sles-15-sp6-sapcal-v20250609-x86-64 Package Source Changes

cloud-netconfig

- Update to version 1.15
  + Add support for creating IPv6 default route in GCE (bsc#1240869)
  + Minor fix when looking up IPv6 default route

google-guest-agent

- Update to version 20250506.01 (bsc#1243254, bsc#1243505)
  * Make sure agent added connections are activated by NM (#534)
- from version 20250506.00
  * wrap NSS cache refresh in a goroutine (#533)
- from version 20250502.01
  * Wicked: Only reload interfaces for which configurations are written or changed. (#524)
- from version 20250502.00
  * Add AuthorizedKeysCompat to windows packaging (#530)
  * Remove error messages from gce_workload_cert_refresh and metadata script runner (#527)
  * Update guest-logging-go dependency (#526)
  * Add 'created-by' metadata, and pass it as option to logging library (#508)
  * Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523)
  * Re-enable disabled services if the core plugin was enabled (#522)
  * Enable guest services on package upgrade (#519)
  * oslogin: Correctly handle newlines at the end of modified files (#520)
  * Fix core plugin path (#518)
  * Fix package build issues (#517)
  * Fix dependencies ran go mod tidy -v (#515)
  * Fix debian build path (#514)
  * Bundle compat metadata script runner binary in package (#513)
  * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
  * Update startup/shutdown services to launch compat manager (#503)
  * Bundle new gce metadata script runner binary in agent package (#502)
  * Revert "Revert bundling new binaries in the package (#509)" (#511)
- from version 20250418.00
  * Re-enable disabled services if the core plugin was enabled (#521)
- from version 20250414.00
  * Add AuthorizedKeysCompat to windows packaging (#530)
  * Remove error messages from gce_workload_cert_refresh and metadata script runner (#527)
  * Update guest-logging-go dependency (#526)
  * Add 'created-by' metadata, and pass it as option to logging library (#508)
  * Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523)
  * Re-enable disabled services if the core plugin was enabled (#522)
  * Enable guest services on package upgrade (#519)
  * oslogin: Correctly handle newlines at the end of modified files (#520)
  * Fix core plugin path (#518)
  * Fix package build issues (#517)
  * Fix dependencies ran go mod tidy -v (#515)
  * Fix debian build path (#514)
  * Bundle compat metadata script runner binary in package (#513)
  * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
  * Update startup/shutdown services to launch compat manager (#503)
  * Bundle new gce metadata script runner binary in agent package (#502)
  * Revert "Revert bundling new binaries in the package (#509)" (#511)

iputils

- Security fix [bsc#1242300, CVE-2025-47268]
  * integer overflow in RTT calculation can lead to undefined behavior
  * Add iputils-CVE-2025-47268.patch

java-1_8_0-ibm

- Update to Java 8.0 Service Refresh 8 Fix Pack 45:
  * Oracle April 15 2025 CPU [bsc#1242208]
  - [bsc#1241274, CVE-2025-21587] Unauthorized access, deletion
    or modification of critical data
  - [bsc#1241275, CVE-2025-30691] Compiler Unauthorized Data Access
  - [bsc#1241276, CVE-2025-30698] Unauthorized data access and DoS
  * IBM Security Update May 2025:
  - [bsc#1243429, CVE-2025-4447] Buffer Overflow in Eclipse OpenJ9
  * Security:
  - Avoid memory leak during aes cipher initialization operations
    for IBMJCEPlus and IBMJCEPlusProviders provider.
  - Changing the default of the com.ibm.security.spnego.msinterop
    property from true to false.
  - Deserializing a com.ibm.crypto.provider.rsaprivatecrtkey object
    causes a java.io.invalidobjectexception to be thrown.
  - Failed to read private key from a JKS keystore, specified as
    JCEKS keystore.
  - Fix security vulnerability CVE-2025-21587.
  - HTTPS channel binding support.
  - Keytool listing PKCS12 keystore issue.
  - On Linux systems, use gcc11.2 to compile IBM PKCS11 library.
  - Support has been added to the IBM Java XMLDSigRI security provider
    for the EdDSA (Edwards-curve Digital Signature Algorithm).
  - Updates to XDH Key Agreement, AESGCM Algorithms in IBMJCEPlus
    and IBMJCEPlusFIPS providers.
  * Class Libraries:
  - Fix security vulnerability CVE-2025-30698
  - Update timezone information to the latest tzdata2025a
  * Java Virtual Machine:
  - A SIGSEGV/GPF event received while processing verifyerror.
  - Crash while resolving MethodHandleNatives
  - Fix security vulnerability CVE-2025-4447
  - NoSuchMethodException or NoClassDefFoundError when loading classes
  * JIT Compiler:
  - Assert in the JIT Compiler, badILOp
  - Reduced MD5 performance

krb5

- Remove references to the LMDB backend in the kdc.conf manpage;
  (bsc#1242060);

systemd

- Import commit a4100e9c74b0eafae18a13e9d1d988ebc8376c6a
  806c21e22b umount: do not move busy network mounts (bsc#1236177)

- Apply coredump sysctl settings on systemd-coredump updates/removals.

- Add 1003-journal-again-create-user-journals-for-users-with-hi.patch (bsc#1242938)
  Don't write messages sent from users with UID falling into the container UID
  range to the system journal. Daemons in the container don't talk to the
  outside journald as they talk to the inner one directly, which does its
  journal splitting based on shifted uids.

- Import commit 2f79a45369489b656be509a1517afcae4fe3ee20
  ebdfa3e44e man/pstore.conf: pstore.conf template is not always installed in /etc
  304ed20aab man: coredump.conf template is not always installed in /etc (bsc#1237496)

python3-setuptools

- Add patch CVE-2025-47273.patch to fix A path traversal
  vulnerability.
  (bsc#1243313, CVE-2025-47273, gh#pypa/setuptools@250a6d17978f)