- don't ignore CFLAGS when building snack (#1757093)

- iscsi: Fix login on firmware-discovered nodes (#2213193)
- tests: Extend iscsi method call timeouts (#2213715)

- Rebase to popt 1.18 (https://github.com/rpm-software-management/popt/releases/tag/popt-1.18-release)
- Update URLs to rebooted upstream
- Clean up ancient cruft from spec, use modern build macros

- Rebuild for BZ#1954441

- Introduce new fanotify record fields
Resolves: rhbz#2216668
- invalid use of flexible array member
Resolves: rhbz#2116867

- Resolves: rhbz#2186860

- parser_bison: Fix for broken compatibility with older dumps (Phil Sutter) [RHEL-2596]

- Resolves: #1743650 - Enable inbox support for sniffing offloaded RDMA traffic with tcpdump

- krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
- krb5: fix policy generator to account for macs
- docs: replace `FIPS 140-2` with just `FIPS 140`

- alternatives: --keep-foreign incorrectly handles non-existent files
- alternatives: isLink should return 0 in case of lstat error
- spec: Replace not working awk command with sed (#63)

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- rebuild for SLES ES platform

- Rebuilt again with z-stream target

- Fix CVE-2023-34969 (#2213400)

- temporarily provide attr/xattr.h symlink until users are migrated (#1601482)

- Rebase to 1.4.4
Resolvese: 1807452

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)

- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch

- rebuild for SLES ES platform

- Fix memleak with older GMP (RHEL-28957)

- Apply the previous change only on aarch64 to limit the risk of unwanted impact
- Resolves: #1992402

- Change bug tracker path

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- always write kernel policy when check_ext_changes is specified (#2129139)

- Latest upstream

- efibootmgr 16
- better coverity and clang-analyzer support
- better CI
- minor fixes

- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
- Multithreaded cleanup (bz 2112116)

- Update translations (#2124826)

- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch

- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939

- Add patch for rhbz#1867064

- Apply the previous change only on aarch64 to limit the risk of unwanted impact
- Resolves: #1992402

- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939

- pkttyagent gets stopped if killed in the background
- Resolves: rhbz#2128989

- Update to 2.2.0 (#1674201)
- Drop obsolete scriptlets

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- new upstream release 1.31

- Rebuild to kick process (no changes from previous build) [1624161]

- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939

- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939

- Security fix for CVE-2023-27043
Resolves: RHEL-5563

- Fix BZ #2187288

- Added gcc to build requirements

- Require Python with tarfile filters
Resolves: RHEL-25449

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- CVE-2023-4016: ps: possible buffer overflow
- Resolves: rhbz#2228503

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- gpasswd: fix password leak. Resolves: #2215947

- Fix invalid license tag
- Resolves: rhbz#1611728

- Fix potential strcat overflow found by Coverity in CI test (#1661674).

- rebuild for SLES ES platform

- Fix sg_ses --page argument override when --control and --data are specified (#2078107)

- Upste to NSPR 4.35

- Fix Terrapin attack
  Resolves: RHEL-19762

- increase release number (#1764048)

- Update pci, usb and vendor ids
  Resolves: #2169697

- Rebase to upstream version python-linux-procfs-0.7.1
Resolves: rhbz#2121522

- rebuilt for SLES ES platform

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- restorecon: Fix memory leak - xattr_value (#2137965)

- rebuild for SUSE Liberty Linux

- Fix CVE-2022-48303
- Resolves: CVE-2022-48303

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- rebuild for SLES ES platform

- Ensure layer number is in bounds
  Resolves: rhbz#2160302
  Resolves: rhbz#2162611

- Update to 1.2.0-2.20181605git4a062cf
  Resolves: rhbz#1573895

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- Rebuild due to the following message: libestr-0.1.10-2.el8 has already been built
  resolves: rhbz#2056293

- Fix vlock when console or terminal is closed abruptly
  Resolves: #2178798

- rebuild for SLES ES platform

- teamd: do no remove the ports on shutdown with -N [2148856]
- teamd: stop iterating callbacks when a loop restart is requested [2148855]

- rebuild for SLES ES platform

- Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)
- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff
- Add xsltproc to BR

- Fix CVE-2022-34903 (#2108447)

- Fix memory corruption due to an integer overflow
_ Resolves: CVE-2021-3520

- Fix CVE-2023-34969 (#2213400)

- Rebase to 7.1 (RHBZ#1649090):
  - Add compatibility support for strscpy()
  - Correct the manpage about the sort option
  - Add missing functions to libipset.map
  - configure.ac: Fix build regression on RHEL/CentOS/SL (Serhey Popovych)
  - Implement sorting for hash types in the ipset tool
  - Fix to list/save into file specified by option (reported by Isaac Good)
  - Introduction of new commands and protocol version 7, updated kernel include files
  - Add compatibility support for async in pernet_operations
  - Use more robust awk patterns to check for backward compatibility
  - Prepare the ipset tool to handle multiple protocol version
  - Fix warning message handlin
  - Correct to test null valued entry in hash:net6,port,net6 test
  - Library reworked to support embedding ipset completely
  - Add compatibility to support kvcalloc()
  - Validate string type attributes in attr2data() (Stefano Brivio)
  - manpage: Add comment about matching on destination MAC address (Stefano Brivio)
    (RHBZ#1649079)
  - Add compatibility to support is_zero_ether_addr()
  - Fix use-after-free in ipset_parse_name_compat() (Stefano Brivio) (RHBZ#1649085)
  - Fix leak in build_argv() on line parsing error (Stefano Brivio) (RHBZ#1649085)
  - Simplify return statement in ipset_mnl_query() (Stefano Brivio) (RHBZ#1649085)
  - tests/check_klog.sh: Try dmesg too, don't let shell terminate script (Stefano Brivio) 
- Fixes:
  - Fix all shellcheck warnings in init script (RHBZ#1649085)
  - Make error reporting consistent, introduce different severities (RHBZ#1683711)
  - While restoring, on invalid entries, remove them and retry (RHBZ#1683713)
  - Fix covscan SC2166 warning in init script (RHBZ#1649085)

- rebuild for SLES ES platform

- Change bug tracker path

- rebuild for SLES ES platform

- rebuild for SUSE Liberty Linux

- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB

- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)

- Make volume_key working in FIPS mode
  Resolves: #2143223

- Update to 3.7.0 (rh #2078874)

- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq

- Move USAGE to %license as it describes usage in a licensing context

- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)

- Set 'missingok' for /etc/cron.deny to not recreate it on update

- iptables-restore: Drop dead code
- iptables-apply: Eliminate shellcheck warnings
- ebtables: Exit gracefully on invalid table names

- rebuild for SLES ES platform

- Update to 0.1.18
- Fix issues detected by static analyzers
- Remove Python 2 support

- Another build but with a gating.yaml to allow leaving gating
  Resolves: rhbz#1624158

- Fix arbitrary file write vulnerability
  Resolves: CVE-2022-1271

- Fixed CVE-2021-38185 (#1992511)

- rebuild for SLES ES platform

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Make /proc and /sys ghost to workaround issue in container
- Revert restorecon change

- Add gcc BR
- Build verbosely
- Drop obsolete --enable-widec configure option
- Fix "unused direct shared library dependency" warning from rpmlint again
- Fix man page error due to BSD nroff macro that is not available on Linux
- Drop explicit R on pkgconfig from the -devel package, autogenerated

- Resolves: RHEL-20594 - improper initialization in dump_entry_data_list() in maxminddb.c

- Re-enable output buffering for wide stdio streams (RHEL-22847)

- Rebase to 7.1 (RHBZ#1649090):
  - Add compatibility support for strscpy()
  - Correct the manpage about the sort option
  - Add missing functions to libipset.map
  - configure.ac: Fix build regression on RHEL/CentOS/SL (Serhey Popovych)
  - Implement sorting for hash types in the ipset tool
  - Fix to list/save into file specified by option (reported by Isaac Good)
  - Introduction of new commands and protocol version 7, updated kernel include files
  - Add compatibility support for async in pernet_operations
  - Use more robust awk patterns to check for backward compatibility
  - Prepare the ipset tool to handle multiple protocol version
  - Fix warning message handlin
  - Correct to test null valued entry in hash:net6,port,net6 test
  - Library reworked to support embedding ipset completely
  - Add compatibility to support kvcalloc()
  - Validate string type attributes in attr2data() (Stefano Brivio)
  - manpage: Add comment about matching on destination MAC address (Stefano Brivio)
    (RHBZ#1649079)
  - Add compatibility to support is_zero_ether_addr()
  - Fix use-after-free in ipset_parse_name_compat() (Stefano Brivio) (RHBZ#1649085)
  - Fix leak in build_argv() on line parsing error (Stefano Brivio) (RHBZ#1649085)
  - Simplify return statement in ipset_mnl_query() (Stefano Brivio) (RHBZ#1649085)
  - tests/check_klog.sh: Try dmesg too, don't let shell terminate script (Stefano Brivio) 
- Fixes:
  - Fix all shellcheck warnings in init script (RHBZ#1649085)
  - Make error reporting consistent, introduce different severities (RHBZ#1683711)
  - While restoring, on invalid entries, remove them and retry (RHBZ#1683713)
  - Fix covscan SC2166 warning in init script (RHBZ#1649085)

- fix an arbitrary-file-write vulnerability in zgrep
Resolves: CVE-2022-1271

- 2.13.0 bump (bug #1984402)

- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq

- Fix a crash in buffered_getchar() function
  Resolves: #2062291

- Re-enable output buffering for wide stdio streams (RHEL-22847)

- Escape macros in %changelog

- Improve thermocam magic (rhbz#2158115)

- Fix segfault in getlocal and setlocal (#1880445)

- cap SFTP packet size sent (RHEL-5485)

- Rebase to 0.3.15
- Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332
resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414

- Security fix for CVE-2022-40897
Resolves: rhbz#2158559

- basic support for checking NFSv4 ACLs (#2158747)

- Update to 0.18.6
- Use valgrind_arches macro instead of hardcoding valgrind arch list

- rebuild for SUSE Liberty Linux

- iptables-restore: Drop dead code
- iptables-apply: Eliminate shellcheck warnings
- ebtables: Exit gracefully on invalid table names

resolves: rhbz#1939386 - Rebase libcap-ng to version 0.7.11

- Update to 3.7.0 (rh #2078874)

- update to 4.2 (#2062356)
- fix chrony-helper to delete sources by their original name (#2061660)
- update ntp2chrony script (#2018045 #2063766)

- Fix double byteswap on big-endian systems also while reading partition names
  resolves: #2065205

- Fix termination of va_list in lr_metadatatarget_append_error()
- Detailed error message when using non-existing TMPDIR

- Re-enable output buffering for wide stdio streams (RHEL-22847)

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Fix CVE-2021-33560 (#2018525)

- Escape macros in %changelog

- Bump release number

- basic support for checking NFSv4 ACLs (#2158747)

- Update pkgconfig files
  Related: #1953905

- Rebase to 0.3.15
- Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332
resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414

- Recent revision - 20180723

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Add OSCI tests directory
- Make kpartx_id installation location relative to /usr/lib/udev/rules.d
- Resolves: bz #2164871

- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq

- xkeyboard-config 2.28 (#1728817)

- CVE-2023-52425 expat: parsing large tokens can trigger a denial of service
- Resolves: RHEL-29320

- Fix CVE-2023-34969 (#2213400)

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- Bump version number (wrong exception build)

+ libxcrypt-4.1.1-6
- Rebuilt with fixed binutils (#1954438)

- Rebase to 2.14
  Related: rhbz#2001062

- Fix double free issue in hasher()

- Rebuilt for 8.6. Resolves: rhbz#2046426

- rebuild for SLES ES platform

- Change license to BSD

- rebuild for SLES ES 8

- Fix CVE-2023-48795: Prefix truncation attack
  on Binary Packet Protocol (BPP)
- Resolves: RHEL-19311

- schedule interrupted cache update for the next boot, instead of blocking
  system reboot/shutdown
  resolves #1874010

- rebuild for SLES ES platform

- Add gating.yaml
Related: #1681026

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- Rebuild with some gating tests disabled
Resolves: rhbz#2053515

- teamd: do no remove the ports on shutdown with -N [2148856]
- teamd: stop iterating callbacks when a loop restart is requested [2148855]

- enforce stricter parsing of config files (#2148925)

- Ported CI gating tests to Python 3.6

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch

- Ported CI gating tests to Python 3.6

- rebuild for SLES ES platform

- New upstream version
- Port to the Meson build system

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- rebuild for SLES ES platform

- new upstream release

- rebuild for SLES ES platform

- Update to 1.4.4

- rebuild for SLES ES platform

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq

- rebuild with non-SCL toolset

- Fix for CVE-2022-36227

+ libgudev-232-4
- Remove umockdev dependency

- Release bump

- Rebase to 0.4.0 (#1788067)

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Fix arbitrary file write vulnerability
  Resolves: CVE-2022-1271

- Fixed FTBFS with glibc-2.28
  Resolves: rhbz#1611721

- fix issue reported by covscan

- pstree -al incorrectly handles large empty cmdline
- Resolves: rhbz#1715509

- rebuild for SLES ES platform

- Fix for CVE-2022-47629 (#2161571)

- Improve thermocam magic (rhbz#2158115)

- fix issue reported by covscan

- Fix double free issue in hasher()

- Fix CVE-2022-34903 (#2108447)

- Fix WWN ID truncation (#1981038)

- Fix for CVE-2022-24407
- Resolves: rhbz#2055846

- Rebuilt again with z-stream target

- build with hardening LDFLAGS (#1548717)
- remove obsolete macro and comments
- add gcc to build requirements

- Related: #2140566, bring test over from Brew dist-git

- depmod: fix parallel execution issues
  Resolves: rhbz#2026938

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Fix important Covscan defects (#1602588)

- Python 2 subpackage disabled by default

- rebuild for SLES ES platform

- Add backward compatibility patch
- Resolves: #2097704
- Backport from upstream commit: 00ba17479ff31c6825f0e6f28b965f11525e83f6

- Update pkgconfig files
  Related: #1953905

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Add backward compatibility patch
- Resolves: #2097704
- Backport from upstream commit: 00ba17479ff31c6825f0e6f28b965f11525e83f6

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- Man-page update
- Resolves: rhbz#2070941 - small typo in lchage man page

- rebuild for SLES ES platform

- Update rng-tools to v6.16 @ 0e560296 (bz 2174908)
- Get rid of text relocations in -fPIE build
- Add a hint for opensc package (bz 1845854)

- rhbz#1895017 - unsquashfs does not preserve file capabilities
  rhbz#1754815 - Kdump: Building kdump initramfs img may fail with 'dracut: Failed making squash image' occasionally
  Resolves: rhbz#1895017, rhbz#1754815

- rebuilt for SLES ES platform

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- rebuild for SLES ES platform

- new upstream release

- Resolves: RHEL-11931 - Buffer Underwrite in ares_inet_net_pton() [rhel-8.9.0.z]

- Re-enable output buffering for wide stdio streams (RHEL-22847)

- cil: Fix out-of-bound read of file context pattern ending with "\"
- cil: Destroy classperms list when resetting classpermission (#1983517)
- cil: Destroy classperm list when resetting map perms (#1983521)
- cil: cil_reset_classperms_set() should not reset classpermission (#1983525)
- cil: Set class field to NULL when resetting struct cil_classperms
- cil: More strict verification of constraint leaf expressions
- cil: Exit with an error if declaration name is a reserved word
- cil: Allow permission expressions when using map classes
- cil: Reorder checks for invalid rules when building AST
- cil: Cleanup build AST helper functions
- cil: Create new first child helper function for building AST
- cil: Remove unused field from struct cil_args_resolve
- cil: Destroy disabled optional blocks after pass is complete
- cil: Check if name is a macro parameter first
- cil: fix NULL pointer dereference in __cil_insert_name
- cil: Report disabling an optional block only at high verbose levels
- cil: Use AST to track blocks and optionals when resolving
- cil: Reorder checks for invalid rules when resolving AST
- cil: Sync checks for invalid rules in booleanifs
- cil: Check for statements not allowed in optional blocks (#1983530)

- Fix CVE-2020-12825
  Resolves: #1866484

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- rebuild for SLES ES platform

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- Add feature_notify_inode_expire_only
- Fixes rhbz#2171095

- Fix regression in dictionary creation and lookup

- fix dependency of devel subpkg on libs (#2111644)

- Fixed CVE-2023-7104

- Update to 1.56.1

- Rebuilding with new libsolv-0.7.4

- Require Python with tarfile filters
Resolves: RHEL-25449

- Rebuild for 8.9 release

- Fix Japanese translations (RHBZ #2216755)
- Update translations (RHBZ #2189557)
- Do not prompt for password twice when changing password of local user (RHBZ #2179607)

- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB

- Switch to %ldconfig_scriptlets

- rebuilt for SLES ES platform

- krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones
- krb5: fix policy generator to account for macs
- docs: replace `FIPS 140-2` with just `FIPS 140`

- Use /etc/sysconfig/libffi-force-shared-memory-check-first to
  override selinux permissions check for shared memory access (#2014228)

- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- rebuild for SLES ES

- resolves: rhbz#2190421 - Rebuild to trigger distrobaker sync

- restorecon: Fix memory leak - xattr_value (#2137965)

- Fix memory leak in PKCS11_pkey_meths (#2097690)
- Fix memory leak in RSA method (#2097690)

- Re-enable output buffering for wide stdio streams (RHEL-22847)

- rebuilt for SLES ES platform

- Remove Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1567873

- rebuild for SLES ES platform

- Update enddianness.patch with more s390x fixes
- Enable tests on s390x again
- Resolves: #1803824

- fix HTTP/2 Rapid Reset (CVE-2023-44487)

- Update to MPFR version 3.1.6
- Use autosetup specfile macro for applying patches (patches 1 and 2 applied)
- Removed iconv calls, as they were breaking .info files, which are now unicode
  resolves #1299649
- Other minor cleanups
- BuildRequire gcc per https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Requires

- rebuild for SLES ES platform

RHEL 8.8.0 ERRATUM
- Please put lmdb in RHEL 8 CRB
- Rebuild
- Resolves: rhbz#1972979

- libxkbcommon 0.9.1 (#1728801)

- Ignore the mode bits when doing RPM verification of files in /boot/efi
  Resolves: rhbz#1845052

- Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)
- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff
- Add xsltproc to BR

- rebuilt for SLES ES platform

- restorecon: Fix memory leak - xattr_value (#2137965)

- Security fix for CVE-2022-40897
Resolves: rhbz#2158559

- Backport Allow to break arch lock-step on erase operations (RhBug:2172288,2172292)

- Resolves: #1711119 - netstat says "packetes" instead of "packets"
- Resolves: #1670355 - Exit code on wrong parameter is zero for many net-tools binaries
- Resolves: #1807989 - The output of `route -A inet6` does not display properly when the 'Use' column output is over 6 digits

- rebuild for SLES ES platform

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Fix CVE-2023-34969 (#2213400)

- Install documentation files to an unversioned directory
- Resolves: rhbz#1638032

- Fix Terrapin attack
  Resolves: RHEL-19762

- Switch to %ldconfig_scriptlets

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- rebuild for SLES ES platform

- Install README.md as README is only a symlink to .md
  Resolves: rhbz#1849682

- rebuild for SUSE Liberty Linux

- Rebase to tzdata-2024a
  - Kazakhstan will transition from UTC+6 to UTC+5 on 2024-03-01.
  - Palestine will spring forward a week later than previously
    predicted.

RHEL 8.9.0.Z ERRATUM
- Rebase to 1.9.5p2
- CVE-2023-28486 sudo: Sudo does not escape control characters in log messages
Resolves: RHEL-21825
- CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output
Resolves: RHEL-21831
- CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables
Resolves: RHEL-21820

- resolves: rhbz#2190427 - Rebuild to trigger distrobaker sync

- Resolves: #1781926, rebased to 2.4.19

- Update to CKBI 2.60_v7.0.306 from NSS 3.91
-    Removing:
-     # Certificate "Camerfirma Global Chambersign Root"
-     # Certificate "Staat der Nederlanden EV Root CA"
-     # Certificate "OpenTrust Root CA G1"
-     # Certificate "Swedish Government Root Authority v1"
-     # Certificate "DigiNotar Root CA G2"
-     # Certificate "Federal Common Policy CA"
-     # Certificate "TC TrustCenter Universal CA III"
-     # Certificate "CCA India 2007"
-     # Certificate "ipsCA Global CA Root"
-     # Certificate "ipsCA Main CA Root"
-     # Certificate "Macao Post eSignTrust Root Certification Authority"
-     # Certificate "InfoNotary CSP Root"
-     # Certificate "DigiNotar Root CA"
-     # Certificate "Root CA"
-     # Certificate "GPKIRootCA"
-     # Certificate "D-TRUST Qualified Root CA 1 2007:PN"
-     # Certificate "TC TrustCenter Universal CA I"
-     # Certificate "TC TrustCenter Universal CA II"
-     # Certificate "TC TrustCenter Class 2 CA II"
-     # Certificate "TC TrustCenter Class 4 CA II"
-     # Certificate "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı"
-     # Certificate "CertRSA01"
-     # Certificate "KISA RootCA 3"
-     # Certificate "A-CERT ADVANCED"
-     # Certificate "A-Trust-Qual-01"
-     # Certificate "A-Trust-nQual-01"
-     # Certificate "Serasa Certificate Authority II"
-     # Certificate "TDC Internet"
-     # Certificate "America Online Root Certification Authority 2"
-     # Certificate "RSA Security Inc"
-     # Certificate "Public Notary Root"
-     # Certificate "Autoridade Certificadora Raiz Brasileira"
-     # Certificate "Post.Trust Root CA"
-     # Certificate "Entrust.net Secure Server Certification Authority"
-     # Certificate "ePKI EV SSL Certification Authority - G1"
-    Adding:
-     # Certificate "DigiCert TLS ECC P384 Root G5"
-     # Certificate "DigiCert TLS RSA4096 Root G5"
-     # Certificate "DigiCert SMIME ECC P384 Root G5"
-     # Certificate "DigiCert SMIME RSA4096 Root G5"
-     # Certificate "Certainly Root R1"
-     # Certificate "Certainly Root E1"
-     # Certificate "E-Tugra Global Root CA RSA v3"
-     # Certificate "E-Tugra Global Root CA ECC v3"
-     # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA"
-     # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA"
-     # Certificate "BJCA Global Root CA1"
-     # Certificate "BJCA Global Root CA2"
-     # Certificate "Symantec Enterprise Mobile Root for Microsoft"
-     # Certificate "A-Trust-Root-05"
-     # Certificate "ADOCA02"
-     # Certificate "StartCom Certification Authority G2"
-     # Certificate "ATHEX Root CA"
-     # Certificate "EBG Elektronik Sertifika Hizmet Sağlayıcısı"
-     # Certificate "GeoTrust Primary Certification Authority"
-     # Certificate "thawte Primary Root CA"
-     # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5"
-     # Certificate "America Online Root Certification Authority 1"
-     # Certificate "Juur-SK"
-     # Certificate "ComSign CA"
-     # Certificate "ComSign Secured CA"
-     # Certificate "ComSign Advanced Security CA"
-     # Certificate "Global Chambersign Root"
-     # Certificate "Sonera Class2 CA"
-     # Certificate "VeriSign Class 3 Public Primary Certification Authority - G3"
-     # Certificate "VeriSign, Inc."
-     # Certificate "GTE CyberTrust Global Root"
-     # Certificate "Equifax Secure Global eBusiness CA-1"
-     # Certificate "Equifax"
-     # Certificate "Class 1 Primary CA"
-     # Certificate "Swiss Government Root CA III"
-     # Certificate "Application CA G4 Root"
-     # Certificate "SSC GDL CA Root A"
-     # Certificate "GlobalSign Code Signing Root E45"
-     # Certificate "GlobalSign Code Signing Root R45"
-     # Certificate "Entrust Code Signing Root Certification Authority - CSBR1"

- Add ability to set fallback verbose mode
- Resolves: #2030704

- Fix vlock when console or terminal is closed abruptly
  Resolves: #2178798

- rebuild with latest rpm build flags (rhbz#1540264)

- Address CVE-2020-12762
Resolves: rhbz#2203171

- Export nftnl_set_elem_nlmsg_build symbol in the right version

- resolves: rhbz#2190419 - Rebuild to trigger distrobaker sync

- pkttyagent gets stopped if killed in the background
- Resolves: rhbz#2128989

- Set 'missingok' for /etc/cron.deny to not recreate it on update

- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB

- Added build notes to AS generated objects
  Resolves: rhbz#1630594

- update to the latest release
- add sed require
- remove %clean section
- remove obsolete Group tag
- fix upstream URL
- Resolves: rhbz#1696449, rhbz#1703982

- Covscan Scan: Wrong Check of Return Value (bz 2151966)
- Covscan Scan: Clang (experimental) (bz 2151971)

- Fix CVE-2023-34969 (#2213400)

- resolves: rhbz#2190425 - Rebuild to trigger distrobaker sync

- ci: Update `.packit.yml` to run on `c8s`
- ci: Use Differential ShellCheck action

- Rebuild with SUSE key and sbat

- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Fix getting size of memory banks <32GiB

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- rebuild for SLES ES platform

- Fix also SHELLCHECK_WARNING
  related: #1602530

- Rebuild for SLES ES

- Disable the Python 2 subpackage
  https://bugzilla.redhat.com/show_bug.cgi?id=1594157

- rebuild for SLES ES

- Drop pacrunner-mozjs (#1571640)

- rebuild for SLES ES platform

- debranding for SLL 8.9

- Update to 0.1.18
- Fix issues detected by static analyzers
- Remove Python 2 support

- cap SFTP packet size sent (RHEL-5485)

- Conditionalize the python2 subpackage

- Fix Japanese translations (RHBZ #2216755)
- Update translations (RHBZ #2189557)
- Do not prompt for password twice when changing password of local user (RHBZ #2179607)

- rebuilt for SLES ES platform

- Update to latest upstream and fix mdcheck service bug
- Resolves rhbz#2116418, rhbz#2150862, rhbz#2159584

- Resolves: CVE-2022-1586

- Rebuild due to missing CI environment
- Resolves: #2212772 #2193342

- rebuild for SLES ES

- Security fix for CVE-2023-27043
Resolves: RHEL-5563

- Release bump

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- rebuild for SLES ES platform

- don't use memcpy() on overlapping buffers (#1607024)

- Fix CVE-2023-48795: Prefix truncation attack
  on Binary Packet Protocol (BPP)
- Resolves: RHEL-19311

- rebuilt for SLES Expanded Support platform

- Add missing tests directory

- Introduce new fanotify record fields
Resolves: rhbz#2216668
- invalid use of flexible array member
Resolves: rhbz#2116867

- Add gating tests
- Resolves: rhbz#2170066

- fix issue reported by covscan

- Backport patch from Neal Gompa <ngompa13@gmail.com> to generate pythonXdist
  metadata

- Resolves: #1732960 - cmp -b shows incorrect data

- Backport CVE-2021-3580 from upstream 3.7.3 release (#1967990)

- rebuild for SLES ES platform

- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)

- rebuild for SLES ES platform

- New upstream release
- Add git version in --version
- Fix list of new symbols in index page

- rebuild for SLES ES platform

- iscsi: Fix login on firmware-discovered nodes (#2213193)
- tests: Extend iscsi method call timeouts (#2213715)

- rebuild for SLES ES platform

- Update e2fsprogs with upstream fixes and improvements (#2083621)
- Fix out-of-bounds read/write via crafter filesystem (#2073548)

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

- Add POT file to git and do not rebuild it during every build

- libnuma: make numa_police_memory() free of race

- Fix the Crash in zlib deflateBound() function on s390x
- Resolves: BZ#2193045

- Change bug tracker path

- rebuild for SLES ES platform

- Guard face->size
- Resolves: #2079279

- rebuilt for SLES ES platform

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- kernel update
- Related: rhbz#2097413

- Add lock to avoid two type object wrappers getting generated at
  the same time in multi-threaded programs.
  Resolves: #1844578

- fix find not obeying option -ignore_readdir_race in symlink_loop (#2232278)

- Fix regression in dictionary creation and lookup

- rebuild for SLES ES platform

- Fix parsing of semanage.conf ignoredirs
  resolves: rhbz#1931058

- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939

- Fix a loop in fix-info-dir when /dev/null doesn't exist
  Resolves: #2022201

- rebuild for SLES ES platform

- Obsolete snappy-devel versions lower than 1.1.8-2 as lower versions have multilib issues.

- parser_bison: Fix for broken compatibility with older dumps (Phil Sutter) [RHEL-2596]

- Bump the version number due to conflict with (rhbz 1937721)

- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq

- Add missing %patch macro

- Remove unused libzstd-devel dependency (#2069831)
- Preserve hardening flags when building bjam

- Fix vlock when console or terminal is closed abruptly
  Resolves: #2178798

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

- Put autogen.sh to proper place
  Related: #1854555

- rebuild for SLES ES platform

- fix issue reported by covscan

- Start versioning symbols when building library
- Resolves: rhbz#2001063

- Add support for RFC3021 (#1638834)

- tests: Add a test for resizepart on a busy partition (bcl)
  Related: rhbz#1861804
- parted: Preserve resizepart End when prompted for busy partition (bcl)
  Resolves: rhbz#1861804
- Fix end_input usage in do_resizepart (bcl)
  Related: rhbz#1861804
- tests: Test incomplete resizepart command (bcl)
  Related: rhbz#1861804
- Fix resizepart iec unit end sector (psusi)
  Related: rhbz#1861804
- libparted: Fix endian bug in bsd.c (AWilcox)
  Resolves: rhbz#1980105

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- iptables-restore: Drop dead code
- iptables-apply: Eliminate shellcheck warnings
- ebtables: Exit gracefully on invalid table names

- rebuild for SLES ES platform

- rebuild for SLES ES platform

- Add elfutils-0.189-elf_getdata_rawchunk.patch
- Add elfutils-0.189-debuginfod_config_cache-double-close.patch

- Fix Terrapin attack
  Resolves: RHEL-19762

- rebuild for SLES ES platform

- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB

- Security fix for CVE-2022-40897
Resolves: rhbz#2158559

- backport fix for --dco-identify real max sectors calculation from upstream version 9.62 (#1959918)

- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)

- Module (SFP/QSFP/CMIS) related bugfixes

- rebuild for SLES ES platform

- Resolves: rhbz#2140600

- Rebuild due to migrated tests
  Related: #1841499

- rebuilt

- rebuild for SLES ES platform

- rebase to 2.5.2
  resolves: rhbz#2019893

- Latest upstream

- Fix efivar "-w" and "-a" options that broke due the rebase
  Related: rhbz#1755645

- Fix sg_ses --page argument override when --control and --data are specified (#2078107)

- Resolves: rhbz#2048668 - Request to add libdhash-devel package into CRB

- Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch
- Apply ICU-20958-Prevent-SEGV_MAPERR-in-append.patch
- Resolves: rhbz#1808238

- Resolves: CVE-2020-8927

- Backport grefcount API
- Resolves: #2153205

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- Fix: CVE-2022-48624
- Resolves: RHEL-26123

- New upstream release (0.3.2)
- Resolves: rhbz#2100916

- Add TLS_REQSAN option and change the default to TRY (#1814674)

- Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)
- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783)
- Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783)
- Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*'
Resolves: RHEL-16783, RHEL-16800

- Backport file handling code from rpm-4.19 to fix CVE-2021-35937,
  CVE-2021-35938 and CVE-2021-35939

- rebuild for SLES ES platform

- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq

- Dropped sysvinit support
  Resolves: rhbz#1610275

- Fix integer overflow in _libcap_strdup() (CVE-2023-2603)
  Resolves: rhbz#2210636
- Correctly check pthread_create() return value to avoid memory leak (CVE-2023-2602)
  Resolves: rhbz#2222197

- Require Python with tarfile filters
Resolves: RHEL-25449

- Fix double free in write_escrow_data_file
  Resolves: rhbz#2142660

- Dropped qt4 from RHEL-8 (#1591123)

- Fixed mkfs.fat cluster size calculation for disks with 4k sectors
  Resolves: rhbz#1651496

- rebuild for SLES ES platform

- pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2209785

- make biosdevname optional even on Dell servers (#1623621)
- prevent infinite recursion in smbios_setslot() (#1499458)
- Netronome biosdevname support (#1649036)

- rebuild for SLES ES

- depmod: fix parallel execution issues
  Resolves: rhbz#2026938

- mkdumprd: Use the correct syntax to redirect the stderr to null
- mkdumprd: call dracut with --add-device to install the drivers needed by /boot partition automatically for FIPS
- Add NICs that handle DNS queries to the allowlist

- Minor cleanup - remove unused patch from the spec file too (related to 4.5-3)
- Resolves: rhbz#1869253

- Add compat subpackage for keeping the API stability in userspace

- rebuild for SLES ES platform

- Add support for VRF with ping command (#2208409)