``botocore``] This feature allows users to start and stop event
ingestion on a CloudTrail Lake event data store.
* api-change:``sagemaker``: [``botocore``] This release adds Selective Execution feature that
allows SageMaker Pipelines users to run selected steps in a pipeline.
* api-change:``wafv2``: [``botocore``] Added APIs to describe managed products. The APIs retrieve
information about rule groups that are managed by AWS and by AWS Marketplace sellers.
- from version 1.26.145
* api-change:``alexaforbusiness``: [``botocore``] Alexa for Business has been deprecated and is no
longer supported.
* api-change:``appflow``: [``botocore``] Added ability to select DataTransferApiType for
DescribeConnector and CreateFlow requests when using Async supported connectors. Added
supportedDataTransferType to DescribeConnector/DescribeConnectors/ListConnector response.
* api-change:``customer-profiles``: [``botocore``] This release introduces calculated attribute
related APIs.
* api-change:``ivs``: [``botocore``] API Update for IVS Advanced Channel type
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Autopilot adds support for Parquet file
input to NLP text classification jobs.
* api-change:``wafv2``: [``botocore``] Corrected the information for the header order FieldToMatch
setting
- Update BuildRequires and Requires from setup.py
- update to 1.26.144:
* see https://raw.githubusercontent.com/boto/boto3/1.26.144/CHANGELOG.rst
- Update to 1.26.130:
* api-change:``glue``: [``botocore``] Support large worker types G.4x and G.8x for Glue Spark
* api-change:``guardduty``: [``botocore``] Add AccessDeniedException 403 Error message code to
support 3 Tagging related APIs
* api-change:``iotsitewise``: [``botocore``] Provide support for 20,000 max results for
GetAssetPropertyValueHistory/BatchGetAssetPropertyValueHistory and 15 minute aggregate resolution
for GetAssetPropertyAggregates/BatchGetAssetPropertyAggregates
* api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
- from version 1.26.129
* api-change:``ec2``: [``botocore``] This release adds support the inf2 and trn1n instances. inf2
instances are purpose built for deep learning inference while trn1n instances are powered by AWS
Trainium accelerators and they build on the capabilities of Trainium-powered trn1 instances.
* api-change:``inspector2``: [``botocore``] Amazon Inspector now allows customers to search its
vulnerability intelligence database if any of the Inspector scanning types are activated.
* api-change:``mediatailor``: [``botocore``] This release adds support for AFTER_LIVE_EDGE mode
configuration for avail suppression, and adding a fill-policy setting that sets the avail
suppression to PARTIAL_AVAIL or FULL_AVAIL_ONLY when AFTER_LIVE_EDGE is enabled.
* api-change:``sqs``: [``botocore``] Revert previous SQS protocol change.
- from version 1.26.128
* bugfix:``sqs``: [``botocore``] Rolled back recent change to wire format protocol
- from version 1.26.127
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``config``: [``botocore``] Updated ResourceType enum with new resource types onboarded
by AWS Config in April 2023.
* api-change:``connect``: [``botocore``] Remove unused InvalidParameterException from
CreateParticipant API
* api-change:``ecs``: [``botocore``] Documentation update for new error type
NamespaceNotFoundException for CreateCluster and UpdateCluster
* api-change:``network-firewall``: [``botocore``] This release adds support for the Suricata REJECT
option in midstream exception configurations.
* api-change:``opensearch``: [``botocore``] DescribeDomainNodes: A new API that provides
configuration information for nodes part of the domain
* api-change:``quicksight``: [``botocore``] Add support for Topic, Dataset parameters and VPC
* api-change:``rekognition``: [``botocore``] This release adds a new attribute FaceOccluded.
Additionally, you can now select attributes individually (e.g. ["DEFAULT", "FACE_OCCLUDED",
"AGE_RANGE"] instead of ["ALL"]), which can reduce response time.
* api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
* api-change:``sagemaker``: [``botocore``] We added support for ml.inf2 and ml.trn1 family of
instances on Amazon SageMaker for deploying machine learning (ML) models for Real-time and
Asynchronous inference. You can use these instances to achieve high performance at a low cost for
generative artificial intelligence (AI) models.
* api-change:``securityhub``: [``botocore``] Add support for Finding History.
* api-change:``sqs``: [``botocore``] This release enables customers to call SQS using AWS JSON-1.0
protocol.
- from version 1.26.126
* api-change:``appsync``: [``botocore``] Private API support for AWS AppSync. With Private APIs,
you can now create GraphQL APIs that can only be accessed from your Amazon Virtual Private Cloud
("VPC").
* api-change:``ec2``: [``botocore``] Adds an SDK paginator for
GetNetworkInsightsAccessScopeAnalysisFindings
* api-change:``inspector2``: [``botocore``] This feature provides deep inspection for linux based
instance
* api-change:``iottwinmaker``: [``botocore``] This release adds a field for GetScene API to return
error code and message from dependency services.
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall now supports policy level
HOME_NET variable overrides.
* api-change:``opensearch``: [``botocore``] Amazon OpenSearch Service adds the option to deploy a
domain across multiple Availability Zones, with each AZ containing a complete copy of data and with
nodes in one AZ acting as a standby. This option provides 99.99% availability and consistent
performance in the event of infrastructure failure.
* api-change:``wellarchitected``: [``botocore``] This release deepens integration with AWS Service
Catalog AppRegistry to improve workload resource discovery.
- Update BuildRequires and Requires from setup.py
- update to 1.26.125:
* api-change:``appflow``: [``botocore``] This release adds new
API to cancel flow executions.
* api-change:``connect``: [``botocore``] Amazon Connect Service
Rules API update: Added OnContactEvaluationSubmit event
source to support user configuring evaluation form rules.
* api-change:``ecs``: [``botocore``] Documentation only update
to address Amazon ECS tickets.
* api-change:``kendra``: [``botocore``] AWS Kendra now supports
configuring document fields/attributes via the
GetQuerySuggestions API. You can now base query suggestions
on the contents of document fields.
* api-change:``resiliencehub``: [``botocore``] This release
will improve resource level transparency in applications by
discovering previously hidden resources.
* api-change:``sagemaker``: [``botocore``] Amazon Sagemaker
Autopilot supports training models with sample weights and
additional objective metrics.
* 1.26.124
* api-change:``compute-optimizer``: [``botocore``] support for
tag filtering within compute optimizer. ability to filter
recommendation results by tag and tag key value pairs.
ability to filter by inferred workload type added.
* api-change:``kms``: [``botocore``] This release makes the
NitroEnclave request parameter Recipient and the response
field for CiphertextForRecipient available in AWS SDKs. It
also adds the regex pattern for CloudHsmClusterId validation.
* 1.26.123
* api-change:``appflow``: [``botocore``] Adds Jwt Support for
Salesforce Credentials.
* api-change:``athena``: [``botocore``] You can now use
capacity reservations on Amazon Athena to run SQL queries on
fully-managed compute capacity.
* api-change:``directconnect``: [``botocore``] This release
corrects the jumbo frames MTU from 9100 to 8500.
* api-change:``efs``: [``botocore``] Update efs client to
latest version
* api-change:``grafana``: [``botocore``] This release adds
support for the grafanaVersion parameter in CreateWorkspace.
* api-change:``iot``: [``botocore``] This release allows AWS
IoT Core users to specify a TLS security policy when creating
and updating AWS IoT Domain Configurations.
* api-change:``rekognition``: [``botocore``] Added support for
aggregating moderation labels by video segment timestamps for
Stored Video Content Moderation APIs and added additional
information about the job to all Stored Video Get API
responses.
* api-change:``simspaceweaver``: [``botocore``] Added a new
CreateSnapshot API. For the StartSimulation API,
SchemaS3Location is now optional, added a new
SnapshotS3Location parameter. For the DescribeSimulation API,
added SNAPSHOT_IN_PROGRESS simulation state, deprecated
SchemaError, added new fields: StartError and
SnapshotS3Location.
* api-change:``wafv2``: [``botocore``] You can now associate a
web ACL with a Verified Access instance.
* api-change:``workspaces``: [``botocore``] Added Windows 11 to
support Microsoft_Office_2019
* api-change:``ec2``: [``botocore``] This release adds support
for AMD SEV-SNP on EC2 instances.
* api-change:``emr-containers``: [``botocore``] This release
adds GetManagedEndpointSessionCredentials, a new API that
allows customers to generate an auth token to connect to a
managed endpoint, enabling features such as self-hosted
Jupyter notebooks for EMR on EKS.
* api-change:``guardduty``: [``botocore``] Added API support to
initiate on-demand malware scan on specific resources.
* api-change:``iotdeviceadvisor``: [``botocore``] AWS IoT Core
Device Advisor now supports MQTT over WebSocket. With this
update, customers can run all three test suites of AWS IoT
Core Device Advisor - qualification, custom, and long
duration tests - using Signature Version 4 for MQTT over
WebSocket.
* api-change:``kafka``: [``botocore``] Amazon MSK has added new
APIs that allows multi-VPC private connectivity and cluster
policy support for Amazon MSK clusters that simplify
connectivity and access between your Apache Kafka clients
hosted in different VPCs and AWS accounts and your Amazon MSK
clusters.
* api-change:``lambda``: [``botocore``] Add Java 17 (java17)
support to AWS Lambda
* api-change:``marketplace-catalog``: [``botocore``] Enabled
Pagination for List Entities and List Change Sets operations
* api-change:``osis``: [``botocore``] Documentation updates for
OpenSearch Ingestion
* api-change:``qldb``: [``botocore``] Documentation updates for
Amazon QLDB
* api-change:``sagemaker``: [``botocore``] Added
ml.p4d.24xlarge and ml.p4de.24xlarge as supported instances
for SageMaker Studio
* api-change:``xray``: [``botocore``] Updated X-Ray
documentation with Resource Policy API descriptions.
* api-change:``osis``: [``botocore``] Initial release for
OpenSearch Ingestion
* api-change:``chime-sdk-messaging``: [``botocore``] Remove non
actionable field from UpdateChannelReadMarker and
DeleteChannelRequest. Add precise exceptions to
DeleteChannel and DeleteStreamingConfigurations error cases.
* api-change:``connect``: [``botocore``] Amazon Connect,
Contact Lens Evaluation API release including ability to
manage forms and to submit contact evaluations.
* api-change:``datasync``: [``botocore``] This release adds 13
new APIs to support AWS DataSync Discovery GA.
* api-change:``ds``: [``botocore``] New field added in AWS
Managed Microsoft AD DescribeSettings response and regex
pattern update for UpdateSettings value. Added length
validation to RemoteDomainName.
* api-change:``pinpoint``: [``botocore``] Adds support for
journey runs and querying journey execution metrics based on
journey runs. Adds execution metrics to campaign activities.
Updates docs for Advanced Quiet Time.
* api-change:``appflow``: [``botocore``] Increased the max
length for RefreshToken and AuthCode from 2048 to 4096.
* api-change:``codecatalyst``: [``botocore``] Documentation
updates for Amazon CodeCatalyst.
* api-change:``ec2``: [``botocore``] API changes to AWS
Verified Access related to identity providers' information.
* api-change:``mediaconvert``: [``botocore``] This release
introduces a noise reduction pre-filter, linear interpolation
deinterlace mode, video pass-through, updated default job
settings, and expanded LC-AAC Stereo audio bitrate ranges.
* api-change:``rekognition``: [``botocore``] Added new status
result to Liveness session status.
* 1.26.118
* api-change:``connect``: [``botocore``] This release adds a
new API CreateParticipant. For Amazon Connect Chat, you can
use this new API to customize chat flow experiences.
* api-change:``ecs``: [``botocore``] Documentation update to
address various Amazon ECS tickets.
* api-change:``fms``: [``botocore``] AWS Firewall Manager adds
support for multiple administrators. You can now delegate
more than one administrator per organization.
* 1.26.117
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This
release adds support for specifying the recording file format
in an S3 recording sink configuration.
* api-change:``chime-sdk-meetings``: [``botocore``] Adds
support for Hindi and Thai languages and additional Amazon
Transcribe parameters to the StartMeetingTranscription API.
* api-change:``chime``: [``botocore``] Adds support for Hindi
and Thai languages and additional Amazon Transcribe
parameters to the StartMeetingTranscription API.
* api-change:``gamelift``: [``botocore``] Amazon GameLift
supports creating Builds for Windows 2016 operating system.
* api-change:``guardduty``: [``botocore``] This release adds
support for the new Lambda Protection feature.
* api-change:``iot``: [``botocore``] Support additional OTA
states in GetOTAUpdate API
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker
Canvas adds ModelRegisterSettings support for
CanvasAppSettings.
* api-change:``snowball``: [``botocore``] Adds support for
Amazon S3 compatible storage. AWS Snow Family customers can
now use Amazon S3 compatible storage on Snowball Edge
devices. Also adds support for V3_5S. This is a refreshed AWS
Snowball Edge Storage Optimized device type with 210TB SSD
(customer usable).
* api-change:``wafv2``: [``botocore``] You can now create
encrypted API keys to use in a client application integration
of the JavaScript CAPTCHA API . You can also retrieve a list
of your API keys and the JavaScript application integration
URL.
* api-change:``comprehend``: [``botocore``] This release
supports native document models for custom classification, in
addition to plain-text models. You train native document
models using documents (PDF, Word, images) in their native
format.
* api-change:``ecs``: [``botocore``] This release supports the
Account Setting "TagResourceAuthorization" that allows for
enhanced Tagging security controls.
* api-change:``ram``: [``botocore``] This release adds support
for customer managed permissions. Customer managed
permissions enable customers to author and manage tailored
permissions for resources shared using RAM.
* api-change:``rds``: [``botocore``] Adds support for the
ImageId parameter of CreateCustomDBEngineVersion to RDS
Custom for Oracle
* api-change:``s3``: [``botocore``] Provides support for "Snow"
Storage class.
* api-change:``s3control``: [``botocore``] Provides support for
overriding endpoint when region is "snow". This will enable
bucket APIs for Amazon S3 Compatible storage on Snow Family
devices.
* api-change:``secretsmanager``: [``botocore``] Documentation
updates for Secrets Manager
- Update to 1.26.115
* api-change:``appflow``: [``botocore``] This release adds a Client Token parameter to the
following AppFlow APIs: Create/Update Connector Profile, Create/Update Flow, Start Flow, Register
Connector, Update Connector Registration. The Client Token parameter allows idempotent operations
for these APIs.
* api-change:``drs``: [``botocore``] Changed existing APIs and added new APIs to support using an
account-level launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: [``botocore``] Documentation updates for DynamoDB API
* api-change:``emr-serverless``: [``botocore``] The GetJobRun API has been updated to include the
job's billed resource utilization. This utilization shows the aggregate vCPU, memory and storage
that AWS has billed for the job run. The billed resources include a 1-minute minimum usage for
workers, plus additional storage over 20 GB per worker.
* api-change:``internetmonitor``: [``botocore``] This release includes a new configurable value,
TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by
percentage
* api-change:``iotwireless``: [``botocore``] Supports the new feature of LoRaWAN roaming, allows to
configure MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast
group
* api-change:``lambda``: [``botocore``] Add Python 3.10 (python3.10) support to AWS Lambda
- from version 1.26.114
* api-change:``ecs``: [``botocore``] This release supports ephemeral storage for AWS Fargate
Windows containers.
* api-change:``lambda``: [``botocore``] This release adds SnapStart related exceptions to
InvokeWithResponseStream API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: [``botocore``] Doc only update for Refactor Spaces
environments without network bridge feature.
* api-change:``rds``: [``botocore``] This release adds support of modifying the engine mode of
database clusters.
- from version 1.26.113
* api-change:``chime-sdk-voice``: [``botocore``] This release adds tagging support for Voice
Connectors and SIP Media Applications
* api-change:``mediaconnect``: [``botocore``] Gateway is a new feature of AWS Elemental
MediaConnect. Gateway allows the deployment of on-premises resources for the purpose of
transporting live video to and from the AWS Cloud.
- from version 1.26.112
* api-change:``groundstation``: [``botocore``] AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: [``botocore``] Removal of the Ropsten network. The Ethereum
foundation ceased support of Ropsten on December 31st, 2022..
- from version 1.26.111
* api-change:``ecr-public``: [``botocore``] This release will allow using registry alias as
registryId in BatchDeleteImage request.
* api-change:``emr-serverless``: [``botocore``] This release extends GetJobRun API to return job
run timeout (executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720
minutes if none was specified).
* api-change:``events``: [``botocore``] Update events client to latest version
* api-change:``iot-data``: [``botocore``] This release adds support for MQTT5 user properties when
calling the AWS IoT GetRetainedMessage API
* api-change:``wafv2``: [``botocore``] For web ACLs that protect CloudFront protections, the
default request body inspection size is now 16 KB, and you can use the new association
configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur
additional costs.
- from version 1.26.110
* api-change:``connect``: [``botocore``] This release adds the ability to configure an agent's
routing profile to receive contacts from multiple channels at the same time via extending the
UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: [``botocore``] This release adds support for enabling FIPS compliance on
Amazon ECS Fargate tasks
* api-change:``marketplace-catalog``: [``botocore``] Added three new APIs to support resource
sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType
field to ListEntities request to let users filter on entities that are shared with them. Increased
max page size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK now supports
conversion of 608 paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: [``botocore``] Remove unexpected API changes.
* api-change:``rekognition``: [``botocore``] This release adds support for Face Liveness APIs in
Amazon Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor
updates to API documentation.
- from version 1.26.109
* api-change:``dlm``: [``botocore``] Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: [``botocore``] This release adds a new parameter
'DBClusterParameterGroupName' to 'RestoreDBClusterFromSnapshot' API to associate the name of the DB
cluster parameter group while performing restore.
* api-change:``fsx``: [``botocore``] Amazon FSx for Lustre now supports creating data repository
associations on Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: [``botocore``] This release adds a new Lambda InvokeWithResponseStream API
to support streaming Lambda function responses. The release also adds a new InvokeMode parameter to
Function Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: [``botocore``] This release has two changes: adding the OR condition
to tag-based RLS rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental
RefreshProperties operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: [``botocore``] Update documentation of API descriptions as needed
in support of temporary credentials with IAM identity.
* api-change:``servicecatalog``: [``botocore``] Updates description for property
- from version 1.26.108
* api-change:``cloudformation``: [``botocore``] Including UPDATE_COMPLETE as a failed status for
DeleteStack waiter.
* api-change:``greengrassv2``: [``botocore``] Add support for SUCCEEDED value in
coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.
* api-change:``proton``: [``botocore``] This release adds support for the AWS Proton service sync
feature. Service sync enables managing an AWS Proton service (creating and updating instances) and
all of it's corresponding service instances from a Git repository.
* api-change:``rds``: [``botocore``] Adds and updates the SDK examples
- from version 1.26.107
* api-change:``apprunner``: [``botocore``] App Runner adds support for seven new vCPU and memory
configurations.
* api-change:``config``: [``botocore``] This release adds resourceType enums for types released in
March 2023.
* api-change:``ecs``: [``botocore``] This is a document only updated to add information about
Amazon Elastic Inference (EI).
* api-change:``identitystore``: [``botocore``] Documentation updates for Identity Store CLI command
reference.
* api-change:``ivs-realtime``: [``botocore``] Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall now supports IPv6-only
subnets.
* api-change:``servicecatalog``: [``botocore``] removed incorrect product type value
* api-change:``vpc-lattice``: [``botocore``] This release removes the entities in the API doc model
package for auth policies.
- from version 1.26.106
* api-change:``amplifyuibuilder``: [``botocore``] Support StorageField and custom displays for
data-bound options in form builder. Support non-string operands for predicates in collections.
Support choosing client to get token from.
* api-change:``autoscaling``: [``botocore``] Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: [``botocore``] This release updates the value of MaxResults.
* api-change:``ec2``: [``botocore``] C6in, M6in, M6idn, R6in and R6idn bare metal instances are
powered by 3rd Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network
bandwidth.
* api-change:``elastic-inference``: [``botocore``] Updated public documentation for the Describe
and Tagging APIs.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Asynchronous Inference now allows
customer's to receive failure model responses in S3 and receive success/failure model responses in
SNS notifications.
* api-change:``wafv2``: [``botocore``] This release rolls back association config feature for
webACLs that protect CloudFront protections.
- from version 1.26.105
* api-change:``glue``: [``botocore``] Add support for database-level federation
* api-change:``lakeformation``: [``botocore``] Add support for database-level federation
* api-change:``license-manager``: [``botocore``] This release adds grant override options to the
CreateGrantVersion API. These options can be used to specify grant replacement behavior during
grant activation.
* api-change:``mwaa``: [``botocore``] This Amazon MWAA release adds the ability to customize the
Apache Airflow environment by launching a shell script at startup. This shell script is hosted in
your environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and
initializing the Apache Airflow process.
* api-change:``servicecatalog``: [``botocore``] This release introduces Service Catalog support for
Terraform open source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by
the terraform engine to notify the result of the provisioning engine execution. 2. Adds a new
TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: [``botocore``] For web ACLs that protect CloudFront protections, the
default request body inspection size is now 16 KB, and you can use the new association
configuration to increase the inspection size further, up to 64 KB. Sizes over 16 KB can incur
additional costs.
- from version 1.26.104
* api-change:``ec2``: [``botocore``] Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: [``botocore``] This release adds a new feature for Amazon
CloudWatch Internet Monitor that enables customers to deliver internet measurements to Amazon S3
buckets as well as CloudWatch Logs.
* api-change:``resiliencehub``: [``botocore``] Adding EKS related documentation for appTemplateBody
* api-change:``s3``: [``botocore``] Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: [``botocore``] In this release, you can now chose
between soft delete and hard delete when calling the DeleteRecord API, so you have more flexibility
when it comes to managing online store data.
* api-change:``sms``: [``botocore``] Deprecating AWS Server Migration Service.
- from version 1.26.103
* api-change:``athena``: [``botocore``] Make DefaultExecutorDpuSize and CoordinatorDpuSize fields
optional in StartSession
* api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling now supports Elastic Load
Balancing traffic sources with the AttachTrafficSources, DetachTrafficSources, and
DescribeTrafficSources APIs. This release also introduces a new activity status,
"WaitingForConnectionDraining", for VPC Lattice to the DescribeScalingActivities API.
* api-change:``batch``: [``botocore``] This feature allows Batch on EKS to support configuration of
Pod Labels through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: [``botocore``] This release adds support for HDD EBS volume
types and io2 Block Express. We are also adding support for 61 new instance types and instances
that have non consecutive runtime.
* api-change:``drs``: [``botocore``] Adding a field to the replication configuration APIs to
support the auto replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: [``botocore``] This release adds support for Tunnel Endpoint Lifecycle
control, a new feature that provides Site-to-Site VPN customers with better visibility and control
of their VPN tunnel maintenance updates.
* api-change:``emr``: [``botocore``] Update emr client to latest version
* api-change:``glue``: [``botocore``] This release adds support for AWS Glue Data Quality, which
helps you evaluate and monitor the quality of your data and includes the API for creating,
deleting, or updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: [``botocore``] Added EKS Runtime Monitoring feature support to existing
detector, finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: [``botocore``] Adds support for new image workflow details and image
vulnerability detection.
* api-change:``ivs``: [``botocore``] Amazon Interactive Video Service (IVS) now offers customers
the ability to configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: [``botocore``] AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: [``botocore``] AWS Network Firewall added TLS inspection
configurations to allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: [``botocore``] Amazon SageMaker geospatial capabilities now
supports server-side encryption with customer managed KMS key and SageMaker notebooks with a
SageMaker geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: [``botocore``] General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: [``botocore``] AWS Well-Architected SDK now supports getting
consolidated report metrics and generating a consolidated report PDF.
- from version 1.26.102
* api-change:``opensearchserverless``: [``botocore``] This release includes two new exception types
"ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: [``botocore``] Add support for creating a read replica DB instance from a
Multi-AZ DB cluster.
- from version 1.26.101
* api-change:``iot-data``: [``botocore``] Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: [``botocore``] This release adds 12 new APIs as part of Oncall
Schedule feature release, adds support for a new contact type: ONCALL_SCHEDULE. Check public
documentation for AWS ssm-contacts for more information
* api-change:``ssm-incidents``: [``botocore``] Increased maximum length of "TriggerDetails.rawData"
to 10K characters and "IncidentSummary" to 8K characters.
- from version 1.26.100
* api-change:``athena``: [``botocore``] Enforces a minimal level of encryption for the workgroup
for query and calculation results that are written to Amazon S3. When enabled, workgroup users can
set encryption only to the minimum level set by the administrator or higher when they submit
queries.
* api-change:``chime-sdk-voice``: [``botocore``] Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: [``botocore``] This release introduces support for RelatedContactId in
the StartChatContact API. Interactive message and interactive message response have been added to
the list of supported message content types for this API as well.
* api-change:``connectparticipant``: [``botocore``] This release provides an update to the
SendMessage API to handle interactive message response content-types.
* api-change:``iotwireless``: [``botocore``] Introducing new APIs that enable Sidewalk devices to
communicate with AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect
Sidewalk devices with other AWS IoT Services, creating possibilities for seamless integration and
advanced device management.
* api-change:``medialive``: [``botocore``] AWS Elemental MediaLive now supports ID3 tag insertion
for audio only HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: [``botocore``] Fixed some improperly rendered links in SDK
documentation.
* api-change:``securityhub``: [``botocore``] Added new resource detail objects to ASFF, including
resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: [``botocore``] In this release, we started supporting
ARN in applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and
ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: [``botocore``] Amazon Connect Voice ID now supports multiple fraudster
watchlists. Every domain has a default watchlist where all existing fraudsters are placed by
default. Custom watchlists may now be created, managed, and evaluated against for known fraudster
detection.
- from version 1.26.99
* api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
* api-change:``comprehend``: [``botocore``] This release adds a new field (FlywheelArn) to the
EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the
DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job
is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: [``botocore``] Added error code CreateCustomDBEngineVersionFault for when the
create custom engine version for Custom engines fails.
- from version 1.26.98
* api-change:``batch``: [``botocore``] This feature allows Batch to support configuration of
ephemeral storage size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: [``botocore``] AppInstanceBots can be used to add a bot
powered by Amazon Lex to chat channels. ExpirationSettings provides automatic resource deletion
for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: [``botocore``] This release adds Amazon Chime SDK call
analytics. Call analytics include voice analytics, which provides speaker search and voice tone
analysis. These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to
generate machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: [``botocore``] ExpirationSettings provides automatic resource
deletion for Channels.
* api-change:``chime-sdk-voice``: [``botocore``] This release adds Amazon Chime SDK call analytics.
Call analytics include voice analytics, which provides speaker search and voice tone analysis.
These capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate
machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: [``botocore``] Repository CreationTime is added to the
CreateRepository and ListRepositories API responses.
* api-change:``guardduty``: [``botocore``] Adds AutoEnableOrganizationMembers attribute to
DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: [``botocore``] Initial release of the Amazon Interactive Video
Service RealTime API.
* api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK now supports
passthrough of ID3v2 tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot adds two new APIs -
CreateAutoMLJobV2 and DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the
ml.geospatial.interactive instance type.
* api-change:``servicediscovery``: [``botocore``] Reverted the throttling exception
RequestLimitExceeded for AWS Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to
previous exception specified in the ErrorCode.
* api-change:``textract``: [``botocore``] The AnalyzeDocument - Tables feature adds support for new
elements in the API: table titles, footers, section titles, summary cells/tables, and table type.
- from version 1.26.97
* api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
(IAM).
* api-change:``iottwinmaker``: [``botocore``] This release adds support of adding metadata when
creating a new scene or updating an existing scene.
* api-change:``networkmanager``: [``botocore``] This release includes an update to
create-transit-gateway-route-table-attachment, showing example usage for
TransitGatewayRouteTableArn.
* api-change:``pipes``: [``botocore``] This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: [``botocore``] This release provides customers with the ability to
import resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: [``botocore``] This Patch Manager release supports creating, updating, and
deleting Patch Baselines for AmazonLinux2023, AlmaLinux.
- from version 1.26.96
* api-change:``chime-sdk-messaging``: [``botocore``] Amazon Chime SDK messaging customers can now
manage streaming configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: [``botocore``] GA Release of AWS Clean Rooms, Added Tagging
Functionality
* api-change:``ec2``: [``botocore``] This release adds support for AWS Network Firewall, AWS
PrivateLink, and Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path
destination optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: [``botocore``] Provide support for tagging of data streams and
enabling tag based authorization for property alias
* api-change:``mgn``: [``botocore``] This release introduces the Import and export feature and
expansion of the post-launch actions
- from version 1.26.95
* api-change:``application-autoscaling``: [``botocore``] With this release customers can now tag
their Application Auto Scaling registered targets with key-value pairs and manage IAM permissions
for all the tagged resources centrally.
* api-change:``neptune``: [``botocore``] This release makes following few changes.
db-cluster-identifier is now a required parameter of create-db-instance. describe-db-cluster will
now return PendingModifiedValues and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: [``botocore``] S3 On Outposts added support for endpoint status, and a
failed endpoint reason, if any
* api-change:``workdocs``: [``botocore``] This release adds a new API, SearchResources, which
enable users to search through metadata and content of folders, documents, document versions and
comments in a WorkDocs site.
- from version 1.26.94
* api-change:``billingconductor``: [``botocore``] This release adds a new filter to
ListAccountAssociations API and a new filter to ListBillingGroups API.
* api-change:``config``: [``botocore``] This release adds resourceType enums for types released
from October 2022 through February 2023.
* api-change:``dms``: [``botocore``] S3 setting to create AWS Glue Data Catalog. Oracle setting to
control conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map
boolean from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to
control access of database logs.
- from version 1.26.93
* api-change:``guardduty``: [``botocore``] Updated 9 APIs for feature enablement to reflect
expansion of GuardDuty to features. Added new APIs and updated existing APIs to support RDS
Protection GA.
* api-change:``resource-explorer-2``: [``botocore``] Documentation updates for APIs.
* api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
- from version 1.26.92
* api-change:``migrationhubstrategy``: [``botocore``] This release adds the binary analysis that
analyzes IIS application DLLs on Windows and Java applications on Linux to provide anti-pattern
report without configuring access to the source code.
* api-change:``s3control``: [``botocore``] Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: [``botocore``] Make Create/Get/ListSubscribers APIs return resource
share ARN and name so they can be used to validate the RAM resource share to accept. GetDatalake
can be used to track status of UpdateDatalake and DeleteDatalake requests.
- from version 1.26.91
* api-change:``application-autoscaling``: [``botocore``] Application Auto Scaling customers can now
use mathematical functions to customize the metric used with Target Tracking policies within the
policy configuration itself, saving the cost and effort of publishing the customizations as a
separate metric.
* api-change:``dataexchange``: [``botocore``] This release enables data providers to license direct
access to S3 objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data
Exchange. Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with
them, without creating or managing copies.
* api-change:``directconnect``: [``botocore``] describe-direct-connect-gateway-associations
includes a new status, updating, indicating that the association is currently in-process of
updating.
* api-change:``ec2``: [``botocore``] This release adds a new DnsOptions key
(PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: [``botocore``] Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: [``botocore``] Adding support for client-side timestamps
- from version 1.26.90
* api-change:``appintegrations``: [``botocore``] Adds FileConfiguration to Amazon AppIntegrations
CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect
from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: [``botocore``] This release updates the documentation regarding
Get/Update DataCellsFilter
* api-change:``s3control``: [``botocore``] Added support for cross-account Multi-Region Access
Points. Added support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: [``botocore``] This release adds tagging support to the following Network
Instance APIs : Instantiate, Update, Terminate.
* api-change:``wisdom``: [``botocore``] This release extends Wisdom CreateKnowledgeBase API to
support SharePoint connector type by removing the @required trait for objectField
- Update BuildRequires and Requires from setup.py
- python-six is not required
- python-botocore
-
- Drop Provides for SLE 15 SP4 and openSUSE Leap 15.4 and later
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371).
- Switch to wheel build
- Update to 1.34.31
* api-change:``datazone``: Add new skipDeletionCheck to DeleteDomain. Add
new skipDeletionCheck to DeleteProject which also automatically deletes
dependent objects
* api-change:``route53``: Update the SDKs for text changes in the APIs.
- From 1.34.30
* api-change:``autoscaling``: EC2 Auto Scaling customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
* api-change:``comprehend``: Comprehend PII analysis now supports Spanish
input documents.
* api-change:``ec2``: EC2 Fleet customers who use attribute based
instance-type selection can now intuitively define their Spot instances
price protection limit as a percentage of the lowest priced On-Demand
instance type.
* api-change:``mwaa``: This release adds MAINTENANCE environment status for
Amazon MWAA environments.
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods.
This provides enhanced error handling, ensuring a more robust experience.
* api-change:``snowball``: Modified description of createaddress to include
direction to add path when providing a JSON file.
- From 1.34.29
* api-change:``connect``: Update list and string length limits for predefined
attributes.
* api-change:``inspector2``: This release adds ECR container image scanning
based on their lastRecordedPullTime.
* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now
provides an API to programmatically delete tuning jobs.
- From 1.34.28
* api-change:``acm-pca``: AWS Private CA now supports an option to omit the
CDP extension from issued certificates, when CRL revocation is enabled.
* api-change:``lightsail``: This release adds support for IPv6-only instance
plans.
- From 1.34.27
* api-change:``ec2``: Introduced a new clientToken request parameter on
CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter
allows idempotent operations on the APIs.
* api-change:``ecs``: Documentation updates for Amazon ECS.
* api-change:``outposts``: DeviceSerialNumber parameter is now optional in
StartConnection API
* api-change:``rds``: This release adds support for Aurora Limitless Database.
* api-change:``storagegateway``: Add DeprecationDate and SoftwareVersion to
response of ListGateways.
- From 1.34.26
* api-change:``inspector2``: This release adds support for CIS scans on EC2
instances.
- From 1.34.25
* enhancement:documentation: Updates the GitHub issue creation link in our
README
- From 1.34.24
* api-change:``appconfigdata``: Fix FIPS Endpoints in aws-us-gov.
* api-change:``cloud9``: Doc-only update around removing AL1 from list of
available AMIs for Cloud9
* api-change:``cloudfront-keyvaluestore``: This release improves upon the
DescribeKeyValueStore API by returning two additional fields, Status of the
KeyValueStore and the FailureReason in case of failures during creation of
KeyValueStore.
* api-change:``connectcases``: This release adds the ability to view audit
history on a case and introduces a new parameter, performedBy, for
CreateCase and UpdateCase API's.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``ecs``: This release adds support for Transport Layer Security
(TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates
privacy and data security for inter-service communications, while
Configurable Timeout allows customized per-request timeout and idle timeout
for Service Connect services.
* api-change:``finspace``: Allow customer to set zip default through command
line arguments.
* api-change:``organizations``: Doc only update for quota increase change
* api-change:``rds``: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- Frome 1.34.23
* api-change:``athena``: Introducing new NotebookS3LocationUri parameter to
Athena ImportNotebook API. Payload is no longer required and either Payload
or NotebookS3LocationUri needs to be provided (not both) for a successful
ImportNotebook API call. If both are provided, an InvalidRequestException
will be thrown.
* api-change:``codebuild``: Release CodeBuild Reserved Capacity feature
* api-change:``dynamodb``: This release adds support for including
ApproximateCreationDateTimePrecision configurations in
EnableKinesisStreamingDestination API, adds the same as an optional field
in the response of DescribeKinesisStreamingDestination, and adds support
for a new UpdateKinesisStreamingDestination API.
* api-change:``qconnect``: Increased Quick Response name max length to 100
- From 1.34.22
* api-change:``b2bi``: Increasing TestMapping inputFileContent file size
limit to 5MB and adding file size limit 250KB for TestParsing input file.
This release also includes exposing InternalServerException for Tag APIs.
* api-change:``cloudtrail``: This release adds a new API
ListInsightsMetricData to retrieve metric data from CloudTrail Insights.
* api-change:``connect``: GetMetricDataV2 now supports 3 groupings
* api-change:``drs``: Removed invalid and unnecessary default values.
* api-change:``firehose``: Allow support for Snowflake as a Kinesis Data
Firehose delivery destination.
* api-change:``sagemaker-featurestore-runtime``: Increase BatchGetRecord
limits from 10 items to 100 items
- From 1.34.21
* api-change:``dynamodb``: Updating note for enabling streams for UpdateTable.
* api-change:``keyspaces``: This release adds support for Multi-Region
Replication with provisioned tables, and Keyspaces auto scaling APIs
- From 1.34.20
* api-change:``iot``: Revert release of LogTargetTypes
* api-change:``iotfleetwise``: Updated APIs: SignalNodeType query parameter
has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse
has been extended with attributes field.
* api-change:``macie2``: This release adds support for analyzing Amazon S3
objects that are encrypted using dual-layer server-side encryption with
AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS
details in statistics and metadata about encryption settings for S3 buckets
and objects.
* api-change:``payment-cryptography``: Provide an additional option for key
exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and
ExportKey operations. Added new key usage (type)
TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane
operations with ISO9797 Algorithm 1 MAC calculations.
* api-change:``personalize-runtime``: Documentation updates for Amazon
Personalize
* api-change:``personalize``: Documentation updates for Amazon Personalize.
* api-change:``rekognition``: This release adds ContentType and TaxonomyLevel
attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- From 1.34.19
* api-change:``sagemaker``: This release will have ValidationException thrown
if certain invalid app types are provided. The release will also throw
ValidationException if more than 10 account ids are provided in
VpcOnlyTrustedAccounts.
- From 1.34.18
* api-change:``connect``: Supervisor Barge for Chat is now supported through
the MonitorContact API.
* api-change:``connectparticipant``: Introduce new Supervisor participant role
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
* api-change:``location``: Location SDK documentation update. Added missing
fonts to the MapConfiguration data type. Updated note for the
SubMunicipality property in the place data type.
* api-change:``mwaa``: This Amazon MWAA feature release includes new fields
in CreateWebLoginToken response model. The new fields IamIdentity and
AirflowIdentity will let you match identifications, as the Airflow identity
length is currently hashed to 64 characters.
* api-change:``s3control``: S3 On Outposts team adds dualstack endpoints
support for S3Control and S3Outposts API calls.
* api-change:``supplychain``: This release includes APIs
CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.
* api-change:``transfer``: AWS Transfer Family now supports static IP
addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.
- From 1.34.17
* api-change:``ec2``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``ecs``: This release adds support for adding an
ElasticBlockStorage volume configurations in ECS
RunTask/StartTask/CreateService/UpdateService APIs. The configuration
allows for attaching EBS volumes to ECS Tasks.
* api-change:``events``: Update events client to latest version
* api-change:``iot``: Add ConflictException to Update APIs of AWS IoT
Software Package Catalog
* api-change:``iotfleetwise``: The following dataTypes have been removed:
CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType;
CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason;
CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in
NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType
* api-change:``secretsmanager``: Doc only update for Secrets Manager
* api-change:``workspaces``: Added AWS Workspaces RebootWorkspaces API -
Extended Reboot documentation update
- From 1.34.16
* api-change:``connectcampaigns``: Minor pattern updates for Campaign and
Dial Request API fields.
* api-change:``location``: This release adds API support for custom layers
for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
* api-change:``logs``: Add support for account level subscription filter
policies to PutAccountPolicy, DescribeAccountPolicies, and
DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified
with new optional "selectionCriteria" parameter for resource selection.
* api-change:``qconnect``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
* api-change:``redshift-serverless``: Updates to ConfigParameter for RSS
workgroup, removal of use_fips_ssl
* api-change:``route53``: Route53 now supports geoproximity routing in AWS
regions
* api-change:``wisdom``: QueryAssistant and GetRecommendations will be
discontinued starting June 1, 2024. To receive generative responses after
March 1, 2024 you will need to create a new Assistant in the Connect
console and integrate the Amazon Q in Connect JavaScript library
(amazon-q-connectjs) into your applications.
- From 1.34.15
* api-change:``codebuild``: Aws CodeBuild now supports new compute type
BUILD_GENERAL1_XLARGE
* api-change:``ec2``: Amazon EC2 R7iz bare metal instances are powered by
custom 4th generation Intel Xeon Scalable processors.
* api-change:``route53resolver``: This release adds support for query type
configuration on firewall rules that enables customers for granular action
(ALLOW, ALERT, BLOCK) by DNS query type.
- From 1.34.14
* api-change:``connect``: Minor trait updates for User APIs
* api-change:``kms``: Documentation updates for AWS Key Management Service
(KMS).
* api-change:``redshift-serverless``: use_fips_ssl and require_ssl parameter
support for Workgroup, UpdateWorkgroup, and CreateWorkgroup
- From 1.34.13
* api-change:``config``: Updated ResourceType enum with new resource types
onboarded by AWS Config in November and December 2023.
* api-change:``docdb``: Adding PerformanceInsightsEnabled and
PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.
* api-change:``ecs``: This release adds support for managed instance draining
which facilitates graceful termination of Amazon ECS instances.
* api-change:``es``: This release adds support for new or existing Amazon
OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``lightsail``: This release adds support to set up an HTTPS
endpoint on an instance.
* api-change:``opensearch``: This release adds support for new or existing
Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward
secrecy cipher suites for domain endpoints.
* api-change:``sagemaker``: Adding support for provisioned throughput mode
for SageMaker Feature Groups
* api-change:``servicecatalog``: Added Idempotency token support to Service
Catalog AssociateServiceActionWithProvisioningArtifact,
DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.12
* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API
increase evaluation notes max length to 3072.
* api-change:``mediaconvert``: This release includes video engine updates
including HEVC improvements, support for ingesting VP9 encoded video in
MP4 containers, and support for user-specified 3D LUTs.
- From 1.34.11
* api-change:``apprunner``: AWS App Runner adds Python 3.11 and Node.js 18
runtimes.
* api-change:``location``: This release introduces a new parameter to
bypasses an API key's expiry conditions and delete the key.
* api-change:``quicksight``: Add LinkEntityArn support for different
partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks
API; Add support for New Reader Experience Topics
- From 1.34.10
* api-change:``codestar-connections``: New integration with the GitLab
self-managed provider type.
* api-change:``kinesis-video-archived-media``: NoDataRetentionException
thrown when GetImages requested for a Stream that does not retain data
(that is, has a DataRetentionInHours of 0).
* api-change:``sagemaker``: Amazon SageMaker Studio now supports Docker
access from within app container
- From 1.34.9
* api-change:``emr``: Update emr client to latest version
- From 1.34.8
* api-change:``iam``: Documentation updates for AWS Identity and Access
Management (IAM).
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.7
* api-change:``bedrock-agent``: Adding Claude 2.1 support to Bedrock Agents
* api-change:``glue``: This release adds additional configurations for Query
Session Context on the following APIs: GetUnfilteredTableMetadata,
GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.
* api-change:``lakeformation``: This release adds additional configurations
on GetTemporaryGlueTableCredentials for Query Session Context.
* api-change:``mediaconnect``: This release adds the DescribeSourceMetadata
API. This API can be used to view the stream information of the flow's
source.
* api-change:``networkmonitor``: CloudWatch Network Monitor is a new service
within CloudWatch that will help network administrators and operators
continuously monitor network performance metrics such as round-trip-time
and packet loss between their AWS-hosted applications and their on-premises
locations.
* api-change:``omics``: Provides minor corrections and an updated description
of APIs.
* api-change:``secretsmanager``: Update endpoint rules and examples.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.6
* enhancement:AWSCRT: Update awscrt version to 0.19.19
* api-change:``amp``: This release updates Amazon Managed Service for
Prometheus APIs to support customer managed KMS keys.
* api-change:``appintegrations``: The Amazon AppIntegrations service adds
DeleteApplication API for deleting applications, and updates APIs to
support third party applications reacting to workspace events and make
data requests to Amazon Connect for agent and contact events.
* api-change:``bedrock-agent``: This release introduces Amazon Aurora as a
vector store on Knowledge Bases for Amazon Bedrock
* api-change:``codecommit``: AWS CodeCommit now supports customer managed
keys from AWS Key Management Service. UpdateRepositoryEncryptionKey is
added for updating the key configuration. CreateRepository, GetRepository,
BatchGetRepositories are updated with new input or output parameters.
* api-change:``connect``: Adds APIs to manage User Proficiencies and
Predefined Attributes. Enhances StartOutboundVoiceContact API input.
Introduces SearchContacts API. Enhances DescribeContact API. Adds an API to
update Routing Attributes in QueuePriority and QueueTimeAdjustmentSeconds.
* api-change:``medialive``: MediaLive now supports the ability to configure
the audio that an AWS Elemental Link UHD device produces, when the device
is configured as the source for a flow in AWS Elemental MediaConnect.
* api-change:``neptune-graph``: Adds Waiters for successful creation and
deletion of Graph, Graph Snapshot, Import Task and Private Endpoints for
Neptune Analytics
* api-change:``rds-data``: This release adds support for using RDS Data API
with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``rds``: This release adds support for using RDS Data API with
Aurora PostgreSQL Serverless v2 and provisioned DB clusters.
* api-change:``sagemaker``: Amazon SageMaker Training now provides model
training container access for debugging purposes. Amazon SageMaker Search
now provides the ability to use visibility conditions to limit resource
access to a single domain or multiple domains.
- From 1.34.5
* api-change:``appstream``: This release introduces configurable clipboard,
allowing admins to specify the maximum length of text that can be copied by
the users from their device to the remote session and vice-versa.
* api-change:``eks``: Add support for cluster insights, new EKS capability
that surfaces potentially upgrade impacting issues.
* api-change:``guardduty``: This release 1) introduces a new API:
GetOrganizationStatistics , and 2) adds a new UsageStatisticType
TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API
* api-change:``managedblockchain-query``: Adding Confirmation Status and
Execution Status to GetTransaction Response.
* api-change:``mediatailor``: Adds the ability to configure time shifting on
MediaTailor channels using the TimeShiftConfiguration field
* api-change:``route53``: Amazon Route 53 now supports the Canada West
(Calgary) Region (ca-west-1) for latency records, geoproximity records, and
private DNS for Amazon VPCs in that region.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.4
* api-change:``appsync``: This release adds additional configurations on
GraphQL APIs for limits on query depth, resolver count, and introspection
* api-change:``chime-sdk-meetings``: Add meeting features to specify a
maximum camera resolution, a maximum content sharing resolution, and a
maximum number of attendees for a given meeting.
* api-change:``ec2``: Provision BYOIPv4 address ranges and advertise them by
specifying the network border groups option in Los Angeles, Phoenix and
Dallas AWS Local Zones.
* api-change:``fsx``: Added support for FSx for OpenZFS on-demand data
replication across AWS accounts and/or regions.Added the IncludeShared
attribute for DescribeSnapshots.Added the CopyStrategy attribute for
OpenZFSVolumeConfiguration.
* api-change:``marketplace-catalog``: AWS Marketplace now supports a new API,
BatchDescribeEntities, which returns metadata and content for multiple
entities.
* api-change:``rds``: RDS - The release adds two new APIs:
DescribeDBRecommendations and ModifyDBRecommendation
- From 1.34.3
* api-change:``cognito-idp``: Amazon Cognito now supports trigger versions
that define the fields in the request sent to pre token generation Lambda
triggers.
* api-change:``eks``: Add support for EKS Cluster Access Management.
* api-change:``quicksight``: A docs-only release to add missing entities to
the API reference.
* api-change:``route53resolver``: Add DOH protocols in resolver endpoints.
- From 1.34.2
* api-change:``cloud9``: Updated Cloud9 API documentation for AL2023 release
* api-change:``connect``: Adds relatedContactId field to
StartOutboundVoiceContact API input. Introduces PauseContact API and
ResumeContact API for Task contacts. Adds pause duration, number of pauses,
timestamps for last paused and resumed events to DescribeContact API
response. Adds new Rule type and new Rule action.
* api-change:``connectcases``: Increase number of fields that can be included
in CaseEventIncludedData from 50 to 200
* api-change:``kms``: Documentation updates for AWS Key Management Service
* api-change:``rds``: Updates Amazon RDS documentation by adding code examples
* api-change:``sagemaker``: This release 1) introduces a new API:
DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe
training job API
- From 1.34.1
* api-change:``appstream``: This release includes support for images of
Windows Server 2022 platform.
* api-change:``b2bi``: Documentation updates for AWS B2B Data Interchange
* api-change:``billingconductor``: Billing Conductor is releasing a new API,
GetBillingGroupCostReport, which provides the ability to retrieve/view the
Billing Group Cost Report broken down by attributes for a specific billing
group.
* api-change:``connect``: This release adds support for more granular billing
using tags (key:value pairs)
* api-change:``controltower``: Documentation updates for AWS Control Tower.
* api-change:``firehose``: This release, 1) adds configurable buffering hints
for the Splunk destination, and 2) reduces the minimum configurable
buffering interval for supported destinations
* api-change:``gamelift``: Amazon GameLift adds the ability to add and
update the game properties of active game sessions.
* api-change:``iot``: This release adds the ability to self-manage
certificate signing in AWS IoT Core fleet provisioning using the new
certificate provider resource.
* api-change:``neptune-graph``: This is the initial SDK release for Amazon
Neptune Analytics
* api-change:``opensearch``: Updating documentation for Amazon OpenSearch
Service support for new zero-ETL integration with Amazon S3.
* api-change:``quicksight``: Update Dashboard Links support;
SingleAxisOptions support; Scatterplot Query limit support.
* api-change:``workspaces``: Updated note to ensure customers understand
running modes.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- From 1.34.0
* feature:Python: End of support for Python 3.7
* api-change:``drs``: Adding AgentVersion to SourceServer and
RecoveryInstance structures
- From 1.33.13
* api-change:``imagebuilder``: This release adds the Image Workflows feature
to give more flexibility and control over the image building and testing
process.
* api-change:``location``: This release 1) adds sub-municipality field in
Places API for searching and getting places information, and 2) allows
optimizing route calculation based on expected arrival time.
* api-change:``logs``: This release introduces the StartLiveTail API to tail
ingested logs in near real time.
- From 1.33.12
* api-change:``neptune``: This release adds a new parameter configuration
setting to the Neptune cluster related APIs that can be leveraged to switch
between the underlying supported storage modes.
* api-change:``pinpoint``: This release includes Amazon Pinpoint API
documentation updates pertaining to campaign message sending rate limits.
* api-change:``securityhub``: Added new resource detail objects to ASFF,
including resources for AwsDynamoDbTable, AwsEc2ClientVpnEndpoint,
AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket
* api-change:``endpoint-rules``: Update endpoint-rules client to latest
version
- Update to 1.33.11:
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``ec2``: M2 Mac instances are built on Apple M2 Mac mini computers. I4i instances are
powered by 3rd generation Intel Xeon Scalable processors. C7i compute optimized, M7i general
purpose and R7i memory optimized instances are powered by custom 4th Generation Intel Xeon Scalable
processors.
* api-change:``finspace``: Releasing Scaling Group, Dataview, and Volume APIs
- from version 1.33.10
* api-change:``codedeploy``: This release adds support for two new CodeDeploy features: 1) zonal
deployments for Amazon EC2 in-place deployments, 2) deployments triggered by Auto Scaling group
termination lifecycle hook events.
- from version 1.33.9
* api-change:``backup``: AWS Backup - Features: Add VaultType to the output of
DescribeRecoveryPoint, ListRecoveryPointByBackupVault API and add ResourceType to the input of
ListRestoreJobs API
* api-change:``comprehend``: Documentation updates for Trust and Safety features.
* api-change:``connect``: Releasing Tagging Support for Instance Management APIS
* api-change:``ec2``: Releasing the new cpuManufacturer attribute within the DescribeInstanceTypes
API response which notifies our customers with information on who the Manufacturer is for the
processor attached to the instance, for example: Intel.
* api-change:``payment-cryptography``: AWS Payment Cryptography IPEK feature release
- from version 1.33.8
* api-change:``athena``: Adding IdentityCenter enabled request for interactive query
* api-change:``cleanroomsml``: Updated service title from cleanroomsml to CleanRoomsML.
* api-change:``cloudformation``: Documentation update, December 2023
* api-change:``ec2``: Adds A10G, T4G, and H100 as accelerator name options and Habana as an
accelerator manufacturer option for attribute based selection
- from version 1.33.7
* api-change:``billingconductor``: This release adds the ability to specify a linked account of the
billing group for the custom line item resource.
* api-change:``braket``: This release enhances service support to create quantum tasks and hybrid
jobs associated with Braket Direct Reservations.
* api-change:``cloud9``: This release adds the requirement to include the imageId parameter in the
CreateEnvironmentEC2 API call.
* api-change:``cloudformation``: Including UPDATE_* states as a success status for CreateStack
waiter.
* api-change:``finspace``: Release General Purpose type clusters
* api-change:``medialive``: Adds support for custom color correction on channels using 3D LUT files.
* api-change:``servicecatalog-appregistry``: Documentation-only updates for Dawn
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.33.6
* api-change:``qconnect``: This release adds the PutFeedback API and allows providing feedback
against the specified assistant for the specified target.
* api-change:``rbin``: Added resource identifier in the output and updated error handling.
* api-change:``verifiedpermissions``: Adds description field to PolicyStore API's and namespaces
field to GetSchema.
- from version 1.33.5
* api-change:``arc-zonal-shift``: This release adds a new capability, zonal autoshift. You can
configure zonal autoshift so that AWS shifts traffic for a resource away from an Availability Zone,
on your behalf, when AWS determines that there is an issue that could potentially affect customers
in the Availability Zone.
* api-change:``glue``: Adds observation and analyzer support to the GetDataQualityResult and
BatchGetDataQualityResult APIs.
* api-change:``sagemaker``: This release adds support for 1/ Code Editor, based on Code-OSS, Visual
Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/ JupyterLab, a new
fully managed JupyterLab IDE experience in SageMaker Studio
- from version 1.33.4
* api-change:``marketplace-agreement``: The AWS Marketplace Agreement Service provides an API
interface that helps AWS Marketplace sellers manage their agreements, including listing, filtering,
and viewing details about their agreements.
* api-change:``marketplace-catalog``: This release enhances the ListEntities API to support new
entity type-specific strongly typed filters in the request and entity type-specific strongly typed
summaries in the response.
* api-change:``marketplace-deployment``: AWS Marketplace Deployment is a new service that provides
essential features that facilitate the deployment of software, data, and services procured through
AWS Marketplace.
* api-change:``redshift-serverless``: This release adds the following support for Amazon Redshift
Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3) scheduling
snapshot creation, and 4) restoring tables from a recovery point.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.33.3
* api-change:``application-autoscaling``: Amazon SageMaker customers can now use Application Auto
Scaling to automatically scale the number of Inference Component copies across an endpoint to meet
the varying demand of their workloads.
* api-change:``cleanrooms``: AWS Clean Rooms now provides differential privacy to protect against
user-identification attempts and machine learning modeling to allow two parties to identify similar
users in their data.
* api-change:``cleanroomsml``: Public Preview SDK release of AWS Clean Rooms ML APIs
* api-change:``opensearch``: Launching Amazon OpenSearch Service support for new zero-ETL
integration with Amazon S3. Customers can now manage their direct query data sources to Amazon S3
programatically
* api-change:``opensearchserverless``: Amazon OpenSearch Serverless collections support an
additional attribute called standby-replicas. This allows to specify whether a collection should
have redundancy enabled.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: This release adds following support 1/ Improved SDK tooling for model
deployment. 2/ New Inference Component based features to lower inference costs and latency 3/
SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in Autopilot
* api-change:``sts``: Documentation updates for AWS Security Token Service.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.33.2
* api-change:``accessanalyzer``: This release adds support for external access findings for S3
directory buckets to help you easily identify cross-account access. Updated service API,
documentation, and paginators.
* api-change:``bedrock``: This release adds support for customization types, model life cycle
status and minor versions/aliases for model identifiers.
* api-change:``bedrock-agent``: This release introduces Agents for Amazon Bedrock
* api-change:``bedrock-agent-runtime``: This release introduces Agents for Amazon Bedrock Runtime
* api-change:``bedrock-runtime``: This release adds support for minor versions/aliases for invoke
model identifier.
* api-change:``connect``: Added support for following capabilities: Amazon Connect's in-app, web,
and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics feature. Amazon
Connect Analytics Datalake capability. Capability to configure real time chat rules.
* api-change:``customer-profiles``: This release introduces DetectProfileObjectType API to auto
generate object type mapping.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``qbusiness``: Amazon Q - a generative AI powered application that your employees can
use to ask questions and get answers from knowledge spread across disparate content repositories,
summarize reports, write articles, take actions, and much more - all within their company's
connected content repositories.
* api-change:``qconnect``: Amazon Q in Connect, an LLM-enhanced evolution of Amazon Connect Wisdom.
This release adds generative AI support to Amazon Q Connect QueryAssistant and GetRecommendations
APIs.
* api-change:``s3``: Adds support for S3 Express One Zone.
* api-change:``s3control``: Adds support for S3 Express One Zone, and InvocationSchemaVersion 2.0
for S3 Batch Operations.
- from version 1.33.1
* api-change:``elasticache``: Launching Amazon ElastiCache Serverless that enables you to create a
cache in under a minute without any capacity management. ElastiCache Serverless monitors the
cache's memory, CPU, and network usage and scales both vertically and horizontally to support your
application's requirements.
- from version 1.33.0
* feature:Versioning: With the release of Botocore 1.33.0, Boto3 and Botocore will share the same
version number.
* api-change:``appsync``: This update enables introspection of Aurora cluster databases using the
RDS Data API
* api-change:``b2bi``: This is the initial SDK release for AWS B2B Data Interchange.
* api-change:``backup``: AWS Backup now supports restore testing, a new feature that allows
customers to automate restore testing and validating their backups. Additionally, this release adds
support for EBS Snapshots Archive tier.
* api-change:``controltower``: This release adds the following support: 1. The EnableControl API
can configure controls that are configurable. 2. The GetEnabledControl API shows the configured
parameters on an enabled control. 3. The new UpdateEnabledControl API can change parameters on an
enabled control.
* api-change:``efs``: Update efs client to latest version
* api-change:``fis``: AWS FIS adds support for multi-account experiments & empty target resolution.
This release also introduces the CreateTargetAccountConfiguration API that allows experiments
across multiple AWS accounts, and the ListExperimentResolvedTargets API to list target details.
* api-change:``glue``: add observations support to DQ CodeGen config model + update document for
connectiontypes supported by ConnectorData entities
* api-change:``rds``: Updates Amazon RDS documentation for support for RDS for Db2.
* api-change:``securityhub``: Adds and updates APIs to support central configuration. This feature
allows the Security Hub delegated administrator to configure Security Hub for their entire AWS Org
across multiple regions from a home Region. With this release, findings also include account name
and application metadata.
* api-change:``transcribe``: This release adds support for AWS HealthScribe APIs within Amazon
Transcribe
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.32.7
* api-change:``accessanalyzer``: IAM Access Analyzer now continuously monitors IAM roles and users
in your AWS account or organization to generate findings for unused access. Additionally, IAM
Access Analyzer now provides custom policy checks to validate that IAM policies adhere to your
security standards ahead of deployments.
* api-change:``amp``: This release adds support for the Amazon Managed Service for Prometheus
collector, a fully managed, agentless Prometheus metrics scraping capability.
* api-change:``bcm-data-exports``: Users can create, read, update, delete Exports of billing and
cost management data. Users can get details of Export Executions and details of Tables for
exporting. Tagging support is provided for Exports
* api-change:``cloudtrail``: CloudTrail Lake now supports federating event data stores. giving
users the ability to run queries against their event data using Amazon Athena.
* api-change:``codestar-connections``: This release adds support for the CloudFormation Git sync
feature. Git sync enables updating a CloudFormation stack from a template stored in a Git
repository.
* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and
generate recommendations with customization and discounts preferences.
* api-change:``config``: Support Periodic Recording for Configuration Recorder
* api-change:``controltower``: Add APIs to create and manage a landing zone.
* api-change:``cost-optimization-hub``: This release launches Cost Optimization Hub, a new AWS
Billing and Cost Management feature that helps you consolidate and prioritize cost optimization
recommendations across your AWS Organizations member accounts and AWS Regions, so that you can get
the most out of your AWS spend.
* api-change:``detective``: Added new APIs in Detective to support resource investigations
* api-change:``ecs``: Adds a new 'type' property to the Setting structure. Adds a new
AccountSetting - guardDutyActivate for ECS.
* api-change:``efs``: Update efs client to latest version
* api-change:``eks``: This release adds support for EKS Pod Identity feature. EKS Pod Identity
makes it easy for customers to obtain IAM permissions for the applications running in their EKS
clusters.
* api-change:``eks-auth``: This release adds support for EKS Pod Identity feature. EKS Pod Identity
makes it easy for customers to obtain IAM permissions for their applications running in the EKS
clusters.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``freetier``: This is the initial SDK release for the AWS Free Tier GetFreeTierUsage
API
* api-change:``fsx``: Added support for FSx for ONTAP scale-out file systems and FlexGroup volumes.
Added the HAPairs field and ThroughputCapacityPerHAPair for filesystem. Added
AggregateConfiguration (containing Aggregates and ConstituentsPerAggregate) and SizeInBytes for
volume.
* api-change:``guardduty``: Add support for Runtime Monitoring for ECS and ECS-EC2.
* api-change:``iotfleetwise``: AWS IoT FleetWise introduces new APIs for vision system data, such
as data collected from cameras, radars, and lidars. You can now model and decode complex data types.
* api-change:``lakeformation``: This release adds four new APIs
"DescribeLakeFormationIdentityCenterConfiguration",
"CreateLakeFormationIdentityCenterConfiguration",
"DescribeLakeFormationIdentityCenterConfiguration", and
"DeleteLakeFormationIdentityCenterConfiguration", and also updates the corresponding documentation.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
* api-change:``logs``: Added APIs to Create, Update, Get, List and Delete LogAnomalyDetectors and
List and Update Anomalies in Detector. Added LogGroupClass attribute for LogGroups to classify
loggroup as Standard loggroup with all capabilities or InfrequentAccess loggroup with limited
capabilities.
* api-change:``managedblockchain``: Add optional NetworkType property to Accessor APIs
* api-change:``personalize``: Enables metadata in recommendations, recommendations with themes, and
next best action recommendations
* api-change:``personalize-events``: This release enables PutActions and PutActionInteractions
* api-change:``personalize-runtime``: Enables metadata in recommendations and next best action
recommendations
* api-change:``quicksight``: This release launches new APIs for trusted identity propagation setup
and supports creating datasources using trusted identity propagation as authentication method for
QuickSight accounts configured with IAM Identity Center.
* api-change:``redshift``: This release adds support for multi-data warehouse writes through data
sharing.
* api-change:``repostspace``: Initial release of AWS re:Post Private
* api-change:``s3``: Adding new params - Key and Prefix, to S3 API operations for supporting S3
Access Grants. Note - These updates will not change any of the existing S3 API functionality.
* api-change:``s3control``: Introduce Amazon S3 Access Grants, a new S3 access control feature that
maps identities in directories such as Active Directory, or AWS Identity and Access Management
(IAM) Principals, to datasets in S3.
* api-change:``secretsmanager``: AWS Secrets Manager has released the BatchGetSecretValue API,
which allows customers to fetch up to 20 Secrets with a single request using a list of secret names
or filters.
* api-change:``securityhub``: Adds and updates APIs to support customizable security controls. This
feature allows Security Hub customers to provide custom parameters for security controls. With this
release, findings for controls that support custom parameters will include the parameters used to
generate the findings.
* api-change:``stepfunctions``: Update stepfunctions client to latest version
* api-change:``transcribe``: This release adds support for transcriptions from audio sources in 64
new languages and introduces generative call summarization in Transcribe Call Analytics (Post call)
* api-change:``workspaces``: The release introduces Multi-Region Resilience one-way data
replication that allows you to replicate data from your primary WorkSpace to a standby WorkSpace in
another AWS Region. DescribeWorkspaces now returns the status of data replication.
* api-change:``workspaces-thin-client``: Initial release of Amazon WorkSpaces Thin Client
* enhancement:AWSCRT: Update awscrt version to 0.19.17
- Update to 1.32.6:
* bugfix:sqs: Rolled back recent change to wire format protocol
* api-change:``kinesis``: This release adds support for resource based policies on streams and
consumers.
* api-change:``s3control``: Amazon S3 Batch Operations now manages buckets or prefixes in a single
step.
* api-change:``sagemaker``: This feature adds the end user license agreement status as a model
access configuration parameter.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.32.5
* api-change:``cloudfront``: This release adds support for CloudFront KeyValueStore, a globally
managed key value datastore associated with CloudFront Functions.
* api-change:``cloudfront-keyvaluestore``: This release adds support for CloudFront KeyValueStore,
a globally managed key value datastore associated with CloudFront Functions.
* api-change:``ec2``: Documentation updates for Amazon EC2.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``inspector-scan``: This release adds support for the new Amazon Inspector Scan API.
The new Inspector Scan API can synchronously scan SBOMs adhering to the CycloneDX v1.5 format.
* api-change:``iotsitewise``: Adds 1/ user-defined unique identifier for asset and model metadata,
2/ asset model components, and 3/ query API for asset metadata and telemetry data. Supports 4/
multi variate anomaly detection using Amazon Lookout for Equipment, 5/ warm storage tier, and 6/
buffered ingestion of time series data.
* api-change:``iottwinmaker``: This release adds following support. 1. New APIs for metadata bulk
operations. 2. Modify the component type API to support composite component types - nesting
component types within one another. 3. New list APIs for components and properties. 4. Support the
larger scope digital twin modeling.
* api-change:``s3``: Add support for automatic date based partitioning in S3 Server Access Logs.
- from version 1.32.4
* enhancement:IMDS: Adds a config option to opt out of IMDSv1 fallback
* api-change:``codestar-connections``: This release updates a few CodeStar Connections related APIs.
* api-change:``docdb``: Amazon DocumentDB updates for new cluster storage configuration: Amazon
DocumentDB I/O-Optimized.
* api-change:``ec2``: This release adds support for Security group referencing over Transit
gateways, enabling you to simplify Security group management and control of instance-to-instance
traffic across VPCs that are connected by Transit gateway.
- from version 1.32.3
* api-change:``appmesh``: Change the default value of these fields from 0 to null: MaxConnections,
MaxPendingRequests, MaxRequests, HealthCheckThreshold, PortNumber, and HealthCheckPolicy -> port.
Users are not expected to perceive the change, except that badRequestException is thrown when
required fields missing configured.
* api-change:``athena``: Adding SerivicePreProcessing time metric
* api-change:``cloud9``: A minor doc only update related to changing the date of an API change.
* api-change:``cloudformation``: This release adds a new flag ImportExistingResources to
CreateChangeSet. Specify this parameter on a CREATE- or UPDATE-type change set to import existing
resources with custom names instead of recreating them.
* api-change:``codepipeline``: CodePipeline now supports overriding source revisions to achieve
manual re-deploy of a past revision
* api-change:``codestar-connections``: This release adds support for the CloudFormation Git sync
feature. Git sync enables updating a CloudFormation stack from a template stored in a Git
repository.
* api-change:``connect``: This release adds WISDOM_QUICK_RESPONSES as new IntegrationType of
Connect IntegrationAssociation resource and bug fixes.
* api-change:``dlm``: Added support for SAP HANA in Amazon Data Lifecycle Manager EBS snapshot
lifecycle policies with pre and post scripts.
* api-change:``ec2``: This release adds new features for Amazon VPC IP Address Manager (IPAM)
Allowing a choice between Free and Advanced Tiers, viewing public IP address insights across
regions and in Amazon Cloudwatch, use IPAM to plan your subnet IPs within a VPC and bring your own
autonomous system number to IPAM.
* api-change:``ecr``: Documentation and operational updates for Amazon ECR, adding support for pull
through cache rules for upstream registries that require authentication.
* api-change:``emr``: Update emr client to latest version
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``events``: Update events client to latest version
* api-change:``internetmonitor``: Adds new querying capabilities for running data queries on a
monitor
* api-change:``ivs``: type & defaulting refinement to various range properties
* api-change:``ivschat``: type & defaulting refinement to various range properties
* api-change:``kinesisvideo``: Docs only build to bring up-to-date with public docs.
* api-change:``location``: Remove default value and allow nullable for request parameters having
minimum value larger than zero.
* api-change:``macie``: The macie client has been removed following the deprecation of the service.
* api-change:``medialive``: MediaLive has now added support for per-output static image overlay.
* api-change:``mgn``: Removed invalid and unnecessary default values.
* api-change:``osis``: Add support for enabling a persistent buffer when creating or updating an
OpenSearch Ingestion pipeline. Add tags to Pipeline and PipelineSummary response models.
* api-change:``pipes``: TargetParameters now properly supports
BatchJobParameters.ArrayProperties.Size and BatchJobParameters.RetryStrategy.Attempts being
optional, and EcsTaskParameters.Overrides.EphemeralStorage.SizeInGiB now properly required when
setting EphemeralStorage
* api-change:``rds``: This release adds support for option groups and replica enhancements to
Amazon RDS Custom.
* api-change:``redshift``: Updated SDK for Amazon Redshift, which you can use to configure a
connection with IAM Identity Center to manage access to databases. With these, you can create a
connection through a managed application. You can also change a managed application, delete it, or
get information about an existing one.
* api-change:``redshift-serverless``: Updated SDK for Amazon Redshift Serverless, which provides
the ability to configure a connection with IAM Identity Center to manage user and group access to
databases.
* api-change:``s3``: Removes all default 0 values for numbers and false values for booleans
* api-change:``sso-admin``: Improves support for configuring RefreshToken and TokenExchange grants
on applications.
* api-change:``sso-oidc``: Adding support for `sso-oauth:CreateTokenWithIAM`.
* api-change:``sts``: API updates for the AWS Security Token Service
* api-change:``trustedadvisor``: AWS Trusted Advisor introduces new APIs to enable you to
programmatically access Trusted Advisor best practice checks, recommendations, and prioritized
recommendations. Trusted Advisor APIs enable you to integrate Trusted Advisor with your operational
tools to automate your workloads.
* api-change:``verifiedpermissions``: Adding BatchIsAuthorized API which supports multiple
authorization requests against a PolicyStore
* api-change:``wisdom``: This release adds QuickResponse as a new Wisdom resource and Wisdom APIs
for import, create, read, search, update and delete QuickResponse resources.
- from version 1.32.2
* api-change:``codecatalyst``: This release includes updates to the Dev Environment APIs to include
an optional vpcConnectionName parameter that supports using Dev Environments with Amazon VPC.
* api-change:``dlm``: This release adds support for Amazon Data Lifecycle Manager default policies
for EBS snapshots and EBS-backed AMIs.
* api-change:``ec2``: Enable use of tenant-specific PublicSigningKeyUrl from device trust providers
and onboard jumpcloud as a new device trust provider.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
* api-change:``fsx``: Enables customers to update their PerUnitStorageThroughput on their Lustre
file systems.
* api-change:``glue``: Introduces new column statistics APIs to support statistics generation for
tables within the Glue Data Catalog.
* api-change:``imagebuilder``: This release adds the Image Lifecycle Management feature to automate
the process of deprecating, disabling and deleting outdated images and their associated resources.
* api-change:``iot``: GA release the ability to index and search devices based on their GeoLocation
data. With GeoQueries you can narrow your search to retrieve devices located in the desired
geographic boundary.
* api-change:``ivs-realtime``: This release introduces server side composition and recording for
stages.
* api-change:``kafka``: Added a new API response field which determines if there is an action
required from the customer regarding their cluster.
* api-change:``lambda``: Adds support for logging configuration in Lambda Functions. Customers will
have more control how their function logs are captured and to which cloud watch log group they are
delivered also.
* api-change:``macie2``: This release adds support for configuring Macie to assume an IAM role when
retrieving sample occurrences of sensitive data reported by findings.
* api-change:``mediapackage``: DRM_TOP_LEVEL_COMPACT allows placing content protection elements at
the MPD level and referenced at the AdaptationSet level
* api-change:``pinpoint-sms-voice-v2``: Amazon Pinpoint now offers additional operations as part of
version 2 of the SMS and voice APIs. This release includes 26 new APIs to create and manage phone
number registrations, add verified destination numbers, and request sender IDs.
* api-change:``polly``: Add new engine - long-form - dedicated for longer content, such as news
articles, training materials, or marketing videos.
* api-change:``quicksight``: Custom permission support for QuickSight roles; Three new datasources
STARBURST, TRINO, BIGQUERY; Lenient mode changes the default behavior to allow for exporting and
importing with certain UI allowed errors, Support for permissions and tags export and import.
* api-change:``sagemaker``: Amazon SageMaker Studio now supports Trainium instance types -
trn1.2xlarge, trn1.32xlarge, trn1n.32xlarge.
* api-change:``ssm``: This release introduces the ability to filter automation execution steps
which have parent steps. In addition, runbook variable information is returned by
GetAutomationExecution and parent step information is returned by the
DescribeAutomationStepExecutions API.
* api-change:``ssm-incidents``: Introduces new APIs ListIncidentFindings and
BatchGetIncidentFindings to use findings related to an incident.
* api-change:``sso-admin``: Instances bound to a single AWS account, API operations for managing
instances and applications, and assignments to applications are now supported. Trusted identity
propagation is also supported, with new API operations for managing trusted token issuers and
application grants and scopes.
* api-change:``transfer``: Introduced S3StorageOptions for servers to enable directory listing
optimizations and added Type fields to logical directory mappings.
- from version 1.32.1
* enhancement:Package Size: The botocore .whl file distributed on PyPI now provides compressed
service models to improve total size on disk.
* api-change:``autoscaling``: This release introduces Instance Maintenance Policy, a new EC2 Auto
Scaling capability that allows customers to define whether instances are launched before or after
existing instances are terminated during instance replacement operations.
* api-change:``cloudtrail``: The Lake Repricing feature lets customers configure a BillingMode for
an event data store. The BillingMode determines the cost for ingesting and storing events and the
default and maximum retention period for the event data store.
* api-change:``codecatalyst``: This release adds functionality for retrieving information about
workflows and workflow runs and starting workflow runs in Amazon CodeCatalyst.
* api-change:``ec2``: AWS EBS now supports Snapshot Lock, giving users the ability to lock an EBS
Snapshot to prohibit deletion of the snapshot. This release introduces the LockSnapshot,
UnlockSnapshot & DescribeLockedSnapshots APIs to manage lock configuration for snapshots. The
release also includes the dl2q_24xlarge.
* api-change:``finspace-data``: Adding deprecated trait to APIs in this name space.
* api-change:``finspace``: Adding deprecated trait on Dataset Browser Environment APIs
* api-change:``lambda``: Add Java 21 (java21) support to AWS Lambda
* api-change:``mwaa``: This Amazon MWAA release adds support for customer-managed VPC endpoints.
This lets you choose whether to create, and manage your environment's VPC endpoints, or to have
Amazon MWAA create, and manage them for you.
* api-change:``rds``: Updates Amazon RDS documentation for support for upgrading RDS for MySQL
snapshots from version 5.7 to version 8.0.
* api-change:``redshift``: The custom domain name SDK for Amazon Redshift provisioned clusters is
updated with additional required parameters for modify and delete operations. Additionally, users
can provide domain names with longer top-level domains.
* api-change:``s3control``: Add 5 APIs to create, update, get, list, delete S3 Storage Lens
group(eg. CreateStorageLensGroup), 3 APIs for
tagging(TagResource,UntagResource,ListTagsForResource), and update to StorageLensConfiguration to
allow metrics to be aggregated on Storage Lens groups.
* api-change:``ssm-sap``: Update the default value of MaxResult to 50.
- from version 1.32.0
* feature:ContainerProvider: Added Support for EKS container credentials
* api-change:``backup``: AWS Backup - Features: Provide Job Summary for your backup activity.
* api-change:``cleanrooms``: This feature provides the ability for the collaboration creator to
configure either the member who can run queries or a different member in the collaboration to be
billed for query compute costs.
* api-change:``connect``: Introducing SegmentAttributes parameter for StartChatContact API
* api-change:``glue``: Introduces new storage optimization APIs to support automatic compaction of
Apache Iceberg tables.
* api-change:``iot``: This release introduces new attributes in API CreateSecurityProfile,
UpdateSecurityProfile and DescribeSecurityProfile to support management of Metrics Export for AWS
IoT Device Defender Detect.
* api-change:``lambda``: Add Python 3.12 (python3.12) support to AWS Lambda
* api-change:``mediatailor``: Removed unnecessary default values.
* api-change:``pipes``: Added support (via new LogConfiguration field in CreatePipe and UpdatePipe
APIs) for logging to Amazon CloudWatch Logs, Amazon Simple Storage Service (Amazon S3), and Amazon
Kinesis Data Firehose
* api-change:``resource-explorer-2``: Resource Explorer supports multi-account search. You can now
use Resource Explorer to search and discover resources across AWS accounts within your organization
or organizational unit.
* api-change:``sagemaker``: This release makes Model Registry Inference Specification fields as not
required.
* api-change:``signer``: Documentation updates for AWS Signer
* api-change:``stepfunctions``: Update stepfunctions client to latest version
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.85
* enhancement:AWSCRT: Update awscrt version to 0.19.12
* api-change:``dataexchange``: Removed Required trait for DataSet.OriginDetails.ProductId.
* api-change:``dms``: Added new Db2 LUW Target endpoint with related endpoint settings. New
executeTimeout endpoint setting for mysql endpoint. New ReplicationDeprovisionTime field for
serverless describe-replications.
* api-change:``ec2``: Adds the new EC2 DescribeInstanceTopology API, which you can use to retrieve
the network topology of your running instances on select platform types to determine their relative
proximity to each other.
* api-change:``ecs``: Adds a Client Token parameter to the ECS RunTask API. The Client Token
parameter allows for idempotent RunTask requests.
* api-change:``emr``: Update emr client to latest version
* api-change:``servicecatalog-appregistry``: When the customer associates a resource collection to
their application with this new feature, then a new application tag will be applied to all
supported resources that are part of that collection. This allows customers to more easily find the
application that is associated with those resources.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.84
* enhancement:AWSCRT: Update awscrt version to 0.19.10
* api-change:``controltower``: AWS Control Tower supports tagging for enabled controls. This
release introduces TagResource, UntagResource and ListTagsForResource APIs to manage tags in
existing enabled controls. It updates EnabledControl API to tag resources at creation time.
* api-change:``cur``: This release adds support for tagging and customers can now tag report
definitions. Additionally, ReportStatus is now added to report definition to show when the last
delivered time stamp and if it succeeded or not.
* api-change:``ec2``: EC2 adds API updates to enable ENA Express at instance launch time.
* api-change:``fms``: Adds optimizeUnassociatedWebACL flag to ManagedServiceData, updates
third-party firewall examples, and other minor documentation updates.
* api-change:``marketplace-entitlement``: Update marketplace-entitlement client to latest version
* api-change:``mediaconvert``: This release includes the ability to specify any input source as the
primary input for corresponding follow modes, and allows users to specify fit and fill behaviors
without resizing content.
* api-change:``rds``: Updates Amazon RDS documentation for zero-ETL integrations.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.83
* api-change:``cloudformation``: Added new ConcurrencyMode feature for AWS CloudFormation StackSets
for faster deployments to target accounts.
* api-change:``cloudtrail``: The Insights in Lake feature lets customers enable CloudTrail Insights
on a source CloudTrail Lake event data store and create a destination event data store to collect
Insights events based on unusual management event activity in the source event data store.
* api-change:``comprehend``: This release adds support for toxicity detection and prompt safety
classification.
* api-change:``connect``: This release adds the ability to integrate customer lambda functions with
Connect attachments for scanning and updates the ListIntegrationAssociations API to support
filtering on IntegrationArn.
* api-change:``ec2``: AWS EBS now supports Block Public Access for EBS Snapshots. This release
introduces the EnableSnapshotBlockPublicAccess, DisableSnapshotBlockPublicAccess and
GetSnapshotBlockPublicAccessState APIs to manage account-level public access settings for EBS
Snapshots in an AWS Region.
* api-change:``eks``: Adding EKS Anywhere subscription related operations.
* api-change:``lambda``: Add Custom runtime on Amazon Linux 2023 (provided.al2023) support to AWS
Lambda.
* api-change:``logs``: Update to support new APIs for delivery of logs from AWS services.
* api-change:``omics``: Support UBAM filetype for Omics Storage and make referenceArn optional
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.82
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol and
bug fix.
- from version 1.31.81
* api-change:``connect``: This release clarifies in our public documentation that InstanceId is a
requirement for SearchUsers API requests.
* api-change:``connectcases``: This release adds the ability to add/view comment authors through
CreateRelatedItem and SearchRelatedItems API. For more information see
https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html
* api-change:``datasync``: This change allows for 0 length access keys and secret keys for object
storage locations. Users can now pass in empty string credentials.
* api-change:``guardduty``: Added API support for new GuardDuty EKS Audit Log finding types.
* api-change:``lambda``: Add Node 20 (nodejs20.x) support to AWS Lambda.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``omics``: Adding Run UUID and Run Output URI: GetRun and StartRun API response has
two new fields "uuid" and "runOutputUri".
* api-change:``rds``: This Amazon RDS release adds support for patching the OS of an RDS Custom for
Oracle DB instance. You can now upgrade the database or operating system using the
modify-db-instance command.
* api-change:``redshift-serverless``: Added a new parameter in the workgroup that helps you control
your cost for compute resources. This feature provides a ceiling for RPUs that Amazon Redshift
Serverless can scale up to. When automatic compute scaling is required, having a higher value for
MaxRPU can enhance query throughput.
* api-change:``resiliencehub``: AWS Resilience Hub enhances Resiliency Score, providing actionable
recommendations to improve application resilience. Amazon Elastic Kubernetes Service (EKS)
operational recommendations have been added to help improve the resilience posture of your
applications.
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.80
* api-change:``dataexchange``: Updated SendDataSetNotificationRequest Comment to be maximum length
4096.
* api-change:``dlm``: Added support for pre and post scripts in Amazon Data Lifecycle Manager EBS
snapshot lifecycle policies.
* api-change:``rds``: This Amazon RDS release adds support for the multi-tenant configuration. In
this configuration, an RDS DB instance can contain multiple tenant databases. In RDS for Oracle, a
tenant database is a pluggable database (PDB).
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.79
* api-change:``ce``: This release extends the GetReservationPurchaseRecommendation API to support
recommendations for Amazon MemoryDB reservations.
* api-change:``codebuild``: AWS CodeBuild now supports AWS Lambda compute.
* api-change:``connect``: Added new API that allows Amazon Connect Outbound Campaigns to create
contacts in Amazon Connect when ingesting your dial requests.
* api-change:``docdb``: Update the input of CreateDBInstance and ModifyDBInstance to support
setting CA Certificates. Update the output of DescribeDBInstance and DescribeDBEngineVersions to
show current and supported CA certificates.
* api-change:``iam``: Add partitional endpoint for iso-e.
* api-change:``mwaa``: This release adds support for Apache Airflow version 2.7.2. This version
release includes support for deferrable operators and triggers.
* api-change:``polly``: Amazon Polly adds new US English voices - Danielle and Gregory. Danielle
and Gregory are available as Neural voices only.
* api-change:``route53``: Add partitional endpoints for iso-e and iso-f.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.78
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in October 2023.
* api-change:``connect``: Amazon Connect Chat introduces Create Persistent Contact Association API,
allowing customers to choose when to resume previous conversations from previous chats, eliminating
the need to repeat themselves and allowing agents to provide personalized service with access to
entire conversation history.
* api-change:``iotwireless``: Added LoRaWAN version 1.0.4 support
* api-change:``launch-wizard``: AWS Launch Wizard is a service that helps reduce the time it takes
to deploy applications to the cloud while providing a guided deployment experience.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.77
* api-change:``apprunner``: AWS App Runner now supports using dual-stack address type for the
public endpoint of your incoming traffic.
* api-change:``connect``: GetMetricDataV2 API: Update to include new metrics PERCENT_NON_TALK_TIME,
PERCENT_TALK_TIME, PERCENT_TALK_TIME_AGENT, PERCENT_TALK_TIME_CUSTOMER
* api-change:``gamelift``: Amazon GameLift adds support for shared credentials, which allows
applications that are deployed on managed EC2 fleets to interact with other AWS resources.
* api-change:``glue``: This release introduces Google BigQuery Source and Target in AWS Glue
CodeGenConfigurationNode.
* api-change:``network-firewall``: This release introduces the stateless rule analyzer, which
enables you to analyze your stateless rules for asymmetric routing.
* api-change:``quicksight``: This release introduces Float Decimal Type as SubType in QuickSight
SPICE datasets and Custom week start and Custom timezone options in Analysis and Dashboard
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.76
* api-change:``connect``: Adds the BatchGetFlowAssociation API which returns flow associations
(flow-resource) corresponding to the list of resourceArns supplied in the request. This release
also adds IsDefault, LastModifiedRegion and LastModifiedTime fields to the responses of several
Describe and List APIs.
* api-change:``globalaccelerator``: Global Accelerator now support accelerators with cross account
endpoints.
* api-change:``rds``: This release adds support for customized networking resources to Amazon RDS
Custom.
* api-change:``redshift``: Added support for Multi-AZ deployments for Provisioned RA3 clusters that
provide 99.99% SLA availability.
* api-change:``sagemaker``: Support for batch transform input in Model dashboard
- from version 1.31.75
* api-change:``amplify``: Add backend field to CreateBranch and UpdateBranch requests. Add
pagination support for ListApps, ListDomainAssociations, ListBranches, and ListJobs
* api-change:``application-insights``: Automate attaching managed policies
* api-change:``ec2``: Capacity Blocks for ML are a new EC2 purchasing option for reserving GPU
instances on a future date to support short duration machine learning (ML) workloads. Capacity
Blocks automatically place instances close together inside Amazon EC2 UltraClusters for
low-latency, high-throughput networking.
* api-change:``m2``: Added name filter ability for ListDataSets API, added ForceUpdate for Updating
environment and BatchJob submission using S3BatchJobIdentifier
* api-change:``neptunedata``: Minor change to not retry CancelledByUserException
* api-change:``translate``: Added support for Brevity translation settings feature.
- from version 1.31.74
* api-change:``connect``: This release adds InstanceId field for phone number APIs.
* api-change:``dataexchange``: We added a new API action: SendDataSetNotification.
* api-change:``datasync``: Platform version changes to support AL1 deprecation initiative.
* api-change:``finspace``: Introducing new API UpdateKxClusterCodeConfiguration, introducing new
cache types for clusters and introducing new deployment modes for updating clusters.
* api-change:``mediapackagev2``: This feature allows customers to create a combination of manifest
filtering, startover and time delay configuration that applies to all egress requests by default.
* api-change:``rds``: This release launches the CreateIntegration, DeleteIntegration, and
DescribeIntegrations APIs to manage zero-ETL Integrations.
* api-change:``redshift-serverless``: Added support for custom domain names for Amazon Redshift
Serverless workgroups. This feature enables customers to create a custom domain name and use ACM to
generate fully secure connections to it.
* api-change:``resiliencehub``: Introduced the ability to filter applications by their last
assessment date and time and have included metrics for the application's estimated workload
Recovery Time Objective (RTO) and estimated workload Recovery Point Objective (RPO).
* api-change:``s3outposts``: Updated ListOutpostsWithS3 API response to include S3OutpostArn for
use with AWS RAM.
* api-change:``wisdom``: This release added necessary API documents on creating a Wisdom knowledge
base to integrate with S3.
- from version 1.31.73
* api-change:``emr``: Update emr client to latest version
* api-change:``neptune``: Update TdeCredentialPassword type to SensitiveString
* api-change:``pinpoint``: Updated documentation to describe the case insensitivity for EndpointIds.
* api-change:``redshift``: added support to create a dual stack cluster
* api-change:``wafv2``: Updates the descriptions for the calls that manage web ACL associations, to
provide information for customer-managed IAM policies.
- from version 1.31.72
* api-change:``appstream``: This release introduces multi-session fleets, allowing customers to
provision more than one user session on a single fleet instance.
* api-change:``ec2``: Launching GetSecurityGroupsForVpc API. This API gets security groups that can
be associated by the AWS account making the request with network interfaces in the specified VPC.
* api-change:``network-firewall``: Network Firewall now supports inspection of outbound SSL/TLS
traffic.
* api-change:``opensearch``: You can specify ipv4 or dualstack IPAddressType for cluster endpoints.
If you specify IPAddressType as dualstack, the new endpoint will be visible under the 'EndpointV2'
parameter and will support IPv4 and IPv6 requests. Whereas, the 'Endpoint' will continue to serve
IPv4 requests.
* api-change:``redshift``: Add Redshift APIs GetResourcePolicy, DeleteResourcePolicy,
PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift Zero-ETL integration
feature, which can be used to control data ingress into Redshift namespace, and view inbound
integrations.
* api-change:``sagemaker``: Amazon Sagemaker Autopilot now supports Text Generation jobs.
* api-change:``sns``: Message Archiving and Replay is now supported in Amazon SNS for FIFO topics.
* api-change:``ssm-sap``: AWS Systems Manager for SAP added support for registration and discovery
of SAP ABAP applications
* api-change:``transfer``: No API changes from previous release. This release migrated the model to
Smithy keeping all features unchanged.
* api-change:``endpoint-rules``: Update endpoint-rules client to latest version
- from version 1.31.71
* enhancement:Configuration: Adds client context params support to ``Config``.
* api-change:``connectcases``: Increase maximum length of CommentBody to 3000, and increase maximum
length of StringValue to 1500
* api-change:``groundstation``: This release will allow KMS alias names to be used when creating
Mission Profiles
* api-change:``iam``: Updates to GetAccessKeyLastUsed action to replace NoSuchEntity error with
AccessDeniedException error.
- from version 1.31.70
* api-change:``codepipeline``: Add ability to trigger pipelines from git tags, define variables at
pipeline level and new pipeline type V2.
* api-change:``ec2``: This release updates the documentation for InstanceInterruptionBehavior and
HibernationOptionsRequest to more accurately describe the behavior of these two parameters when
using Spot hibernation.
* api-change:``eks``: Added support for Cluster Subnet and Security Group mutability.
* api-change:``iam``: Add the partitional endpoint for IAM in iso-f.
* api-change:``migrationhub-config``: This release introduces DeleteHomeRegionControl API that
customers can use to delete the Migration Hub Home Region configuration
* api-change:``migrationhubstrategy``: This release introduces multi-data-source feature in
Migration Hub Strategy Recommendations. This feature now supports vCenter as a data source to fetch
inventory in addition to ADS and Import from file workflow that is currently supported with MHSR
collector.
* api-change:``opensearchserverless``: This release includes the following new APIs:
CreateLifecyclePolicy, UpdateLifecyclePolicy, BatchGetLifecyclePolicy, DeleteLifecyclePolicy,
ListLifecyclePolicies and BatchGetEffectiveLifecyclePolicy to support the data lifecycle management
feature.
- from version 1.31.69
* api-change:``marketplacecommerceanalytics``: The StartSupportDataExport operation has been
deprecated as part of the Product Support Connection deprecation. As of December 2022, Product
Support Connection is no longer supported.
* api-change:``networkmanager``: This release adds API support for Tunnel-less Connect (NoEncap
Protocol) for AWS Cloud WAN
* api-change:``redshift-serverless``: This release adds support for customers to see the patch
version and workgroup version in Amazon Redshift Serverless.
* api-change:``rekognition``: Amazon Rekognition introduces StartMediaAnalysisJob,
GetMediaAnalysisJob, and ListMediaAnalysisJobs operations to run a bulk analysis of images with a
Detect Moderation model.
- from version 1.31.68
* api-change:``appconfig``: Update KmsKeyIdentifier constraints to support AWS KMS multi-Region
keys.
* api-change:``appintegrations``: Updated ScheduleConfig to be an optional input to
CreateDataIntegration to support event driven downloading of files from sources such as Amazon s3
using Amazon Connect AppIntegrations.
* api-change:``connect``: This release adds support for updating phone number metadata, such as
phone number description.
* api-change:``discovery``: This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``medical-imaging``: Updates on documentation links
* api-change:``ssm``: This release introduces a new API: DeleteOpsItem. This allows deletion of an
OpsItem.
- from version 1.31.67
* api-change:``gamesparks``: The gamesparks client has been removed following the deprecation of
the service.
* api-change:``ec2``: Amazon EC2 C7a instances, powered by 4th generation AMD EPYC processors, are
ideal for high performance, compute-intensive workloads such as high performance computing. Amazon
EC2 R7i instances are next-generation memory optimized and powered by custom 4th Generation Intel
Xeon Scalable processors.
* api-change:``managedblockchain-query``: This release adds support for Ethereum Sepolia network
* api-change:``neptunedata``: Doc changes to add IAM action mappings for the data actions.
* api-change:``omics``: This change enables customers to retrieve failure reasons with detailed
status messages for their failed runs
* api-change:``opensearch``: Added Cluster Administrative options for node restart, opensearch
process restart and opensearch dashboard restart for Multi-AZ without standby domains
* api-change:``quicksight``: This release adds the following: 1) Trino and Starburst Database
Connectors 2) Custom total for tables and pivot tables 3) Enable restricted folders 4) Add rolling
dates for time equality filters 5) Refine DataPathValue and introduce DataPathType 6) Add
SeriesType to ReferenceLineDataConfiguration
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
* api-change:``servicecatalog``: Introduce support for EXTERNAL product and provisioning artifact
type in CreateProduct and CreateProvisioningArtifact APIs.
* api-change:``verifiedpermissions``: Improving Amazon Verified Permissions Create experience
* api-change:``workspaces``: Documentation updates for WorkSpaces
- from version 1.31.66
* api-change:``cloud9``: Update to imageId parameter behavior and dates updated.
* api-change:``dynamodb``: Updating descriptions for several APIs.
* api-change:``kendra``: Changes for a new feature in Amazon Kendra's Query API to Collapse/Expand
query results
* api-change:``rds``: This release adds support for upgrading the storage file system configuration
on the DB instance using a blue/green deployment or a read replica.
* api-change:``wisdom``: This release adds an max limit of 25 recommendation ids for
NotifyRecommendationsReceived API.
- from version 1.31.65
* api-change:``codepipeline``: Add retryMode ALL_ACTIONS to RetryStageExecution API that retries a
failed stage starting from first action in the stage
* api-change:``discovery``: This release introduces three new APIs:
StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.
* api-change:``ecs``: Documentation only updates to address Amazon ECS tickets.
* api-change:``globalaccelerator``: Fixed error where ListCustomRoutingEndpointGroups did not have
a paginator
* api-change:``guardduty``: Add domainWithSuffix finding field to dnsRequestAction
* api-change:``kafka``: AWS Managed Streaming for Kafka is launching MSK Replicator, a new feature
that enables customers to reliably replicate data across Amazon MSK clusters in same or different
AWS regions. You can now use SDK to create, list, describe, delete, update, and manage tags of MSK
Replicators.
* api-change:``route53-recovery-cluster``: Adds Owner field to ListRoutingControls API.
* api-change:``route53-recovery-control-config``: Adds permissions for GetResourcePolicy to support
returning details about AWS Resource Access Manager resource policies for shared resources.
- from version 1.31.64
* api-change:``cloudformation``: SDK and documentation updates for UpdateReplacePolicy
* api-change:``drs``: Updated exsiting API to allow AWS Elastic Disaster Recovery support of
launching recovery into existing EC2 instances.
* api-change:``entityresolution``: This launch expands our matching techniques to include
provider-based matching to help customer match, link, and enhance records with minimal data
movement. With data service providers, we have removed the need for customers to build bespoke
integrations,.
* api-change:``managedblockchain-query``: This release introduces two new APIs: GetAssetContract
and ListAssetContracts. This release also adds support for Bitcoin Testnet.
* api-change:``mediapackagev2``: This release allows customers to manage MediaPackage v2 resource
using CloudFormation.
* api-change:``opensearch``: This release allows customers to list and associate optional plugin
packages with compatible Amazon OpenSearch Service clusters for enhanced functionality.
* api-change:``redshift-serverless``: Added support for managing credentials of serverless
namespace admin using AWS Secrets Manager.
* api-change:``redshift``: Added support for managing credentials of provisioned cluster admin
using AWS Secrets Manager.
* api-change:``sesv2``: This release provides enhanced visibility into your SES identity
verification status. This will offer you more actionable insights, enabling you to promptly address
any verification-related issues.
* api-change:``transfer``: Documentation updates for AWS Transfer Family
* api-change:``xray``: This releases enhances GetTraceSummaries API to support new TimeRangeType
Service to query trace summaries by segment end time.
- from version 1.31.63
* api-change:``auditmanager``: This release introduces a new limit to the awsAccounts parameter.
When you create or update an assessment, there is now a limit of 200 AWS accounts that can be
specified in the assessment scope.
* api-change:``autoscaling``: Update the NotificationMetadata field to only allow visible ascii
characters. Add paginators to DescribeInstanceRefreshes, DescribeLoadBalancers, and
DescribeLoadBalancerTargetGroups
* api-change:``config``: Add enums for resource types supported by Config
* api-change:``controltower``: Added new EnabledControl resource details to ListEnabledControls API
and added new GetEnabledControl API.
* api-change:``customer-profiles``: Adds sensitive trait to various shapes in Customer Profiles
Calculated Attribute API model.
* api-change:``ec2``: This release adds Ubuntu Pro as a supported platform for On-Demand Capacity
Reservations and adds support for setting an Amazon Machine Image (AMI) to disabled state.
Disabling the AMI makes it private if it was previously shared, and prevents new EC2 instance
launches from it.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``glue``: Extending version control support to GitLab and Bitbucket from AWSGlue
* api-change:``inspector2``: Add MacOs ec2 platform support
* api-change:``ivs-realtime``: Update GetParticipant to return additional metadata.
* api-change:``lambda``: Adds support for Lambda functions to access Dual-Stack subnets over IPv6,
via an opt-in flag in CreateFunction and UpdateFunctionConfiguration APIs
* api-change:``location``: This release adds endpoint updates for all AWS Location resource
operations.
* api-change:``machinelearning``: This release marks Password field as sensitive
* api-change:``pricing``: Documentation updates for Price List
* api-change:``rds``: This release adds support for adding a dedicated log volume to open-source
RDS instances.
* api-change:``rekognition``: Amazon Rekognition introduces support for Custom Moderation. This
allows the enhancement of accuracy for detect moderation labels operations by creating custom
adapters tuned on customer data.
* api-change:``sagemaker``: Amazon SageMaker Canvas adds KendraSettings and DirectDeploySettings
support for CanvasAppSettings
* api-change:``textract``: This release adds 9 new APIs for adapter and adapter version management,
3 new APIs for tagging, and updates AnalyzeDocument and StartDocumentAnalysis API parameters for
using adapters.
* api-change:``transcribe``: This release is to enable m4a format to customers
* api-change:``workspaces``: Updated the CreateWorkspaces action documentation to clarify that the
PCoIP protocol is only available for Windows bundles.
- from version 1.31.62
* enhancement:Dependencies: Add support for urllib3 2.0 for Python 3.10+
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``fsx``: After performing steps to repair the Active Directory configuration of a file
system, use this action to initiate the process of attempting to recover to the file system.
* api-change:``marketplace-catalog``: This release adds support for Document type as an alternative
for stringified JSON for StartChangeSet, DescribeChangeSet and DescribeEntity APIs
* api-change:``quicksight``: NullOption in FilterListConfiguration; Dataset schema/table max length
increased; Support total placement for pivot table visual; Lenient mode relaxes the validation to
create resources with definition; Data sources can be added to folders; Redshift data sources
support IAM Role-based authentication
* api-change:``transfer``: This release updates the max character limit of
PreAuthenticationLoginBanner and PostAuthenticationLoginBanner to 4096 characters
- Update to 1.31.61:
* api-change:``omics``: Add Etag Support for Omics Storage in ListReadSets and GetReadSetMetadata
API
* api-change:``rds``: Updates Amazon RDS documentation for corrections and minor improvements.
* api-change:``route53``: Add hostedzonetype filter to ListHostedZones API.
* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for
AwsEventsEventbus, AwsEventsEndpoint, AwsDmsEndpoint, AwsDmsReplicationTask,
AwsDmsReplicationInstance, AwsRoute53HostedZone, and AwsMskCluster
* api-change:``storagegateway``: Add SoftwareVersion to response of DescribeGatewayInformation.
* api-change:``workspaces``: This release introduces Manage applications. This feature allows users
to manage their WorkSpaces applications by associating or disassociating their WorkSpaces with
applications. The DescribeWorkspaces API will now additionally return OperatingSystemName in its
responses.
- from version 1.31.60
* api-change:``appconfig``: AWS AppConfig introduces KMS customer-managed key (CMK) encryption
support for data saved to AppConfig's hosted configuration store.
* api-change:``datazone``: Initial release of Amazon DataZone
* api-change:``mediatailor``: Updates DescribeVodSource to include a list of ad break opportunities
in the response
* api-change:``mgn``: This release includes the following new APIs: ListConnectors,
CreateConnector, UpdateConnector, DeleteConnector and UpdateSourceServer to support the source
action framework feature.
* api-change:``sagemaker``: Adding support for AdditionalS3DataSource, a data source used for
training or inference that is in addition to the input dataset or model data.
- from version 1.31.59
* api-change:``connect``: GetMetricDataV2 API: Update to include new metrics CONTACTS_RESOLVED_IN_X
, AVG_HOLD_TIME_ALL_CONTACTS , AVG_RESOLUTION_TIME , ABANDONMENT_RATE ,
AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS with added features: Interval Period, TimeZone, Negate
MetricFilters, Extended date time range.
* api-change:``location``: Amazon Location Service adds support for bounding polygon queries.
Additionally, the GeofenceCount field has been added to the DescribeGeofenceCollection API response.
* api-change:``mediaconvert``: This release adds the ability to replace video frames without
modifying the audio essence.
* api-change:``oam``: This release adds support for sharing AWS::ApplicationInsights::Application
resources.
* api-change:``sagemaker``: This release allows users to run Selective Execution in SageMaker
Pipelines without SourcePipelineExecutionArn if selected steps do not have any dependent steps.
* api-change:``wellarchitected``: AWS Well-Architected now supports Review Templates that allows
you to create templates with pre-filled answers for Well-Architected and Custom Lens best practices.
- from version 1.31.58
* api-change:``bedrock``: Provisioned throughput feature with Amazon and third-party base models,
and update validators for model identifier and taggable resource ARNs.
* api-change:``bedrock-runtime``: Add model timeout exception for InvokeModelWithResponseStream API
and update validator for invoke model identifier.
* api-change:``ec2``: Introducing Amazon EC2 R7iz instances with 3.9 GHz sustained all-core turbo
frequency and deliver up to 20% better performance than previous generation z1d instances.
* api-change:``managedblockchain``: Remove Rinkeby as option from Ethereum APIs
* api-change:``rds``: Adds DefaultCertificateForNewLaunches field in the DescribeCertificates API
response.
* api-change:``sso``: Fix FIPS Endpoints in aws-us-gov.
* api-change:``sts``: STS API updates for assumeRole
* api-change:``transfer``: Documentation updates for AWS Transfer Family
- from version 1.31.57
* api-change:``bedrock-runtime``: Run Inference: Added support to run the inference on models.
Includes set of APIs for running inference in streaming and non-streaming mode.
* api-change:``bedrock``: Model Invocation logging added to enable or disable logs in customer
account. Model listing and description support added. Provisioned Throughput feature added. Custom
model support added for creating custom models. Also includes list, and delete functions for custom
model.
* api-change:``budgets``: Update DescribeBudgets and DescribeBudgetNotificationsForAccount
MaxResults limit to 1000.
* api-change:``ec2``: Adds support for Customer Managed Key encryption for Amazon Verified Access
resources
* api-change:``iotfleetwise``: AWS IoT FleetWise now supports encryption through a customer managed
AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs were added.
* api-change:``sagemaker-featurestore-runtime``: Feature Store supports read/write of records with
collection type features.
* api-change:``sagemaker``: Online store feature groups supports Standard and InMemory tier storage
types for low latency storage for real-time data retrieval. The InMemory tier supports collection
types List, Set, and Vector.
* api-change:``wafv2``: Correct and improve the documentation for the FieldToMatch option JA3
fingerprint.
- from version 1.31.56
* api-change:``cognito-idp``: The UserPoolType Status field is no longer used.
* api-change:``firehose``: Features : Adding support for new data ingestion source to Kinesis
Firehose - AWS Managed Services Kafka.
* api-change:``iot``: Added support for IoT Rules Engine Kafka Action Headers
* api-change:``textract``: This release adds new feature - Layout to Analyze Document API which can
automatically extract layout elements such as titles, paragraphs, headers, section headers, lists,
page numbers, footers, table areas, key-value areas and figure areas and order the elements as a
human would read.
- from version 1.31.55
* api-change:``appintegrations``: The Amazon AppIntegrations service adds a set of APIs (in
preview) to manage third party applications to be used in Amazon Connect agent workspace.
* api-change:``apprunner``: This release allows an App Runner customer to specify a custom source
directory to run the build & start command. This change allows App Runner to support monorepo based
repositories
* api-change:``codedeploy``: CodeDeploy now supports In-place and Blue/Green EC2 deployments with
multiple Classic Load Balancers and multiple Target Groups.
* api-change:``connect``: This release updates a set of Amazon Connect APIs that provides the
ability to integrate third party applications in the Amazon Connect agent workspace.
* api-change:``dynamodb``: Amazon DynamoDB now supports Incremental Export as an enhancement to the
existing Export Table
* api-change:``ec2``: The release includes AWS verified access to support FIPs compliance in North
America regions
* api-change:``lakeformation``: This release adds three new API support "CreateLakeFormationOptIn",
"DeleteLakeFormationOptIn" and "ListLakeFormationOptIns", and also updates the corresponding
documentation.
* api-change:``pinpoint``: Update documentation for RemoveAttributes to more accurately reflect its
behavior when attributes are deleted.
* api-change:``s3``: This release adds a new field COMPLETED to the ReplicationStatus Enum. You can
now use this field to validate the replication status of S3 objects using the AWS SDK.
- from version 1.31.54
* api-change:``amplifyuibuilder``: Support for generating code that is compatible with future
versions of amplify project dependencies.
* api-change:``chime-sdk-media-pipelines``: Adds support for sending WebRTC audio to Amazon Kineses
Video Streams.
* api-change:``emr-serverless``: This release adds support for application-wide default job
configurations.
* api-change:``finspace-data``: Adding sensitive trait to attributes. Change max SessionDuration
from 720 to 60. Correct "ApiAccess" attribute to "apiAccess" to maintain consistency between APIs.
* api-change:``quicksight``: Added ability to tag users upon creation.
* api-change:``ssm``: This release updates the enum values for ResourceType in SSM
DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output.
* api-change:``wafv2``: You can now perform an exact match against the web request's JA3
fingerprint.
- from version 1.31.53
* api-change:``braket``: This release adds support to view the device queue depth (the number of
queued quantum tasks and hybrid jobs on a device) and queue position for a quantum task and hybrid
job.
* api-change:``dms``: new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and Redshift
* api-change:``ec2``: EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini computers
featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and uniquely
enabled by the AWS Nitro System through high-speed Thunderbolt connections.
* api-change:``efs``: Update efs client to latest version
* api-change:``guardduty``: Add `EKS_CLUSTER_NAME` to filter and sort key.
* api-change:``mediaconvert``: This release supports the creation of of audio-only tracks in CMAF
output groups.
- from version 1.31.52
* api-change:``appconfig``: Enabling boto3 paginators for list APIs and adding documentation around
ServiceQuotaExceededException errors
* api-change:``apprunner``: This release adds improvements for managing App Runner auto scaling
configuration resources. New APIs: UpdateDefaultAutoScalingConfiguration and
ListServicesForAutoScalingConfiguration. Updated API: DeleteAutoScalingConfiguration.
* api-change:``codeartifact``: Add support for the Swift package format.
* api-change:``kinesisvideo``: Updated DescribeMediaStorageConfiguration,
StartEdgeConfigurationUpdate, ImageGenerationConfiguration$SamplingInterval, and
UpdateMediaStorageConfiguration to match AWS Docs.
* api-change:``logs``: Add ClientToken to QueryDefinition CFN Handler in CWL
* api-change:``s3``: Fix an issue where the SDK can fail to unmarshall response due to
NumberFormatException
* api-change:``servicediscovery``: Adds a new DiscoverInstancesRevision API and also adds
InstanceRevision field to the DiscoverInstances API response.
* api-change:``sso-oidc``: Update FIPS endpoints in aws-us-gov.
- from version 1.31.51
* api-change:``ec2``: This release adds support for C7i, and R7a instance types.
* api-change:``outposts``: This release adds the InstanceFamilies field to the ListAssets response.
* api-change:``sagemaker``: This release adds support for one-time model monitoring schedules that
are executed immediately without delay, explicit data analysis windows for model monitoring
schedules and exclude features attributes to remove features from model monitor analysis.
- from version 1.31.50
* api-change:``discovery``: Add sensitive protection for customer information
* api-change:``macie2``: This release changes the default managedDataIdentifierSelector setting for
new classification jobs to RECOMMENDED. By default, new classification jobs now use the recommended
set of managed data identifiers.
* api-change:``workmail``: This release includes four new APIs UpdateUser, UpdateGroup,
ListGroupsForEntity and DescribeEntity, along with RemoteUsers and some enhancements to existing
APIs.
- from version 1.31.49
* api-change:``appstream``: This release introduces app block builder, allowing customers to
provision a resource to package applications into an app block
* api-change:``connect``: New rule type (OnMetricDataUpdate) has been added
* api-change:``datasync``: Documentation-only updates for AWS DataSync.
* api-change:``sagemaker``: This release introduces Skip Model Validation for Model Packages
- from version 1.31.48
* api-change:``appstream``: This release introduces multi-session fleets, allowing customers to
provision more than one user session on a single fleet instance.
* api-change:``cloudformation``: Documentation updates for AWS CloudFormation
* api-change:``entityresolution``: Changed "ResolutionTechniques" and "MappedInputFields" in
workflow and schema mapping operations to be required fields.
* api-change:``lookoutequipment``: This release adds APIs for the new scheduled retraining feature.
- from version 1.31.47
* api-change:``cloud9``: Update to include information on Ubuntu 18 deprecation.
* api-change:``drs``: Updated existing APIs and added new ones to support using AWS Elastic
Disaster Recovery post-launch actions. Added support for new regions.
* api-change:``firehose``: DocumentIdOptions has been added for the Amazon OpenSearch destination.
* api-change:``guardduty``: Add `managementType` field to ListCoverage API response.
* api-change:``internetmonitor``: This release updates the Amazon CloudWatch Internet Monitor API
domain name.
* api-change:``ivs-realtime``: Doc only update that changes description for ParticipantToken.
* api-change:``simspaceweaver``: Edited the introductory text for the API reference.
* api-change:``xray``: Add StartTime field in GetTraceSummaries API response for each TraceSummary.
- from version 1.31.46
* api-change:``ec2``: This release adds support for restricting public sharing of AMIs through AMI
Block Public Access
* api-change:``events``: Update events client to latest version
* api-change:``kendra``: Amazon Kendra now supports confidence score buckets for retrieved passage
results using the Retrieve API.
- from version 1.31.45
* api-change:``ecr``: This release will have ValidationException be thrown from ECR LifecyclePolicy
APIs in regions LifecyclePolicy is not supported, this includes existing Amazon Dedicated Cloud
(ADC) regions. This release will also change Tag: TagValue and Tag: TagKey to required.
* api-change:``medialive``: AWS Elemental Link now supports attaching a Link UHD device to a
MediaConnect flow.
* api-change:``quicksight``: This release launches new updates to QuickSight KPI visuals - support
for sparklines, new templated layout and new targets for conditional formatting rules.
- from version 1.31.44
* api-change:``fsx``: Amazon FSx documentation fixes
* api-change:``sagemaker``: Autopilot APIs will now support holiday featurization for Timeseries
models. The models will now hold holiday metadata and should be able to accommodate holiday effect
during inference.
* api-change:``sso-admin``: Content updates to IAM Identity Center API for China Regions.
* api-change:``workspaces``: A new field "ErrorDetails" will be added to the output of
"DescribeWorkspaceImages" API call. This field provides in-depth details about the error occurred
during image import process. These details include the possible causes of the errors and
troubleshooting information.
- from version 1.31.43
* api-change:``neptunedata``: Minor changes to send unsigned requests to Neptune clusters
* api-change:``securityhub``: Documentation updates for AWS Security Hub
* api-change:``simspaceweaver``: BucketName and ObjectKey are now required for the S3Location data
type. BucketName is now required for the S3Destination data type.
- from version 1.31.42
* api-change:``appflow``: Adding OAuth2.0 support for servicenow connector.
* api-change:``ec2``: This release adds 'outpost' location type to the
DescribeInstanceTypeOfferings API, allowing customers that have been allowlisted for outpost to
query their offerings in the API.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``medialive``: Adds advanced Output Locking options for Epoch Locking: Custom Epoch
and Jam Sync Time
* api-change:``wafv2``: The targeted protection level of the Bot Control managed rule group now
provides optional, machine-learning analysis of traffic statistics to detect some bot-related
activity. You can enable or disable the machine learning functionality through the API.
- from version 1.31.41
* api-change:``billingconductor``: This release adds support for line item filtering in for the
custom line item resource.
* api-change:``cloud9``: Added support for Ubuntu 22.04 that was not picked up in a previous
Trebuchet request. Doc-only update.
* api-change:``compute-optimizer``: This release adds support to provide recommendations for G4dn
and P3 instances that use NVIDIA GPUs.
* api-change:``ec2``: Introducing Amazon EC2 C7gd, M7gd, and R7gd Instances with up to 3.8 TB of
local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton3 processors,
delivering up to 25% better performance over Graviton2-based instances.
* api-change:``ecs``: Documentation only update for Amazon ECS.
* api-change:``events``: Update events client to latest version
* api-change:``rds``: Add support for feature integration with AWS Backup.
* api-change:``sagemaker``: SageMaker Neo now supports data input shape derivation for Pytorch 2.0
and XGBoost compilation job for cloud instance targets. You can skip DataInputConfig field during
compilation job creation. You can also access derived information from model in
DescribeCompilationJob response.
* api-change:``vpc-lattice``: This release adds Lambda event structure version config support for
LAMBDA target groups. It also adds newline support for auth policies.
- from version 1.31.40
* api-change:``chime-sdk-media-pipelines``: This release adds support for the Voice Analytics
feature for customer-owned KVS streams as part of the Amazon Chime SDK call analytics.
* api-change:``connect``: Amazon Connect adds the ability to read, create, update, delete, and list
view resources, and adds the ability to read, create, delete, and list view versions.
* api-change:``identitystore``: New Identity Store content for China Region launch
* api-change:``neptunedata``: Removed the descriptive text in the introduction.
- from version 1.31.39
* api-change:``chime-sdk-media-pipelines``: This release adds support for feature Voice Enhancement
for Call Recording as part of Amazon Chime SDK call analytics.
* api-change:``cloudhsm``: Deprecating CloudHSM Classic API Service.
* api-change:``connectcampaigns``: Amazon Connect outbound campaigns has launched agentless dialing
mode which enables customers to make automated outbound calls without agent engagement. This
release updates three of the campaign management API's to support the new agentless dialing mode
and the new dialing capacity field.
* api-change:``connectparticipant``: Amazon Connect Participant Service adds the ability to get a
view resource using a view token, which is provided in a participant message, with the release of
the DescribeView API.
* api-change:``customer-profiles``: Adds sensitive trait to various shapes in Customer Profiles API
model.
* api-change:``ecs``: This release adds support for an account-level setting that you can use to
configure the number of days for AWS Fargate task retirement.
* api-change:``grafana``: Marking SAML RoleValues attribute as sensitive and updating
VpcConfiguration attributes to match documentation.
* api-change:``health``: Adds new API DescribeEntityAggregatesForOrganization that retrieves entity
aggregates across your organization. Also adds support for resource status filtering in
DescribeAffectedEntitiesForOrganization, resource status aggregates in the DescribeEntityAggregates
response, and new resource statuses.
* api-change:``ivs``: Updated "type" description for CreateChannel, UpdateChannel, Channel, and
ChannelSummary.
* api-change:``kafkaconnect``: Minor model changes for Kafka Connect as well as endpoint updates.
* api-change:``payment-cryptography-data``: Make KeyCheckValue field optional when using asymmetric
keys as Key Check Values typically only apply to symmetric keys
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
- from version 1.31.38
* api-change:``appflow``: Add SAP source connector parallel and pagination feature
* api-change:``apprunner``: App Runner adds support for Bitbucket. You can now create App Runner
connection that connects to your Bitbucket repositories and deploy App Runner service with the
source code stored in a Bitbucket repository.
* api-change:``auditmanager``: This release marks some assessment metadata as sensitive. We added a
sensitive trait to the following attributes: assessmentName, emailAddress, scope, createdBy,
lastUpdatedBy, and userName.
* api-change:``cleanrooms``: This release decouples member abilities in a collaboration. With this
change, the member who can run queries no longer needs to be the same as the member who can receive
results.
* api-change:``datasync``: AWS DataSync introduces Task Reports, a new feature that provides
detailed reports of data transfer operations for each task execution.
* api-change:``neptunedata``: Allows customers to execute data plane actions like bulk loading
graphs, issuing graph queries using Gremlin and openCypher directly from the SDK.
* api-change:``network-firewall``: Network Firewall increasing pagination token string length
* api-change:``pca-connector-ad``: The Connector for AD allows you to use a fully-managed AWS
Private CA as a drop-in replacement for your self-managed enterprise CAs without local agents or
proxy servers. Enterprises that use AD to manage Windows environments can reduce their private
certificate authority (CA) costs and complexity.
* api-change:``sagemaker``: Amazon SageMaker Canvas adds IdentityProviderOAuthSettings support for
CanvasAppSettings
- from version 1.31.37
* api-change:``cognito-idp``: Added API example requests and responses for several operations.
Fixed the validation regex for user pools Identity Provider name.
* api-change:``fsx``: Documentation updates for project quotas.
* api-change:``omics``: Add RetentionMode support for Runs.
* api-change:``sesv2``: Adds support for the new Export and Message Insights features: create, get,
list and cancel export jobs; get message insights.
- Update to 1.31.36:
* api-change:``backup``: Add support for customizing time zone for backup window in backup plan
rules.
* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and
generate licensing optimization recommendations for sql server running on EC2 instances.
* api-change:``organizations``: Documentation updates for permissions and links.
* api-change:``securitylake``: Remove incorrect regex enforcement on pagination tokens.
* api-change:``service-quotas``: Service Quotas now supports viewing the applied quota value and
requesting a quota increase for a specific resource in an AWS account.
* api-change:``workspaces-web``: WorkSpaces Web now enables Admins to configure which cookies are
synchronized from an end-user's local browser to the in-session browser. In conjunction with a
browser extension, this feature enables enhanced Single-Sign On capability by reducing the number
of times an end-user has to authenticate.
- from version 1.31.35
* api-change:``cloudtrail``: Add ThrottlingException with error code 429 to handle CloudTrail
Delegated Admin request rate exceeded on organization resources.
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``detective``: Added protections to interacting with fields containing customer
information.
- from version 1.31.34
* api-change:``ec2``: Amazon EC2 M7a instances, powered by 4th generation AMD EPYC processors,
deliver up to 50% higher performance compared to M6a instances. Amazon EC2 Hpc7a instances, powered
by 4th Gen AMD EPYC processors, deliver up to 2.5x better performance compared to Amazon EC2 Hpc6a
instances.
* api-change:``glue``: Added API attributes that help in the monitoring of sessions.
* api-change:``mediaconvert``: This release includes additional audio channel tags in Quicktime
outputs, support for film grain synthesis for AV1 outputs, ability to create audio-only FLAC
outputs, and ability to specify Amazon S3 destination storage class.
* api-change:``medialive``: MediaLive now supports passthrough of KLV data to a HLS output group
with a TS container. MediaLive now supports setting an attenuation mode for AC3 audio when the
coding mode is 3/2 LFE. MediaLive now supports specifying whether to include filler NAL units in
RTMP output group settings.
* api-change:``mediatailor``: Adds new source location AUTODETECT_SIGV4 access type.
* api-change:``quicksight``: Excel support in Snapshot Export APIs. Removed Required trait for some
insight Computations. Namespace-shared Folders support. Global Filters support. Table pin Column
support.
* api-change:``rds``: This release updates the supported versions for Percona XtraBackup in Aurora
MySQL.
* api-change:``s3control``: Updates to endpoint ruleset tests to address Smithy validation issues
and standardize the capitalization of DualStack.
* api-change:``verifiedpermissions``: Documentation updates for Amazon Verified Permissions.
- from version 1.31.33
* api-change:``apigateway``: This release adds RootResourceId to GetRestApi response.
* api-change:``ec2``: Marking fields as sensitive on BundleTask and GetPasswordData
* api-change:``polly``: Amazon Polly adds 1 new voice - Zayd (ar-AE)
- from version 1.31.32
* api-change:``ce``: This release adds the LastUpdatedDate and LastUsedDate timestamps to help you
manage your cost allocation tags.
* api-change:``globalaccelerator``: Global Accelerator now supports Client Ip Preservation for
Network Load Balancer endpoints.
* api-change:``rds``: Adding parameters to CreateCustomDbEngineVersion reserved for future use.
* api-change:``verifiedpermissions``: Documentation updates for Amazon Verified Permissions.
Increases max results per page for ListPolicyStores, ListPolicies, and ListPolicyTemplates APIs
from 20 to 50.
- from version 1.31.31
* api-change:``cloud9``: Doc only update to add Ubuntu 22.04 as an Image ID option for Cloud9
* api-change:``ec2``: The DeleteKeyPair API has been updated to return the keyPairId when an
existing key pair is deleted.
* api-change:``finspace``: Allow customers to manage outbound traffic from their Kx Environment
when attaching a transit gateway by providing network acl entries. Allow the customer to choose how
they want to update the databases on a cluster allowing updates to possibly be faster than usual.
* api-change:``rds``: Adding support for RDS Aurora Global Database Unplanned Failover
* api-change:``route53domains``: Fixed typos in description fields
- from version 1.31.30
* api-change:``codecommit``: Add new ListFileCommitHistory operation to retrieve commits which
introduced changes to a specific file.
* api-change:``securityhub``: Added Inspector Lambda code Vulnerability section to ASFF, including
GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.
- from version 1.31.29
* api-change:``ec2``: Adds support for SubnetConfigurations to allow users to select their own IPv4
and IPv6 addresses for Interface VPC endpoints
* api-change:``gamelift``: Amazon GameLift updates its instance types support.
- from version 1.31.28
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``lexv2-models``: Update lexv2-models client to latest version
- Update to 1.31.27:
* enhancement:Python: Added provisional Python 3.12 support to Botocore
* api-change:``chime-sdk-meetings``: Updated API documentation to include additional exceptions.
* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:``glue``: AWS Glue Crawlers can now accept SerDe overrides from a custom csv
classifier. The two SerDe options are LazySimpleSerDe and OpenCSVSerDe. In case, the user wants
crawler to do the selection, "None" can be selected for this purpose.
* api-change:``pi``: AWS Performance Insights for Amazon RDS is launching Performance Analysis On
Demand, a new feature that allows you to analyze database performance metrics and find out the
performance issues. You can now use SDK to create, list, get, delete, and manage tags of
performance analysis reports.
* api-change:``route53domains``: Provide explanation if CheckDomainTransferability return false.
Provide requestId if a request is already submitted. Add sensitive protection for customer
information
* api-change:``sagemaker``: SageMaker Inference Recommender now provides SupportedResponseMIMETypes
from DescribeInferenceRecommendationsJob response
- from version 1.31.26
* api-change:``mediapackage``: Fix SDK logging of certain fields.
* api-change:``omics``: This release provides support for annotation store versioning and cross
account sharing for Omics Analytics
* api-change:``transfer``: Documentation updates for AWS Transfer Family
- from version 1.31.25
* api-change:``amplifybackend``: Adds sensitive trait to required input shapes.
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in July 2023.
* api-change:``ec2``: Amazon EC2 P5 instances, powered by the latest NVIDIA H100 Tensor Core GPUs,
deliver the highest performance in EC2 for deep learning (DL) and HPC applications. M7i-flex and
M7i instances are next-generation general purpose instances powered by custom 4th Generation Intel
Xeon Scalable processors.
* api-change:``quicksight``: New Authentication method for Account subscription - IAM Identity
Center. Hierarchy layout support, default column width support and related style properties for
pivot table visuals. Non-additive topic field aggregations for Topic API
* api-change:``ses``: Update ses client to latest version
* api-change:``swf``: This release adds new API parameters to override workflow task list for
workflow executions.
- from version 1.31.24
* api-change:``cloudtrail``: Documentation updates for CloudTrail.
* api-change:``connect``: This release adds APIs to provision agents that are global / available in
multiple AWS regions and distribute them across these regions by percentage.
* api-change:``elbv2``: Update elbv2 client to latest version
* api-change:``omics``: This release adds instanceType to GetRunTask & ListRunTasks responses.
* api-change:``secretsmanager``: Add additional InvalidRequestException to list of possible
exceptions for ListSecret.
* api-change:``transfer``: Documentation updates for AW Transfer Family
- from version 1.31.23
* api-change:``chime-sdk-voice``: Updating CreatePhoneNumberOrder, UpdatePhoneNumber and
BatchUpdatePhoneNumbers APIs, adding phone number name
* api-change:``fsx``: For FSx for Lustre, add new data repository task type,
RELEASE_DATA_FROM_FILESYSTEM, to release files that have been archived to S3. For FSx for Windows,
enable support for configuring and updating SSD IOPS, and for updating storage type. For FSx for
OpenZFS, add new deployment type, MULTI_AZ_1.
* api-change:``globalaccelerator``: Documentation update for dualstack EC2 endpoint support
* api-change:``guardduty``: Added autoEnable ALL to UpdateOrganizationConfiguration and
DescribeOrganizationConfiguration APIs.
* api-change:``sagemaker``: This release adds support for cross account access for SageMaker Model
Cards through AWS RAM.
- from version 1.31.22
* api-change:``backup``: This release introduces a new logically air-gapped vault (Preview) in AWS
Backup that stores immutable backup copies, which are locked by default and isolated with
encryption using AWS owned keys. Logically air-gapped vault (Preview) allows secure recovery of
application data across accounts.
* api-change:``elasticache``: Added support for cluster mode in online migration and test migration
API
* api-change:``servicecatalog``: Introduce support for HashiCorp Terraform Cloud in Service Catalog
by addying TERRAFORM_CLOUD product type in CreateProduct and CreateProvisioningArtifact API.
- from version 1.31.21
* api-change:``detective``: Updated the email validation regex to be in line with the TLD name
specifications.
* api-change:``ivs-realtime``: Add QUOTA_EXCEEDED and PUBLISHER_NOT_FOUND to EventErrorCode for
stage health events.
* api-change:``kinesis-video-archived-media``: This release enables minimum of Images
SamplingInterval to be as low as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``kinesisvideo``: This release enables minimum of Images SamplingInterval to be as low
as 200 milliseconds in Kinesis Video Stream Image feature.
* api-change:``rekognition``: This release adds code snippets for Amazon Rekognition Custom Labels.
- from version 1.31.20
* api-change:``acm-pca``: Documentation correction for AWS Private CA
* api-change:``connect``: Added a new API UpdateRoutingProfileAgentAvailabilityTimer to update
agent availability timer of a routing profile.
* api-change:``datasync``: Display cloud storage used capacity at a cluster level.
* api-change:``ecs``: This is a documentation update to address various tickets.
* api-change:``sagemaker``: Including DataCaptureConfig key in the Amazon Sagemaker Search's
transform job object
- from version 1.31.19
* api-change:``autoscaling``: Documentation changes related to Amazon EC2 Auto Scaling APIs.
* api-change:``cloud9``: Updated the deprecation date for Amazon Linux. Doc only update.
* api-change:``dms``: The release makes public API for DMS Schema Conversion feature.
* api-change:``ec2``: This release adds new parameter isPrimaryIPv6 to allow assigning an IPv6
address as a primary IPv6 address to a network interface which cannot be changed to give equivalent
functionality available for network interfaces with primary IPv4 address.
* api-change:``sagemaker``: Amazon SageMaker now supports running training jobs on p5.48xlarge
instance types.
- from version 1.31.18
* api-change:``budgets``: As part of CAE tagging integration we need to update our budget names
regex filter to prevent customers from using "/action/" in their budget names.
* api-change:``cognito-idp``: New feature that logs Cognito user pool error messages to CloudWatch
logs.
* api-change:``glue``: This release includes additional Glue Streaming KAKFA SASL property types.
* api-change:``resiliencehub``: Drift Detection capability added when applications policy has moved
from a meet to breach state. Customers will be able to exclude operational recommendations and
receive credit in their resilience score. Customers can now add ARH permissions to an existing or
new role.
* api-change:``sagemaker``: SageMaker Inference Recommender introduces a new API
GetScalingConfigurationRecommendation to recommend auto scaling policies based on completed
Inference Recommender jobs.
- from version 1.31.17
* api-change:``batch``: This release adds support for price capacity optimized allocation strategy
for Spot Instances.
* api-change:``dms``: Adding new API describe-engine-versions which provides information about the
lifecycle of a replication instance's version.
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet
Monitor that enables customers to set custom thresholds, for performance and availability drops,
for impact limited to a single city-network to trigger creation of a health event.
* api-change:``medialive``: AWS Elemental Link devices now report their Availability Zone. Link
devices now support the ability to change their Availability Zone.
* api-change:``polly``: Amazon Polly adds new French Belgian voice - Isabelle. Isabelle is
available as Neural voice only.
* api-change:``rds``: Added support for deleted clusters PiTR.
* api-change:``sagemaker``: Add Stairs TrafficPattern and FlatInvocations to
RecommendationJobStoppingConditions
- from version 1.31.16
* api-change:``amplifyuibuilder``: Amplify Studio releases GraphQL support for codegen job action.
* api-change:``autoscaling``: You can now configure an instance refresh to set its status to
'failed' when it detects that a specified CloudWatch alarm has gone into the ALARM state. You can
also choose to roll back the instance refresh automatically when the alarm threshold is met.
* api-change:``cleanrooms``: This release introduces custom SQL queries - an expanded set of SQL
you can run. This release adds analysis templates, a new resource for storing pre-defined custom
SQL queries ahead of time. This release also adds the Custom analysis rule, which lets you approve
analysis templates for querying.
* api-change:``codestar-connections``: New integration with the Gitlab provider type.
* api-change:``drs``: Add support for in-aws right sizing
* api-change:``inspector2``: This release adds 1 new API: BatchGetFindingDetails to retrieve
enhanced vulnerability intelligence details for findings.
* api-change:``lookoutequipment``: This release includes new import resource, model versioning and
resource policy features.
* api-change:``omics``: Add CreationType filter for ListReadSets
* api-change:``rds``: This release adds support for Aurora MySQL local write forwarding, which
allows for forwarding of write operations from reader DB instances to the writer DB instance.
* api-change:``route53``: Amazon Route 53 now supports the Israel (Tel Aviv) Region (il-central-1)
for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.
* api-change:``scheduler``: This release introduces automatic deletion of schedules in EventBridge
Scheduler. If configured, EventBridge Scheduler automatically deletes a schedule after the schedule
has completed its last invocation.
- from version 1.31.15
* enhancement:HTTP: Move 100-continue behavior to use `HTTPConnections` request interface.
* api-change:``application-insights``: This release enable customer to add/remove/update more than
one workload for a component
* api-change:``cloudformation``: This SDK release is for the feature launch of AWS CloudFormation
RetainExceptOnCreate. It adds a new parameter retainExceptOnCreate in the following APIs:
CreateStack, UpdateStack, RollbackStack, ExecuteChangeSet.
* api-change:``cloudfront``: Add a new JavaScript runtime version for CloudFront Functions.
* api-change:``connect``: This release adds support for new number types.
* api-change:``kafka``: Amazon MSK has introduced new versions of ListClusterOperations and
DescribeClusterOperation APIs. These v2 APIs provide information and insights into the ongoing
operations of both MSK Provisioned and MSK Serverless clusters.
* api-change:``pinpoint``: Added support for sending push notifications using the FCM v1 API with
json credentials. Amazon Pinpoint customers can now deliver messages to Android devices using both
FCM v1 API and the legacy FCM/GCM API
- from version 1.31.14
* enhancement:compression: Adds support for the ``requestcompression`` operation trait.
* api-change:``sqs``: Documentation changes related to SQS APIs.
- from version 1.31.13
* api-change:``autoscaling``: This release updates validation for instance types used in the
AllowedInstanceTypes and ExcludedInstanceTypes parameters of the InstanceRequirements property of a
MixedInstancesPolicy.
* api-change:``ebs``: SDK and documentation updates for Amazon Elastic Block Store API
* api-change:``ec2``: SDK and documentation updates for Amazon Elastic Block Store APIs
* api-change:``eks``: Add multiple customer error code to handle customer caused failure when
managing EKS node groups
* api-change:``sagemaker``: Expose ProfilerConfig attribute in SageMaker Search API response.
- from version 1.31.12
* api-change:``cloudcontrol``: Updates the documentation for CreateResource.
* api-change:``entityresolution``: AWS Entity Resolution can effectively match a source record from
a customer relationship management (CRM) system with a source record from a marketing system
containing campaign information.
* api-change:``glue``: Release Glue Studio Snowflake Connector Node for SDK/CLI
* api-change:``healthlake``: Updating the HealthLake service documentation.
* api-change:``managedblockchain-query``: Amazon Managed Blockchain (AMB) Query provides serverless
access to standardized, multi-blockchain datasets with developer-friendly APIs.
* api-change:``mediaconvert``: This release includes general updates to user documentation.
* api-change:``omics``: The service is renaming as a part of AWS Health.
* api-change:``opensearchserverless``: This release adds new collection type VectorSearch.
* api-change:``polly``: Amazon Polly adds 1 new voice - Lisa (nl-BE)
* api-change:``route53``: Update that corrects the documents for received feedback.
- from version 1.31.11
* api-change:``billingconductor``: Added support for Auto-Assocate Billing Groups for
CreateBillingGroup, UpdateBillingGroup, and ListBillingGroups.
* api-change:``customer-profiles``: Amazon Connect Customer Profiles now supports rule-based
resolution to match and merge similar profiles into unified profiles, helping companies deliver
faster and more personalized customer service by providing access to relevant customer information
for agents and automated experiences.
* api-change:``datasync``: AWS DataSync now supports Microsoft Azure Blob Storage locations.
* api-change:``dynamodb``: Documentation updates for DynamoDB
* api-change:``ec2``: This release adds an instance's peak and baseline network bandwidth as well
as the memory sizes of an instance's inference accelerators to DescribeInstanceTypes.
* api-change:``emr-serverless``: This release adds support for publishing application logs to
CloudWatch.
* api-change:``lambda``: Add Python 3.11 (python3.11) support to AWS Lambda
* api-change:``rds``: This release adds support for monitoring storage optimization progress on the
DescribeDBInstances API.
* api-change:``sagemaker``: Mark ContentColumn and TargetLabelColumn as required Targets in
TextClassificationJobConfig in CreateAutoMLJobV2API
* api-change:``securityhub``: Add support for CONTAINS and NOT_CONTAINS comparison operators for
Automation Rules string filters and map filters
* api-change:``sts``: API updates for the AWS Security Token Service
* api-change:``transfer``: This release adds support for SFTP Connectors.
* api-change:``wisdom``: This release added two new data types: AssistantIntegrationConfiguration,
and SessionIntegrationConfiguration to support Wisdom integration with Amazon Connect Chat
- from version 1.31.10
* api-change:``apigatewayv2``: Documentation updates for Amazon API Gateway.
* api-change:``ce``: This release introduces the new API
'GetSavingsPlanPurchaseRecommendationDetails', which retrieves the details for a Savings Plan
recommendation. It also updates the existing API 'GetSavingsPlansPurchaseRecommendation' to include
the recommendation detail ID.
* api-change:``chime-sdk-media-pipelines``: AWS Media Pipeline compositing enhancement and Media
Insights Pipeline auto language identification.
* api-change:``cloudformation``: This release supports filtering by DRIFT_STATUS for existing API
ListStackInstances and adds support for a new API ListStackInstanceResourceDrifts. Customers can
now view resource drift information from their StackSet management accounts.
* api-change:``ec2``: Add "disabled" enum value to SpotInstanceState.
* api-change:``glue``: Added support for Data Preparation Recipe node in Glue Studio jobs
* api-change:``quicksight``: This release launches new Snapshot APIs for CSV and PDF exports, adds
support for info icon for filters and parameters in Exploration APIs, adds modeled exception to the
DeleteAccountCustomization API, and introduces AttributeAggregationFunction's ability to add
UNIQUE_VALUE aggregation in tooltips.
- from version 1.31.9
* api-change:``glue``: This release adds support for AWS Glue Crawler with Apache Hudi Tables,
allowing Crawlers to discover Hudi Tables in S3 and register them in Glue Data Catalog for query
engines to query against.
* api-change:``mediaconvert``: This release includes improvements to Preserve 444 handling,
compatibility of HEVC sources without frame rates, and general improvements to MP4 outputs.
* api-change:``rds``: Adds support for the DBSystemID parameter of CreateDBInstance to RDS Custom
for Oracle.
* api-change:``workspaces``: Fixed VolumeEncryptionKey descriptions
- from version 1.31.8
* api-change:``codecatalyst``: This release adds support for updating and deleting spaces and
projects in Amazon CodeCatalyst. It also adds support for creating, getting, and deleting source
repositories in CodeCatalyst projects.
* api-change:``connectcases``: This release adds the ability to assign a case to a queue or user.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``route53resolver``: This release adds support for Route 53 On Outposts, a new feature
that allows customers to run Route 53 Resolver and Resolver endpoints locally on their Outposts.
* api-change:``s3``: Improve performance of S3 clients by simplifying and optimizing endpoint
resolution.
* api-change:``sagemaker-featurestore-runtime``: Cross account support for SageMaker Feature Store
* api-change:``sagemaker``: Cross account support for SageMaker Feature Store
* api-change:``securitylake``: Adding support for Tags on Create and Resource Tagging API.
* api-change:``transcribe``: Added API argument --toxicity-detection to startTranscriptionJob API,
which allows users to view toxicity scores of submitted audio.
- from version 1.31.7
* enhancement:AWSCRT: Upgrade awscrt version to 0.16.26
* api-change:``savingsplans``: Savings Plans endpoints update
- from version 1.31.6
* api-change:``cloudformation``: SDK and documentation updates for GetTemplateSummary API
(unrecognized resources)
* api-change:``ec2``: Amazon EC2 documentation updates.
* api-change:``grafana``: Amazon Managed Grafana now supports grafanaVersion update for existing
workspaces with UpdateWorkspaceConfiguration API. DescribeWorkspaceConfiguration API additionally
returns grafanaVersion. A new ListVersions API lists available versions or, if given a workspaceId,
the versions it can upgrade to.
* api-change:``medical-imaging``: General Availability (GA) release of AWS Health Imaging, enabling
customers to store, transform, and analyze medical imaging data at petabyte-scale.
* api-change:``ram``: This release adds support for securely sharing with AWS service principals.
* api-change:``ssm-sap``: Added support for SAP Hana High Availability discovery (primary and
secondary nodes) and Backint agent installation with SSM for SAP.
* api-change:``wafv2``: Added the URI path to the custom aggregation keys that you can specify for
a rate-based rule.
- from version 1.31.5
* api-change:``codeguru-security``: Documentation updates for CodeGuru Security.
* api-change:``connect``: GetMetricDataV2 API: Update to include Contact Lens Conversational
Analytics Metrics
* api-change:``es``: Regex Validation on the ElasticSearch Engine Version attribute
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``m2``: Allows UpdateEnvironment to update the environment to 0 host capacity. New
GetSignedBluinsightsUrl API
* api-change:``snowball``: Adds support for RACK_5U_C. This is the first AWS Snow Family device
designed to meet U.S. Military Ruggedization Standards (MIL-STD-810H) with 208 vCPU device in a
portable, compact 5U, half-rack width form-factor.
* api-change:``translate``: Added DOCX word document support to TranslateDocument API
- from version 1.31.4
* api-change:``codeartifact``: Doc only update for AWS CodeArtifact
* api-change:``docdb``: Added major version upgrade option in ModifyDBCluster API
* api-change:``ec2``: Add Nitro TPM support on DescribeInstanceTypes
* api-change:``glue``: Adding new supported permission type flags to get-unfiltered endpoints that
callers may pass to indicate support for enforcing Lake Formation fine-grained access control on
nested column attributes.
* api-change:``ivs``: This release provides the flexibility to configure what renditions or
thumbnail qualities to record when creating recording configuration.
* api-change:``lakeformation``: Adds supports for ReadOnlyAdmins and
AllowFullTableExternalDataAccess. Adds NESTED_PERMISSION and NESTED_CELL_PERMISSION to
SUPPORTED_PERMISSION_TYPES enum. Adds CREATE_LF_TAG on catalog resource and ALTER, DROP, and
GRANT_WITH_LF_TAG_EXPRESSION on LF Tag resource.
- from version 1.31.3
* api-change:``cognito-idp``: API model updated in Amazon Cognito
* api-change:``connect``: Add support for deleting Queues and Routing Profiles.
* api-change:``datasync``: Added LunCount to the response object of
DescribeStorageSystemResourcesResponse, LunCount represents the number of LUNs on a storage system
resource.
* api-change:``dms``: Enhanced PostgreSQL target endpoint settings for providing Babelfish support.
* api-change:``ec2``: This release adds support for the C7gn and Hpc7g instances. C7gn instances
are powered by AWS Graviton3 processors and the fifth-generation AWS Nitro Cards. Hpc7g instances
are powered by AWS Graviton 3E processors and provide up to 200 Gbps network bandwidth.
* api-change:``fsx``: Amazon FSx for NetApp ONTAP now supports SnapLock, an ONTAP feature that
enables you to protect your files in a volume by transitioning them to a write once, read many
(WORM) state.
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``mediatailor``: Adds categories to MediaTailor channel assembly alerts
* api-change:``personalize``: This release provides ability to customers to change schema
associated with their datasets in Amazon Personalize
* api-change:``proton``: This release adds support for deployment history for Proton provisioned
resources
* api-change:``s3``: S3 Inventory now supports Object Access Control List and Object Owner as
available object metadata fields in inventory reports.
* api-change:``sagemaker``: Amazon SageMaker Canvas adds WorkspeceSettings support for
CanvasAppSettings
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
- Update to 1.31.2:
* bugfix:s3: Fix s3 presigned URLs for operations with query components (`#2962
<https://github.com/boto/botocore/issues/2962>`__)
* api-change:``cognito-idp``: API model updated in Amazon Cognito
- from version 1.31.1
* api-change:``dms``: Releasing DMS Serverless. Adding support for PostgreSQL 15.x as source and
target endpoint. Adding support for DocDB Elastic Clusters with sharded collections, PostgreSQL
datatype mapping customization and disabling hostname validation of the certificate authority in
Kafka endpoint settings
* api-change:``glue``: This release enables customers to create new Apache Iceberg tables and
associated metadata in Amazon S3 by using native AWS Glue CreateTable operation.
* api-change:``logs``: Add CMK encryption support for CloudWatch Logs Insights query result data
* api-change:``medialive``: This release enables the use of Thumbnails in AWS Elemental MediaLive.
* api-change:``mediatailor``: The AWS Elemental MediaTailor SDK for Channel Assembly has added
support for EXT-X-CUE-OUT and EXT-X-CUE-IN tags to specify ad breaks in HLS outputs, including
support for EXT-OATCLS, EXT-X-ASSET, and EXT-X-CUE-OUT-CONT accessory tags.
- from version 1.31.0
* api-change:``ec2``: Add Nitro Enclaves support on DescribeInstanceTypes
* api-change:``location``: This release adds support for authenticating with Amazon Location
Service's Places & Routes APIs with an API Key. Also, with this release developers can publish
tracked device position updates to Amazon EventBridge.
* api-change:``outposts``: Added paginator support to several APIs. Added the ISOLATED enum value
to AssetState.
* api-change:``quicksight``: This release includes below three changes: small multiples axes
improvement, field based coloring, removed required trait from Aggregation function for
TopBottomFilter.
* api-change:``rds``: Updates Amazon RDS documentation for creating DB instances and creating
Aurora global clusters.
* bugfix:configprovider: Fix bug when deep copying config value store where overrides were not
preserved
* enhancement:configprovider: Always use shallow copy of session config value store for clients
* feature:configuration: Configure the endpoint URL in the shared configuration file or via an
environment variable for a specific AWS service or all AWS services.
- from version 1.30.1
* api-change:``comprehendmedical``: Update to Amazon Comprehend Medical documentation.
* api-change:``connect``: GetMetricDataV2 API: Channels filters do not count towards overall
limitation of 100 filter values.
* api-change:``kms``: Added Dry Run Feature to cryptographic and cross-account mutating KMS APIs
(14 in all). This feature allows users to test their permissions and parameters before making the
actual API call.
* api-change:``mgn``: This release introduces the Global view feature and new Replication state
APIs.
* api-change:``securityhub``: Documentation updates for AWS Security Hub
- from version 1.30.0
* feature:Useragent: Update User-Agent header format
* api-change:``batch``: This feature allows customers to use AWS Batch with Linux with ARM64 CPU
Architecture and X86_64 CPU Architecture with Windows OS on Fargate Platform.
* api-change:``sagemaker``: SageMaker Inference Recommender now accepts new fields
SupportedEndpointType and ServerlessConfiguration to support serverless endpoints.
- from version 1.29.165
* api-change:``amp``: AWS SDK service model generation tool version upgrade.
* api-change:``ecs``: Added new field "credentialspecs" to the ecs task definition to support gMSA
of windows/linux in both domainless and domain-joined mode
* api-change:``ivs``: Corrects the HTTP response code in the generated docs for PutMetadata and
DeleteRecordingConfiguration APIs.
* api-change:``mediaconvert``: This release includes improved color handling of overlays and
general updates to user documentation.
* api-change:``sagemaker``: This release adds support for rolling deployment in SageMaker Inference.
* api-change:``transfer``: Add outbound Basic authentication support to AS2 connectors
* api-change:``verifiedpermissions``: This release corrects several broken links in the
documentation.
- from version 1.29.164
* api-change:``appstream``: This release introduces app block builder, allowing customers to
provision a resource to package applications into an app block
* api-change:``chime``: The Amazon Chime SDK APIs in the Chime namespace are no longer supported.
Customers should use APIs in the dedicated Amazon Chime SDK namespaces: ChimeSDKIdentity,
ChimeSDKMediaPipelines, ChimeSDKMeetings, ChimeSDKMessaging, and ChimeSDKVoice.
* api-change:``cleanrooms``: This release adds support for the OR operator in RSQL join match
conditions and the ability to control which operators (AND, OR) are allowed in a join match
condition.
* api-change:``dynamodb``: This release adds ReturnValuesOnConditionCheckFailure parameter to
PutItem, UpdateItem, DeleteItem, ExecuteStatement, BatchExecuteStatement and ExecuteTransaction
APIs. When set to ALL_OLD, API returns a copy of the item as it was when a conditional write failed
* api-change:``gamelift``: Amazon GameLift now supports game builds that use the Amazon Linux 2023
(AL2023) operating system.
* api-change:``glue``: This release adds support for AWS Glue Crawler with Iceberg Tables, allowing
Crawlers to discover Iceberg Tables in S3 and register them in Glue Data Catalog for query engines
to query against.
* api-change:``sagemaker``: Adding support for timeseries forecasting in the CreateAutoMLJobV2 API.
- Update 1.29.163:
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet
Monitor that enables customers to set custom thresholds, for performance and availability drops,
for triggering when to create a health event.
* api-change:``kinesisanalyticsv2``: Support for new runtime environment in Kinesis Data Analytics
Studio: Zeppelin-0.10, Apache Flink-1.15
* api-change:``lambda``: Surface ResourceConflictException in DeleteEventSourceMapping
* api-change:``omics``: Add Common Workflow Language (CWL) as a supported language for Omics
workflows
* api-change:``rds``: Amazon Relational Database Service (RDS) now supports joining a RDS for SQL
Server instance to a self-managed Active Directory.
* api-change:``s3``: The S3 LISTObjects, ListObjectsV2 and ListObjectVersions API now supports a
new optional header x-amz-optional-object-attributes. If header contains RestoreStatus as the
value, then S3 will include Glacier restore status i.e. isRestoreInProgress and RestoreExpiryDate
in List response.
* api-change:``sagemaker``: This release adds support for Model Cards Model Registry integration.
- from version 1.29.162
* bugfix:Parsers: Fixes datetime parse error handling for out-of-range and negative timestamps
(`#2564 <https://github.com/boto/botocore/issues/2564>`__).
* api-change:``appfabric``: Initial release of AWS AppFabric for connecting SaaS applications for
better productivity and security.
* api-change:``appflow``: This release adds support to bypass SSO with the SAPOData connector when
connecting to an SAP instance.
* api-change:``emr-serverless``: This release adds support to update the release label of an EMR
Serverless application to upgrade it to a different version of Amazon EMR via UpdateApplication API.
* api-change:``ivs``: IVS customers can now revoke the viewer session associated with an auth
token, to prevent and stop playback using that token.
* api-change:``kinesisvideo``: General Availability (GA) release of Kinesis Video Streams at Edge,
enabling customers to provide a configuration for the Kinesis Video Streams EdgeAgent running on an
on-premise IoT device. Customers can now locally record from cameras and stream videos to the cloud
on a configured schedule.
* api-change:``macie2``: This release adds support for configuring new classification jobs to use
the set of managed data identifiers that we recommend for jobs. For the managed data identifier
selection type (managedDataIdentifierSelector), specify RECOMMENDED.
* api-change:``privatenetworks``: This release allows Private5G customers to choose different
commitment plans (60-days, 1-year, 3-years) when placing new orders, enables automatic renewal
option for 1-year and 3-years commitments. It also allows customers to update the commitment plan
of an existing radio unit.
* api-change:``sagemaker-featurestore-runtime``: Introducing TTL for online store records for
feature groups.
* api-change:``sagemaker``: Introducing TTL for online store records in feature groups.
* api-change:``ssm``: Systems Manager doc-only update for June 2023.
* api-change:``verifiedpermissions``: This update fixes several broken links to the Cedar
documentation.
- from version 1.29.161
* api-change:``connect``: This release provides a way to search for existing tags within an
instance. Before tagging a resource, ensure consistency by searching for pre-existing key:value
pairs.
* api-change:``glue``: Timestamp Starting Position For Kinesis and Kafka Data Sources in a Glue
Streaming Job
* api-change:``guardduty``: Add support for user.extra.sessionName in Kubernetes Audit Logs
Findings.
* api-change:``iam``: Support for a new API "GetMFADevice" to present MFA device metadata such as
device certifications
* api-change:``pinpoint``: Added time zone estimation support for journeys
- from version 1.29.160
* api-change:``devops-guru``: This release adds support for encryption via customer managed keys.
* api-change:``fsx``: Update to Amazon FSx documentation.
* api-change:``rds``: Documentation improvements for create, describe, and modify DB clusters and
DB instances.
* api-change:``verifiedpermissions``: Added improved descriptions and new code samples to SDK
documentation.
- from version 1.29.159
* api-change:``chime-sdk-identity``: AppInstanceBots can be configured to be invoked or not using
the Target or the CHIME.mentions attribute for ChannelMessages
* api-change:``chime-sdk-messaging``: ChannelMessages can be made visible to sender and intended
recipient rather than all channel members with the target attribute. For example, a user can send
messages to a bot and receive messages back in a group channel without other members seeing them.
* api-change:``kendra``: Introducing Amazon Kendra Retrieve API that can be used to retrieve
relevant passages or text excerpts given an input query.
* api-change:``stepfunctions``: Update stepfunctions client to latest version
- from version 1.29.158
* api-change:``dynamodb``: Documentation updates for DynamoDB
* api-change:``emr``: Update emr client to latest version
* api-change:``inspector2``: This release adds support for Software Bill of Materials (SBOM) export
and the general availability of code scanning for AWS Lambda functions.
* api-change:``mediaconvert``: This release introduces the bandwidth reduction filter for the HEVC
encoder, increases the limits of outputs per job, and updates support for the Nagra SDK to version
- from version 1.14.7.
* api-change:``mq``: The Cross Region Disaster Recovery feature allows to replicate a brokers state
from one region to another in order to provide customers with multi-region resiliency in the event
of a regional outage.
* api-change:``sagemaker``: This release provides support in SageMaker for output files in training
jobs to be uploaded without compression and enable customer to deploy uncompressed model from S3 to
real-time inference Endpoints. In addition, ml.trn1n.32xlarge is added to supported instance type
list in training job.
* api-change:``transfer``: This release adds a new parameter StructuredLogDestinations to
CreateServer, UpdateServer APIs.
- from version 1.29.157
* api-change:``appflow``: This release adds new API to reset connector metadata cache
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in May 2023.
* api-change:``ec2``: Adds support for targeting Dedicated Host allocations by assetIds in AWS
Outposts
* api-change:``lambda``: This release adds RecursiveInvocationException to the Invoke API and
InvokeWithResponseStream API.
* api-change:``redshift``: Added support for custom domain names for Redshift Provisioned clusters.
This feature enables customers to create a custom domain name and use ACM to generate fully secure
connections to it.
- from version 1.29.156
* api-change:``cloudformation``: Specify desired CloudFormation behavior in the event of ChangeSet
execution failure using the CreateChangeSet OnStackFailure parameter
* api-change:``ec2``: API changes to AWS Verified Access to include data from trust providers in
logs
* api-change:``ecs``: Documentation only update to address various tickets.
* api-change:``glue``: This release adds support for creating cross region table/database resource
links
* api-change:``pricing``: This release updates the PriceListArn regex pattern.
* api-change:``route53domains``: Update MaxItems upper bound to 1000 for ListPricesRequest
* api-change:``sagemaker``: Amazon Sagemaker Autopilot releases CreateAutoMLJobV2 and
DescribeAutoMLJobV2 for Autopilot customers with ImageClassification, TextClassification and
Tabular problem type config support.
- from version 1.29.155
* api-change:``account``: Improve pagination support for ListRegions
* api-change:``connect``: Updates the *InstanceStorageConfig APIs to support a new ResourceType:
SCREEN_RECORDINGS to enable screen recording and specify the storage configurations for publishing
the recordings. Also updates DescribeInstance and ListInstances APIs to include InstanceAccessUrl
attribute in the API response.
* api-change:``discovery``: Add Amazon EC2 instance recommendations export
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``s3``: This release adds SDK support for request-payer request header and
request-charged response header in the "GetBucketAccelerateConfiguration", "ListMultipartUploads",
"ListObjects", "ListObjectsV2" and "ListObjectVersions" S3 APIs.
- from version 1.29.154
* api-change:``auditmanager``: This release introduces 2 Audit Manager features: CSV exports and
new manual evidence options. You can now export your evidence finder results in CSV format. In
addition, you can now add manual evidence to a control by entering free-form text or uploading a
file from your browser.
* api-change:``efs``: Update efs client to latest version
* api-change:``guardduty``: Updated descriptions for some APIs.
* api-change:``location``: Amazon Location Service adds categories to places, including filtering
on those categories in searches. Also, you can now add metadata properties to your geofences.
- Add _constraints to avoid OOM in %check
- Update 1.29.153:
* api-change:``cloudtrail``: This feature allows users to view dashboards for CloudTrail Lake event
data stores.
* api-change:``codeguru-security``: Initial release of Amazon CodeGuru Security APIs
* api-change:``drs``: Added APIs to support network replication and recovery using AWS Elastic
Disaster Recovery.
* api-change:``ec2``: This release introduces a new feature, EC2 Instance Connect Endpoint, that
enables you to connect to a resource over TCP, without requiring the resource to have a public IPv4
address.
* api-change:``imagebuilder``: Change the Image Builder ImagePipeline dateNextRun field to more
accurately describe the data.
* api-change:``lightsail``: This release adds pagination for the Get Certificates API operation.
* api-change:``s3``: Integrate double encryption feature to SDKs.
* api-change:``securityhub``: Add support for Security Hub Automation Rules
* api-change:``simspaceweaver``: This release fixes using aws-us-gov ARNs in API calls and adds
documentation for snapshot APIs.
* api-change:``verifiedpermissions``: GA release of Amazon Verified Permissions.
* api-change:``wafv2``: You can now detect and block fraudulent account creation attempts with the
new AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group
AWSManagedRulesACFPRuleSet.
* api-change:``wellarchitected``: AWS Well-Architected now supports Profiles that help customers
prioritize which questions to focus on first by providing a list of prioritized questions that are
better aligned with their business goals and outcomes.
- from version 1.29.152
* api-change:``amplifyuibuilder``: AWS Amplify UIBuilder is launching Codegen UI, a new feature
that enables you to generate your amplify uibuilder components and forms.
* api-change:``dynamodb``: Documentation updates for DynamoDB
* api-change:``dynamodbstreams``: Update dynamodbstreams client to latest version
* api-change:``fsx``: Amazon FSx for NetApp ONTAP now supports joining a storage virtual machine
(SVM) to Active Directory after the SVM has been created.
* api-change:``opensearch``: This release adds support for SkipUnavailable connection property for
cross cluster search
* api-change:``rekognition``: This release adds support for improved accuracy with user vector in
Amazon Rekognition Face Search. Adds new APIs: AssociateFaces, CreateUser, DeleteUser,
DisassociateFaces, ListUsers, SearchUsers, SearchUsersByImage. Also adds new face metadata that can
be stored: user vector.
* api-change:``sagemaker``: Sagemaker Neo now supports compilation for inferentia2 (ML_INF2) and
Trainium1 (ML_TRN1) as available targets. With these devices, you can run your workloads at highest
performance with lowest cost. inferentia2 (ML_INF2) is available in CMH and Trainium1 (ML_TRN1) is
available in IAD currently
- from version 1.29.151
* api-change:``acm-pca``: Document-only update to refresh CLI documentation for AWS Private CA. No
change to the service.
* api-change:``connect``: This release adds search APIs for Prompts, Quick Connects and Hours of
Operations, which can be used to search for those resources within a Connect Instance.
- from version 1.29.150
* api-change:``athena``: You can now define custom spark properties at start of the session for use
cases like cluster encryption, table formats, and general Spark tuning.
* api-change:``comprehendmedical``: This release supports a new set of entities and traits.
* api-change:``payment-cryptography-data``: Initial release of AWS Payment Cryptography DataPlane
Plane service for performing cryptographic operations typically used during card payment processing.
* api-change:``payment-cryptography``: Initial release of AWS Payment Cryptography Control Plane
service for creating and managing cryptographic keys used during card payment processing.
* api-change:``servicecatalog``: New parameter added in ServiceCatalog DescribeProvisioningArtifact
api - IncludeProvisioningArtifactParameters. This parameter can be used to return information about
the parameters used to provision the product
* api-change:``timestream-write``: This release adds the capability for customers to define how
their data should be partitioned, optimizing for certain access patterns. This definition will take
place as a part of the table creation.
- from version 1.29.149
* api-change:``cloudformation``: AWS CloudFormation StackSets is updating the deployment experience
for all stackset operations to skip suspended AWS accounts during deployments. StackSets will skip
target AWS accounts that are suspended and set the Detailed Status of the corresponding stack
instances as SKIPPED_SUSPENDED_ACCOUNT
* api-change:``customer-profiles``: This release introduces event stream related APIs.
* api-change:``directconnect``: This update corrects the jumbo frames mtu values from 9100 to 8500
for transit virtual interfaces.
* api-change:``emr-containers``: EMR on EKS adds support for log rotation of Spark container logs
with EMR-6.11.0 onwards, to the StartJobRun API.
* api-change:``iotdeviceadvisor``: AWS IoT Core Device Advisor now supports new Qualification Suite
test case list. With this update, customers can more easily create new qualification test suite
with an empty rootGroup input.
* api-change:``logs``: This change adds support for account level data protection policies using 3
new APIs, PutAccountPolicy, DeleteAccountPolicy and DescribeAccountPolicy. DescribeLogGroup API has
been modified to indicate if account level policy is applied to the LogGroup via
"inheritedProperties" list in the response.
- from version 1.29.148
* api-change:``connect``: GetMetricDataV2 API is now available in AWS GovCloud(US) region.
* api-change:``emr``: Update emr client to latest version
* api-change:``iam``: This release updates the AccountAlias regex pattern with the same length
restrictions enforced by the length constraint.
* api-change:``inspector2``: Adds new response properties and request parameters for 'last scanned
at' on the ListCoverage operation. This feature allows you to search and view the date of which
your resources were last scanned by Inspector.
* api-change:``iot-data``: Update thing shadow name regex to allow '$' character
* api-change:``iot``: Adding IoT Device Management Software Package Catalog APIs to register,
store, and report system software packages, along with their versions and metadata in a centralized
location.
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``quicksight``: QuickSight support for pivot table field collapse state, radar chart
range scale and multiple scope options in conditional formatting.
* api-change:``signer``: AWS Signer is launching Container Image Signing, a new feature that
enables you to sign and verify container images. This feature enables you to validate that only
container images you approve are used in your enterprise.
* api-change:``sqs``: Amazon SQS adds three new APIs - StartMessageMoveTask, CancelMessageMoveTask,
and ListMessageMoveTasks to automate redriving messages from dead-letter queues to source queues or
a custom destination.
- from version 1.29.147
* api-change:``cloudformation``: AWS CloudFormation StackSets provides customers with three new
APIs to activate, deactivate, and describe AWS Organizations trusted access which is needed to get
started with service-managed StackSets.
* api-change:``ec2``: Making InstanceTagAttribute as the required parameter for the
DeregisterInstanceEventNotificationAttributes and RegisterInstanceEventNotificationAttributes APIs.
* api-change:``finspace``: Releasing new Managed kdb Insights APIs
* api-change:``frauddetector``: Added new variable types, new DateTime data type, and new rules
engine functions for interacting and working with DateTime data types.
* api-change:``keyspaces``: This release adds support for MRR GA launch, and includes multiregion
support in create-keyspace, get-keyspace, and list-keyspace.
* api-change:``kms``: This release includes feature to import customer's asymmetric (RSA and ECC)
and HMAC keys into KMS. It also includes feature to allow customers to specify number of days to
schedule a KMS key deletion as a policy condition key.
* api-change:``lambda``: Add Ruby 3.2 (ruby3.2) Runtime support to AWS Lambda.
* api-change:``mwaa``: This release adds ROLLING_BACK and CREATING_SNAPSHOT environment statuses
for Amazon MWAA environments.
- from version 1.29.146
* api-change:``athena``: This release introduces the DeleteCapacityReservation API and the ability
to manage capacity reservations using CloudFormation
* api-change:``cloudtrail``: This feature allows users to start and stop event ingestion on a
CloudTrail Lake event data store.
* api-change:``sagemaker``: This release adds Selective Execution feature that allows SageMaker
Pipelines users to run selected steps in a pipeline.
* api-change:``wafv2``: Added APIs to describe managed products. The APIs retrieve information
about rule groups that are managed by AWS and by AWS Marketplace sellers.
- from version 1.29.145
* api-change:``alexaforbusiness``: Alexa for Business has been deprecated and is no longer
supported.
* api-change:``appflow``: Added ability to select DataTransferApiType for DescribeConnector and
CreateFlow requests when using Async supported connectors. Added supportedDataTransferType to
DescribeConnector/DescribeConnectors/ListConnector response.
* api-change:``customer-profiles``: This release introduces calculated attribute related APIs.
* api-change:``ivs``: API Update for IVS Advanced Channel type
* api-change:``sagemaker``: Amazon Sagemaker Autopilot adds support for Parquet file input to NLP
text classification jobs.
* api-change:``wafv2``: Corrected the information for the header order FieldToMatch setting
- update to 1.29.144:
* see https://raw.githubusercontent.com/boto/botocore/1.29.144/CHANGELOG.rst
- use vendored urllib3/requests to avoid conflicts with
urllib3 2.x and requests
- Update 1.29.130:
* api-change:``glue``: Support large worker types G.4x and G.8x for Glue Spark
* api-change:``guardduty``: Add AccessDeniedException 403 Error message code to support 3 Tagging
related APIs
* api-change:``iotsitewise``: Provide support for 20,000 max results for
GetAssetPropertyValueHistory/BatchGetAssetPropertyValueHistory and 15 minute aggregate resolution
for GetAssetPropertyAggregates/BatchGetAssetPropertyAggregates
* api-change:``sts``: Documentation updates for AWS Security Token Service.
- from version 1.29.129
* api-change:``ec2``: This release adds support the inf2 and trn1n instances. inf2 instances are
purpose built for deep learning inference while trn1n instances are powered by AWS Trainium
accelerators and they build on the capabilities of Trainium-powered trn1 instances.
* api-change:``inspector2``: Amazon Inspector now allows customers to search its vulnerability
intelligence database if any of the Inspector scanning types are activated.
* api-change:``mediatailor``: This release adds support for AFTER_LIVE_EDGE mode configuration for
avail suppression, and adding a fill-policy setting that sets the avail suppression to
PARTIAL_AVAIL or FULL_AVAIL_ONLY when AFTER_LIVE_EDGE is enabled.
* api-change:``sqs``: Revert previous SQS protocol change.
- from version 1.29.128
* bugfix:``sqs``: Rolled back recent change to wire format protocol
- from version 1.29.127
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config
in April 2023.
* api-change:``connect``: Remove unused InvalidParameterException from CreateParticipant API
* api-change:``ecs``: Documentation update for new error type NamespaceNotFoundException for
CreateCluster and UpdateCluster
* api-change:``network-firewall``: This release adds support for the Suricata REJECT option in
midstream exception configurations.
* api-change:``opensearch``: DescribeDomainNodes: A new API that provides configuration information
for nodes part of the domain
* api-change:``quicksight``: Add support for Topic, Dataset parameters and VPC
* api-change:``rekognition``: This release adds a new attribute FaceOccluded. Additionally, you can
now select attributes individually (e.g. ["DEFAULT", "FACE_OCCLUDED", "AGE_RANGE"] instead of
["ALL"]), which can reduce response time.
* api-change:``s3``: Documentation updates for Amazon S3
* api-change:``sagemaker``: We added support for ml.inf2 and ml.trn1 family of instances on Amazon
SageMaker for deploying machine learning (ML) models for Real-time and Asynchronous inference. You
can use these instances to achieve high performance at a low cost for generative artificial
intelligence (AI) models.
* api-change:``securityhub``: Add support for Finding History.
* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol.
- from version 1.29.126
* api-change:``appsync``: Private API support for AWS AppSync. With Private APIs, you can now
create GraphQL APIs that can only be accessed from your Amazon Virtual Private Cloud ("VPC").
* api-change:``ec2``: Adds an SDK paginator for GetNetworkInsightsAccessScopeAnalysisFindings
* api-change:``inspector2``: This feature provides deep inspection for linux based instance
* api-change:``iottwinmaker``: This release adds a field for GetScene API to return error code and
message from dependency services.
* api-change:``network-firewall``: AWS Network Firewall now supports policy level HOME_NET variable
overrides.
* api-change:``opensearch``: Amazon OpenSearch Service adds the option to deploy a domain across
multiple Availability Zones, with each AZ containing a complete copy of data and with nodes in one
AZ acting as a standby. This option provides 99.99% availability and consistent performance in the
event of infrastructure failure.
* api-change:``wellarchitected``: This release deepens integration with AWS Service Catalog
AppRegistry to improve workload resource discovery.
- update to 1.29.125:
* api-change:``appflow``: This release adds new API to cancel
flow executions.
* api-change:``connect``: Amazon Connect Service Rules API update:
Added OnContactEvaluationSubmit event source to support user
configuring evaluation form rules.
* api-change:``ecs``: Documentation only update to address Amazon
ECS tickets.
* api-change:``kendra``: AWS Kendra now supports configuring
document fields/attributes via the GetQuerySuggestions API.
You can now base query suggestions on the contents of document
fields.
* api-change:``resiliencehub``: This release will improve resource
level transparency in applications by discovering previously
hidden resources.
* api-change:``sagemaker``: Amazon Sagemaker Autopilot supports
training models with sample weights and additional objective
metrics.
* api-change:``compute-optimizer``: support for tag filtering within
compute optimizer. ability to filter recommendation results by tag
and tag key value pairs. ability to filter by inferred workload
type added.
* api-change:``kms``: This release makes the NitroEnclave request
parameter Recipient and the response field for CiphertextForRecipient
available in AWS SDKs. It also adds the regex pattern for
CloudHsmClusterId validation.
* api-change:``appflow``: Adds Jwt Support for Salesforce Credentials.
* api-change:``athena``: You can now use capacity reservations on
Amazon Athena to run SQL queries on fully-managed compute capacity.
* api-change:``directconnect``: This release corrects the jumbo frames
MTU from 9100 to 8500.
* api-change:``efs``: Update efs client to latest version
* api-change:``grafana``: This release adds support for the
grafanaVersion parameter in CreateWorkspace.
* api-change:``iot``: This release allows AWS IoT Core users to
specify a TLS security policy when creating and updating AWS IoT
Domain Configurations.
* api-change:``rekognition``: Added support for aggregating moderation
labels by video segment timestamps for Stored Video Content Moderation
APIs and added additional information about the job to all Stored
Video Get API responses.
* api-change:``simspaceweaver``: Added a new CreateSnapshot API. For
the StartSimulation API, SchemaS3Location is now optional, added
a new SnapshotS3Location parameter. For the DescribeSimulation
API, added SNAPSHOT_IN_PROGRESS simulation state, deprecated
SchemaError, added new fields: StartError and SnapshotS3Location.
* api-change:``wafv2``: You can now associate a web ACL with a
Verified Access instance.
* api-change:``workspaces``: Added Windows 11 to support
Microsoft_Office_2019
* api-change:``ec2``: This release adds support for AMD SEV-SNP on EC2
instances.
* api-change:``emr-containers``: This release adds
GetManagedEndpointSessionCredentials, a new API that allows customers to
generate an auth token to connect to a managed endpoint, enabling features
such as self-hosted Jupyter notebooks for EMR on EKS.
* api-change:``guardduty``: Added API support to initiate on-demand malware
scan on specific resources.
* api-change:``iotdeviceadvisor``: AWS IoT Core Device Advisor now supports
MQTT over WebSocket. With this update, customers can run all three test
suites of AWS IoT Core Device Advisor - qualification, custom, and long
duration tests - using Signature Version 4 for MQTT over WebSocket.
* api-change:``kafka``: Amazon MSK has added new APIs that allows
multi-VPC private connectivity and cluster policy support for
Amazon MSK clusters that simplify connectivity and access between
your Apache Kafka clients hosted in different VPCs and AWS accounts
and your Amazon MSK clusters.
* api-change:``lambda``: Add Java 17 (java17) support to AWS Lambda
* api-change:``marketplace-catalog``: Enabled Pagination for List
Entities and List Change Sets operations
* api-change:``osis``: Documentation updates for OpenSearch Ingestion
* api-change:``qldb``: Documentation updates for Amazon QLDB
* api-change:``sagemaker``: Added ml.p4d.24xlarge and ml.p4de.24xlarge
as supported instances for SageMaker Studio
* api-change:``xray``: Updated X-Ray documentation with Resource Policy API descriptions.
* api-change:``osis``: Initial release for OpenSearch Ingestion
* api-change:``chime-sdk-messaging``: Remove non actionable field
from UpdateChannelReadMarker and DeleteChannelRequest.
Add precise exceptions to DeleteChannel and
DeleteStreamingConfigurations error cases.
* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API
release including ability to manage forms and to submit contact
evaluations.
* api-change:``datasync``: This release adds 13 new APIs to support
AWS DataSync Discovery GA.
* api-change:``ds``: New field added in AWS Managed Microsoft AD
DescribeSettings response and regex pattern update for
UpdateSettings value. Added length validation to RemoteDomainName.
* api-change:``pinpoint``: Adds support for journey runs and
querying journey execution metrics based on journey runs.
Adds execution metrics to campaign activities. Updates docs
for Advanced Quiet Time.
* api-change:``appflow``: Increased the max length for RefreshToken
and AuthCode from 2048 to 4096.
* api-change:``codecatalyst``: Documentation updates for Amazon
CodeCatalyst.
* api-change:``ec2``: API changes to AWS Verified Access related to
identity providers' information.
* api-change:``mediaconvert``: This release introduces a noise
reduction pre-filter, linear interpolation deinterlace mode,
video pass-through, updated default job settings, and expanded
LC-AAC Stereo audio bitrate ranges.
* api-change:``rekognition``: Added new status result to Liveness
session status.
* api-change:``connect``: This release adds a new API CreateParticipant.
For Amazon Connect Chat, you can use this new API to customize
chat flow experiences.
* api-change:``ecs``: Documentation update to address various
Amazon ECS tickets.
* api-change:``fms``: AWS Firewall Manager adds support for multiple
administrators. You can now delegate more than one administrator
per organization.
* api-change:``chime-sdk-media-pipelines``: This release adds support
for specifying the recording file format in an S3 recording sink
configuration.
* api-change:``chime-sdk-meetings``: Adds support for Hindi and Thai
languages and additional Amazon Transcribe parameters to the
StartMeetingTranscription API.
* api-change:``chime``: Adds support for Hindi and Thai languages
and additional Amazon Transcribe parameters to the
StartMeetingTranscription API.
* api-change:``gamelift``: Amazon GameLift supports creating Builds
for Windows 2016 operating system.
* api-change:``guardduty``: This release adds support for the new
Lambda Protection feature.
* api-change:``iot``: Support additional OTA states in
GetOTAUpdate API
* api-change:``sagemaker``: Amazon SageMaker Canvas adds
ModelRegisterSettings support for CanvasAppSettings.
* api-change:``snowball``: Adds support for Amazon S3 compatible
storage. AWS Snow Family customers can now use Amazon S3
compatible storage on Snowball Edge devices. Also adds
support for V3_5S. This is a refreshed AWS Snowball
Edge Storage Optimized device type with 210TB SSD (customer usable).
* api-change:``wafv2``: You can now create encrypted API keys to use
in a client application integration of the JavaScript
CAPTCHA API . You can also retrieve a list of your API keys
and the JavaScript application integration URL.
* api-change:``comprehend``: This release supports native document
models for custom classification, in addition to plain-text models.
You train native document models using documents (PDF, Word, images)
in their native format.
* api-change:``ecs``: This release supports the Account Setting
"TagResourceAuthorization" that allows for enhanced Tagging
security controls.
* api-change:``ram``: This release adds support for customer
managed permissions. Customer managed permissions enable customers
to author and manage tailored permissions for resources shared
using RAM.
* api-change:``rds``: Adds support for the ImageId parameter of
CreateCustomDBEngineVersion to RDS Custom for Oracle
* api-change:``s3``: Provides support for "Snow" Storage class.
* api-change:``s3control``: Provides support for overriding endpoint
when region is "snow". This will enable bucket APIs for Amazon S3
Compatible storage on Snow Family devices.
* api-change:``secretsmanager``: Documentation updates for Secrets Manager
- Update to 1.29.115
* api-change:``appflow``: This release adds a Client Token parameter to the following AppFlow APIs:
Create/Update Connector Profile, Create/Update Flow, Start Flow, Register Connector, Update
Connector Registration. The Client Token parameter allows idempotent operations for these APIs.
* api-change:``drs``: Changed existing APIs and added new APIs to support using an account-level
launch configuration template with AWS Elastic Disaster Recovery.
* api-change:``dynamodb``: Documentation updates for DynamoDB API
* api-change:``emr-serverless``: The GetJobRun API has been updated to include the job's billed
resource utilization. This utilization shows the aggregate vCPU, memory and storage that AWS has
billed for the job run. The billed resources include a 1-minute minimum usage for workers, plus
additional storage over 20 GB per worker.
* api-change:``internetmonitor``: This release includes a new configurable value,
TrafficPercentageToMonitor, which allows users to adjust the amount of traffic monitored by
percentage
* api-change:``iotwireless``: Supports the new feature of LoRaWAN roaming, allows to configure
MaxEirp for LoRaWAN gateway, and allows to configure PingSlotPeriod for LoRaWAN multicast group
* api-change:``lambda``: Add Python 3.10 (python3.10) support to AWS Lambda
- from version 1.29.114
* api-change:``ecs``: This release supports ephemeral storage for AWS Fargate Windows containers.
* api-change:``lambda``: This release adds SnapStart related exceptions to InvokeWithResponseStream
API. IAM access related documentation is also added for this API.
* api-change:``migration-hub-refactor-spaces``: Doc only update for Refactor Spaces environments
without network bridge feature.
* api-change:``rds``: This release adds support of modifying the engine mode of database clusters.
- from version 1.29.113
* api-change:``chime-sdk-voice``: This release adds tagging support for Voice Connectors and SIP
Media Applications
* api-change:``mediaconnect``: Gateway is a new feature of AWS Elemental MediaConnect. Gateway
allows the deployment of on-premises resources for the purpose of transporting live video to and
from the AWS Cloud.
- from version 1.29.112
* api-change:``groundstation``: AWS Ground Station Wideband DigIF GA Release
* api-change:``managedblockchain``: Removal of the Ropsten network. The Ethereum foundation ceased
support of Ropsten on December 31st, 2022..
- from version 1.29.111
* api-change:``ecr-public``: This release will allow using registry alias as registryId in
BatchDeleteImage request.
* api-change:``emr-serverless``: This release extends GetJobRun API to return job run timeout
(executionTimeoutMinutes) specified during StartJobRun call (or default timeout of 720 minutes if
none was specified).
* api-change:``events``: Update events client to latest version
* api-change:``iot-data``: This release adds support for MQTT5 user properties when calling the AWS
IoT GetRetainedMessage API
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body
inspection size is now 16 KB, and you can use the new association configuration to increase the
inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
- from version 1.29.110
* api-change:``connect``: This release adds the ability to configure an agent's routing profile to
receive contacts from multiple channels at the same time via extending the
UpdateRoutingProfileConcurrency, CreateRoutingProfile and DescribeRoutingProfile APIs.
* api-change:``ecs``: This release adds support for enabling FIPS compliance on Amazon ECS Fargate
tasks
* api-change:``marketplace-catalog``: Added three new APIs to support resource sharing:
GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added new OwnershipType field to
ListEntities request to let users filter on entities that are shared with them. Increased max page
size of ListEntities response from 20 to 50 results.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports conversion of 608
paint-on captions to pop-on captions for SCC sources.
* api-change:``omics``: Remove unexpected API changes.
* api-change:``rekognition``: This release adds support for Face Liveness APIs in Amazon
Rekognition. Updates UpdateStreamProcessor to return ResourceInUseException Exception. Minor
updates to API documentation.
- from version 1.29.109
* api-change:``dlm``: Updated timestamp format for GetLifecyclePolicy API
* api-change:``docdb``: This release adds a new parameter 'DBClusterParameterGroupName' to
'RestoreDBClusterFromSnapshot' API to associate the name of the DB cluster parameter group while
performing restore.
* api-change:``fsx``: Amazon FSx for Lustre now supports creating data repository associations on
Persistent_1 and Scratch_2 file systems.
* api-change:``lambda``: This release adds a new Lambda InvokeWithResponseStream API to support
streaming Lambda function responses. The release also adds a new InvokeMode parameter to Function
Url APIs to control whether the response will be streamed or buffered.
* api-change:``quicksight``: This release has two changes: adding the OR condition to tag-based RLS
rules in CreateDataSet and UpdateDataSet; adding RefreshSchedule and Incremental RefreshProperties
operations for users to programmatically configure SPICE dataset ingestions.
* api-change:``redshift-data``: Update documentation of API descriptions as needed in support of
temporary credentials with IAM identity.
* api-change:``servicecatalog``: Updates description for property
- from version 1.29.108
* api-change:``cloudformation``: Including UPDATE_COMPLETE as a failed status for DeleteStack
waiter.
* api-change:``greengrassv2``: Add support for SUCCEEDED value in coreDeviceExecutionStatus field.
Documentation updates for Greengrass V2.
* api-change:``proton``: This release adds support for the AWS Proton service sync feature. Service
sync enables managing an AWS Proton service (creating and updating instances) and all of it's
corresponding service instances from a Git repository.
* api-change:``rds``: Adds and updates the SDK examples
- from version 1.29.107
* api-change:``apprunner``: App Runner adds support for seven new vCPU and memory configurations.
* api-change:``config``: This release adds resourceType enums for types released in March 2023.
* api-change:``ecs``: This is a document only updated to add information about Amazon Elastic
Inference (EI).
* api-change:``identitystore``: Documentation updates for Identity Store CLI command reference.
* api-change:``ivs-realtime``: Fix ParticipantToken ExpirationTime format
* api-change:``network-firewall``: AWS Network Firewall now supports IPv6-only subnets.
* api-change:``servicecatalog``: removed incorrect product type value
* api-change:``vpc-lattice``: This release removes the entities in the API doc model package for
auth policies.
- from version 1.29.106
* api-change:``amplifyuibuilder``: Support StorageField and custom displays for data-bound options
in form builder. Support non-string operands for predicates in collections. Support choosing client
to get token from.
* api-change:``autoscaling``: Documentation updates for Amazon EC2 Auto Scaling
* api-change:``dataexchange``: This release updates the value of MaxResults.
* api-change:``ec2``: C6in, M6in, M6idn, R6in and R6idn bare metal instances are powered by 3rd
Generation Intel Xeon Scalable processors and offer up to 200 Gbps of network bandwidth.
* api-change:``elastic-inference``: Updated public documentation for the Describe and Tagging APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
* api-change:``sagemaker``: Amazon SageMaker Asynchronous Inference now allows customer's to
receive failure model responses in S3 and receive success/failure model responses in SNS
notifications.
* api-change:``wafv2``: This release rolls back association config feature for webACLs that protect
CloudFront protections.
- from version 1.29.105
* api-change:``glue``: Add support for database-level federation
* api-change:``lakeformation``: Add support for database-level federation
* api-change:``license-manager``: This release adds grant override options to the
CreateGrantVersion API. These options can be used to specify grant replacement behavior during
grant activation.
* api-change:``mwaa``: This Amazon MWAA release adds the ability to customize the Apache Airflow
environment by launching a shell script at startup. This shell script is hosted in your
environment's Amazon S3 bucket. Amazon MWAA runs the script before installing requirements and
initializing the Apache Airflow process.
* api-change:``servicecatalog``: This release introduces Service Catalog support for Terraform open
source. It enables 1. The notify* APIs to Service Catalog. These APIs are used by the terraform
engine to notify the result of the provisioning engine execution. 2. Adds a new
TERRAFORM_OPEN_SOURCE product type in CreateProduct API.
* api-change:``wafv2``: For web ACLs that protect CloudFront protections, the default request body
inspection size is now 16 KB, and you can use the new association configuration to increase the
inspection size further, up to 64 KB. Sizes over 16 KB can incur additional costs.
- from version 1.29.104
* api-change:``ec2``: Documentation updates for EC2 On Demand Capacity Reservations
* api-change:``internetmonitor``: This release adds a new feature for Amazon CloudWatch Internet
Monitor that enables customers to deliver internet measurements to Amazon S3 buckets as well as
CloudWatch Logs.
* api-change:``resiliencehub``: Adding EKS related documentation for appTemplateBody
* api-change:``s3``: Documentation updates for Amazon S3
* api-change:``sagemaker-featurestore-runtime``: In this release, you can now chose between soft
delete and hard delete when calling the DeleteRecord API, so you have more flexibility when it
comes to managing online store data.
* api-change:``sms``: Deprecating AWS Server Migration Service.
- from version 1.29.103
* api-change:``athena``: Make DefaultExecutorDpuSize and CoordinatorDpuSize fields optional in
StartSession
* api-change:``autoscaling``: Amazon EC2 Auto Scaling now supports Elastic Load Balancing traffic
sources with the AttachTrafficSources, DetachTrafficSources, and DescribeTrafficSources APIs. This
release also introduces a new activity status, "WaitingForConnectionDraining", for VPC Lattice to
the DescribeScalingActivities API.
* api-change:``batch``: This feature allows Batch on EKS to support configuration of Pod Labels
through Metadata for Batch on EKS Jobs.
* api-change:``compute-optimizer``: This release adds support for HDD EBS volume types and io2
Block Express. We are also adding support for 61 new instance types and instances that have non
consecutive runtime.
* api-change:``drs``: Adding a field to the replication configuration APIs to support the auto
replicate new disks feature. We also deprecated RetryDataReplication.
* api-change:``ec2``: This release adds support for Tunnel Endpoint Lifecycle control, a new
feature that provides Site-to-Site VPN customers with better visibility and control of their VPN
tunnel maintenance updates.
* api-change:``emr``: Update emr client to latest version
* api-change:``glue``: This release adds support for AWS Glue Data Quality, which helps you
evaluate and monitor the quality of your data and includes the API for creating, deleting, or
updating data quality rulesets, runs and evaluations.
* api-change:``guardduty``: Added EKS Runtime Monitoring feature support to existing detector,
finding APIs and introducing new Coverage APIs
* api-change:``imagebuilder``: Adds support for new image workflow details and image vulnerability
detection.
* api-change:``ivs``: Amazon Interactive Video Service (IVS) now offers customers the ability to
configure IVS channels to allow insecure RTMP ingest.
* api-change:``kendra``: AWS Kendra now supports featured results for a query.
* api-change:``network-firewall``: AWS Network Firewall added TLS inspection configurations to
allow TLS traffic inspection.
* api-change:``sagemaker-geospatial``: Amazon SageMaker geospatial capabilities now supports
server-side encryption with customer managed KMS key and SageMaker notebooks with a SageMaker
geospatial image in a Amazon SageMaker Domain with VPC only mode.
* api-change:``vpc-lattice``: General Availability (GA) release of Amazon VPC Lattice
* api-change:``wellarchitected``: AWS Well-Architected SDK now supports getting consolidated report
metrics and generating a consolidated report PDF.
- from version 1.29.102
* api-change:``opensearchserverless``: This release includes two new exception types
"ServiceQuotaExceededException" and "OcuLimitExceededException".
* api-change:``rds``: Add support for creating a read replica DB instance from a Multi-AZ DB
cluster.
- from version 1.29.101
* api-change:``iot-data``: Add endpoint ruleset support for cn-north-1.
* api-change:``ssm-contacts``: This release adds 12 new APIs as part of Oncall Schedule feature
release, adds support for a new contact type: ONCALL_SCHEDULE. Check public documentation for AWS
ssm-contacts for more information
* api-change:``ssm-incidents``: Increased maximum length of "TriggerDetails.rawData" to 10K
characters and "IncidentSummary" to 8K characters.
- from version 1.29.100
* api-change:``athena``: Enforces a minimal level of encryption for the workgroup for query and
calculation results that are written to Amazon S3. When enabled, workgroup users can set encryption
only to the minimum level set by the administrator or higher when they submit queries.
* api-change:``chime-sdk-voice``: Documentation updates for Amazon Chime SDK Voice.
* api-change:``connect``: This release introduces support for RelatedContactId in the
StartChatContact API. Interactive message and interactive message response have been added to the
list of supported message content types for this API as well.
* api-change:``connectparticipant``: This release provides an update to the SendMessage API to
handle interactive message response content-types.
* api-change:``iotwireless``: Introducing new APIs that enable Sidewalk devices to communicate with
AWS IoT Core through Sidewalk gateways. This will empower AWS customers to connect Sidewalk devices
with other AWS IoT Services, creating possibilities for seamless integration and advanced device
management.
* api-change:``medialive``: AWS Elemental MediaLive now supports ID3 tag insertion for audio only
HLS output groups. AWS Elemental Link devices now support tagging.
* api-change:``sagemaker``: Fixed some improperly rendered links in SDK documentation.
* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for
AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
* api-change:``servicecatalog-appregistry``: In this release, we started supporting ARN in
applicationSpecifier and attributeGroupSpecifier. GetAttributeGroup, ListAttributeGroups and
ListAttributeGroupsForApplication APIs will now have CreatedBy field in the response.
* api-change:``voice-id``: Amazon Connect Voice ID now supports multiple fraudster watchlists.
Every domain has a default watchlist where all existing fraudsters are placed by default. Custom
watchlists may now be created, managed, and evaluated against for known fraudster detection.
- from version 1.29.99
* api-change:``cloudwatch``: Update cloudwatch client to latest version
* api-change:``comprehend``: This release adds a new field (FlywheelArn) to the
EntitiesDetectionJobProperties object. The FlywheelArn field is returned in the
DescribeEntitiesDetectionJob and ListEntitiesDetectionJobs responses when the EntitiesDetection job
is started with a FlywheelArn instead of an EntityRecognizerArn .
* api-change:``rds``: Added error code CreateCustomDBEngineVersionFault for when the create custom
engine version for Custom engines fails.
- from version 1.29.98
* api-change:``batch``: This feature allows Batch to support configuration of ephemeral storage
size for jobs running on FARGATE
* api-change:``chime-sdk-identity``: AppInstanceBots can be used to add a bot powered by Amazon Lex
to chat channels. ExpirationSettings provides automatic resource deletion for AppInstanceUsers.
* api-change:``chime-sdk-media-pipelines``: This release adds Amazon Chime SDK call analytics. Call
analytics include voice analytics, which provides speaker search and voice tone analysis. These
capabilities can be used with Amazon Transcribe and Transcribe Call Analytics to generate
machine-learning-powered insights from real-time audio.
* api-change:``chime-sdk-messaging``: ExpirationSettings provides automatic resource deletion for
Channels.
* api-change:``chime-sdk-voice``: This release adds Amazon Chime SDK call analytics. Call analytics
include voice analytics, which provides speaker search and voice tone analysis. These capabilities
can be used with Amazon Transcribe and Transcribe Call Analytics to generate
machine-learning-powered insights from real-time audio.
* api-change:``codeartifact``: Repository CreationTime is added to the CreateRepository and
ListRepositories API responses.
* api-change:``guardduty``: Adds AutoEnableOrganizationMembers attribute to
DescribeOrganizationConfiguration and UpdateOrganizationConfiguration APIs.
* api-change:``ivs-realtime``: Initial release of the Amazon Interactive Video Service RealTime API.
* api-change:``mediaconvert``: AWS Elemental MediaConvert SDK now supports passthrough of ID3v2
tags for audio inputs to audio-only HLS outputs.
* api-change:``sagemaker``: Amazon SageMaker Autopilot adds two new APIs - CreateAutoMLJobV2 and
DescribeAutoMLJobV2. Amazon SageMaker Notebook Instances now supports the ml.geospatial.interactive
instance type.
* api-change:``servicediscovery``: Reverted the throttling exception RequestLimitExceeded for AWS
Cloud Map APIs introduced in SDK version 1.12.424 2023-03-09 to previous exception specified in the
ErrorCode.
* api-change:``textract``: The AnalyzeDocument - Tables feature adds support for new elements in
the API: table titles, footers, section titles, summary cells/tables, and table type.
- from version 1.29.97
* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
* api-change:``iottwinmaker``: This release adds support of adding metadata when creating a new
scene or updating an existing scene.
* api-change:``networkmanager``: This release includes an update to
create-transit-gateway-route-table-attachment, showing example usage for
TransitGatewayRouteTableArn.
* api-change:``pipes``: This release improves validation on the ARNs in the API model
* api-change:``resiliencehub``: This release provides customers with the ability to import
resources from within an EKS cluster and assess the resiliency of EKS cluster workloads.
* api-change:``ssm``: This Patch Manager release supports creating, updating, and deleting Patch
Baselines for AmazonLinux2023, AlmaLinux.
- from version 1.29.96
* api-change:``chime-sdk-messaging``: Amazon Chime SDK messaging customers can now manage streaming
configuration for messaging data for archival and analysis.
* api-change:``cleanrooms``: GA Release of AWS Clean Rooms, Added Tagging Functionality
* api-change:``ec2``: This release adds support for AWS Network Firewall, AWS PrivateLink, and
Gateway Load Balancers to Amazon VPC Reachability Analyzer, and it makes the path destination
optional as long as a destination address in the filter at source is provided.
* api-change:``iotsitewise``: Provide support for tagging of data streams and enabling tag based
authorization for property alias
* api-change:``mgn``: This release introduces the Import and export feature and expansion of the
post-launch actions
- from version 1.29.95
* api-change:``application-autoscaling``: With this release customers can now tag their Application
Auto Scaling registered targets with key-value pairs and manage IAM permissions for all the tagged
resources centrally.
* api-change:``neptune``: This release makes following few changes. db-cluster-identifier is now a
required parameter of create-db-instance. describe-db-cluster will now return PendingModifiedValues
and GlobalClusterIdentifier fields in the response.
* api-change:``s3outposts``: S3 On Outposts added support for endpoint status, and a failed
endpoint reason, if any
* api-change:``workdocs``: This release adds a new API, SearchResources, which enable users to
search through metadata and content of folders, documents, document versions and comments in a
WorkDocs site.
- from version 1.29.94
* api-change:``billingconductor``: This release adds a new filter to ListAccountAssociations API
and a new filter to ListBillingGroups API.
* api-change:``config``: This release adds resourceType enums for types released from October 2022
through February 2023.
* api-change:``dms``: S3 setting to create AWS Glue Data Catalog. Oracle setting to control
conversion of timestamp column. Support for Kafka SASL Plain authentication. Setting to map boolean
from PostgreSQL to Redshift. SQL Server settings to force lob lookup on inline LOBs and to control
access of database logs.
- from version 1.29.93
* api-change:``guardduty``: Updated 9 APIs for feature enablement to reflect expansion of GuardDuty
to features. Added new APIs and updated existing APIs to support RDS Protection GA.
* api-change:``resource-explorer-2``: Documentation updates for APIs.
* api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
- from version 1.29.92
* api-change:``migrationhubstrategy``: This release adds the binary analysis that analyzes IIS
application DLLs on Windows and Java applications on Linux to provide anti-pattern report without
configuring access to the source code.
* api-change:``s3control``: Added support for S3 Object Lambda aliases.
* api-change:``securitylake``: Make Create/Get/ListSubscribers APIs return resource share ARN and
name so they can be used to validate the RAM resource share to accept. GetDatalake can be used to
track status of UpdateDatalake and DeleteDatalake requests.
- from version 1.29.91
* api-change:``application-autoscaling``: Application Auto Scaling customers can now use
mathematical functions to customize the metric used with Target Tracking policies within the policy
configuration itself, saving the cost and effort of publishing the customizations as a separate
metric.
* api-change:``dataexchange``: This release enables data providers to license direct access to S3
objects encrypted with Customer Managed Keys (CMK) in AWS KMS through AWS Data Exchange.
Subscribers can use these keys to decrypt, then use the encrypted S3 objects shared with them,
without creating or managing copies.
* api-change:``directconnect``: describe-direct-connect-gateway-associations includes a new status,
updating, indicating that the association is currently in-process of updating.
* api-change:``ec2``: This release adds a new DnsOptions key
(PrivateDnsOnlyForInboundResolverEndpoint) to CreateVpcEndpoint and ModifyVpcEndpoint APIs.
* api-change:``iam``: Documentation only updates to correct customer-reported issues
* api-change:``keyspaces``: Adding support for client-side timestamps
- from version 1.29.90
* api-change:``appintegrations``: Adds FileConfiguration to Amazon AppIntegrations
CreateDataIntegration supporting scheduled downloading of third party files into Amazon Connect
from sources such as Microsoft SharePoint.
* api-change:``lakeformation``: This release updates the documentation regarding Get/Update
DataCellsFilter
* api-change:``s3control``: Added support for cross-account Multi-Region Access Points. Added
support for S3 Replication for S3 on Outposts.
* api-change:``tnb``: This release adds tagging support to the following Network Instance APIs :
Instantiate, Update, Terminate.
* api-change:``wisdom``: This release extends Wisdom CreateKnowledgeBase API to support SharePoint
connector type by removing the @required trait for objectField
- python-six is not required
- python-colorama
-
- add sle15_python_module_pythons (jsc#PED-68)
- Make calling of %{sle15modernpython} optional.
- update to 0.4.6:
* https://github.com/tartley/colorama/pull/139 Add alternative to 'init()',
called 'just_fix_windows_console'. This fixes many longstanding problems
with 'init', such as working incorrectly on modern Windows terminals, and
wonkiness when init gets called multiple times. The intention is that it
just makes all Windows terminals treat ANSI the same way as other terminals
do. Many thanks the njsmith for fixing our messes.
* https://github.com/tartley/colorama/pull/352 Support Windows 10's ANSI/VT
console. This didn't exist when Colorama was created, and avoiding us
causing havok there is long overdue. Thanks to segeviner for the initial
approach, and to njsmith for getting it merged.
* https://github.com/tartley/colorama/pull/338 Internal overhaul of package
metadata declaration, which abolishes our use of the now heavily
discouraged setuptools (and hence setup.py, setup.cfg and MANIFEST.in), in
favor of hatchling (and hence pyproject.toml), generously contributed by
ofek (author of hatchling). This includes dropping support Python3.5 and
3.6, which are EOL, and were already dropped from setuptools, so this
should not affect our users.
* https://github.com/tartley/colorama/pull/353 Attention to detail award to
LqdBcnAtWork for a spelling fix in demo06
- update to 0.4.5:
* Catch a racy ValueError that could occur on exit.
* Create README-hacking.md, for Colorama contributors.
* Tweak some README unicode characters that don't render correctly on PyPI.
* Fix some tests that were failing on some operating systems.
* Add support for Python 3.9.
* Add support for PyPy3.
* Add support for pickling with the ``dill`` module.
- python-mock is actually not required for build
- python-docutils
-
- add sle15_python_module_pythons (jsc#PED-68)
- Update single spec from Factory
- Refactor pygments-2.14.patch to not use distutils.
- Delete sphix-6.0.0.patch
- Add pygments-2.14.patch
- The patch is related to pygments not Sphinx and the patch is updated to make
it conditional so it work with older versions of pygments, shp#docutils#201
- Add sphinx-6.0.0.patch to fix tests for new version of sphinx.
- Release 0.19 (2022-07-05)
- General
- Dropped support for Python 2.7, 3.5, and 3.6. and removed
compatibility hacks from code and tests.
- Code cleanup, check PEP 8 conformity with flake8
(exceptions in file tox.ini).
- New module. Support for python -m docutils. Also used for
the docutils console script entry point.
- Let Publisher.publish() print info and prompt
when waiting for input from a terminal (cf.
https://clig.dev/#interactivity).
- Respect "input_encoding_error_handler" setting when opening
a source.
- New function error_string() obsoletes
utils.error_reporting.ErrorString.
- Class ErrorOutput moved here from utils/error_reporting.
- Use "utf-8-sig" instead of Python's default encoding if the
"input_encoding" setting is None.
- Fix error when reading of UTF-16 encoded source without
trailing newline.
- Aliases "markdown" and "commonmark" point to
"commonmark_wrapper".
- Alias for the "myst" parser
(https://pypi.org/project/myst-docutils).
- Use absolute module names in _parser_aliases instead
of two import attempts. (Keeps details if the
recommonmark_wrapper.py module raises an ImportError.)
- Prepend parser name to ImportError if importing a parser
class fails.
- New module for parsing CommonMark input. Selects a
locally installed 3rd-party parser (pycmark, myst, or
recommonmark).
- Raise ImportError, if import of the upstream parser
module fails. If called from an "include" directive, the
system-message now has source/line info.
- Adapt to and test with "recommonmark" versions 0.6.0 and
0.7.1.
- Update PEP base URL (fixes bug #445), use "https:" scheme
in RFC base URL.
- Add reporter to Directive class attributes.
- parser_name() keeps details if converting ImportError to
ValueError.
- Don't use mutable default values for function
arguments. Fixes bug #430.
- Fix bug #435: invalid references in problematic nodes with
report_level=4.
- decode_path() returns str instance instead of
nodes.reprunicode.
- Add deprecation warning.
- Add "html writers" to config_section_dependencies. Fixes
bug #443.
- Write table column widths with 3 digits precision. Fixes
bug #444.
- Add space before "charset" meta tag closing sequence.
- Remove class value "controls" from an image node with video
content after converting it to a "control" attribute of the
<video> tag.
- Wrap groups of footnotes in an <aside> for easier styling.
- Use "https:" scheme in "python_home" URL default.
- Fix links in template.txt.
- New "docutils" console script entry point. Fixes bug #447.
- Always encode the log file "alltests.out" using 'utf-8'.
- exception_data() now returns None if no exception was
raised.
- recommonmark_wrapper only imported if upstream parser is
present.
- Fix bug #436: Null char valid in CSV since Python 3.11.
- Allow 3rd-party drop-in components for reader and parser,
too.
- Fix help output.
- Actual code moved to docutils.__main__.py.
- Options -h and --help print short usage message.
- Release 0.18.1 (2021-11-23)
- Node.traverse() returns a list again to restore backwards
compatibility. Fixes bug #431.
- New method Node.findall(): like Node.traverse() but returns
an iterator. Obsoletes Node.traverse().
- Fix behaviour of get_stylesheet_list(): do not look up
stylesheets given as "stylesheet" setting. Cf. bug #434.
- Fix handling of footnote_backlinks==False (report Alan G
Isaac).
- Fix typo (bug #432).
- Fix spurious output with Windows (bug #350).
- Fix a false positive (bug #434).
- Release 0.18 (2021-10-26)
- mark as provisional (will switch from using "optparse" to
"argparse").
- remove hack for the now obsolete "mod_python" Apache
module.
- new function get_default_settings()
- Don't change a list while looping over it (in
document.set_name_id_map()). Thanks to Mickey Endito.
- Test and update to work with recommonmark version
0.6.0. Still provisional.
- Unfortunately, recommonmark is no longer maintained.
- Fix bug #424 Wrong circular inclusion detection. Use a
"magic" comment instead of line numbers to keep a log of
recursive inclusions.
- Use a "magic" comment to update the log of recursive
inclusions.
- New option `image_loading`_. Support "lazy" loading of
images. Obsoletes "embed_images".
- Fix spelling of option "detailed".
- Read settings from standard configuration files.
- Release 0.18b1 (2021-10-05)
- The default value for the "auto_id_prefix" setting changed to
"%": auto-generated IDs use the tag name as prefix.
- Make meta a standard Docutils doctree node. Writers may
ignore "meta" nodes if they are not supported by the output
format.
- document.make_id(): Do not strip leading number and hyphen
characters from name if the id_prefix setting is non-empty.
- Node.traverse() returns an iterator instead of a list.
- Removed. (Meta directive moved to misc.py.)
- Meta directive class (moved from html.py) inserts meta
(instead of pending) nodes.
- Add class option to Raw directive.
- Unify behaviour of "widths" option: check that the length of
an integer list equals the number of table columns also for
the "table" directive.
- Fork from elyxer and remove code that is not required for
math conversion.
- Scale variable sized operators and big delimiters with CSS
- Support more commands, fix mapping of commands to Unicode
characters (cf. LaTeX syntax for mathematics).
- Fix bug #244 Wrong subscript/superscript order.
- Don't use <tt> element (deprecated in HTML5).
- Use STIX fonts if available.
- Fix source location (line number) for attribution
elements. Patch by Mickey Endito.
- Add line, source, and rawsource internal attributes for
blockquote elements. Patch by Mickey Endito.
- Skip system_messages when propagating targets. Fixes bug
[#425].
- Removed unique_combinations() (obsoleted by
itertools.combinations()).
- Major update (fixes and support for additional commands and
symbols). Fixes bug #407.
- Write footnote brackets and field term colons to HTML, so
that they are present also without CSS and when copying
text. Adapt minimal.css.
- Use semantic tags <aside> for footnote text, topics,
admonitions, and system-messages and <nav> for the table of
contents. Use <div> for citations.
- Only specify table column widths, if the "widths" option
is set and is not "auto" (fixes bug #426). The table_style
setting "colwidths-grid" restores the current default.
- Use ARIA roles to enable accessible HTML for abstract,
dedication, the table of contents, footnote, references,
footnotes, citations, and backlinks.
- Use "aria-level" attribute instead of invalid tags <h7>,
<h8>, ... for headings of deeply nested sections.
- Do not set classes "compound-first", "compound-middle",
or "compound-last" to elements nested in a compound. Use
class value "backrefs" instead of "fn-backref" for a span of
back-references.
- Do not write class values handled by the HTML writer
("colwidths-auto", "colwidths-given", "colwidths-grid") to
the output.
- Move space character between section number and heading into
"sectnum" span.
- Removed attribute HTMLTranslator.topic_classes
- Items of a definition list with class argument "details" are
converted to details disclosure elements.
- Overwrite methods in _html_base.HTMLTranslator that use
HTML5 tags (details, aside, nav, ...) and attributes (role,
aria-level).
- The setting legacy_class_functions now defaults to
"False". Adapt stylesheets modifying \DUadmonition and/or
\DUtitle.
- Apply patch #181 "Fix tocdepth when chapter/part in use" by
John Thorvald Wodder II.
- Fix newlines after/before ids_to_labels() (cf. patch #183).
- Refactor/revise ToC writing.
- Don't add \phantomsection to labels in math-blocks.
- Improve spacing and allow customization of Docutils-generated
table of contents.
- New algorithm for table column widths. Fixes bug #422. New
configuration setting legacy_column_widths.
- Table.set_table_style() arguments changed.
- Only write "continued on next page..." if it fits without
making the table columns wider.
- Table width option overrides conflicting "auto" column
widths.
- Fix excessive padding above sidebar titles.
- Fix option "detailed" under Python 2.7.
- Remove IE 6 compatibility workarounds iepngfix.htc and
blank.gif (fixes bug #169).
- Fix: double quotes need to be escaped on macro
invocation. Done everywhere.
- update to 0.17.1:
* Fix bug #406 (MathML translation of ``\mathbf``).
* Open "docutils.sty" with encoding set to "utf8".
* Provide fallbacks for parser config settings
to facilitate programmatic use.
* Installing with ``setup.py`` now requires ``setuptools``.
Alternatively, install with `pip`_ (or "manually").
* Use importlib.import_module() to programmatically import modules.
* Fix bug #385: Import of language modules.
* Arabic mappings by Shahin.
* Fixes in Korean translation by Shinjo Park.
* Fix error when copying `system_message` node
* Make the sidebar's "title" argument optional
* Make "meta" elements available for "latex" and "odt".
* Prevent infinite inclusion loops.
* Move non-essential styling to ``plain.css``.
* Support "captionbelow" class value for tables.
* Display code line numbers as pseudo-elements which are skipped
when copying text from code blocks. Solves feature request #32.
* Support numbered figures.
* New optional style that adapts to different screen sizes.
* Fix #394 fix missing new line after rubric.
* Patch #168 fix crashing on empty citation (by Takeshi KOMIYA).
* Fix #126 manpage title with spaces.
* Fix #380 commandline option problem in sphinx.
* Fix/improve metadata handling:
fix "keyword" splitting,
allow generic fields (stored as "Custom Properties").
__ docs/user/config.html#detailled
* Run python3 test like python2 against source not the build/-directory
* New generic command line front end that allows the free selection of
reader, parser, and writer components.
- remove pygments25.patch (upstream)
- In a world with more than one python 3 flavor, provide "docutils"
with the default python3 provider.
gh#openSUSE/python-rpm-macros#66
- Fix the condition to really generate the direct binaries
- Remove %python3_only and use full alternatives.
- Add patch to fix build with pygments 2.4 and newer:
* pygments25.patch
- Update to 0.16:
- Dropped support for Python 2.6, 3.3 and 3.4
- Docutils now supports Python 2.7 and Python 3.5+ natively
(without conversion by ``2to3``).
- Keep `backslash escapes`__ in the document tree. Backslash characters in
text are be represented by NULL characters in the ``text`` attribute of
Doctree nodes and removed in the writing stage by the node's
``astext()`` method.
- Remove merged patch fix_tests_38.patch
- Add fix_tests_38.patch to overcome failing
test_writers.test_odt.DocutilsOdtTestCase with Python 3.8.
Also, failed as shp#docutils#161.
- Skip the tests for the flavors not being built
- update to version 0.15.2
* Docutils 0.14.x is the last version supporting Python 2.4, 2.5,
3.1, and 3.2.
* reStructured text: Allow embedded colons in field list field
names (before, tokens like :this:example: were considered ordinary text).
* Fixed a bug with the "trim" options of the "unicode" directive.
- Add multibuild in order to avoid buildcycle with Pillow and friends
- Add optional build dependencies Pillow, Pygments and roman,
causing 16 additonal test methods to run
- Add Recommends for Pillow, Pygments and roman
- Use %license
- Simplify test invocation
- Remove unnecessary node BR
- Remove superfluous devel dependency for noarch package
- python-paramiko
-
- Update to 3.4.0: (CVE-2023-48795, bsc#1218168)
* Transport grew a new packetizer_class kwarg for overriding the
packet-handler class used internally.
* Address CVE 2023-48795 (aka the "Terrapin Attack", a vulnerability found
in the SSH protocol re: treatment of packet sequence numbers) as follows:
+ The vulnerability only impacts encrypt-then-MAC digest algorithms in
tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko
currently only implements hmac-sha2-(256|512)-etm in tandem with
AES-CBC.
+ As the fix for the vulnerability requires both ends of the connection
to cooperate, the below changes will only take effect when the remote
end is OpenSSH >= 9.6 (or equivalent, such as Paramiko in server mode,
as of this patch version) and configured to use the new
"strict kex" mode.
+ Paramiko will now raise an SSHException subclass (MessageOrderError)
when protocol messages are received in unexpected order. This includes
situations like receiving MSG_DEBUG or MSG_IGNORE during initial key
exchange, which are no longer allowed during strict mode.
+ Key (re)negotiation -- i.e. MSG_NEWKEYS, whenever it is encountered --
now resets packet sequence numbers. (This should be invisible to users
during normal operation, only causing exceptions if the exploit is
encountered, which will usually result in, again, MessageOrderError.)
+ Sequence number rollover will now raise SSHException if it occurs
during initial key exchange (regardless of strict mode status).
* Tweak ext-info-(c|s) detection during KEXINIT protocol phase; the
original implementation made assumptions based on an OpenSSH
implementation detail.
- Add patch use-64-bit-maxsize-everywhere.patch:
* Use the 64-bit value of sys.maxsize.
- refresh remove-icecream-dep.patch
- update to 3.3.1
detailed changelog: https://www.paramiko.org/changelog.html#
- Delete paramiko-pr1665-remove-pytest-relaxed.patch
- Add remove-icecream-dep.patch
- Update to 3.1.0:
* [Feature] #2173: Accept single tabs as field separators (in
addition to single spaces) in
<paramiko.hostkeys.HostKeyEntry.from_line> for parity with
OpenSSH’s KnownHosts parser. Patched by Alex Chavkin.
* [Feature] #2013: (solving #2009, plus others) Add an explicit
channel_timeout keyword argument to
paramiko.client.SSHClient.connect, allowing users to configure the
previously-hardcoded default value of 3600 seconds. Thanks to
@VakarisZ and @ilija-lazoroski for the report and patch, with
credit to Mike Salvatore for patch review.
* [Support] #2178: Apply codespell to the codebase, which found a
lot of very old minor spelling mistakes in docstrings. Also
modernize many instances of *largs vs *args and **kwarg vs
* *kwargs. Patch courtesy of Yaroslav Halchenko, with review from
Brian Skinn.
- 3.0.0:
* [Bug]: A handful of lower-level classes (notably
paramiko.message.Message and paramiko.pkey.PKey) previously
returned bytes objects from their implementation of __str__, even
under Python 3; and there was never any __bytes__ method.
* These issues have been fixed by renaming __str__ to __bytes__ and
relying on Python’s default “stringification returns the output of
__repr__” behavior re: any real attempts to str() such objects.
* [Bug] #2165: Streamline some redundant (and costly) byte
conversion calls in the packetizer and the core SFTP module. This
should lead to some SFTP speedups at the very least. Thanks to
Alex Gaynor for the patch.
* [Bug] #2110: Remove some unnecessary __repr__ calls when handling
bytes-vs-str conversions. This was apparently doing a lot of
unintentional data processing, which adds up in some use cases –
such as SFTP transfers, which may now be significantly faster.
Kudos to Shuhua Zhong for catch & patch.
* [Support]: Drop support for Python versions less than 3.6,
including Python 2. So long and thanks for all the fish!
* [Support]: Remove the now irrelevant paramiko.py3compat module.
* [Support]: paramiko.common.asbytes has been moved to
paramiko.util.asbytes.
* [Support]: PKey.__cmp__ has been removed. Ordering-oriented
comparison of key files is unlikely to have ever made sense (the
old implementation attempted to order by the hashes of the key
material) and so we have not bothered setting up __lt__ and
friends at this time. The class continues to have its original
__eq__ untouched.
* [Support]: The behavior of private key classes’ (ie anything
inheriting from PKey) private key writing methods used to perform
a manual, extra chmod call after writing. This hasn’t been
strictly necessary since the mid 2.x release line (when key
writing started giving the mode argument to os.open), and has now
been removed entirely.
* This should only be observable if you were mocking Paramiko’s
system calls during your own testing, or similar.
* [Support] #732: (also re: #630) SSHConfig used to straight-up
delete the proxycommand key from config lookup results when the
source config said ProxyCommand none. This has been altered to
preserve the key and give it the Python value None, thus making
the Python representation more in line with the source config
file.
* [Support]: paramiko.util.retry_on_signal (and any internal uses of
same, and also any internal retries of EINTR on eg socket
operations) has been removed. As of Python 3.5, per PEP 475, this
functionality (and retrying EINTR generally) is now part of the
standard library.
- python-rsa
-
- add sle15_python_module_pythons (jsc#PED-68)
- python-s3transfer
-
- Drop Provides for SLE 15 SP4 and openSUSE Leap 15.4 and later
- Switch to Python 3.11 build in SLE 15 SP4 and openSUSE Leap 15.4 and
later (jsc#PCT-371).
- Switch to wheel build
- Update to 0.10.0
* feature:``s3``: Added CRT support for S3 Express One Zone
- From 0.9.0
* feature:Python: End of support for Python 3.7
- Update 0.8.2
* bugfix:Subscribers: Added caching for Subscribers to improve
throughput by up to 24% in high volume transfer
- from version 0.8.1
* enhancement:``s3``: Added support for defaulting checksums
to CRC32 for s3express.
- from version 0.8.0
* enhancement:``crt``: Automatically configure CRC32 checksums for
uploads and checksum validation for downloads through the CRT
transfer manager.
* feature:``crt``: S3transfer now supports a wider range of CRT
functionality for uploads to improve throughput in the CLI/Boto3.
* enhancement:``Botocore``: S3Transfer now requires Botocore >=1.32.7
* enhancement:``crt``: Update ``target_throughput`` defaults. If not
configured, s3transfer will use the AWS CRT to attempt to determine
a recommended target throughput to use based on the system. If there
is no recommended throughput, s3transfer now falls back to ten
gigabits per second.
* enhancement:``crt``: Add support for uploading and downloading file-like
objects using CRT transfer manager. It supports both seekable and
non-seekable file-like objects.
- Update BuildRequires and Requires from setup.py
- Update to 0.7.0
* feature:``SSE-C``: Pass SSECustomer* arguments to
CompleteMultipartUpload for upload operations
- Update to 0.6.2
* enhancement:Python: Added provisional Python 3.12
support to s3transfer
- Update to 0.6.1
* bugfix:copy: Added support for ``ChecksumAlgorithm``
when uploading copy data in parts
- drop no-bundled-packages.patch to allow unpinning urllib3
boo#1211830
- pin to urllib3 1.x
- rubygem-sass
-
- updated to version 3.7.4
no changelog found
- updated to version 3.7.3
no changelog found
- updated to version 3.7.2
no changelog found
- updated to version 3.6.0
no changelog found
- updated to version 3.5.7
no changelog found
- updated to version 3.5.6
no changelog found
- updated to version 3.5.5
no changelog found
- runc
-
[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.13. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.12>.
- Rebase patches:
* 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
* 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
* 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Backport <https://github.com/opencontainers/runc/pull/3931> to fix a
performance issue when running lots of containers, caused by system getting
too many mount notifications. bsc#1214960
+ 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch
- scap-security-guide
-
- updated to 0.1.73 (jsc#ECO-3319)
- CMP 2417: Implement PCI-DSS v4.0 outline for OpenShift (#11651)
- Update all RHEL ANSSI BP028 profiles to be aligned with configuration recommendations version 2.0
- Generate rule references from control files (#11540)
- Initial implementation of STIG V1R1 profile for Ubuntu 22.04 LTS (#11820)
- updated to 0.1.72 (jsc#ECO-3319)
- ANSSI BP 028 profile for debian12 (#11368)
- Building on Windows (#11406)
- Control for BSI APP.4.4 (#11342)
- update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
- various fixes to SLE profiles
- add openeuler to -redhat package
- removed ssg-fix-journald.patch: fixed upstream
- 000release-packages:sle-ha-release
-
n/a
- 000release-packages:sle-module-basesystem-release
-
n/a
- 000release-packages:sle-module-containers-release
-
n/a
- 000release-packages:sle-module-desktop-applications-release
-
n/a
- 000release-packages:sle-module-development-tools-release
-
n/a
- 000release-packages:sle-module-public-cloud-release
-
n/a
- 000release-packages:sle-module-sap-applications-release
-
n/a
- 000release-packages:sle-module-server-applications-release
-
n/a
- socat
-
- Update to 1.8.0.0:
* Support for network namespaces (option netns)
* TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
* Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
* New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
* New script socat-mux.sh allows n-to-1 / 1-to-n communications
* New script socat-broker.sh allows group communications
* Experimental socks5 client feature
* Address ACCEPT-FD for systemd "inetd" mode
* UDP-Lite and DCCP address types
* Addresses SOCKETPAIR and SHELL
* New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
* New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
* Simple statistics output with Socat option --statistics and with SIGUSR1
* A couple of new options, many fixes and corrections, see file CHANGES
- Drop socat-common-fixes.patch (no longer necessary)
- Refactor socat-ignore-tests-failure-boo1078346.patch (test suite no longer exits at this stage)
- Add socat-test-dhparam fixture (reduce build load and time)
- Add socat-test-without-tty.patch for testing without tty.
- Note: This version introduces "socat1", linking to "socat"
- Note: This version introduces additional shell scripts, those are shipped in a new "socat-extra" subpackage
- Update to 1.7.4.4:
* FIX: In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
* FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
arrived.
* FIX: a couple of weaknesses and errors when accessing invalid or
incompatible file system entries with UNIX domain, file, and generic
addresses.
* FIX: bad parser error message on "socat /tmp/x\"x/x -"
- Drop socat-fix-asan-error.patch
- Use autosetup
- Add socat-fix-asan-error.patch that is offered to upstream
and that fixes an ASAN error seen for 'test 313 NESTEDOVFL'.
- update to 1.7.4.3:
* fixes the TCP_INFO issue that broke building on non-Linux platforms.
* building on AIX works again.
* A few more corrections and improvements have been added
- Update to version 1.7.4.2:
* Fixes a lot of bugs, e.g., for options -r and -R.
* Further bugfixes, see the CHANGES file
- update to 1.7.4.1:
Security:
* Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based buffer
overflow, assuming the attacker could provide this parameter.
* Many further bugfixes and new features, see the CHANGES file
- Update to version 1.7.3.4:
* bugfix release, see the CHANGES file for all changes
- Refresh patches:
* socat-common-fixes.patch
* socat-ignore-tests-failure-boo1078346.patch
- socat-common-fixes.patch: include tcpd.h where needed to fix
- fno-common bsc#1160293
- Update to version 1.7.3.3:
* bugfix release, see the CHANGES file for all changes
- Drop patch:
* socat-openssl-1.1-tests.patch (not longer needed)
- Run spec-cleaner
- Replace old variables by modern counterparts.
- We HAVE_SSLv23_*_method, just not as functions, but macros
add the relevant defines in the command line so support for
autonegotiation of the highest TLS version is restored.
- supportutils
-
- Changes in version 3.1.30
+ Added -V key:value pair option (bsc#1222021, PED-8211)
+ Avoid getting duplicate kernel verifications in boot.text (pr#193)
+ Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082)
+ Includes container log timestamps (pr#197)
- suse-build-key
-
- added missing ; in shell script (bsc#1227681)
- Added new keys of the SLE Micro 6.0 / SLES 16 series, and auto import
them. (bsc#1227429)
gpg-pubkey-09d9ea69-645b99ce.asc: Main SLE Micro 6/SLES 16 key
gpg-pubkey-73f03759-626bd414.asc: Backup SLE Micro 6/SLES 16 key.
- suse-module-tools
-
- Update to version 15.5.5:
* Include unblacklist in initramfs (bsc#1224320)
* regenerate-initrd-posttrans: run update-bootloader --refresh for XEN
(bsc#1223278)
* 60-io-scheduler.rules: test for "scheduler" sysfs attribute (boo#1216717)
- systemd-presets-branding-SLE
-
- Enable sysctl-logger (jsc#PED-5024)
- tpm2.0-tools
-
- Add 0001-tpm2_checkquote-Fix-check-of-magic-number.patch: tpm2_checkquote
did not check whether the magic number in the attest is equal to
TPM2_GENERATED_VALUE, which might allow a malicious actor to generate
arbitrary quote data, undetected by tpm2_checkquote (bsc#1223687, CVE-2024-29038).
- Add 0001-tpm2_checkquote-Add-comparison-of-pcr-selection.patch:
tpm2_checkquote did not compare the --pcr parameter passed to the tool with
the attest. A malicious actor might thus be able to fake a valid
attestation (bsc#1223689, CVE-2024-29039).
- util-linux-systemd
-
- lscpu: Add more ARM cores (bsc#1223605,
util-linux-lscpu-add-more-ARM-cores-1.patch,
util-linux-lscpu-add-more-ARM-cores-2.patch,
util-linux-lscpu-add-more-ARM-cores-3.patch,
util-linux-lscpu-add-more-ARM-cores-4.patch,
util-linux-lscpu-add-more-ARM-cores-5.patch,
util-linux-lscpu-add-more-ARM-cores-6.patch).
- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609,
util-linux-chcpu-document-zVM-limitations.patch).
- bsc#1220117: Processes not cleaned up after failed SSH session are using up 100% CPU
+ util-linux-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch
- wget
-
- Fix mishandled semicolons in the userinfo subcomponent could lead to an
insecure behavior in which data that was supposed to be in the userinfo
subcomponent is misinterpreted to be part of the host subcomponent.
[bsc#1226419, CVE-2024-38428, properly-re-implement-userinfo-parsing.patch]
- wicked
-
- Update to version 0.6.76
- compat-suse: warn user and create missing parent config of
infiniband children (gh#openSUSE/wicked#1027)
- client: fix origin in loaded xml-config with obsolete port
references but missing port interface config, causing a
no-carrier of master (bsc#1226125)
- ipv6: fix setup on ipv6.disable=1 kernel cmdline (bsc#1225976)
- wireless: add frequency-list in station mode (jsc#PED-8715)
- client: fix crash while hierarchy traversing due to loop in
e.g. systemd-nspawn containers (bsc#1226664)
- man: add supported bonding options to ifcfg-bonding(5) man page
(gh#openSUSE/wicked#1021)
- arputil: Document minimal interval for getopts (gh#openSUSE/wicked#1019)
- man: (re)generate man pages from md sources (gh#openSUSE/wicked#1018)
- client: warn on interface wait time reached (gh#openSUSE/wicked#1017)
- compat-suse: fix dummy type detection from ifname to not cause
conflicts with e.g. correct vlan config on dummy0.42 interfaces
(gh#openSUSE/wicked#1016)
- compat-suse: fix infiniband and infiniband child type detection
from ifname (gh#openSUSE/wicked#1015)
- Removed patches included in the source archive:
[- 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
[- 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- arp: increase arp-send retry value to avoid address configuration
failure due to ENOBUF reported by kernel while duplicate address
detection with underlying bonding in 802.3ad mode reporting link
"up & running" too early (bsc#1218668, gh#openSUSE/wicked#1020,
gh#openSUSE/wicked#1022).
[+ 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- client: fix ifreload to pull UP ports/links again when the config
of their master/lower changed (bsc#1224100,gh#openSUSE/wicked#1014).
[+ 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
- Update to version 0.6.75:
- cleanup: fix ni_fsm_state_t enum-int-mismatch warnings
- cleanup: fix overflow warnings in a socket testcase on i586
- ifcheck: report new and deleted configs as changed (bsc#1218926)
- man: improve ARP configuration options in the wicked-config.5
- bond: add ports when master is UP to avoid port MTU revert (bsc#1219108)
- cleanup: fix interface dependencies and shutdown order (bsc#1205604)
- Remove port arrays from bond,team,bridge,ovs-bridge (redundant)
and consistently use config and state info attached to the port
interface as in rtnetlink(7).
- Cleanup ifcfg parsing, schema configuration and service properties
- Migrate ports in xml config and policies already applied in nanny
- Remove "missed config" generation from finite state machine, which
is completed while parsing the config or while xml config migration.
- Issue a warning when "lower" interface (e.g. eth0) config is missed
while parsing config depending on it (e.g. eth0.42 vlan).
- Resolve ovs master to the effective bridge in config and wickedd
- Implement netif-check-state require checks using system relations
from wickedd/kernel instead of config relations for ifdown and add
linkDown and deleteDevice checks to all master and lower references.
- Add a `wicked <ifup|ifdown|ifreload> --dry-run …` option to show the
system/config interface hierarchies as notice with +/- marked
interfaces to setup and/or shutdown.
- Removed patches included in the source archive:
[- 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
[- 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
[- 0003-move-all-attribute-definitions-to-compiler-h.patch]
[- 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
[- 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
- xen
-
- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
guest IRQ handling (XSA-458)
xsa458.patch
- bsc#1214718 - The system hangs intermittently when Power Control
Mode is set to Minimum Power on SLES15SP5 Xen
6666ba52-x86-irq-remove-offline-CPUs-from-old-CPU-mask-when.patch
666994ab-x86-SMP-no-shorthand-IPI-in-hotplug.patch
666994f0-x86-IRQ-limit-interrupt-movement-in-fixup_irqs.patch
66718849-x86-IRQ-old_cpu_mask-in-fixup_irqs.patch
6671885e-x86-IRQ-handle-moving-in-_assign_irq_vector.patch
6673ffdc-x86-IRQ-forward-pending-to-new-dest-in-fixup_irqs.patch
- Upstream bug fixes (bsc#1027519)
6646031f-x86-ucode-further-identify-already-up-to-date.patch
666b07ee-x86-EPT-special-page-in-epte_get_entry_emt.patch
666b0819-x86-EPT-avoid-marking-np-ents-for-reconfig.patch
666b085a-x86-EPT-drop-questionable-mfn_valid-from-.patch
667187cc-x86-Intel-unlock-CPUID-earlier.patch
6672c846-x86-xstate-initialisation-of-XSS-cache.patch
6672c847-x86-CPUID-XSAVE-dynamic-leaves.patch
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
6617d62c-x86-hvm-Misra-Rule-19-1-regression.patch
- Upstream bug fixes (bsc#1027519)
6627a4ee-vRTC-UIP-set-for-longer-than-expected.patch
6627a5fc-x86-MTRR-inverted-WC-check.patch
662a6a4c-x86-spec-reporting-of-BHB-clearing.patch
662a6a8d-x86-spec-adjust-logic-to-elide-LFENCE.patch
663090fd-x86-gen-cpuid-syntax.patch
663a383c-libxs-open-xenbus-fds-as-O_CLOEXEC.patch
663a4f3e-x86-cpu-policy-migration-IceLake-to-CascadeLake.patch
663d05b5-x86-ucode-distinguish-up-to-date.patch
663eaa27-libxl-XenStore-error-handling-in-device-creation.patch
66450626-sched-set-all-sched_resource-data-inside-locked.patch
66450627-x86-respect-mapcache_domain_init-failing.patch
- xfsprogs
-
- xfs_copy: don't use cached buffer reads until after libxfs_mount
(bsc#1227150)
- Add xfsprogs-xfs_copy-don-t-use-cached-buffer-reads-until-after-l.patch
- xkbcomp
-
- U_Ignore-xkb_keycodes.maximum-of-255.patch
* fix keyboard layouts in XWayland applications when having
several keyboard layouts enabled (boo#1219505)
- yast2-country
-
- Rename Europe/Kiev to Europe/Kyiv as per 2022b release of
tz code and data by ICANN (bsc#1224387)
- 4.5.6
- yast2-iscsi-client
-
- Don't leak passwords to the log (bsc#1225432)
- 4.5.9
- yast2
-
- Properly close nested progress callbacks (bsc#1223281)
- 4.5.27
- yast2-registration
-
- Ensure add_on_others in autoyast profile are added (bsc#1223301)
- 4.5.10
- zypper
-
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- BuildRequires: libzypp-devel >= 17.33.0.
- Delay zypp lock until command options are parsed (bsc#1223766)
- version 1.14.73
- Unify message format(fixes #485)
- version 1.14.72
- switch cmake build type to RelWithDebInfo
- modernize spec file (remove Authors section, use proper macros,
remove redundant clean section, don't mark man pages as doc)
- switch to -O2 -fvisibility=hidden -fpie:
* PIC is not needed as no shared lib is built
* fstack-protector-strong is default on modern dists and would
be downgraded by fstack-protector
* default visibility hidden allows better optimisation
* O2 is reducing inlining bloat
- > 18% reduced binary size
- remove procps requires (was only for ZMD which is dropped)
(jsc#PED-8153)