- bind
-
- Limit additional section processing for large RDATA sets.
When answering queries, don’t add data to the additional
section if the answer has more than 13 names in the RDATA. This
limits the number of lookups into the database(s) during a
single client query, reducing the query-processing load.
(CVE-2024-11187)
[bsc#1236596, bind-9.16-CVE-2024-11187.patch]
- curl
-
- Security fix: [bsc#1236590, CVE-2025-0725]
* content_encoding: drop support for zlib before 1.2.0.4
* content_encoding: put the decomp buffers into the writer structs
* Add curl-CVE-2025-0725.patch
- Security fix: [bsc#1236588, CVE-2025-0167]
* netrc: 'default' with no credentials is not a match
* Add curl-CVE-2025-0167.patch
- google-guest-configs
-
- Add ggc-no-dup-metasrv-entry.patch
+ Follow up to (bsc#1234289, bsc#1234293). Avoid duplicate entries for
the metadata server in /etc/hosts
- Update to version 20241205.00 (bsc#1234254, bsc#1234255)
* Update google_set_multiqueue to configure
vCPU ranges based on VM platform (#90)
- from version 20241204.00
* Restore google_set_multiqueue changes for A3Ultra (#93)
* Depend on networkd-dispatcher in Ubuntu (#94)
- Include components to set hostname and /etc/hosts entries (bsc#1234289, bsc#1234293)
* Add sysconfig and sysconfig-network to BuildRequires
* Install google_set_hostname into %{_bindir}
* Install google_up.sh into %{_sysconfdir}/sysconfig/network/scripts/
* Add code to add and remove POST_UP_SCRIPT="compat:suse:google_up.sh"
to /etc/sysconfig/network/ifcfg-eth0 in %post and %postun sections
- google-osconfig-agent
-
- Update to version 20250115.01 (bsc#1236406, bsc#1236407)
* Bump cloud.google.com/go/osconfig from 1.14.2 to 1.14.3 (#772)
- from version 20250115.00
* Bump cloud.google.com/go/auth from 0.10.2 to 0.14.0 (#767)
* Bump go.opentelemetry.io/otel from 1.32.0 to 1.33.0 (#771)
* Bump google.golang.org/protobuf from 1.35.1 to 1.36.2 (#763)
- from version 20250114.00
* Bump golang.org/x/time from 0.8.0 to 0.9.0 (#770)
- from version 20250113.01
* Bump cloud.google.com/go/auth/oauth2adapt from 0.2.5 to 0.2.7 (#766)
- from version 20250113.00
* Bump golang.org/x/net from 0.31.0 to 0.34.0 (#769)
- from version 20250110.00
* Bump golang.org/x/crypto from 0.29.0 to 0.31.0 in the go_modules group (#760)
* Bump cloud.google.com/go/longrunning from 0.6.2 to 0.6.3 (#744)
- from version 20241218.00
* Scanners fixes (#720)
* Bump cloud.google.com/go/storage from 1.46.0 to 1.47.0 (#736)
* Bump go.opentelemetry.io/contrib/detectors/gcp from 1.29.0 to 1.32.0 (#730)
* Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#738)
* Bump golang.org/x/net from 0.30.0 to 0.31.0 (#731)
- from version 20241118.01
* Bump github.com/googleapis/gax-go/v2 from 2.13.0 to 2.14.0 (#737)
- from version 20241118.00
* move example to appropriate directory (#740)
- from version 20241115.00
* Replace sles-15-sp3-sap old deprecated image in e2e tests (#739)
* Bump golang.org/x/time from 0.7.0 to 0.8.0 (#734)
- from version 20241114.03
* Bump github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp (#735)
- from version 20241114.02
* Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc (#729)
- from version 20241114.01
* Remove SLES-15-SP2-SAP from e2e tests and add the new SLES-15-SP6 (#733)
* Bump golang.org/x/crypto from 0.28.0 to 0.29.0 (#728)
* Bump go.opentelemetry.io/otel/sdk/metric from 1.30.0 to 1.32.0 (#727)
- from version 20241114.00
* Add example to run exec script from the gcs bucket (#732)
* Bump cel.dev/expr from 0.16.1 to 0.18.0 (#723)
- from version 20241112.00
* Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (#722)
* Bump github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric (#721)
* Bump google.golang.org/grpc from 1.67.1 to 1.68.0 (#725)
* Bump github.com/golang/glog from 1.2.2 to 1.2.3 (#715)
* Bump google.golang.org/api from 0.203.0 to 0.205.0 (#716)
- from version 20241107.01
* Bump github.com/envoyproxy/go-control-plane from 0.13.0 to 0.13.1 (#717)
* Bump github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping (#718)
* Bump cloud.google.com/go/auth from 0.10.0 to 0.10.1 (#719)
- from version 20241107.00
* Bump cloud.google.com/go/logging from 1.11.0 to 1.12.0 (#709)
* Bump cloud.google.com/go/iam from 1.2.1 to 1.2.2 (#710)
* Bump cloud.google.com/go/storage from 1.43.0 to 1.46.0 (#713)
* Bump cloud.google.com/go/osconfig from 1.14.1 to 1.14.2 (#708)
* Bump cloud.google.com/go/auth/oauth2adapt from 0.2.4 to 0.2.5 (#712)
- from version 20241106.00
* Update OWNERS (#714)
- from version 20241029.01
* remove toolchain override (#706)
* Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#701)
- from version 20241029.00
* Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc (#702)
- from version 20241028.00
* Bump cloud.google.com/go/longrunning from 0.6.0 to 0.6.2 (#705)
- from version 20241017.00
* Add a new CloudBuild trigger config-file for auto updating the
presubmit test container image on every new commit (#704)
- from version 20241004.00
* Add new packagebuild presubmit that will use cloud-build (#694)
- from version 20240927.00
* Third batch of dependencies upgrade (#690)
- Bump the golang compiler version to 1.22.4 (bsc#1225974, CVE-2024-24790)
- krb5
-
- Prevent overflow when calculating ulog block size. An authenticated
attacker can cause kadmind to write beyond the end of the mapped
region for the iprop log file, likely causing a process crash;
(CVE-2025-24528); (bsc#1236619).
- Add patch 0012-Prevent-overflow-when-calculating-ulog-block-size.patch
- openssl-1_1
-
- Security fix: [bsc#1236136, CVE-2024-13176]
* timing side-channel in the ECDSA signature computation
* Add openssl-CVE-2024-13176.patch
- libxml2
-
- security update
- added patches
fix CVE-2022-49043 [bsc#1236460], use-after-free in xmlXIncludeAddNode
+ libxml2-CVE-2022-49043.patch
- libzypp
-
- Create '.keep_packages' in the package cache dir to enforce
keeping downloaded packages of all repos cahed there (bsc#1232458)
- version 17.35.19 (35)
- Fix missing UID checks in repomanager workflow (fixes #603)
- version 17.35.18 (35)
- Move cmake config files to LIB_INSTALL_DIR/cmake/Zypp (fixes #28)
- Fix 'zypper ps' when running in incus container (bsc#1229106)
Should apply to lxc and lxd containers as well.
- Re-enable 'rpm --runposttrans' usage for chrooted systems
(bsc#1216091)
- version 17.35.17 (35)
- python-instance-billing-flavor-check
-
- Version 0.1.2 (bsc#1234444)
+ Improve detection of IPv4 and IPv6 network setup and use appropriate
IP version for access the update servers
+ Improve reliability of flavor detection. Try an update server multiple
times to get an answer, if we hit timeouts return the value flavor
value from a cahce file.
- Version 0.1.1 (bsc#1235991, bsc#1235992)
+ Add time stamp to log
- From version 0.1.0
+ Doc improvements clarifying exit staus codes
- 000release-packages:sle-module-basesystem-release
-
n/a
- 000release-packages:sle-module-containers-release
-
n/a
- 000release-packages:sle-module-public-cloud-release
-
n/a
- 000release-packages:sle-module-server-applications-release
-
n/a
- wget
-
- If wget for an http URL is redirected to a different site (hostname
parts of URLs differ), then any "Authenticate" and "Cookie" header
entries are discarded.
[bsc#1185551, wget-do-not-propagate-credentials.patch,
bsc#1230795, CVE-2021-31879]
- zypper
-
- lr: show the repositories keep-packages flag (bsc#1232458)
It is shown in the details view or by using -k,--keep-packages.
In addition libyzpp supports to enforce keeping downloaded
packages of all repos within a package cache by creating a
'.keep_packages' file there.
- version 1.14.81
- Try to refresh update repos first to have updated GPG keys on
the fly (bsc#1234752)
An update repo may contain a prolonged GPG key for the GA repo.
Refreshing the update repo first updates a trusted key on the fly
and avoids a 'key has expired' warning being issued when
refreshing the GA repo.
- Refresh: restore legacy behavior and suppress Exception
reporting as non-root (bsc#1235636)
- version 1.14.80