- HANA-Firewall
-
- HANA-Firewall creates insufficient configuration.
(bsc#1221231)
- SAPHanaSR
-
- Version bump to 0.162.4
* unify global.ini examples
* add demo script SAPHanaSR-upgrade-to-angi-demo
* update man pages:
SAPHanaSR_basic_cluster.7
SAPHanaSR_maintenance_examples.7
SAPHanaSR_upgrade_to_angi.7
SAPHanaSR-manageProvider.8
SAPHanaSR-upgrade-to-angi-demo.8
SAPHanaSR.py.7
- Version bump to 0.162.3
* Fix the hexdump log for empty node states
* catch monitor calls for non-cloned resources and report them as
unsupported instead of 'command not found'
(bsc#1218333)
* fix scope of variable 'site' to be global
(bsc#1219194)
* susChkSrv.py - relocate function logTimestamp()
* update man pages:
SAPHanaSR.7
ocf_suse_SAPHana.7
SAPHanaSR_maintenance_examples.7
SAPHanaSR.py.7
SAPHanaSR-showAttr.8
- aaa_base
-
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
to also fix the typo to set JAVA_BINDIR in the csh variant
of the alljava profile script (bsc#1221361)
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
make sure the script does not exit with 1 if a file
with content is found (bsc#1222547)
- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- silence the output in the case of broken symlinks (bsc#1218232)
- autofs
-
- autofs-5.1.6-remove-intr-hosts-map-mount-option.patch
Don't use the intr option on NFS mounts by default, it's been
ignored by the kernel for a long time now. (bsc#1225130)
- autofs-5.1.8-dont-use-initgroups-at-spawn.patch
Don't use initgroups at spawn (bsc#1214710, bsc#1221181)
- azure-cli
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.36.0
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.35.0
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.34.1
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.33.1
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- New upstream release
+ Version 2.33.0
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- Add missing python-rpm-macros to BuildRequires
- Update Requires from setup.py
- New upstream release
+ Version 2.32.0
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.31.0
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- Update Requires from setup.py
- bind
-
- Security Fixes:
* It is possible to craft excessively large numbers of resource
record types for a given owner name, which has the effect of
slowing down database processing. This has been addressed by
adding a configurable limit to the number of records that can
be stored per name and type in a cache or zone database. The
default is 100, which can be tuned with the new
max-types-per-name option. (CVE-2024-1737)
[bsc#1228256, bind-9.16-CVE-2024-1737.patch]
* Validating DNS messages signed using the SIG(0) protocol (RFC
2931) could cause excessive CPU load, leading to a
denial-of-service condition. Support for SIG(0) message
validation was removed from this version of named.
(CVE-2024-1975)
[bsc#1228257, bind-9.16-CVE-2024-1975.patch]
- Security Fixes:
* Validating DNS messages containing a lot of DNSSEC signatures
could cause excessive CPU load, leading to a denial-of-service
condition. This has been fixed. (CVE-2023-50387)
[bsc#1219823, bind-CVE-2023-50387-CVE-2023-50868.patch]
* Preparing an NSEC3 closest encloser proof could cause excessiv
CPU load, leading to a denial-of-service condition. This has
been fixed. (CVE-2023-50868)
[bsc#1219826, bind-CVE-2023-50387-CVE-2023-50868.patch]
* Parsing DNS messages with many different names could cause
excessive CPU load. This has been fixed. (CVE-2023-4408)
[bsc#1219851, bind-CVE-2023-4408.patch]
* Specific queries could cause named to crash with an assertion
failure when nxdomain-redirect was enabled. This has been
fixed. (CVE-2023-5517)
[bsc#1219852, bind-CVE-2023-5517.patch]
* Query patterns that continuously triggered cache database
maintenance could cause an excessive amount of memory to be
allocated, exceeding max-cache-size and potentially leading to
all available memory on the host running named being exhausted
This has been fixed. (CVE-2023-6516)
[bsc#1219854, bind-CVE-2023-6516.patch]
- binutils
-
- Update to current 2.43.1 branch [PED-10474]:
* PR32109 - fuzzing problem
* PR32083 - LTO vs overridden common symbols
* PR32067 - crash with LTO-plugin and --oformat=binary
* PR31956 - LTO vs wrapper symbols
* riscv - add Zimop and Zcmop extensions
- Adjusted binutils-2.43-branch.diff.gz.
- Update to version 2.43:
* new .base64 pseudo-op, allowing base64 encoded data as strings
* Intel APX: add support for CFCMOV, CCMP, CTEST, zero-upper, NF
(APX_F now fully supported)
* x86 Intel syntax now warns about more mnemonic suffixes
* macros and .irp/.irpc/.rept bodies can use \+ to get at number
of times the macro/body was executed
* aarch64: support 'armv9.5-a' for -march, add support for LUT
and LUT2
* s390: base register operand in D(X,B) and D(L,B) can now be
omitted (ala 'D(X,)'); warn when register type doesn't match
operand type (use option
'warn-regtype-mismatch=[strict|relaxed|no]' to adjust)
* riscv: support various extensions: Zacas, Zcmp, Zfbfmin,
Zvfbfmin, Zvfbfwma, Smcsrind/Sscsrind, XCvMem, XCvBi, XCvElw,
XSfCease, all at version 1.0;
remove support for assembly of privileged spec 1.9.1 (linking
support remains)
* arm: remove support for some old co-processors: Maverick and FPA
* mips: '--trap' now causes either trap or breakpoint instructions
to be emitted as per current ISA, instead of always using trap
insn and failing when current ISA was incompatible with that
* LoongArch: accept .option pseudo-op for fine-grained control
of assembly code options; add support for DT_RELR
* readelf: now displays RELR relocations in full detail;
add -j/--display-section to show just those section(s) content
according to their type
* objdump/readelf now dump also .eh_frame_hdr (when present) when
dumping .eh_frame
* gprofng: add event types for AMD Zen3/Zen4 and Intel Ice Lake
processors; add minimal support for riscv
* linker:
- put .got and .got.plt into relro segment
- add -z isa-level-report=[none|all|needed|used] to the x86 ELF
linker to report needed and used x86-64 ISA levels
- add --rosegment option which changes the -z separate-code
option so that only one read-only segment is created (instead
of two)
- add --section-ordering-file <FILE> option to add extra
mapping of input sections to output sections
- add -plugin-save-temps to store plugin intermediate files
permanently
- Removed binutils-2.42.tar.bz2, binutils-2.42-branch.diff.gz.
- Added binutils-2.43.tar.bz2, binutils-2.43-branch.diff.gz.
- Removed upstream patch riscv-no-relax.patch.
- Rebased ld-relro.diff and binutils-revert-rela.diff.
- binutils-pr22868.diff: Remove obsolete patch
- Undefine _FORTIFY_SOURCE when running checks
- Allow to disable profiling
- Use %patch -P N instead of deprecated %patchN.
- riscv-no-relax.patch: RISC-V: Don't generate branch/jump relocation if
symbol is local when no-relax
- Add binutils-disable-code-arch-error.diff to demote an
error about swapped .arch/.code directives to a warning.
It happens in the wild.
- Update to version 2.42:
* Add support for many aarch64 extensions: SVE2.1, SME2.1, B16B16,
RASv2, LSE128, GCS, CHK, SPECRES2, LRCPC3, THE, ITE, D128, XS and
flags to enable them: '+fcma', '+jscvt', '+frintts', '+flagm2',
'+rcpc2' and '+wfxt'
* Add experimantal support for GAS to synthesize call-frame-info for
some hand-written asm (--scfi=experimental) on x86-64.
* Add support for more x86-64 extensions: APX: 32 GPRs, NDD, PUSH2/POP2,
PUSHP/POPP; USER_MSR, AVX10.1, PBNDKB, SM4, SM3, SHA512, AVX-VNNI-INT16.
* Add support for more RISC-V extensions: T-Head v2.3.0, CORE-V v1.0,
SiFive VCIX v1.0.
* BPF assembler: ';' separates statements now, and does not introduce
line comments anymore (use '#' or '//' for this).
* x86-64 ld: Add '-z mark-plt/-z nomark-plt' to mark PLT entries with
dynamic tags.
* risc-v ld: Add '--[no-]check-uleb128'.
* New linker script directive: REVERSE, to be combined with SORT_BY_NAME
or SORT_BY_INIT_PRIORITY, reverses the generated order.
* New linker options --warn-execstack-objects (warn only about execstack
when input object files request it), and --error-execstack plus
- -error-rxw-segments to convert the existing warnings into errors.
* objdump: Add -Z/--decompress to be used with -s/--full-contents to
decompress section contents before displaying.
* readelf: Add --extra-sym-info to be used with --symbols (currently
prints section name of references section index).
* objcopy: Add --set-section-flags for x86_64 to include
SHF_X86_64_LARGE.
* s390 disassembly: add target-specific disasm option 'insndesc',
as in "objdump -M insndesc" to display an instruction description
as comment along with the disassembly.
- Add binutils-2.42-branch.diff.gz.
- Rebased s390-biarch.diff.
- Adjusted binutils-revert-hlasm-insns.diff,
binutils-revert-plt32-in-branches.diff and binutils-revert-rela.diff
for upstream changes.
- Removed binutils-2.41-branch.diff.gz, binutils-2.41.tar.bz2,
binutils-2.41-branch.diff.gz.
- Removed binutils-use-less-memory.diff, binutils-old-makeinfo.diff
and riscv-relro.patch (all upstreamed).
- Removed add-ulp-section.diff, we use a different mechanism
for live patching since a long time.
- Add binutils-use-less-memory.diff to be a little nicer to 32bit
userspace and huge links. [bsc#1216908]
- riscv-relro.patch: RISC-V: Protect .got with relro
- Add libzstd-devel to Requires of binutils-devel. (bsc#1215341)
- ca-certificates-mozilla
-
- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
- Added: FIRMAPROFESIONAL CA ROOT-A WEB
- Distrust: GLOBALTRUST 2020
- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)
Added:
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- D-Trust SBR Root CA 1 2022
- D-Trust SBR Root CA 2 2022
- Telekom Security SMIME ECC Root 2021
- Telekom Security SMIME RSA Root 2023
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
- TrustAsia Global Root CA G3
- TrustAsia Global Root CA G4
Removed:
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Security Communication Root CA
- Symantec Class 1 Public Primary Certification Authority - G6
- Symantec Class 2 Public Primary Certification Authority - G6
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
- VeriSign Class 1 Public Primary Certification Authority - G3
- VeriSign Class 2 Public Primary Certification Authority - G3
- remove-trustcor.patch: removed, now upstream
- do a versioned obsoletes of "openssl-certs".
- ca-certificates
-
- Update to version 2+git20240416.98ae794 (bsc#1221184):
* Use flock to serialize calls (boo#1188500)
* Make certbundle.run container friendly
* Create /var/lib/ca-certificates if needed
- catatonit
-
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
- chrony
-
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
- Use shorter NTS-KE retry interval when network is down
(bsc#1213551, chrony-burst_total_samples_to_go.patch,
chrony-retry_interval_ke_start.patch).
- cloud-init
-
- Add cloud-init-skip-rename.patch (bsc#1219680)
+ Brute force appraoch to skip renames if the device is already present
- Add cloud-init-usr-sudoers.patch (bsc#1223469)
+ Handle the existence of /usr/etc/sudoers to search for the expected
include location
- Update cloud-init-no-openstack-guess.patch
+ Do not enable cloud-init on systems where there is no DMI just
because no data source has been found. No data source means
cloud-init will not run.
- Add cloud-init-no-nmcfg-needed.patch (bsc#1221726)
+ Do not require a NetworkManager config file in order to detect
NetworkManager as the renderer
- Add cloud-init-no-openstack-guess.patch (bsc#1222113)
+ Do not guess if we are running on OpenStack or not. Only recognize
the known markers and enable cloud-init if we know for sure.
- Add cloud-init-ds-deterministic.patch (bsc#1221132)
+ Do not guess a data source when checking for a CloudStack
environment
- Hardcode distribution to suse for proper cloud.cfg generation
(bsc#1220132).
- Prepare for RPM 4.20 switch patch syntax
- Add cloud-init-skip-empty-conf.patch
+ Skip tests with empty config
- Add cloud-init-pckg-reboot.patch (boo#1198533, bsc#1218952, jsc#SMO-326)
+ Support reboot on package update/upgrade via the cloud-init config
- Switch build dependency to the generic distribution-release package
- cloud-netconfig
-
- Update to version 1.14
+ Use '-s' instead of '--no-progress-meter' for curl (bsc#1221757)
- Add version settings to Provides/Obsoletes
- Update to version 1.12 (bsc#1221202)
+ If token access succeeds using IPv4 do not use the IPv6 endpoint
only use the IPv6 IMDS endpoint if IPv4 access fails.
- Add Provides/Obsoletes for dropped cloud-netconfig-nm
- Install dispatcher script into /etc/NetworkManager/dispatcher.d
on older distributions
- Add BuildReqires: NetworkManager to avoid owning dispatcher.d
parent directory
- Update to version 1.11:
+ Revert address metadata lookup in GCE to local lookup (bsc#1219454)
+ Fix hang on warning log messages
+ Check whether getting IPv4 addresses from metadata failed and abort
if true
+ Only delete policy rules if they exist
+ Skip adding/removing IPv4 ranges if metdata lookup failed
+ Improve error handling and logging in Azure
+ Set SCRIPTDIR when installing netconfig wrapper
- Update to version 1.10:
+ Drop cloud-netconfig-nm sub package and include NM dispatcher
script in main packages (bsc#1219007)
+ Spec file cleanup
- Update to version 1.9:
+ Drop package dependency on sysconfig-netconfig
+ Improve log level handling
+ Support IPv6 IMDS endpoint in EC2 (bsc#1218069)
- cloud-regionsrv-client
-
- Update to 10.3.4
+ Modify the message when network access over a specific IP version does
not work. This is an informational message and should not look like
an error
+ Inform the user that LTSS registration takes a little longer
+ Add fix-for-sles12-no-trans_update.patch
+ SLE 12 family has no products with transactional-update we do not
need to look for this condition
- From 10.3.3 (bsc#1229472)
+ Handle changes in process structure to properly identify the running
zypper parent process and only check for 1 PID
- From 10.3.2
+ Remove rgnsrv-clnt-fix-docker-setup.patch included upstream
- From 10.3.1 (jsc#PCT-400)
+ Add support for LTSS registration
+ Add fix-for-sles12-disable-registry.patch
~ No container support in SLE 12
- Add rgnsrv-clnt-fix-docker-setup.patch (bsc#1229137)
+ The entry for the update infrastructure registry mirror was written
incorrectly causing docker daemon startup to fail.
- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
- Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016)
+ In addition to logging, write message to stderr when registration fails
+ Detect transactional-update system with read only setup and use
the transactional-update command to register
+ Handle operation in a different target root directory for credentials
checking
- Update to version 10.1.7 (bsc#1220164, bsc#1220165)
+ Fix the failover path to a new target update server. At present a new
server is not found since credential validation fails. We targeted
the server detected in down condition to verify the credentials instead
of the replacement server.
- kernel-default
-
- Update patches.suse/usb-f_fs-Fix-use-after-free-for-epfile.patch
(git-fixes bsc#1228040 CVE-2022-48822).
- commit 2c8d4da
- ima: Fix use-after-free on a dentry's dname.name (bsc#1227716
CVE-2024-39494).
- commit f6c5c97
- ASoC: topology: Fix route memory corruption (CVE-2024-41069
bsc#1228644).
- commit f66560f
- IB/core: Implement a limit on UMAD receive List (bsc#1228743 CVE-2024-42145)
- commit f02f32a
- ASoC: topology: Fix references to freed memory (CVE-2024-41069
bsc#1228644).
- commit 92df0ca
- hfsplus: fix uninit-value in copy_name (bsc#1228561
CVE-2024-41059).
- commit 97ed148
- dmaengine: idxd: Fix possible Use-After-Free in
irq_process_work_list (CVE-2024-40956 bsc#1227810).
- commit 26f1077
- ocfs2: fix DIO failure due to insufficient transaction credits
(bsc#1216834).
- commit 300f953
- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (CVE-2023-52885
bsc#1227750).
- commit e97b8a4
- scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
(bsc#1228013 CVE-2022-48792).
- commit e1a6b29
- tap: add missing verification for short frame (CVE-2024-41090
bsc#1228328).
- commit ebf78ce
- ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions
(CVE-2021-47291 bsc#1224918).
- ipv6: Fix KASAN: slab-out-of-bounds Read in
fib6_nh_flush_exceptions (bsc#1224918 CVE-2021-47126
bsc#1221539).
- commit 8e8ce7c
- drm/amdkfd: don't allow mapping the MMIO HDP page with large
pages (CVE-2024-41011 bsc#1228115).
- commit 71f4e95
- sch_cake: do not call cake_destroy() from cake_init()
(CVE-2021-47598 bsc#1226574).
- commit bd20b3c
- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
(bsc#1226550 CVE-2021-47580).
- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
(bsc#1222824 CVE-2021-47219).
- commit 2e165bd
- X.509: Fix the parser of extended key usage for length
(bsc#1218820 bsc#1226666).
- commit 2d78310
- gve: Clear napi->skb before dev_kfree_skb_any() (CVE-2024-40937
bsc#1227836).
- commit 2df93fe
- Update References
patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch
(bsc#1186463 CVE-2021-0129 CVE-2020-26558 bsc#1179610
CVE-2020-26558).
- commit d06a0d0
- Update
patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch
(bsc#1186463 CVE-2021-0129 CVE-2020-26558 bsc#1179610
CVE-2020-26558).
- commit 9cfc088
- misc: fastrpc: avoid double fput() on failed usercopy
(CVE-2022-48821 bsc#1227976).
- commit 57e770a
- Update
patches.suse/tls-fix-use-after-free-on-failed-backlog-decryption.patch
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186
CVE-2024-26800 bsc#1222728).
- commit 72c3b29
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686 bsc#1224682).
- Update
patches.suse/scsi-qedf-Ensure-the-copied-buf-is-NUL-terminated.patch
(bsc#1226758 CVE-2024-38559 bsc#1226785).
- commit 53c517e
- nfsd: fix use-after-free due to delegation race (CVE-2021-47506
bsc#1225404 bsc#1227497).
- commit b195c7b
- Update
patches.suse/net-tls-factor-out-tls_-crypt_async_wait.patch.
- fix build warning
- commit 7f81dcf
- Fix spurious WARNING caused by a qxl driver patch (bsc#1227213)
Refresh patches.suse/drm-qxl-fix-UAF-on-handle-creation.patch
- commit e245863
- Update
patches.suse/scsi-qedf-Ensure-the-copied-buf-is-NUL-terminated.patch
(bsc#1226785 CVE-2024-38559).
Fix incorrect bug reference.
- commit 7bd70b9
- can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431
CVE-2021-47520).
- commit 0094102
- powerpc/rtas: Prevent Spectre v1 gadget construction in
sys_rtas() (bsc#1227487).
- commit 74bce38
- blacklist.conf:
- commit cdd4002
- NFS: Don't overfill uncached readdir pages (bsc#1226662).
- commit d0f2933
- tls: fix use-after-free on failed backlog decryption
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: separate no-async decryption request handling from async
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: decrement decrypt_pending if no async completion will be
called (CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- net: tls: handle backlogging of crypto requests (CVE-2024-26584
bsc#1220186).
- tls: fix race between tx work scheduling and socket close
(CVE-2024-26585 bsc#1220187).
- tls: fix race between async notify and socket close
(CVE-2024-26583 bsc#1220185).
- net: tls: factor out tls_*crypt_async_wait() (CVE-2024-26583
CVE-2024-26584 bsc#1220185 bsc#1220186).
- net: tls: fix async vs NIC crypto offload (CVE-2024-26583
CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: use async as an in-out argument (CVE-2024-26583
CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: assume crypto always calls our callback (CVE-2024-26583
CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: don't track the async count (CVE-2024-26583
CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: simplify async wait (CVE-2024-26583 CVE-2024-26584
bsc#1220185 bsc#1220186).
- tls: rx: wrap decryption arguments in a structure
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: don't report text length from the bowels of decrypt
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- tls: rx: drop unnecessary arguments from tls_setup_from_iter()
(CVE-2024-26583 CVE-2024-26584 bsc#1220185 bsc#1220186).
- net/tls: race causes kernel panic (CVE-2024-26583 CVE-2024-26584
bsc#1220185 bsc#1220186).
- commit cf4818b
- Delete
patches.suse/tls-fix-race-between-tx-work-scheduling-and-socket-c.patch.
Will be replaced with refreshed version once all conflicting patches are in.
- commit e1dd229
- dm btree remove: fix use after free in rebalance_children()
(CVE-2021-47600, bsc#1226575).
- commit 088e9db
- Update
patches.suse/0020-dm-btree-remove-fix-use-after-free-in-rebalance_chil.patch
(git-fixes CVE-2021-47600 bsc#1226575).
- Update
patches.suse/0022-block-Fix-wrong-offset-in-bio_truncate.patch
(git-fixes CVE-2022-48747 bsc#1226643).
- Update
patches.suse/ARM-9170-1-fix-panic-when-kasan-and-kprobe-are-enabled.patch
(git-fixes CVE-2021-47618 bsc#1226644).
- Update
patches.suse/ASoC-max9759-fix-underflow-in-speaker_gain_control_p.patch
(git-fixes CVE-2022-48717 bsc#1226679).
- Update
patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_-4cf28e9ae6e2.patch
(git-fixes CVE-2022-48736 bsc#1226721).
- Update
patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_-4f1e50d6a9cf.patch
(git-fixes CVE-2022-48737 bsc#1226762).
- Update
patches.suse/ASoC-ops-Reject-out-of-bounds-values-in-snd_soc_put_.patch
(git-fixes CVE-2022-48738 bsc#1226674).
- Update
patches.suse/Bluetooth-refactor-malicious-adv-data-check.patch
(git-fixes CVE-2021-47620 bsc#1226669).
- Update patches.suse/IB-hfi1-Fix-AIP-early-init-panic.patch
(jsc#SLE-13208 CVE-2022-48728 bsc#1226691).
- Update
patches.suse/PCI-pciehp-Fix-infinite-loop-in-IRQ-handler-upon-pow.patch
(git-fixes CVE-2021-47617 bsc#1226614).
- Update
patches.suse/RDMA-ucma-Protect-mc-during-concurrent-multicast-lea.patch
(bsc#1181147 CVE-2022-48726 bsc#1226686).
- Update
patches.suse/ceph-properly-put-ceph_string-reference-after-async-create-attempt.patch
(bsc#1195798 CVE-2022-48767 bsc#1226715).
- Update
patches.suse/dma-buf-heaps-Fix-potential-spectre-v1-gadget.patch
(git-fixes CVE-2022-48730 bsc#1226713).
- Update
patches.suse/drm-msm-dpu-invalid-parameter-check-in-dpu_setup_dsp.patch
(git-fixes CVE-2022-48749 bsc#1226650).
- Update
patches.suse/drm-msm-dsi-invalid-parameter-check-in-msm_dsi_phy_e.patch
(git-fixes CVE-2022-48756 bsc#1226698).
- Update
patches.suse/drm-nouveau-fix-off-by-one-in-BIOS-boundary-checking.patch
(git-fixes CVE-2022-48732 bsc#1226716).
- Update
patches.suse/firmware-arm_scpi-Fix-string-overflow-in-SCPI-genpd-.patch
(git-fixes CVE-2021-47609 bsc#1226562).
- Update patches.suse/i40e-Fix-queues-reservation-for-XDP.patch
(git-fixes CVE-2021-47619 bsc#1226645).
- Update patches.suse/igbvf-fix-double-free-in-igbvf_probe.patch
(git-fixes CVE-2021-47589 bsc#1226557).
- Update
patches.suse/iommu-vt-d-fix-potential-memory-leak-in-intel_setup_irq_remapping
(git-fixes CVE-2022-48724 bsc#1226624).
- Update
patches.suse/mac80211-track-only-QoS-data-frames-for-admission-co.patch
(git-fixes CVE-2021-47602 bsc#1226554).
- Update
patches.suse/mac80211-validate-extended-element-ID-is-present.patch
(git-fixes CVE-2021-47611 bsc#1226583).
- Update
patches.suse/net-bridge-vlan-fix-memory-leak-in-__allowed_ingress.patch
(bsc#1176447 CVE-2022-48748 bsc#1226647).
- Update
patches.suse/net-hns3-fix-use-after-free-bug-in-hclgevf_send_mbx_.patch
(jsc#SLE-14777 CVE-2021-47596 bsc#1226558).
- Update
patches.suse/net-ieee802154-ca8210-Stop-leaking-skb-s.patch
(git-fixes CVE-2022-48722 bsc#1226619).
- Update
patches.suse/net-mlx5e-Fix-handling-of-wrong-devices-during-bond-.patch
(jsc#SLE-15172 CVE-2022-48746 bsc#1226703).
- Update
patches.suse/net-sched-sch_ets-don-t-remove-idle-classes-from-the.patch
(bsc#1176774 CVE-2021-47595 bsc#1226552).
- Update
patches.suse/nfc-fix-segfault-in-nfc_genl_dump_devices_done.patch
(git-fixes CVE-2021-47612 bsc#1226585).
- Update patches.suse/phylib-fix-potential-use-after-free.patch
(git-fixes CVE-2022-48754 bsc#1226692).
- Update
patches.suse/powerpc-perf-Fix-power_pmu_disable-to-call-clear_pmi.patch
(bsc#1156395 CVE-2022-48752 bsc#1226709).
- Update
patches.suse/rpmsg-char-Fix-race-between-the-release-of-rpmsg_ctr.patch
(git-fixes CVE-2022-48759 bsc#1226711).
- Update
patches.suse/scsi-bnx2fc-Flush-destroy_work-queue-before-calling-bnx2fc_interface_put
(git-fixes CVE-2022-48758 bsc#1226708).
- Update patches.suse/scsi-bnx2fc-Make-bnx2fc_recv_frame-mp-safe
(git-fixes CVE-2022-48715 bsc#1226621).
- Update
patches.suse/scsi-scsi_debug-Sanity-check-block-descriptor-length-in-resp_mode_select.patch
(git-fixes CVE-2021-47576 bsc#1226537).
- Update
patches.suse/smb-client-set-correct-id-uid-and-cruid-for-multiuser-automounts.patch
(git-fixes CVE-2024-26822 bsc#1223011).
- Update
patches.suse/tracing-histogram-Fix-a-potential-memory-leak-for-kstrdup.patch
(git-fixes CVE-2022-48768 bsc#1226720).
- commit 3239c2b
- Update
patches.suse/drm-vmwgfx-Fix-stale-file-descriptors-on-failed-user.patch
(CVE-2022-22942 bsc#1195065 CVE-2022-48771 bsc#1226732).
- Update
patches.suse/isdn-cpai-check-ctr-cnr-to-avoid-array-index-out-of-.patch
(CVE-2021-43389 CVE-2021-3896 bsc#1191958 git-fixes
CVE-2021-4439 bsc#1226670).
- Update
patches.suse/media-mxl111sf-change-mutex_init-location.patch
(git-fixes CVE-2021-47583 bsc#1226563).
- Update
patches.suse/of-module-prevent-NULL-pointer-dereference-in-vsnprintf.patch
(bsc#1226587 CVE-2024-38541 CVE-2024-35878 bsc#1224671).
- Update
patches.suse/tipc-improve-size-validations-for-received-domain-re.patch
(bsc#1195254 CVE-2022-0435 CVE-2022-48711 bsc#1226672).
- commit 4e385ef
- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique()
(CVE-2024-36904 bsc#1225732).
- commit 80f0f47
- tcp: do not accept ACK of bytes we never sent (CVE-2023-52881
bsc#1225611).
- commit 874a2d3
- NFS: Reduce use of uncached readdir (bsc#1226662).
- NFS: Don't re-read the entire page cache to find the next cookie
(bsc#1226662).
- NFS: Further optimisations for 'ls -l' (bsc#1226662).
- NFS: Reduce number of RPC calls when doing uncached readdir
(bsc#1226662).
- NFS: More readdir cleanups (bsc#1226662).
- NFS: Support larger readdir buffers (bsc#1226662).
- NFS: Don't discard readdir results (bsc#1226662).
- NFS: Clean up directory array handling (bsc#1226662).
- NFS: Clean up nfs_readdir_page_filler() (bsc#1226662).
- NFS: Clean up readdir struct nfs_cache_array (bsc#1226662).
- NFS: Ensure contents of struct nfs_open_dir_context are
consistent (bsc#1226662).
- NFS: Use the 64-bit server readdir cookies when possible
(bsc#1226662).
- NFS: Fix up directory verifier races (bsc#1226662).
- nfs: optimise readdir cache page invalidation (bsc#1226662).
- commit 4f3964b
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs
(bsc#1222015 bsc#1226962).
- commit c8cabcf
- USB: core: Fix hang in usb_kill_urb by adding memory barriers
(CVE-2022-48760 bsc#1226712).
- commit da8ec3e
- scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758
CVE-2024-38559).
- scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786
CVE-2024-38560).
- commit 0e33f69
- Update References tag
patches.suse/Bluetooth-Disconnect-if-E0-is-used-for-Level-4.patch
(bsc#1171988 CVE-2020-10135 bsc#1218148 CVE-2023-24023).
- commit 906dfa6
- net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
(CVE-2024-36974 bsc#1226519).
- commit b592e79
- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362)
- commit a875ff3
- RDMA/hns: Fix UAF for cq async event (bsc#1226595 CVE-2024-38545)
- commit d57d06d
- of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1226587 CVE-2024-38541)
- commit c381bb4
- of: module: add buffer overflow check in of_modalias() (bsc#1226587 CVE-2024-38541)
- commit 212b607
- net/mlx5e: Fix use-after-free of encap entry in neigh update
handler (bsc#1224865 CVE-2021-47247).
- commit 91cae43
- net: qcom/emac: fix UAF in emac_remove (bsc#1225010
CVE-2021-47311).
- commit 5533443
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633
bsc#1226226).
- commit 1b48f4e
- net: macb: fix use after free on rmmod (CVE-2021-47372
bsc#1225184).
- commit c9f62c2
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high
(bsc#1219224).
- commit 124c57b
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1224764, CVE-2024-35862).
- commit 8a40236
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1224765, CVE-2024-35864).
- commit 8030dd8
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1224766, CVE-2024-35861).
- commit d1384a0
- smb: client: fix use-after-free bug in
cifs_debug_data_proc_show() (bsc#1225487, CVE-2023-52752).
- commit c058f4e
- blacklist.conf: bsc#1225047 CVE-2021-47328
breaks kABI and does not apply
- commit 8d10b79
- blk-cgroup: fix UAF by grabbing blkcg lock before destroying
blkg pd (CVE-2021-47379 bsc#1225203).
- commit af72a45
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
changes (CVE-2024-35789 bsc#1224749).
- commit 7707dc6
- fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1225866 CVE-2024-36964).
- commit c4d4f4c
- pinctrl: core: delete incorrect free in pinctrl_enable()
(CVE-2024-36940 bsc#1225840).
- commit 6932105
- staging: rtl8192e: Fix use after free in
_rtl92e_pci_disconnect() (CVE-2021-47571 bsc#1225518).
- commit b52b9d0
- enetc: Fix illegal access when reading affinity_hint
(CVE-2021-47368 bsc#1225161).
- commit cde762c
- Bluetooth: Add more enc key size check (bsc#1218148
CVE-2023-24023).
- commit 529bf5d
- Bluetooth: Normalize HCI_OP_READ_ENC_KEY_SIZE cmdcmplt
(bsc#1218148 CVE-2023-24023).
- commit 4ac624b
- blacklist.conf: Add 1971d13ffa84a "af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc()."
- commit 1f2871b
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO
request complete (CVE-2024-36894 bsc#1225749).
- commit 99fc30d
- net: preserve kabi for sk_buff (CVE-2024-26921 bsc#1223138).
- commit 62989dd
- inet: inet_defrag: prevent sk release while still in use
(CVE-2024-26921 bsc#1223138).
- commit 599b2eb
- drm/client: Fully protect modes with dev->mode_config.mutex (CVE-2024-35950 bsc#1224703).
- commit f5de9d8
- smb: client: set correct id, uid and cruid for multiuser
automounts (git-fixes).
- commit 548a1f6
- smb: client: fix dfs link mount against w2k8 (git-fixes).
- commit ffabd7c
- cifs: use tcon allocation functions even for dummy tcon
(bsc#1213476).
- commit 8a18c8c
- cifs: avoid race conditions with parallel reconnects
(bsc#1213476).
- commit 0156937
- cifs: check only tcon status on tcon related functions
(bsc#1213476).
- commit 3ee757c
- cifs: return DFS root session id in DebugData (bsc#1213476).
- commit 40d8689
- cifs: fix use-after-free bug in refresh_cache_worker()
(bsc#1213476).
- Refresh
patches.suse/cifs-avoid-dup-prefix-path-in-dfs_get_automount_devname-.patch.
- commit efddc92
- cifs: set DFS root session in cifs_get_smb_ses() (bsc#1213476).
- commit 249b33f
- cifs: reuse cifs_match_ipaddr for comparison of dstaddr too
(bsc#1213476).
- commit c221add
- cifs: match even the scope id for ipv6 addresses (bsc#1213476).
- commit 376b929
- cifs: get rid of dns resolve worker (bsc#1213476).
- commit 36fdff3
- nvme-rdma: destroy cm id before destroy qp to avoid use after
free (CVE-2021-47378 bsc#1225201).
- commit 132f56c
- net/tls: Fix flipped sign in tls_err_abort() calls
(CVE-2021-47496 bsc#1225354)
- commit c2b236a
- net: sched: flower: protect fl_walk() with rcu
(CVE-2021-47402 bsc#1225301)
- commit 5275989
- Update
patches.suse/0001-x86-ioremap-Map-efi_mem_reserve-memory-as-encrypted-.patch
(bsc#1186885 bsc#1224826 CVE-2021-47228).
- Update
patches.suse/0002-bcache-avoid-oversized-read-request-in-cache-miss.patch
(bsc#1187357 bsc#1185570 bsc#1184631 bsc#1224965
CVE-2021-47275).
- Update
patches.suse/0002-ocfs2-fix-race-between-searching-chunks-and-release-.patch
(bsc#1199304 bsc#1225439 CVE-2021-47493).
- Update
patches.suse/0003-drm-prime-Fix-use-after-free-in-mmap-with-drm_gem_tt.patch
(bsc#1152472 bsc#1222838 CVE-2021-47200).
- Update
patches.suse/0015-dm-btree-remove-assign-new_root-only-when-removal-su.patch
(git-fixes bsc#1225155 CVE-2021-47343).
- Update
patches.suse/0019-dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(git-fixes bsc#1225247 CVE-2021-47435).
- Update patches.suse/ACPI-fix-NULL-pointer-dereference.patch
(git-fixes bsc#1224984 CVE-2021-47289).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes bsc#1225409 CVE-2021-47509).
- Update
patches.suse/ALSA-seq-Fix-race-of-snd_seq_timer_open.patch
(git-fixes bsc#1224983 CVE-2021-47281).
- Update
patches.suse/ALSA-usx2y-Don-t-call-free_pages_exact-with-NULL-add.patch
(git-fixes bsc#1225091 CVE-2021-47332).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes bsc#1225206 CVE-2021-47381).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes bsc#1225369 CVE-2021-47502).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(git-fixes bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(CVE-2022-20132 bsc#1200619 bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(git-fixes bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(git-fixes bsc#1225438 CVE-2021-47523).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(CVE-2021-47485 bsc#1224904 bsc#1220960 CVE-2021-47104).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056 bsc#1225341
CVE-2021-47465).
- Update
patches.suse/KVM-mmio-Fix-use-after-free-Read-in-kvm_vm_ioctl_unr.patch
(git-fixes bsc#1224923 CVE-2021-47341).
- Update
patches.suse/KVM-x86-Immediately-reset-the-MMU-context-when-the-S.patch
(git-fixes bsc#1224853 CVE-2021-47230).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(git-fixes bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(git-fixes bsc#1225262 CVE-2021-47443).
- Update
patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
(git-fixes bsc#1224953 CVE-2021-47259).
- Update
patches.suse/RDMA-Verify-port-when-creating-flow-rule.patch
(git-fixes bsc#1224957 CVE-2021-47265).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(git-fixes bsc#1210629 CVE-2023-2176 bsc#1225318
CVE-2021-47391).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(bsc#1181147 bsc#1225320 CVE-2021-47392).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(git-fixes bsc#1225393 CVE-2021-47464).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(bsc#1191452 bsc#1225193 CVE-2021-47375).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(git-fixes bsc#1225370 CVE-2021-47426).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(git-fixes bsc#1225256 CVE-2021-47456).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes bsc#1225435 CVE-2021-47521).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes bsc#1225450 CVE-2021-47494).
- Update
patches.suse/cifs-prevent-NULL-deref-in-cifs_compose_mount_options-.patch
(bsc#1185902 bsc#1224961 CVE-2021-47307).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(git-fixes bsc#1225316 CVE-2021-47387).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(bsc#1221113 bsc#1225357 CVE-2021-47498).
- Update
patches.suse/dma-buf-sync_file-Don-t-leak-fences-on-merge-failure.patch
(git-fixes bsc#1224968 CVE-2021-47305).
- Update
patches.suse/drm-Fix-use-after-free-read-in-drm_getunique.patch
(git-fixes bsc#1224982 CVE-2021-47280).
- Update
patches.suse/drm-amd-display-Avoid-HDCP-over-read-and-corruption.patch
(git-fixes bsc#1225178 CVE-2021-47348).
- Update
patches.suse/drm-amd-display-Fix-potential-memory-leak-in-DMUB-hw.patch
(git-fixes bsc#1224886 CVE-2021-47253).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(git-fixes bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(git-fixes bsc#1225243 CVE-2021-47444).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes bsc#1225261 CVE-2021-47445).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(git-fixes bsc#1225446 CVE-2021-47535).
- Update
patches.suse/drm-nouveau-avoid-a-use-after-free-when-BO-init-fail.patch
(bsc#1152472 bsc#1224816 CVE-2020-36788).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes bsc#1225366 CVE-2021-47423).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(git-fixes bsc#1225233 CVE-2021-47422).
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(git-fixes bsc#1225230 CVE-2022-48710).
- Update patches.suse/drm-sched-Avoid-data-corruptions.patch
(git-fixes bsc#1225140 CVE-2021-47354).
- Update
patches.suse/ethtool-strset-fix-message-length-calculation.patch
(bsc#1176447 bsc#1224842 CVE-2021-47241).
- Update
patches.suse/fbmem-Do-not-delete-the-mode-that-is-still-in-use.patch
(git-fixes bsc#1224924 CVE-2021-47338).
- Update
patches.suse/ftrace-Do-not-blindly-read-the-ip-address-in-ftrace_bug.patch
(git-fixes bsc#1224966 CVE-2021-47276).
- Update
patches.suse/gpio-wcd934x-Fix-shift-out-of-bounds-error.patch
(git-fixes bsc#1224955 CVE-2021-47263).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes bsc#1225321 CVE-2021-47393).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(git-fixes bsc#1225361 CVE-2021-47501).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(git-fixes bsc#1225367 CVE-2021-47424).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-7926 bsc#1225500 CVE-2021-47563).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-7926 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/igb-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224916 CVE-2021-47301).
- Update
patches.suse/igc-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224917 CVE-2021-47302).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes bsc#1225358 CVE-2021-47499).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(git-fixes bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isdn-mISDN-netjet-Fix-crash-in-nj_probe.patch
(git-fixes bsc#1224987 CVE-2021-47284).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(bsc#1194591 bsc#1225198 CVE-2021-47478).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(git-fixes bsc#1225328 CVE-2021-47399).
- Update patches.suse/jfs-fix-GPF-in-diFree.patch (bsc#1203389
bsc#1225148 CVE-2021-47340).
- Update
patches.suse/mISDN-fix-possible-use-after-free-in-HFC_cleanup.patch
(git-fixes bsc#1225143 CVE-2021-47356).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes bsc#1225326 CVE-2021-47395).
- Update
patches.suse/media-zr364xx-fix-memory-leak-in-zr364xx_start_readp.patch
(git-fixes bsc#1224922 CVE-2021-47344).
- Update
patches.suse/misc-alcor_pci-fix-null-ptr-deref-when-there-is-no-P.patch
(git-fixes bsc#1225113 CVE-2021-47333).
- Update
patches.suse/misc-libmasm-module-Fix-two-use-after-free-in-ibmasm.patch
(git-fixes bsc#1225112 CVE-2021-47334).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(git-fixes bsc#1225224 CVE-2021-47441).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes bsc#1225386 CVE-2021-47540).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-ethernet-fix-potential-use-after-free-in-ec_bhf_.patch
(git-fixes bsc#1224844 CVE-2021-47235).
- Update
patches.suse/net-hamradio-fix-memory-leak-in-mkiss_close.patch
(CVE-2022-1195 bsc#1198029 bsc#1224830 CVE-2021-47237).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(git-fixes bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-nfc-rawsock.c-fix-a-permission-check-bug.patch
(git-fixes bsc#1224981 CVE-2021-47285).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
(jsc#SLE-15172 bsc#1225424 CVE-2021-47512).
- Update
patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
(bsc#1176774 bsc#1225468 CVE-2021-47557).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes bsc#1225447 CVE-2021-47536).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(bsc#1176447 bsc#1225237 CVE-2021-47451).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes bsc#1225372 CVE-2021-47518).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update
patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
(git-fixes bsc#1225058 CVE-2021-47320).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes bsc#1225405 CVE-2021-47507).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes bsc#1225404 CVE-2021-47506).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(bsc#1190795 bsc#1225251 CVE-2021-47460).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(bsc#1197760 bsc#1225252 CVE-2021-47458).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
bsc#1225336 CVE-2021-47416).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(bsc#1156395 bsc#1225387 CVE-2021-47428).
- Update
patches.suse/powerpc-mm-Fix-lockup-on-kernel-exec-fault.patch
(bsc#1156395 bsc#1225181 CVE-2021-47350).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes bsc#1224907 CVE-2021-47483).
- Update
patches.suse/rxrpc-Fix-rxrpc_local-leak-in-rxrpc_lookup_peer.patch
(bsc#1154353 bnc#1151927 5.3.9 bsc#1225448 CVE-2021-47538).
- Update
patches.suse/s390-dasd-fix-Oops-in-dasd_alias_get_start_dev-due-to-missing-pavgroup
(git-fixes bsc#1223512 CVE-2022-48636).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_list
(git-fixes bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery
(git-fixes bsc#1225207 CVE-2021-47382).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes bsc#1225508 CVE-2021-47549).
- Update
patches.suse/scsi-core-Fix-bad-pointer-dereference-when-ehandler-kthread-is-invalid.patch
(git-fixes bsc#1224926 CVE-2021-47337).
- Update
patches.suse/scsi-core-Fix-error-handling-of-scsi_host_alloc.patch
(git-fixes bsc#1224899 CVE-2021-47258).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is-released.patch
(git-fixes bsc#1225322 CVE-2021-47480).
- Update
patches.suse/scsi-core-sysfs-Fix-hang-when-device-state-is-set-via-sysfs.patch
(git-fixes bsc#1222867 CVE-2021-47192).
- Update
patches.suse/scsi-libfc-Fix-array-index-out-of-bound-exception.patch
(bsc#1188616 bsc#1224963 CVE-2021-47308).
- Update
patches.suse/scsi-megaraid_sas-Fix-resource-leak-in-case-of-probe-failure.patch
(git-fixes bsc#1225083 CVE-2021-47329).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes bsc#1225374 CVE-2021-47503).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-qla2x00_process_els
(git-fixes bsc#1225192 CVE-2021-47473).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/tracing-Correct-the-length-check-which-causes-memory-corruption.patch
(git-fixes bsc#1224990 CVE-2021-47274).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-serial-8250-serial_cs-Fix-a-memory-leak-in-error.patch
(git-fixes bsc#1225084 CVE-2021-47330).
- Update
patches.suse/udf-Fix-NULL-pointer-dereference-in-udf_symlink-func.patch
(bsc#1206646 bsc#1225128 CVE-2021-47353).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes bsc#1225333 CVE-2021-47413).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(git-fixes bsc#1225330 CVE-2021-47409).
- Update
patches.suse/usb-dwc3-ep0-fix-NULL-pointer-exception.patch
(git-fixes bsc#1224996 CVE-2021-47269).
- Update
patches.suse/usb-fix-various-gadget-panics-on-10gbps-cabling.patch
(git-fixes bsc#1224993 CVE-2021-47267).
- Update
patches.suse/usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cab.patch
(git-fixes bsc#1224997 CVE-2021-47270).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes bsc#1225244 CVE-2021-47436).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(git-fixes bsc#1225351 CVE-2021-47495).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-by-calling-del_.patch
(git-fixes bsc#1225060 CVE-2021-47321).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-in-wdt_startup.patch
(git-fixes bsc#1225030 CVE-2021-47324).
- Update
patches.suse/watchdog-sc520_wdt-Fix-possible-use-after-free-in-wd.patch
(git-fixes bsc#1225026 CVE-2021-47323).
- Update
patches.suse/wl1251-Fix-possible-buffer-overflow-in-wl1251_cmd_sc.patch
(git-fixes bsc#1225177 CVE-2021-47347).
- Update
patches.suse/x86-fpu-prevent-state-corruption-in-_fpu__restore_sig.patch
(bsc#1178134 bsc#1224852 CVE-2021-47227).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(git-fixes bsc#1225232 CVE-2021-47434).
- commit 0b290f8
- Update
patches.suse/0002-bcache-avoid-oversized-read-request-in-cache-miss.patch
(bsc#1184631 bsc#1224965 CVE-2021-47275).
- Update patches.suse/ACPI-fix-NULL-pointer-dereference.patch
(git-fixes bsc#1224984 CVE-2021-47289).
- Update
patches.suse/ALSA-usx2y-Don-t-call-free_pages_exact-with-NULL-add.patch
(git-fixes bsc#1225091 CVE-2021-47332).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes bsc#1225206 CVE-2021-47381).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(git-fixes bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(CVE-2022-20132 bsc#1200619 bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(git-fixes bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(CVE-2021-47485 bsc#1224904 bsc#1220960 CVE-2021-47104).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(bko#206669 bsc#1174585 bsc#1192107 CVE-2021-43056 bsc#1225341
CVE-2021-47465).
- Update
patches.suse/KVM-mmio-Fix-use-after-free-Read-in-kvm_vm_ioctl_unr.patch
(git-fixes bsc#1224923 CVE-2021-47341).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(git-fixes bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(git-fixes bsc#1225262 CVE-2021-47443).
- Update
patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
(git-fixes bsc#1224953 CVE-2021-47259).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(bsc#1210629 CVE-2023-2176 bsc#1225318 CVE-2021-47391).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(git-fixes bsc#1225393 CVE-2021-47464).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(bsc#1191452 bsc#1225193 CVE-2021-47375).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(git-fixes bsc#1225256 CVE-2021-47456).
- Update
patches.suse/cifs-prevent-NULL-deref-in-cifs_compose_mount_options-.patch
(bsc#1185902 bsc#1224961 CVE-2021-47307).
- Update
patches.suse/dma-buf-sync_file-Don-t-leak-fences-on-merge-failure.patch
(git-fixes bsc#1224968 CVE-2021-47305).
- Update
patches.suse/drm-Fix-use-after-free-read-in-drm_getunique.patch
(git-fixes bsc#1224982 CVE-2021-47280).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(git-fixes bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes bsc#1225261 CVE-2021-47445).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes bsc#1225366 CVE-2021-47423).
- Update patches.suse/drm-sched-Avoid-data-corruptions.patch
(git-fixes bsc#1225140 CVE-2021-47354).
- Update
patches.suse/fbmem-Do-not-delete-the-mode-that-is-still-in-use.patch
(git-fixes bsc#1224924 CVE-2021-47338).
- Update
patches.suse/ftrace-Do-not-blindly-read-the-ip-address-in-ftrace_bug.patch
(git-fixes bsc#1224966 CVE-2021-47276).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes bsc#1225321 CVE-2021-47393).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(git-fixes bsc#1225367 CVE-2021-47424).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-7926 bsc#1225500 CVE-2021-47563).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-7926 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/igb-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224916 CVE-2021-47301).
- Update
patches.suse/igc-Fix-use-after-free-error-during-reset.patch
(git-fixes bsc#1224917 CVE-2021-47302).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(git-fixes bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isdn-mISDN-netjet-Fix-crash-in-nj_probe.patch
(git-fixes bsc#1224987 CVE-2021-47284).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(git-fixes bsc#1225328 CVE-2021-47399).
- Update
patches.suse/mISDN-fix-possible-use-after-free-in-HFC_cleanup.patch
(git-fixes bsc#1225143 CVE-2021-47356).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes bsc#1225326 CVE-2021-47395).
- Update
patches.suse/media-zr364xx-fix-memory-leak-in-zr364xx_start_readp.patch
(git-fixes bsc#1224922 CVE-2021-47344).
- Update
patches.suse/misc-alcor_pci-fix-null-ptr-deref-when-there-is-no-P.patch
(git-fixes bsc#1225113 CVE-2021-47333).
- Update
patches.suse/misc-libmasm-module-Fix-two-use-after-free-in-ibmasm.patch
(git-fixes bsc#1225112 CVE-2021-47334).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(git-fixes bsc#1225224 CVE-2021-47441).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(git-fixes bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-nfc-rawsock.c-fix-a-permission-check-bug.patch
(git-fixes bsc#1224981 CVE-2021-47285).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update
patches.suse/nfs-fix-acl-memory-leak-of-posix_acl_create.patch
(git-fixes bsc#1225058 CVE-2021-47320).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(bsc#1190795 bsc#1225251 CVE-2021-47460).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
bsc#1225336 CVE-2021-47416).
- Update
patches.suse/powerpc-mm-Fix-lockup-on-kernel-exec-fault.patch
(bsc#1156395 bsc#1225181 CVE-2021-47350).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes bsc#1224907 CVE-2021-47483).
- Update
patches.suse/rxrpc-Fix-rxrpc_local-leak-in-rxrpc_lookup_peer.patch
(bsc#1154353 bnc#1151927 5.3.9 bsc#1225448 CVE-2021-47538).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_list
(git-fixes bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery
(git-fixes bsc#1225207 CVE-2021-47382).
- Update
patches.suse/scsi-libfc-Fix-array-index-out-of-bound-exception.patch
(bsc#1188616 bsc#1224963 CVE-2021-47308).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-qla2x00_process_els
(git-fixes bsc#1225192 CVE-2021-47473).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/tracing-Correct-the-length-check-which-causes-memory-corruption.patch
(git-fixes bsc#1224990 CVE-2021-47274).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-serial-8250-serial_cs-Fix-a-memory-leak-in-error.patch
(git-fixes bsc#1225084 CVE-2021-47330).
- Update
patches.suse/usb-dwc3-ep0-fix-NULL-pointer-exception.patch
(git-fixes bsc#1224996 CVE-2021-47269).
- Update
patches.suse/usb-fix-various-gadget-panics-on-10gbps-cabling.patch
(git-fixes bsc#1224993 CVE-2021-47267).
- Update
patches.suse/usb-fix-various-gadgets-null-ptr-deref-on-10gbps-cab.patch
(git-fixes bsc#1224997 CVE-2021-47270).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes bsc#1225244 CVE-2021-47436).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(git-fixes bsc#1225351 CVE-2021-47495).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-by-calling-del_.patch
(git-fixes bsc#1225060 CVE-2021-47321).
- Update
patches.suse/watchdog-Fix-possible-use-after-free-in-wdt_startup.patch
(git-fixes bsc#1225030 CVE-2021-47324).
- Update
patches.suse/watchdog-sc520_wdt-Fix-possible-use-after-free-in-wd.patch
(git-fixes bsc#1225026 CVE-2021-47323).
- Update
patches.suse/wl1251-Fix-possible-buffer-overflow-in-wl1251_cmd_sc.patch
(git-fixes bsc#1225177 CVE-2021-47347).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(git-fixes bsc#1225232 CVE-2021-47434).
- commit 37dba5a
- net/smc: kABI workarounds for struct smc_link (CVE-2022-48673
bsc#1223934).
- net/smc: Fix possible access to freed memory in link clear
(CVE-2022-48673 bsc#1223934).
- commit 0f509bf
- soc: qcom: llcc: Handle a second device without data corruption (bsc#1225534 CVE-2023-52871)
- commit f6adad8
- x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes).
- Refresh
patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transition.patch.
- Refresh
patches.suse/x86-xen-add-xenpv_restore_regs_and_return_to_usermode.patch.
- commit fa16bf8
- cifs: fix underflow in parse_server_interfaces() (bsc#1223084,
CVE-2024-26828).
- commit 8a48c12
- nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
(bsc#1225355 CVE-2021-47497).
- commit 33cab00
- Refresh
patches.suse/firmware-raspberrypi-introduce-vl805-init-routine.patch.
- Refresh
patches.suse/pci-brcmstb-wait-for-raspberry-pi-s-firmware-when-present.patch.
- Refresh
patches.suse/usb-pci-quirks-add-raspberry-pi-4-quirk.patch.
- Rename to
patches.suse/soc-bcm2835-add-notify-xhci-reset-property.patch.
Add upstream references, sync with upstream and move to the sorted
section.
3 of these patches were later reverted, but only because they were
replaced by a different implementation, not because they were wrong.
Add the reverts to blacklist.conf.
- commit ebed050
- iio: mma8452: Fix trigger reference couting (bsc#1225360
CVE-2021-47500).
- commit 8ee9c73
- efi/capsule-loader: fix incorrect allocation size (bsc#1224438
CVE-2024-27413).
- commit 66f7463
- tty: Fix out-of-bound vmalloc access in imageblit
(CVE-2021-47383 bsc#1225208).
- commit aa2473d
- ALSA: pcm: oss: Fix negative period/buffer sizes (CVE-2021-47511
bsc#1225411).
- commit 094796a
- Update tags in
patches.suse/ext4-Fix-check-for-block-being-out-of-directory-size.patch.
And move to the sorted section of series.conf.
- commit dc0df73
- Refresh patches.suse/x86-cpu-amd-add-a-zenbleed-fix.patch.
- Refresh
patches.suse/x86-cpu-amd-move-the-errata-checking-functionality-up.patch.
Move 2 upstream arch-specific patches to the sorted section.
- commit d5f36cd
- Input: synaptics-rmi4 - fix use after free in
rmi_unregister_function() (CVE-2023-52840 bsc#1224928).
- commit 3a1b2ed
- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() (CVE-2021-47485 bsc#1224904)
- commit 7e99b42
- af_unix: annote lockless accesses to unix_tot_inflight &
gc_in_progress (bsc#1223384).
- Refresh
patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch.
- commit 03fbb54
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields (CVE-2021-47485 bsc#1224904)
- commit c9482fe
- IB/mlx5: Fix initializing CQ fragments buffer (bsc#1224954 CVE-2021-47261)
- commit 77cbada
- Move powerpc patches to their specific section
They are apparently not going upstream.
- commit eea93a0
- Move upstream patches to the sorted section
- commit 757eb5a
- Update
patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch
(bsc#1209657 CVE-2023-0160 CVE-2024-35895 bsc#1224511).
- Update
patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch
(bsc#1221044 CVE-2023-52591 CVE-2024-35914 bsc#1224482).
- Update
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch
(CVE-2023-47233 bsc#1216702 CVE-2024-35811 bsc#1224592).
- commit e0bcd81
- Update
patches.suse/KVM-PPC-Fix-kvm_arch_vcpu_ioctl-vcpu_load-leak.patch
(bsc#1156395 CVE-2021-47296 bsc#1224891).
- Update
patches.suse/NFS-Fix-a-potential-NULL-dereference-in-nfs_get_clie.patch
(git-fixes CVE-2021-47260 bsc#1224834).
- Update
patches.suse/PCI-aardvark-Fix-kernel-panic-during-PIO-transfer.patch
(git-fixes CVE-2021-47229 bsc#1224854).
- Update
patches.suse/batman-adv-Avoid-WARN_ON-timing-related-checks.patch
(git-fixes CVE-2021-47252 bsc#1224882).
- Update
patches.suse/can-mcba_usb-fix-memory-leak-in-mcba_usb.patch
(git-fixes CVE-2021-47231 bsc#1224849).
- Update
patches.suse/kvm-lapic-restore-guard-to-prevent-illegal-apic-regi.patch
(bsc#1188772 CVE-2021-47255 bsc#1224832).
- Update
patches.suse/media-ngene-Fix-out-of-bounds-bug-in-ngene_command_c.patch
(git-fixes CVE-2021-47288 bsc#1224889).
- Update
patches.suse/memory-fsl_ifc-fix-leak-of-IO-mapping-on-probe-failu.patch
(git-fixes CVE-2021-47315 bsc#1224892).
- Update
patches.suse/memory-fsl_ifc-fix-leak-of-private-memory-on-probe-f.patch
(git-fixes CVE-2021-47314 bsc#1224893).
- Update patches.suse/net-cdc_eem-fix-tx-fixup-skb-leak.patch
(git-fixes CVE-2021-47236 bsc#1224841).
- Update
patches.suse/net-mlx5e-Fix-page-reclaim-for-dead-peer-hairpin.patch
(git-fixes CVE-2021-47246 bsc#1224831).
- Update
patches.suse/net-qrtr-fix-OOB-Read-in-qrtr_endpoint_post.patch
(CVE-2021-3743 bsc#1189883 CVE-2021-47240 bsc#1224843).
- Update
patches.suse/net-usb-fix-possible-use-after-free-in-smsc75xx_bind.patch
(git-fixes CVE-2021-47239 bsc#1224846).
- Update
patches.suse/usb-dwc3-core-fix-kernel-panic-when-do-reboot.patch
(git-fixes CVE-2021-47220 bsc#1224859).
- commit 5376688
- gfs2: Fix use-after-free in gfs2_glock_shrink_scan (bsc#1224888
CVE-2021-47254).
- commit bf82ce3
- btrfs: do not start relocation until in progress drops are done
(bsc#1222251).
- commit a41ddb4
- btrfs: do not start relocation until in progress drops are done
(bsc#1222251).
- commit 0f3d5ec
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(bsc#1224174 CVE-2024-27398).
- commit 2d99726
- af_unix: Fix garbage collector racing against connect()
(CVE-2024-26923 bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- commit 9a2eeaf
- blacklist.conf: Fix for code not present (CVE-2024-26929)
- commit 3d9e5d9
- Refresh
patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch.
- Refresh
patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch.
- Refresh
patches.suse/rpadlpar_io-Add-MODULE_DESCRIPTION-entries-to-kernel.patch.
Adjust headers to minimize merge conflicts.
- commit 0300a69
- Refresh
patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch.
Swap headers to avoid a conflict when merging into consumer branches.
- commit 1510229
- Refresh
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch.
Update Patch-mainline tag and move to sorted section.
- commit 81abd64
- Refresh patches.suse/Bluetooth-L2CAP-Fix-u8-overflow.patch.
Add upstream commit ID and move to sorted section.
- commit 5c72346
- Refresh
patches.suse/wifi-brcmfmac-Fix-potential-buffer-overflow-in-brcmf.patch.
Update Patch-mainline tag and move to sorted section.
- commit 684103a
- Refresh
patches.suse/misc-sgi-gru-fix-use-after-free-error-in-gru_set_con.patch.
Update Patch-mainline tag and move to sorted section.
- commit a75fb60
- Refresh
patches.suse/char-pcmcia-synclink_cs-Fix-use-after-free-in-mgslpc.patch.
Driver was deleted upstream so this fix will stay out-of-tree
forever. Move to the appropriate section.
- commit bce6652
- Refresh
patches.suse/media-dvb-core-Fix-UAF-due-to-refcount-races-at-rele.patch.
Add upstream commit ID and move to sorted section.
- commit 39ecedd
- Refresh
patches.suse/netfilter-nf_conntrack_irc-Tighten-matching-on-DCC-m.patch.
Add upstream commit ID and move to sorted section.
- commit 6754ecb
- Refresh
patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch.
Add upstream commit ID and move to sorted section.
- commit 92fa4c5
- Refresh
patches.suse/SUNRPC-auth-async-tasks-mustn-t-block-waiting-for-me.patch.
- Refresh
patches.suse/SUNRPC-call_alloc-async-tasks-mustn-t-block-waiting-.patch.
- Refresh
patches.suse/SUNRPC-improve-swap-handling-scheduling-and-PF_MEMAL.patch.
- Refresh
patches.suse/SUNRPC-remove-scheduling-boost-for-SWAPPER-tasks.patch.
- Refresh
patches.suse/SUNRPC-xprt-async-tasks-mustn-t-block-waiting-for-me.patch.
Add upstream commit IDs and move to sorted section.
- commit 245a308
- Refresh
patches.suse/NFS-change-nfs_access_get_cached-to-only-report-the-.patch.
- Refresh
patches.suse/NFS-don-t-store-struct-cred-in-struct-nfs_access_ent.patch.
- Refresh
patches.suse/NFS-pass-cred-explicitly-for-access-tests.patch.
Add upstream commit IDs and move to sorted section.
- commit 8f85449
- Refresh
patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch.
Add upstream commit ID and move to sorted section.
- commit 0e0054f
- NFC: nxp: add NXP1002 (bsc#1185589).
Add upstream commit ID and subject, and move to sorted section.
- commit 01c3222
- series.conf: Move block-genhd-use-atomic_t-for-disk_event-block.patch
Patch was never accepted upstream and was dropped from later products
as it had problematic side effects. Move it to the appropriate
out-of-tree section.
- commit 9199401
- PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243).
Add upstream commit ID and subject, and move to sorted section.
- commit 4630de9
- Refresh
patches.suse/drivers-base-memory.c-cache-blocks-in-radix-tree-to-.patch.
Document why this commit will never go upstream and move it to its
specific section.
- commit f30bed3
- Refresh
patches.suse/x86-boot-Ignore-relocations-in-.notes-sections-in-walk_rel.patch.
Move to sorted section.
- commit 9bdf9d5
- blacklist.conf: add fix for code not present (CVE-2024-26930)
- commit 19f6175
- Update
patches.suse/netfilter-nf_tables-mark-set-as-dead-when-unbinding-.patch
(git-fixes CVE-2024-26643 bsc#1221829).
- Update
patches.suse/netfilter-nf_tables-release-mutex-after-nft_gc_seq_e.patch
(git-fixes CVE-2024-26925 bsc#1223390).
- Update
patches.suse/netfilter-nft_set_rbtree-skip-end-interval-element-f.patch
(git-fixes CVE-2024-26581 bsc#1220144).
- commit 5b5ef95
- Update
patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1220754 CVE-2023-6531 CVE-2023-52654 bsc#1224099).
- Update
patches.suse/netfilter-nf_tables-fix-memleak-when-more-than-255-e.patch
(git-fixes CVE-2023-52581 bsc#1220877).
- Update
patches.suse/netfilter-nft_set_rbtree-skip-sync-GC-for-new-elemen.patch
(git-fixes CVE-2023-52433 bsc#1220137).
- commit ab7595e
- blacklist.conf: Add 9474c62ab65f net/sched: Add module alias for sch_fq_pie
- commit 0f0d88e
- usb: aqc111: check packet for fixup for true limit (bsc#1217169
CVE-2023-52655).
- commit 1678228
- Update
patches.suse/drm-radeon-add-a-force-flush-to-delay-work-when-rade.patch
(git-fixes CVE-2022-48704 bsc#1223932).
- commit d602686
- netfilter: nf_tables: release mutex after nft_gc_seq_end from
abort path (git-fixes).
- commit 453d60a
- netfilter: nf_tables: mark set as dead when unbinding anonymous
set with timeout (git-fixes).
- commit a3b6f2c
- netfilter: nft_set_rbtree: skip end interval element from gc
(git-fixes).
- commit f941d80
- netfilter: nf_tables: skip dead set elements in netlink dump
(git-fixes).
- commit 11672cf
- netfilter: nf_tables: mark newset as dead on transaction abort
(git-fixes).
- commit deeefa0
- blacklist.conf: update blacklist
- commit d111502
- blacklist.conf: update blacklist
- commit c053707
- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion
failure (git-fixes).
- commit 787a388
- Refresh patches.kabi/netfilter-preserve-nf_tables-kabi.patch.
- commit f69dce7
- netfilter: nf_tables: fix memleak when more than 255 elements
expired (git-fixes).
- commit 55db444
- blacklist.conf: update blacklist
- commit 3075338
- netfilter: nft_set_hash: try later when GC hits EAGAIN on
iteration (git-fixes).
- commit bc13e9b
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath
contention (git-fixes).
- commit 9ed8e71
- netfilter: nft_set_rbtree: skip sync GC for new elements in
this transaction (git-fixes).
- commit 0d564a0
- netfilter: nf_tables: defer gc run if previous batch is still
pending (git-fixes).
- commit 1cb21d0
- netfilter: nf_tables: use correct lock to protect gc_list
(git-fixes).
- commit f315c4c
- netfilter: nf_tables: GC transaction race with abort path
(git-fixes).
- commit ce0642f
- netfilter: nf_tables: GC transaction race with netns dismantle
(git-fixes).
- commit d9e442c
- blacklist.conf: update blacklist
- commit 51055c8
- netfilter: nf_tables: fix GC transaction races with netns and
netlink event exit path (git-fixes).
- commit eacca32
- netfilter: nf_tables: fix kdoc warnings after gc rework
(git-fixes).
- commit f86c22d
- Update
patches.suse/scsi-mpt3sas-Fix-use-after-free-warning.patch
(git-fixes CVE-2022-48695 bsc#1223941).
- commit 033821b
- Update
patches.suse/ALSA-emu10k1-Fix-out-of-bounds-access-in-snd_emu10k1.patch
(git-fixes CVE-2022-48702 bsc#1223923).
- commit c521d4a
- Update
patches.suse/of-fdt-fix-off-by-one-error-in-unflatten_dt_nodes.patch
(git-fixes CVE-2022-48672 bsc#1223931).
- commit e3fefd5
- cachefiles: fix memory leak in cachefiles_add_cache()
(bsc#1222976 CVE-2024-26840).
- commit aa1fa99
- netfilter: nf_tables: adapt set backend to use GC transaction
API (bsc#1215420 CVE-2023-4244).
- commit 2a5fb01
- btrfs: abort in rename_exchange if we fail to insert the second ref (CVE-2021-47113 bsc#1221543)
Refresh patches.suse/btrfs-prevent-rename2-from-exchanging-a-subvol-with-a-directory-from-different-parents.patch
- commit cc57e15
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
references (CVE-2024-26739 bsc#1222559, drop incorrect references).
- commit 8b3f599
- net/tls: Remove the context from the list in tls_device_down
(bsc#1221545).
- commit aca4b2e
- blacklist.conf: add 94ce3b64c62d
Blacklist commit 94ce3b64c62d ("net/tls: Use RCU API to access
tls_ctx->netdev"). This is a follow-up to c55dcdd435aa which addresses an
issue which is rather theoretical and the backport would be quite
intrusive.
- commit 64bbcaf
- tls: Fix context leak on tls_device_down (bsc#1221545).
- commit 23bab3f
- Update
patches.suse/nvme-tcp-fix-uaf-when-detecting-digest-errors.patch
(bsc#1200313 bsc#1201489 CVE-2022-48686 bsc#1223948).
- commit 5e5f9fe
- Update
patches.suse/ALSA-usb-audio-Fix-an-out-of-bounds-bug-in-__snd_usb.patch
(git-fixes CVE-2022-48701 bsc#1223921).
- commit 5de225e
- Update
patches.suse/soc-brcmstb-pm-arm-Fix-refcount-leak-and-__iomem-lea.patch
(git-fixes CVE-2022-48693 bsc#1223963).
- commit 0e4cd62
- kabi: hide new member of struct tls_context (CVE-2021-47131
bsc#1221545).
- net/tls: Fix use-after-free after the TLS device goes down
and up (CVE-2021-47131 bsc#1221545).
- commit c19ff47
- Update
patches.suse/ipv6-sr-fix-out-of-bounds-read-when-setting-HMAC-dat.patch
(bsc#1211592 CVE-2023-2860 CVE-2022-48687 bsc#1223952).
- commit 94a1c44
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
(CVE-2024-26852 bsc#1223057).
- commit f51e744
- openvswitch: fix stack OOB read while fragmenting IPv4 packets
(CVE-2021-46955 bsc#1220513).
- commit 37faff4
- packet: annotate data-races around ignore_outgoing
(CVE-2024-26862 bsc#1223111).
- commit 9b14c5d
- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
(CVE-2024-0639 bsc#1218917).
- commit c0f421c
- netfilter: preserve nf_tables kabi (bsc#1215420 CVE-2023-424).
- commit e6ab556
- media: edia: dvbdev: fix a use-after-free (CVE-2024-27043
bsc#1223824).
- commit 1c01fe0
- ext4: fix bug in extents parsing when eh_entries == 0 and
eh_depth > 0 (bsc#1223475 CVE-2022-48631).
- commit 911e181
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit b804891
- Update
patches.suse/cgroup-cgroup_get_from_id-must-check-the-looked-up-kn-is-a-directory.patch
(bsc#1203906 CVE-2022-48638 bsc#1223522).
- commit 3bd7c2d
- netfilter: nf_tables: GC transaction API to avoid race with
control plane (bsc#1215420 CVE-2023-4244).
- commit 361e5a0
- netfilter: nf_tables: don't skip expired elements during walk
(bsc#1215420 CVE-2023-4244).
- commit 47ee234
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
(bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit c5c2590
- Update
patches.suse/netfilter-nfnetlink_osf-fix-possible-bogus-match-in-.patch
(bsc#1204614 CVE-2022-48654 bsc#1223482).
- commit 1221e0a
- netfilter: nft_set_rbtree: fix overlap expiration walk
(git-fixes).
- commit 90d7112
- netfilter: nft_set_rbtree: fix null deref on element insertion
(git-fixes).
- commit f25e27c
- netfilter: nft_set_rbtree: skip elements in transaction from
garbage collection (git-fixes).
- commit 845bbc6
- netfilter: nft_set_rbtree: Switch to node list walk for overlap
detection (git-fixes).
- commit bd48625
- netfilter: nft_set_rbtree: overlap detection with element
re-addition after deletion (git-fixes).
- commit d362ed4
- netfilter: nft_set_rbtree: Detect partial overlap with start
endpoint match (git-fixes).
- commit 4970ce9
- netfilter: nft_set_rbtree: Handle outcomes of tree rotations
in overlap detection (git-fixes).
- commit bc0387c
- netfilter: nft_set_rbtree: Don't account for expired elements
on insertion (git-fixes).
- commit c90c848
- netfilter: nft_set_rbtree: Add missing expired checks
(git-fixes).
- commit 0d65e63
- netfilter: nft_set_rbtree: Drop spurious condition for overlap
detection on insertion (git-fixes).
- commit a64c352
- netfilter: nft_set_rbtree: Detect partial overlaps on insertion
(git-fixes).
- commit 39167a3
- netfilter: nft_set_rbtree: Introduce and use
nft_rbtree_interval_start() (git-fixes).
- commit 9b991e8
- netfilter: nft_set_rbtree: bogus lookup/get on consecutive
elements in named sets (git-fixes).
- commit 1a2cbfc
- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
(bsc#1223513 CVE-2022-48651).
- commit 0325bf2
- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (bsc#1223202 CVE-2024-26906).
- commit 4dcafb9
- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (bsc#1223202 CVE-2024-26906).
- commit 4e61cac
- x86/boot: Ignore relocations in .notes sections in walk_relocs() too (bsc#1222624 CVE-2024-26816).
- commit 8d2e301
- x86, relocs: Ignore relocations in .notes section (bsc#1222624 CVE-2024-26816).
- commit b1ed209
- Update
patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
(bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
- Update
patches.suse/Bluetooth-rfcomm-Fix-null-ptr-deref-in-rfcomm_check_.patch
(bsc#1219170 CVE-2024-22099 CVE-2024-26903 bsc#1223187).
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
(CVE-2024-26733 bsc#1222585 CVE-2024-26739 bsc#1222559).
- commit edcb3fa
- Update
patches.suse/ALSA-gus-fix-null-pointer-dereference-on-pointer-blo.patch
(git-fixes CVE-2021-47207 bsc#1222790).
- Update
patches.suse/cfg80211-call-cfg80211_stop_ap-when-switch-from-P2P_.patch
(git-fixes CVE-2021-47194 bsc#1222829).
- Update
patches.suse/i40e-Fix-NULL-ptr-dereference-on-VSI-filter-sync.patch
(git-fixes CVE-2021-47184 bsc#1222666).
- Update
patches.suse/iavf-free-q_vectors-before-queues-in-iavf_disable_vf.patch
(git-fixes CVE-2021-47201 bsc#1222792).
- Update
patches.suse/net-mlx5-Update-error-handler-for-UCTX-and-UMEM.patch
(git-fixes CVE-2021-47212 bsc#1222709).
- Update
patches.suse/scsi-lpfc-Fix-list_add-corruption-in-lpfc_drain_txq.patch
(bsc#1190576 CVE-2021-47203 bsc#1222881).
- Update
patches.suse/scsi-lpfc-Fix-use-after-free-in-lpfc_unreg_rpi-routi.patch
(bsc#1192145 CVE-2021-47198 bsc#1222883).
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185 bsc#1222669).
- Update
patches.suse/usb-host-ohci-tmio-check-return-value-after-calling-.patch
(git-fixes CVE-2021-47206 bsc#1222894).
- commit 8d3f18a
- Update
patches.suse/aoe-fix-the-potential-use-after-free-problem-in-aoec.patch
(bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016).
- commit 8d6a724
- Update patches.suse/scsi-advansys-Fix-kernel-pointer-leak.patch
(git-fixes CVE-2021-47216 bsc#1222876).
- commit 1856476
- wifi: iwlwifi: fix a memory corruption (CVE-2024-26610
bsc#1221299).
- commit cceba2c
- Update patches.suse/arp-Prevent-overflow-in-arp_req_get.patch
- fix build warning
- commit d969104
- ceph: prevent use-after-free in encode_cap_msg() (CVE-2024-26689
bsc#1222503).
- commit c431df1
- Update patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch (git-fixes CVE-2021-47202 bsc#1222878)
- commit 94c254a
- nvme-tcp: can't set sk_user_data without write_lock
(CVE-2021-47041 bsc#1220755).
- commit c3bc01a
- nvme-loop: fix memory leak in nvme_loop_create_ctrl()
(CVE-2021-47074 bsc#1220854).
- nvme-loop: don't put ctrl on nvme_init_ctrl error
(CVE-2021-47074 bsc#1220854).
- commit 8101361
- nvmet-tcp: fix incorrect locking in state_change sk callback
(CVE-2021-47041 bsc#1220755).
- commit ee0c72d
- RDMA/srpt: Support specifying the srpt_service_guid parameter (bsc#1222449 CVE-2024-26744)
- commit 12241af
- Refresh
patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch.
- commit ea3cbb2
- Update patches.suse/bpf-Fix-integer-overflow-involving-bucket_size.patch
Fix CVE refence format.
- commit 86e8797
- Update
patches.suse/btrfs-fix-memory-ordering-between-normal-and-ordered-work-functions.patch
(git-fixes CVE-2021-47189 bsc#1222706).
- commit ed3e4bc
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185).
- commit 972d0f6
- Update
patches.suse/scsi-lpfc-Fix-link-down-processing-to-address-NULL-p.patch
(bsc#1192145 CVE-2021-47183 bsc#1222664).
- commit add99e0
- Update
patches.suse/usb-musb-tusb6010-check-return-value-after-calling-p.patch
(git-fixes CVE-2021-47181 bsc#1222660).
- commit 87eb148
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
(bsc#1222619).
- commit 7db5139
- arp: Prevent overflow in arp_req_get() (CVE-2024-26733
bsc#1222585).
- commit 0a4c958
- net/sched: act_mirred: don't override retval if we already
lost the skb (CVE-2024-26733 bsc#1222585).
- commit cc1339b
- ext4: fix double-free of blocks due to wrong extents moved_len
(bsc#1222422 CVE-2024-26704).
- commit d1a6e8f
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264).
- commit bc51f7b
- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
CVE-2023-52591).
- commit 24c2d2e
- Update
patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
(bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
(git-fixes CVE-2023-52575 bsc#1220871).
- commit 61a8300
- Update
patches.suse/Bluetooth-avoid-deadlock-between-hci_dev-lock-and-so.patch
(git-fixes CVE-2021-47038 bsc#1220753).
- Update
patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
(git-fixes CVE-2021-47097 bsc#1220982).
- Update
patches.suse/KEYS-trusted-Fix-TPM-reservation-for-seal-unseal.patch
(git-fixes CVE-2021-46922 bsc#1220475).
- Update
patches.suse/KEYS-trusted-Fix-memory-leak-on-object-td.patch
(git-fixes CVE-2021-47009 bsc#1220733).
- Update
patches.suse/RDMA-rtrs-clt-destroy-sysfs-after-removing-session-f.patch
(jsc#SLE-15176 CVE-2021-47026 bsc#1220685).
- Update
patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
(git-fixes CVE-2021-47101 bsc#1220987).
- Update
patches.suse/ath10k-Fix-a-use-after-free-in-ath10k_htc_send_bundl.patch
(git-fixes CVE-2021-47017 bsc#1220678).
- Update patches.suse/ch_ktls-Fix-kernel-panic.patch
(jsc#SLE-15131 CVE-2021-46911 bsc#1220400).
- Update
patches.suse/dmaengine-idxd-Fix-clobbering-of-SWERR-overflow-bit-.patch
(git-fixes CVE-2021-46920 bsc#1220426).
- Update
patches.suse/dmaengine-idxd-Fix-potential-null-dereference-on-poi.patch
(git-fixes CVE-2021-47003 bsc#1220677).
- Update
patches.suse/dmaengine-idxd-clear-MSIX-permission-entry-on-shutdo.patch
(git-fixes CVE-2021-46918 bsc#1220429).
- Update
patches.suse/dmaengine-idxd-fix-wq-cleanup-of-WQCFG-registers.patch
(git-fixes CVE-2021-46917 bsc#1220432).
- Update
patches.suse/dmaengine-idxd-fix-wq-size-store-permission-state.patch
(git-fixes CVE-2021-46919 bsc#1220414).
- Update
patches.suse/drm-amd-display-Fix-off-by-one-in-hdmi_14_process_tr.patch
(git-fixes CVE-2021-47046 bsc#1220758).
- Update patches.suse/drm-i915-Fix-crash-in-auto_retire.patch
(git-fixes CVE-2021-46976 bsc#1220621).
- Update
patches.suse/iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries
(bsc#1187346 CVE-2021-47035 bsc#1220688).
- Update
patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
(git-fixes CVE-2021-47100 bsc#1220985).
- Update
patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
(git-fixes CVE-2021-47095 bsc#1220979).
- Update
patches.suse/ixgbe-fix-unbalanced-device-enable-disable-in-suspen.patch
(jsc#SLE-13706 CVE-2021-46914 bsc#1220465).
- Update patches.suse/net-dsa-mt7530-fix-VLAN-traffic-leaks.patch
(git-fixes CVE-2021-47160 bsc#1221974).
- Update
patches.suse/net-fec-fix-the-potential-memory-leak-in-fec_enet_in.patch
(git-fixes CVE-2021-47150 bsc#1221973).
- Update
patches.suse/net-lantiq-fix-memory-corruption-in-RX-ring.patch
(git-fixes CVE-2021-47137 bsc#1221932).
- Update
patches.suse/net-mlx5e-Fix-null-deref-accessing-lag-dev.patch
(jsc#SLE-15172 CVE-2021-47164 bsc#1221978).
- Update
patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
(jsc#SLE-15172 CVE-2021-46931 bsc#1220486).
- Update
patches.suse/net-sched-act_ct-fix-wild-memory-access-when-clearin.patch
(bsc#1176447 CVE-2021-47014 bsc#1220630).
- Update
patches.suse/net-sched-fq_pie-fix-OOB-access-in-the-traffic-path.patch
(jsc#SLE-15172 CVE-2021-47175 bsc#1222003).
- Update
patches.suse/netfilter-nft_set_pipapo_avx2-Add-irq_fpu_usable-che.patch
(bsc#1176447 CVE-2021-47174 bsc#1221990).
- Update patches.suse/nvmet-fix-freeing-unallocated-p2pmem.patch
(git-fixes CVE-2021-47130 bsc#1221552).
- Update
patches.suse/nvmet-rdma-Fix-NULL-deref-when-SEND-is-completed-wit.patch
(git-fixes CVE-2021-46983 bsc#1220639).
- Update patches.suse/s390-dasd-add-missing-discipline-function
(bsc#1188130 ltc#193581 CVE-2021-47176 bsc331221996
bsc#1221996).
- Update
patches.suse/s390-zcrypt-fix-zcard-and-zqueue-hot-unplug-memleak
(git-fixes CVE-2021-46968 bsc#1220689).
- Update
patches.suse/sched-fair-Fix-shift-out-of-bounds-in-load_balance.patch
(git fixes (sched) CVE-2021-47044 bsc#1220759).
- Update
patches.suse/spi-Fix-use-after-free-with-devm_spi_alloc_.patch
(git-fixes CVE-2021-46959 bsc#1220734).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
(git-fixes CVE-2021-47087 bsc#1220954).
- Update
patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
(git-fixes CVE-2021-46933 bsc#1220487).
- Update
patches.suse/usb-typec-ucsi-Retrieve-all-the-PDOs-instead-of-just.patch
(git-fixes CVE-2021-46980 bsc#1220663).
- Update
patches.suse/virtiofs-fix-memory-leak-in-virtio_fs_probe.patch
(bsc#1185558 CVE-2021-46956 bsc#1220516).
- Update patches.suse/xprtrdma-Fix-cwnd-update-ordering.patch
(git-fixes CVE-2021-47001 bsc#1220670).
- commit d6fc0df
- Update
patches.suse/i2c-imx-fix-reference-leak-when-pm_runtime_get_sync-.patch
(git-fixes CVE-2020-36781 bsc#1220557).
- commit c903cb8
- Update
patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
(CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- Update
patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch
(bsc#1220883 CVE-2023-52500).
- commit 81ec1ab
- scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
cve-2023-52500).
- commit a52992b
- Fixup NULL ptr dereference due to mistake in backporting in
patches.suse/ext2-Avoid-reading-renamed-directory-if-parent-does-.patch.
- commit f07130b
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- commit 299921b
- blacklist.conf: omit reverted sockmap deadlock fix
- commit 66facc4
- netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642 bsc#1221830).
- commit ca89796
- netfilter: ctnetlink: fix possible refcount leak in
ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit c40a2c4
- README.BRANCH: Remove copy of branch name
- commit 27396e8
- README.BRANCH: Remove copy of branch name
- commit 757f48f
- Update
patches.suse/net-zero-initialize-tc-skb-extension-on-allocation.patch
(bsc#1176447 CVE-2021-47136 bsc#1221931).
- commit adea53b
- ipv6: init the accept_queue's spinlocks in inet6_create
(bsc#1221293 CVE-2024-26614).
- commit 0cf80b2
- tcp: make sure init the accept_queue's spinlocks once
(bsc#1221293 CVE-2024-26614).
- commit d27abbc
- userfaultfd: release page in error path to avoid BUG_ON
(CVE-2021-46988 bsc#1220706).
- commit 37b27a1
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
(CVE-2023-52607 bsc#1221061).
- commit 37ce65f
- perf/core: Fix unconditional security_locked_down() call
(bsc#1220697, CVE-2021-46971).
- commit b2c4fe7
- Update
patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread-.patch
(bsc#1208995 CVE-2023-1192 CVE-2023-52572 bsc#1220946).
- Update
patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch
(bsc#1221044 CVE-2023-52591 CVE-2023-52590 bsc#1221088).
- Update
patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
(bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
(git-fixes CVE-2023-52477 bsc#1220790).
- commit 807fa36
- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
(bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- commit 32e1ae4
- Update
patches.suse/0005-dm-rq-fix-double-free-of-blk_mq_tag_set-in-dev-remov.patch
(git-fixes CVE-2021-46938 bsc#1220554).
- Update
patches.suse/0005-drm-bridge-panel-Cleanup-connector-on-bridge-detach.patch
(bsc#1152489 CVE-2021-47063 bsc#1220777).
- Update
patches.suse/0006-nbd-Fix-NULL-pointer-in-flush_workqueue.patch
(git-fixes CVE-2021-46981 bsc#1220611).
- Update
patches.suse/ARM-9064-1-hw_breakpoint-Do-not-directly-check-the-event-s-overflow_handler-hook.patch
(git-fixes CVE-2021-47006 bsc#1220751).
- Update
patches.suse/ARM-footbridge-fix-PCI-interrupt-mapping.patch
(git-fixes CVE-2021-46909 bsc#1220442).
- Update
patches.suse/HID-magicmouse-fix-NULL-deref-on-disconnect.patch
(git-fixes CVE-2021-47120 bsc#1221606).
- Update
patches.suse/KVM-Destroy-I-O-bus-devices-on-unregister-failure-_a.patch
(bsc#git-fixes CVE-2021-47061 bsc#1220745).
- Update
patches.suse/NFC-nci-fix-memory-leak-in-nci_allocate_device.patch
(git-fixes CVE-2021-47180 bsc#1221999).
- Update
patches.suse/NFS-Don-t-corrupt-the-value-of-pg_bytes_written-in-n.patch
(git-fixes CVE-2021-47166 bsc#1221998).
- Update
patches.suse/NFS-Fix-an-Oopsable-condition-in-__nfs_pageio_add_re.patch
(git-fixes CVE-2021-47167 bsc#1221991).
- Update
patches.suse/NFS-fix-an-incorrect-limit-in-filelayout_decode_layo.patch
(git-fixes CVE-2021-47168 bsc#1222002).
- Update
patches.suse/NFSv4-Fix-a-NULL-pointer-dereference-in-pnfs_mark_ma.patch
(git-fixes CVE-2021-47179 bsc#1222001).
- Update
patches.suse/USB-usbfs-Don-t-WARN-about-excessively-large-memory-.patch
(git-fixes CVE-2021-47170 bsc#1222004).
- Update
patches.suse/bnxt_en-Fix-RX-consumer-index-logic-in-the-error-pat.patch
(git-fixes CVE-2021-47015 bsc#1220794).
- Update
patches.suse/btrfs-fix-race-between-transaction-aborts-and-fsyncs.patch
(bsc#1186441 CVE-2021-46958 bsc#1220521).
- Update
patches.suse/ceph-fix-inode-leak-on-getattr-error-in-_fh_to_dentry.patch
(bsc#1186501 CVE-2021-47000 bsc#1220669).
- Update
patches.suse/cifs-Return-correct-error-code-from-smb2_get_enc_key.patch
(git-fixes CVE-2021-46960 bsc#1220528).
- Update
patches.suse/crypto-qat-ADF_STATUS_PF_RUNNING-should-be-set-after.patch
(git-fixes CVE-2021-47056 bsc#1220769).
- Update
patches.suse/cxgb4-avoid-accessing-registers-when-clearing-filter.patch
(git-fixes CVE-2021-47138 bsc#1221934).
- Update patches.suse/drm-amd-amdgpu-fix-refcount-leak.patch
(git-fixes CVE-2021-47144 bsc#1221989).
- Update patches.suse/drm-amdgpu-Fix-a-use-after-free.patch
(git-fixes CVE-2021-47142 bsc#1221952).
- Update
patches.suse/drm-meson-fix-shutdown-crash-when-component-not-prob.patch
(git-fixes CVE-2021-47165 bsc#1221965).
- Update
patches.suse/ethernet-enic-Fix-a-use-after-free-bug-in-enic_hard_.patch
(git-fixes CVE-2021-46998 bsc#1220625).
- Update
patches.suse/ext4-fix-bug-on-in-ext4_es_cache_extent-as-ext4_spli.patch
(bsc#1187408 CVE-2021-47117 bsc#1221575).
- Update
patches.suse/ext4-fix-memory-leak-in-ext4_fill_super.patch
(bsc#1187409 CVE-2021-47119 bsc#1221608).
- Update
patches.suse/gve-Add-NULL-pointer-checks-when-freeing-irqs.patch
(git-fixes CVE-2021-47141 bsc#1221949).
- Update
patches.suse/i2c-i801-Don-t-generate-an-interrupt-on-bus-reset.patch
(git-fixes CVE-2021-47153 bsc#1221969).
- Update
patches.suse/i40e-Fix-use-after-free-in-i40e_client_subtask.patch
(git-fixes CVE-2021-46991 bsc#1220575).
- Update
patches.suse/iio-adc-ad7124-Fix-potential-overflow-due-to-non-seq.patch
(git-fixes CVE-2021-47172 bsc#1221992).
- Update patches.suse/iommu-vt-d-fix-sysfs-leak-in-alloc_iommu
(bsc#1189218 CVE-2021-47177 bsc#1221997).
- Update
patches.suse/ipc-mqueue-msg-sem-Avoid-relying-on-a-stack-reference.patch
(bsc#1185988 bsc1220826 CVE-2021-47069 bsc#1220826).
- Update
patches.suse/kyber-fix-out-of-bounds-access-when-preempted.patch
(bsc#1187403 CVE-2021-46984 bsc#1220631).
- Update
patches.suse/locking-qrwlock-Fix-ordering-in-queued_write_lock_sl.patch
(bsc#1185041 CVE-2021-46921 bsc#1220468).
- Update
patches.suse/md-raid1-properly-indicate-failure-when-ending-a-fai.patch
(bsc#1185680 CVE-2021-46950 bsc#1220662).
- Update
patches.suse/media-staging-intel-ipu3-Fix-memory-leak-in-imu_fmt.patch
(git-fixes CVE-2021-46944 bsc#1220566).
- Update
patches.suse/media-staging-intel-ipu3-Fix-set_fmt-error-handling.patch
(git-fixes CVE-2021-46943 bsc#1220583).
- Update
patches.suse/misc-uss720-fix-memory-leak-in-uss720_probe.patch
(git-fixes CVE-2021-47173 bsc#1221993).
- Update
patches.suse/mmc-uniphier-sd-Fix-a-resource-leak-in-the-remove-fu.patch
(git-fixes CVE-2021-46962 bsc#1220532).
- Update
patches.suse/msft-hv-2305-Drivers-hv-vmbus-Use-after-free-in-__vmbus_open.patch
(git-fixes CVE-2021-47049 bsc#1220692).
- Update
patches.suse/msft-hv-2316-uio_hv_generic-Fix-a-memory-leak-in-error-handling-p.patch
(git-fixes CVE-2021-47071 bsc#1220846).
- Update
patches.suse/msft-hv-2317-uio_hv_generic-Fix-another-memory-leak-in-error-hand.patch
(git-fixes CVE-2021-47070 bsc#1220829).
- Update
patches.suse/mtd-require-write-permissions-for-locking-and-badblo.patch
(git-fixes CVE-2021-47055 bsc#1220768).
- Update
patches.suse/net-hns3-put-off-calling-register_netdev-until-clien.patch
(bsc#1154353 CVE-2021-47139 bsc#1221935).
- Update
patches.suse/net-nfc-fix-use-after-free-llcp_sock_bind-connect.patch
(CVE-2021-23134 bsc#1186060 CVE-2021-47068 bsc#1220739).
- Update
patches.suse/net-usb-fix-memory-leak-in-smsc75xx_bind.patch
(git-fixes CVE-2021-47171 bsc#1221994).
- Update
patches.suse/netfilter-nftables-avoid-overflows-in-nft_hash_bucke.patch
(CVE-2021-47013 bsc#1220641 CVE-2021-46992 bsc#1220638).
- Update patches.suse/ocfs2-fix-data-corruption-by-fallocate.patch
(bsc#1187412 CVE-2021-47114 bsc#1221548).
- Update
patches.suse/pid-take-a-reference-when-initializing-cad_pid.patch
(bsc#1152489 CVE-2021-47118 bsc#1221605).
- Update
patches.suse/platform-x86-dell-smbios-wmi-Fix-oops-on-rmmod-dell_.patch
(git-fixes CVE-2021-47073 bsc#1220850).
- Update
patches.suse/powerpc-64s-Fix-crashes-when-toggling-entry-flush-ba.patch
(bsc#1177666 git-fixes bsc#1186460 ltc#192531 CVE-2021-46990
bsc#1220743).
- Update
patches.suse/powerpc-64s-Fix-pte-update-for-kernel-memory-on-radi.patch
(bsc#1055117 git-fixes CVE-2021-47034 bsc#1220687).
- Update
patches.suse/regmap-set-debugfs_name-to-NULL-after-it-is-freed.patch
(git-fixes CVE-2021-47058 bsc#1220779).
- Update
patches.suse/rtw88-Fix-array-overrun-in-rtw_get_tx_power_params.patch
(git-fixes CVE-2021-47065 bsc#1220749).
- Update
patches.suse/scsi-lpfc-Fix-null-pointer-dereference-in-lpfc_prep_.patch
(bsc#1182574 CVE-2021-47045 bsc#1220640).
- Update
patches.suse/scsi-qedf-Add-pointer-checks-in-qedf_update_link_speed
(git-fixes CVE-2021-47077 bsc#1220861).
- Update
patches.suse/scsi-qla2xxx-Fix-crash-in-qla2xxx_mqueuecommand.patch
(bsc#1185491 CVE-2021-46963 bsc#1220536).
- Update
patches.suse/serial-rp2-use-request_firmware-instead-of-request_f.patch
(git-fixes CVE-2021-47169 bsc#1222000).
- Update
patches.suse/soundwire-stream-fix-memory-leak-in-stream-config-er.patch
(git-fixes CVE-2021-47020 bsc#1220785).
- Update
patches.suse/spi-fsl-lpspi-Fix-PM-reference-leak-in-lpspi_prepare.patch
(git-fixes CVE-2021-47051 bsc#1220764).
- Update
patches.suse/spi-spi-fsl-dspi-Fix-a-resource-leak-in-an-error-han.patch
(git-fixes CVE-2021-47161 bsc#1221966).
- Update
patches.suse/tpm-efi-Use-local-variable-for-calculating-final-log.patch
(git-fixes CVE-2021-46951 bsc#1220615).
- Update
patches.suse/tracing-Restructure-trace_clock_global-to-never-block.patch
(git-fixes CVE-2021-46939 bsc#1220580).
- Update
patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
(bsc#1209635 CVE-2022-4744 CVE-2021-47082 bsc#1220969).
- Update
patches.suse/x86-kvm-Disable-kvmclock-on-all-CPUs-on-shutdown.patch
(bsc#1185308 CVE-2021-47110 bsc#1221532).
- Update
patches.suse/x86-kvm-Teardown-PV-features-on-boot-CPU-as-well.patch
(bsc#1185308 CVE-2021-47112 bsc#1221541).
- commit 563b877
- Update
patches.suse/i2c-img-scb-fix-reference-leak-when-pm_runtime_get_s.patch
(git-fixes CVE-2020-36783 bsc#1220561).
- Update
patches.suse/i2c-imx-lpi2c-fix-reference-leak-when-pm_runtime_get.patch
(git-fixes CVE-2020-36782 bsc#1220560).
- Update
patches.suse/i2c-sprd-fix-reference-leak-when-pm_runtime_get_sync.patch
(git-fixes CVE-2020-36780 bsc#1220556).
- commit 33b0d9d
- IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445 CVE-2023-52474)
- commit bdb2e0c
- Update patches.suse/s390-dasd-add-missing-discipline-function
(bsc#1188130 ltc#193581 CVE-2021-47176 bsc331221996).
- commit d918596
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
CVE-2023-7042).
- commit 22d99d7
- dmaengine: fix NULL pointer in channel unregistration function (bsc#1221276 CVE-2023-52492)
- commit b24663f
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(bsc#1219170 CVE-2024-22099).
- commit b8c2f38
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
(bsc#1218562 CVE-2023-6270).
- commit 0e87477
- fs: no need to check source (bsc#1221044 CVE-2023-52591).
- commit df2f811
- rename(): avoid a deadlock in the case of parents having no
common ancestor (bsc#1221044 CVE-2023-52591).
- commit faa6432
- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit d6f6371
- rename(): fix the locking of subdirectories (bsc#1221044
CVE-2023-52591).
- commit 063df0d
- f2fs: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 4dfa62d
- ext4: don't access the source subdirectory content on
same-directory rename (bsc#1221044 CVE-2023-52591).
- commit 80ff66b
- ext2: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 03d3930
- udf_rename(): only access the child content on cross-directory
rename (bsc#1221044 CVE-2023-52591).
- commit 4bff17c
- ocfs2: Avoid touching renamed directory if parent does not
change (bsc#1221044 CVE-2023-52591).
- commit 74fc5ec
- reiserfs: Avoid touching renamed directory if parent does not
change (git-fixes bsc#1221044 CVE-2023-52591).
Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit f392df9
- fs: don't assume arguments are non-NULL (bsc#1221044
CVE-2023-52591).
- commit a11eadd
- fs: Restrict lock_two_nondirectories() to non-directory inodes
(bsc#1221044 CVE-2023-52591).
- commit 6ad8632
- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 696c231
- fs: Lock moved directories (bsc#1221044 CVE-2023-52591).
- commit c14fbaa
- fs: Establish locking order for unrelated directories
(bsc#1221044 CVE-2023-52591).
- commit b424ded
- fs: introduce lock_rename_child() helper (bsc#1221044
CVE-2023-52591).
- commit 02e4cc0
- dm: rearrange core declarations for extended use from dm-zone.c
(bsc#1221113).
- Refresh
patches.kabi/kABI-dm-fix-deadlock-when-swapping-to-encrypted-device.patch.
- commit 741eac7
- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
CVE-2023-52476).
- commit c46d003
- dm rq: don't queue request to blk-mq during DM suspend
(bsc#1221113).
- commit b77fc22
- neighbour: allow NUD_NOARP entries to be forced GCed
(bsc#1221534 CVE-2021-47109).
- commit d36f6ec
- net/sched: Add module alias for sch_fq_pie (bsc#1210335 CVE-2023-1829).
- commit d985f7c
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- commit 6a5afc3
- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
- commit 15a7f43
- Sort already upstream patches
- Refresh
patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigation.patch.
- Refresh
patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME-vs.-V.patch.
- Refresh
patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
patches.suse/x86-bugs-Add-asm-helpers-for-executing-VERW.patch.
- Refresh
patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-static-.patch.
- Refresh
patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transition.patch.
- Refresh
patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transition.patch.
- Refresh
patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit 851bcbe
- perf/core: Fix unconditional security_locked_down() call
(bsc#1220697, CVE-2021-46971).
- commit 0b7f805
- io_uring/af_unix: disable sending io_uring over sockets
(bsc#1220754 CVE-2023-6531).
- commit a0d28a2
- usb: mtu3: fix list_head check warning (bsc#1220484
CVE-2021-46930).
- commit b548734
- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
Fix for kABI workaround.
- commit ff68767
- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
CVE-2023-52583).
- commit 5c7a950
- usb: hub: Guard against accesses to uninitialized BOS
descriptors (git-fixes).
Altered because 5.3 does not do SSP
- commit 6d423f3
- Update
patches.suse/scsi-qla2xxx-Fix-SRB-leak-on-switch-command-timeout.patch
added CVE reference to: (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334
bnc#1151927 5.3.17 cve-2021-46963).
- commit bac1eb3
- Update reference of bpf-Use-correct-permission-flag-for-mixed-signed-bou.patch
(bsc#1184942 bsc#1220425 CVE-2021-29155 CVE-2021-46908).
- commit 787c408
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit d61356a
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit 10972e5
- irqchip/gic-v3: Do not enable irqs when handling spurious interrups (bsc#1220529,CVE-2021-46961)
- commit 83fe0b1
- group-source-files.pl: Quote filenames (boo#1221077).
The kernel source now contains a file with a space in the name.
Add quotes in group-source-files.pl to avoid splitting the filename.
Also use -print0 / -0 when updating timestamps.
- commit a005e42
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit c4890bf
- mm: fix gup_pud_range (bsc#1220824).
- commit d0caaa5
- RDMA/rxe: Clear all QP fields if creation failed (bsc#1220863 CVE-2021-47078)
- commit 23bba26
- RDMA/rxe: Return CQE error if invalid lkey was supplied (bsc#1220860 CVE-2021-47076)
- commit 1171085
- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
CVE-2023-52605).
- commit a37794c
- Update
patches.suse/net-hso-fix-NULL-deref-on-disconnect-regression.patch
(bsc#1220416 bsc#1220418 CVE-2021-46904 CVE-2021-46905).
Added second CVE reference
- commit 6b7d257
- Update
patches.suse/net-hso-fix-NULL-deref-on-disconnect-regression.patch
(bsc#1220416 CVE-2021-46904).
- Update
patches.suse/net-hso-fix-null-ptr-deref-during-tty-device-unregis.patch
(bsc#1220416 CVE-2021-46904).
Added CVE references
- commit ce2a61e
- kernel-binary: Fix i386 build
Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351
- KVM: x86: Export RFDS_NO and RFDS_CLEAR to guests (bsc#1213456 CVE-2023-28746).
- commit d0c95ff
- x86/rfds: Mitigate Register File Data Sampling (RFDS) (bsc#1213456 CVE-2023-28746).
- commit 7725a96
- net: nfc: fix races in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 3983469
- btrfs: remove BUG() after failure to insert delayed dir index
item (bsc#1220918 CVE-2023-52569).
- commit ff844fd
- btrfs: improve error message after failure to add delayed dir
index item (bsc#1220918 CVE-2023-52569).
- commit f310611
- Documentation/hw-vuln: Add documentation for RFDS (bsc#1213456 CVE-2023-28746).
- commit bff3e02
- x86/srso: Add SRSO mitigation for Hygon processors (bsc#1220735
CVE-2023-52482).
- commit 1f25b34
- KVM: s390: fix setting of fpc register (bsc#1221040
CVE-2023-52597).
- commit 8155006
- vt: fix memory overlapping when deleting chars in the buffer
(bsc#1220845 CVE-2022-48627).
- commit b8e8505
- kernel-binary: vdso: fix filelist for non-usrmerged kernel
Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221
- kabi: team: Hide new member header_ops (bsc#1220870
CVE-2023-52574).
- commit 04e32d4
- i2c: validate user data in compat ioctl (git-fixes bsc#1220469
CVE-2021-46934).
- commit 554cd35
- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514 CVE-2023-35827).
- net: mana: Fix TX CQE error handling (bsc#1220932
CVE-2023-52532).
- team: fix null-ptr-deref when team device type is changed
(bsc#1220870 CVE-2023-52574).
- commit 5631a0c
- Update reference of bpf-Fix-masking-negation-logic-upon-negative-dst-reg.patch
(bsc#1155518 bsc#1220700 CVE-2021-46974).
- commit 5f6c988
- wifi: mac80211: fix potential key use-after-free (CVE-2023-52530
bsc#1220930).
- wifi: iwlwifi: mvm: Fix a memory corruption issue
(CVE-2023-52531 bsc#1220931).
- commit 7072ac0
- pinctrl: mediatek: fix global-out-of-bounds issue
(CVE-2021-47083 bsc#1220917).
- commit f54296c
- drm/bridge: sii902x: Fix probing race issue (bsc#1220736 CVE-2024-26607).
- commit 470c611
- KVM: Destroy target device if coalesced MMIO unregistration
fails (git-fixes).
- commit c99d976
- KVM: mmio: Fix use-after-free Read in
kvm_vm_ioctl_unregister_coalesced_mmio (git-fixes).
- commit f7f8d3b
- bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255
CVE-2024-26589).
- commit 84782c1
- PCI: endpoint: Fix NULL pointer dereference for ->get_features()
(bsc#1220660 CVE-2021-47005).
- commit 4cda383
- tls: fix race between tx work scheduling and socket close
(CVE-2024-26585 bsc#1220187).
- commit 7207999
- kabi: restore return type of dst_ops::gc() callback
(CVE-2023-52340 bsc#1219295).
- ipv6: remove max_size check inline with ipv4 (CVE-2023-52340
bsc#1219295).
- commit 077e12d
- netfilter: nf_tables: fix 64-bit load issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit b02bdeb
- netfilter: nf_tables: fix 64-bit load issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit 67cfeec
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
(CVE-2022-20154 CVE-2021-46929 bsc#1200599 bsc#1220482).
- commit 8d1b35f
- Update patches.suse/scsi-qla2xxx-Reserve-extra-IRQ-vectors.patch
(bsc#1184436 bsc#1186286 bsc#1220538 CVE-2021-46964).
- commit e5c6db2
- KVM: Stop looking for coalesced MMIO zones if the bus is
destroyed (bsc#1220742 CVE-2021-47060).
- commit 7287801
- netfilter: nft_set_pipapo: skip inactive elements during set
walk (CVE-2023-6817 bsc#1218195).
- commit ba8530f
- tomoyo: fix UAF write bug in tomoyo_write_control() (bsc#1220825
CVE-2024-26622).
- commit 6d24f8e
- Update
patches.suse/s390-zcrypt-fix-zcard-and-zqueue-hot-unplug-memleak
(git-fixes CVE-2021-46968).
- commit a63feba
- doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
Following the code change in SLE15-SP6 to have externally supported
modules no longer taint the kernel, update the respective documentation
in README.SUSE:
* Describe that support status can be obtained at runtime for each
module from /sys/module/$MODULE/supported and for the entire system
from /sys/kernel/supported. This provides a way how to now check that
the kernel has any externally supported modules loaded.
* Remove a mention that externally supported modules taint the kernel,
but keep the information about bit 16 (X) and add a note that it is
still tracked per module and can be read from
/sys/module/$MODULE/taint. This per-module information also appears in
Oopses.
- commit 9ed8107
- powerpc/pseries/memhp: Fix access beyond end of drmem array
(bsc#1220250,CVE-2023-52451).
- commit 9865154
- Input: appletouch - initialize work before device registration
(CVE-2021-46932 bsc#1220444).
- commit 8f106a8
- Update
patches.suse/ipc-mqueue-msg-sem-Avoid-relying-on-a-stack-reference.patch
(bsc#1185988, bsc1220826, CVE-2021-47069).
- commit f01183e
- Update References
patches.suse/ACPI-GTDT-Don-t-corrupt-interrupt-mappings-on-watchd.patch
(git-fixes bsc#1220599 CVE-2021-46953).
- commit 5b10499
- Update References
patches.suse/ACPI-custom_method-fix-potential-use-after-free-issu.patch
(git-fixes bsc#1220572 CVE-2021-46966).
- commit 8eecec3
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit 0c76724
- RDMA/siw: Fix a use after free in siw_alloc_mr (bsc#1220627
CVE-2021-47012).
- commit 96f4478
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
(bsc#1220238 CVE-2023-52449).
- commit d23e49b
- Input: powermate - fix use-after-free in
powermate_config_complete (CVE-2023-52475 bsc#1220649).
- HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
(CVE-2023-52478 bsc#1220796).
- commit 92ea315
- hfsplus: prevent corruption in shrinking truncate (bsc#1220737
CVE-2021-46989).
- commit cc37c78
- Update patch reference for qcom bus fix (CVE-2021-47054 bsc#1220767)
- commit 024411a
- netfilter: nft_limit: avoid possible divide error in
nft_limit_init (bsc#1220436 CVE-2021-46915).
- commit 291b0ff
- NFC: st21nfca: Fix memory leak in device probe and remove
(CVE-2021-46924 bsc#1220459).
- commit 2b46faa
- Update patch reference for HID fix (CVE-2021-46906 bsc#1220421)
- commit 89e5504
- i2c: Fix a potential use after free (bsc#1220409
CVE-2019-25162).
- commit 6421697
- i2c: cadence: fix reference leak when pm_runtime_get_sync fails
(bsc#1220570 CVE-2020-36784).
- commit 5fa02fa
- KVM: Destroy I/O bus devices on unregister failure _after_
sync'ing SRCU (bsc#git-fixes, CVE-2021-47061).
- commit b2a896d
- Update patch reference for media usb fix (CVE-2020-36777 bsc#1220526)
- commit f0fcd0d
- media: pvrusb2: fix use after free on context disconnection
(CVE-2023-52445 bsc#1220241).
- commit 3f02f88
- nfc: nci: fix possible NULL pointer dereference in
send_acknowledge() (bsc#1219125 CVE-2023-46343).
- commit 9371a32
- uio: Fix use-after-free in uio_open (bsc#1220140
CVE-2023-52439).
- commit 758615f
- apparmor: avoid crash when parsed profile name is empty
(CVE-2023-52443 bsc#1220240).
- commit 9d07817
- sched/membarrier: reduce the ability to hammer on sys_membarrier
(git-fixes, bsc#1220398, CVE-2024-26602).
- commit b645222
- i2c: i801: Fix block process call transactions (bsc#1220009
CVE-2024-26593).
- commit c348c97
- netfilter: nftables: avoid overflows in nft_hash_buckets()
(CVE-2021-47013 bsc#1220641).
- commit f0d286e
- net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
(CVE-2021-47013 bsc#1220641).
- commit 378bb67
- mlxsw: spectrum_acl_tcam: Fix stack corruption (bsc#1220243
CVE-2024-26586).
- mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in
error path (bsc#1220344 CVE-2024-26595).
- commit 76ed3a3
- EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330)
- commit 5f2e003
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
(bsc#1220253 CVE-2023-52448).
- commit a731316
- rpm templates: Always define usrmerged
usrmerged is now defined in kernel-spec-macros and not the distribution.
Only check if it's defined in kernel-spec-macros, not everywhere where
it's used.
- commit a6ad8af
- KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes).
- commit fda6073
- blacklist.conf: Blacklist a clang fix
- commit 6540830
- rpm templates: Move macro definitions below buildrequires
Many of the rpm macros defined in the kernel packages depend directly or
indirectly on script execution. OBS cannot execute scripts which means
values of these macros cannot be used in tags that are required for OBS
to see such as package name, buildrequires or buildarch.
Accumulate macro definitions that are not directly expanded by mkspec
below buildrequires and buildarch to make this distinction clear.
- commit 89eaf4c
- net: openvswitch: limit the number of recursions from action
sets (bsc#1219835 CVE-2024-1151).
- commit 5a5045f
- rpm/check-for-config-changes: add GCC_ASM_GOTO_OUTPUT_WORKAROUND to IGNORED_CONFIGS_RE
Introduced by commit 68fb3ca0e408 ("update workarounds for gcc "asm
goto" issue").
- commit be1bdab
- compute-PATCHVERSION: Do not produce output when awk fails
compute-PATCHVERSION uses awk to produce a shell script that is
subsequently executed to update shell variables which are then printed
as the patchversion.
Some versions of awk, most notably bysybox-gawk do not understand the
awk program and fail to run. This results in no script generated as
output, and printing the initial values of the shell variables as
the patchversion.
When the awk program fails to run produce 'exit 1' as the shell script
to run instead. That prevents printing the stale values, generates no
output, and generates invalid rpm spec file down the line. Then the
problem is flagged early and should be easier to diagnose.
- commit 8ef8383
- x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes).
- commit 6d2e676
- KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes).
- commit 1f3dbeb
- KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes).
- commit 2581a0e
- KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes).
- commit 79ab1f6
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- commit 26d80bf
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
Also add the removed mds_user_clear symbol to kABI severities as it is
exposed just for KVM module and is generally a core kernel component so
removing it is low risk.
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (git-fixes).
- commit 8f33ff8
- mbcache: Fixup kABI of mb_cache_entry (bsc#1207653 bsc#1219915).
- commit 52b181f
- ext4: fix deadlock due to mbcache entry corruption
(bsc#1207653 bsc#1219915).
- commit 14e0a9c
- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
(bsc#1219127 CVE-2024-23849).
- commit 75b4a5b
- cifs: fix missing unload_nls() in smb2_reconnect()
(bsc#1213476).
- commit 7236d05
- cifs: fix status checks in cifs_tree_connect (bsc#1213476).
- commit a4a76da
- smb: client: fix null auth (bsc#1213476).
- commit 08d9d59
- kernel-binary: Move build script to the end
All other spec templates have the build script at the end, only
kernel-binary has it in the middle. Align with the other templates.
- commit 98cbdd0
- rpm templates: Aggregate subpackage descriptions
While in some cases the package tags, description, scriptlets and
filelist are located together in other cases they are all across the
spec file. Aggregate the information related to a subpackage in one
place.
- commit 8eeb08c
- rpm templates: sort rpm tags
The rpm tags in kernel spec files are sorted at random.
Make the order of rpm tags somewhat more consistent across rpm spec
templates.
- commit 8875c35
- Update to add CVE-2024-23851 tag,
patches.suse/dm-limit-the-number-of-targets-and-parameter-size-ar.patch
(bsc#1219827, bsc#1219146, CVE-2023-52429, CVE-2024-23851).
- commit ef15d5e
- dm: limit the number of targets and parameter size area
(bsc#1219827, bsc#1219146, CVE-2023-52429).
- commit 2431307
- vhost: use kzalloc() instead of kmalloc() followed by memset()
(CVE-2024-0340, bsc#1218689).
- commit aa86ef0
- kernel-binary: certs: Avoid trailing space
- commit bc7dc31
- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config
(bsc#1219653)
They are put into -devel subpackage. And a proper link to
/usr/share/gdb/auto-load/ is created.
- commit 1dccf2a
- Refresh
patches.suse/cifs-Fix-UAF-in-cifs_demultiplex_thread-.patch.
Add the upstream commit ID.
- commit d9857fd
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
(CVE-2024-1086 bsc#1219434).
- commit 33a2cdd
- drm/amdgpu: Fix potential fence use-after-free v2 (bsc#1219128
CVE-2023-51042).
- commit 2e8464f
- rpm/mkspec: sort entries in _multibuild
Otherwise it creates unnecessary diffs when tar-up-ing. It's of course
due to readdir() using "random" order as served by the underlying
filesystem.
See for example:
https://build.opensuse.org/request/show/1144457/changes
- commit d1155de
- atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780
bsc#1218730).
- commit 6405c59
- xen-netback: don't produce zero-size SKB frags (CVE-2023-46838,
XSA-448, bsc#1218836).
- commit 7d3a106
- ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
(CVE-2021-33631 bsc#1219412).
- commit 792d624
- kernel-source: Fix description typo
- commit 8abff35
- nvmet-tcp: Fix the H2C expected PDU len calculation
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356).
- nvmet-tcp: remove boilerplate code (bsc#1217987 bsc#1217988
bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356).
- nvmet-tcp: fix a crash in nvmet_req_complete() (bsc#1217987
bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356).
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C
PDU length (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535
CVE-2023-6536 CVE-2023-6356).
- commit e2033e6
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
(CVE-2023-47233 bsc#1216702).
- commit 6452010
- rpm/constraints.in: set jobs for riscv to 8
The same workers are used for x86 and riscv and the riscv builds take
ages. So align the riscv jobs count to x86.
- commit b2c82b9
- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- commit 8395685
- net: sched: sch_qfq: Use non-work-conserving warning handler
(CVE-2023-4921 bsc#1215275).
- commit aabd893
- mkspec: Use variant in constraints template
Constraints are not applied consistently with kernel package variants.
Add variant to the constraints template as appropriate, and expand it
in mkspec.
- commit cc68ab9
- rpm/constraints.in: add static multibuild packages
Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for
constraints on multibuild) added "kernel-source:" prefix to the
dynamically generated kernels. But there are also static ones like
kernel-docs. Those fail to build as the constraints are still not
applied.
So add the prefix also to the static ones.
Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it
will ever be multibuilt...
- commit c2e0681
- drm/atomic: Fix potential use-after-free in nonblocking commits
(bsc#1219120 CVE-2023-51043).
- commit 1f381b4
- Revert "Limit kernel-source build to architectures for which the kernel binary"
This reverts commit 08a9e44c00758b5f3f3b641830ab6affff041132.
The fix for bsc#1108281 directly causes bsc#1218768, revert.
- commit 2943b8a
- mkspec: Include constraints for both multibuild and plain package always
There is no need to check for multibuild flag, the constraints can be
always generated for both cases.
- commit 308ea09
- rpm/mkspec: use kernel-source: prefix for constraints on multibuild
Otherwise the constraints are not applied with multibuild enabled.
- commit 841012b
- rpm/kernel-source.rpmlintrc: add action-ebpf
Upstream commit a79d8ba734bd (selftests: tc-testing: remove buildebpf
plugin) added this precompiled binary blob. Adapt rpmlintrc for
kernel-source.
- commit b5ccb33
- ext4: improve error recovery code paths in __ext4_remount()
(bsc#1219053 CVE-2024-0775).
- commit f053871
- scripts/tar-up.sh: don't add spurious entry from kernel-sources.changes.old
The previous change added the manual entry from kernel-sources.change.old
to old_changelog.txt unnecessarily. Let's fix it.
- commit fb033e8
- rpm/kernel-docs.spec.in: fix build with 6.8
Since upstream commit f061c9f7d058 (Documentation: Document each netlink
family), the build needs python yaml.
- commit 6a7ece3
- smb: client: fix OOB in receive_encrypted_standard()
(bsc#1218832 CVE-2024-0565).
- commit 59d97af
- ida: Fix crash in ida_free when the bitmap is empty (bsc#1218804
CVE-2023-6915).
- commit e0cf5bf
- netfilter: nf_tables: Reject tables of unsupported family
(bsc#1218752 CVE-2023-6040).
- commit 9fd7b64
- net/rose: Fix Use-After-Free in rose_ioctl (CVE-2023-51782
bsc#1218757).
- commit 1ba2d82
- powerpc/powernv: Add a null pointer check in opal_event_init()
(bsc#1065729 CVE-2023-52686).
- commit 0f57a9b
- Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
The old entries are found in kernel-docs/old_changelog.txt in docdir.
rpm/old_changelog.txt can be an optional file that stores the similar
info like rpm/kernel-sources.changes.old. It can specify the commit
range that have been truncated. scripts/tar-up.sh expands from the
git log accordingly.
- commit c9a2566
- containerd
-
- Update to containerd v1.7.21. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.21>
Fixes CVE-2023-47108. bsc#1217070
Fixes CVE-2023-45142. bsc#1228553
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Revert noarch for devel subpackage for SLE 15
Switching to noarch causes issues on SLES maintenance updates, reverting it
fixes our image builds
- Update to containerd v1.7.17. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.17>
- Switch back to using tar_scm service. Aside from obs_scm using more bandwidth
and storage than a locally-compressed tar.xz, it seems there's some weird
issue with paths in obscpio that break our SLE-12-only patch.
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.16. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.16>
CVE-2023-45288 bsc#1221400
- Use obs_scm service instead of tar_scm
- Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch
(merged upstream at
<https://github.com/containerd/containerd/pull/9571>)
- Update to containerd v1.7.15. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.15>
- Update to containerd v1.7.14. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.14>
- Update to containerd v1.7.13. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.13>
- Update to containerd v1.7.12. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.12>
- Update to containerd v1.7.11. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.11>
GHSA-jq35-85cj-fj4p bsc#1224323
- Use %patch -P N instead of deprecated %patchN.
- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
- coreutils
-
- coreutils-ls-avoid-triggering-automounts.patch
ls: avoid triggering automounts (bsc#1221632)
- cpio
-
- Fix cpio not working after the fix in bsc#1218571, fixes bsc#1219238
* fix-bsc1219238.patch
- Fix CVE-2023-7207, path traversal vulnerability (bsc#1218571)
* fix-CVE-2023-7207.patch
- cups
-
- cups-branch-2.2-commit-b643d6ba92f00752aa5e74ff86ad3974334914c1.diff
is https://github.com/OpenPrinting/cups/commit/b643d6ba92f00752aa5e74ff86ad3974334914c1
which was added in CUPS 2.2.8 that
fixed a parsing bug in cups_auth_find() in cups/auth.c
which lead to cupsd failing to authenticate users
when group membership is required by cupsd configuration
like 'Require user @GROUP' which lead to CUPS related commands
requesting password from group users even if it is not needed
(bsc#1226227)
- In cups.changes replaced one place where UTF-8 characters
were used in the entry dated "Sat Sep 30 08:52:42 UTC 2017"
for what should be ' - ' by ASCII to avoid RPMLINT warning
about 'non-break-space' which "can lead to obscure errors".
- Require the exact matching version-release of all libcups*
sub-packages (bsc#1226192)
- cups-2.2.7-CVE-2024-35235.patch is derived
from the upstream patch against master (CUPS 2.5)
to behave backward compatible for CUPS 2.2.7
in SLE15 and openSUSE Leap 15 to fix CVE-2024-35235
"cupsd Listen port arbitrary chmod 0140777"
without the more secure but backward-incompatible behaviour
of the upstream patch for CUPS 2.5
that ignores domain sockets specified in 'Listen' entries
in /etc/cups/cupsd.conf when cupsd is lauched via systemd
(in particular when launched on-demand by systemd)
https://github.com/OpenPrinting/cups/security/advisories/GHSA-vvwp-mv6j-hw6f
bsc#1225365
- cups-2.2.7-web-ui-kerberos-authentication.patch, update
patch to handle local 'Negotiate' authentication response
for cli clients. (bsc#1223179).
- Remove '--enable-debug-printfs' from configure options, see
https://github.com/OpenPrinting/cups/issues/875
(bsc#1217119).
- curl
-
- Security fix: [bsc#1230093, CVE-2024-8096]
* curl: OCSP stapling bypass with GnuTLS
* Add curl-CVE-2024-8096.patch
- Security fix: [bsc#1228535, CVE-2024-7264]
* curl: ASN.1 date parser overread
* Add curl-CVE-2024-7264.patch
- regression fix [bsc#1219273]
https://github.com/curl/curl/commit/91b53efa4b6854dc3688f55bfb329b0cafcf5325
- added patches
+ curl-CVE-2023-27534-tilde-back.patch
- Security fix: [bsc#1221667, CVE-2024-2398]
* curl: HTTP/2 push headers memory-leak
* Add curl-CVE-2024-2398.patch
- deltarpm
-
- update to deltarpm-3.6.4
* support for threaded zstd
* use a tmp file instead of memory to hold the incore data
[bsc#1228948]
- dropped patches:
* deltarpm-b7987f6aa4211df3df03dcfc55a00b2ce7472e0a.patch
- deltarpm-b7987f6aa4211df3df03dcfc55a00b2ce7472e0a.patch: fixed
some C bugs ( incorrect sized memset() , memcpy instead of strcpy,
unsigned int)
- update to deltarpm-3.6.3
* support for threaded zstd compression
- Actually enable zstd compression
- update to deltarpm-3.6.2
* support for zstd compression
- desktop-data-SLE
-
- Fix typo in the desktop files for some of the wallpapers
(bsc#1222146).
- docker
-
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.6-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2506>
- This update includes a fix for CVE-2024-41110. bsc#1228324
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
* 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
symlinks. Backport of <https://github.com/moby/buildkit/pull/4896> and
<https://github.com/moby/buildkit/pull/5060>. bsc#1221916
+ 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
- Write volume options atomically so sudden system crashes won't result in
future Docker starts failing due to empty files. Backport of
<https://github.com/moby/moby/pull/48034>. bsc#1214855
+ 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
[NOTE: This update was only ever released in SLES and Leap.]
- Update to Docker 25.0.5-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2505> bsc#1223409
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- Update --add-runtime to point to correct binary path.
[NOTE: This update was only ever released in SLES and Leap.]
- Add patch to fix bsc#1220339
* 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch
- Allow to disable apparmor support (ALP supports only SELinux)
- Update to Docker 25.0.3-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2503>
- Fixes:
* bsc#1219267 - CVE-2024-23651
* bsc#1219268 - CVE-2024-23652
* bsc#1219438 - CVE-2024-23653
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Remove upstreamed patches:
- 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch
- Vendor latest buildkit v0.11:
Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that
vendors in the latest v0.11 buildkit branch including bugfixes for the following:
* bsc#1219438: CVE-2024-23653
* bsc#1219268: CVE-2024-23652
* bsc#1219267: CVE-2024-23651
- rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- switch from %patchN to %patch -PN syntax
- remove unused rpmlint filters and add filters to silence pointless bash & zsh
completion warnings
- fence-agents
-
- L3: fence_vmware_rest : monitoring is not detecting problems accessing the fence device
(bsc#1218718)
o Add upstream patch:
0001-fence_vmware_rest-monitoring-action-is-not-detecting.patch
- gdk-pixbuf
-
- Add CVE-2022-48622.patch: ANI: Reject files with multiple anih
chunks(bsc#1219276, CVE-2022-48622, glgo#GNOME/gdk-pixbuf#202).
- glib2
-
- Add glib2-gdbusmessage-cache-arg0.patch: cache the arg0 value in
a dbus message. Fixes a possible use after free (boo#1224044).
- Add patches to fix CVE-2024-34397 (boo#1224044):
glib2-allocate-SignalSubscriber-structs-individually.patch
glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
- glibc
-
- s390x-wcsncmp.patch: s390x: Fix segfault in wcsncmp (bsc#1228043, BZ
[#31934])
- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
addgetnetgrentX (CVE-2024-33602, bsc#1223425)
- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
for _start routine (bsc#1221940)
- glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch:
nscd: Stack-based buffer overflow in netgroup cache
(CVE-2024-33599, bsc#1223423, BZ #31677)
- glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch:
nscd: Avoid null pointer crashes after notfound response
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch:
nscd: Do not send missing not-found response in addgetnetgrentX
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch:
netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601,
CVE-2024-33602, bsc#1223425, BZ #31680)
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
- duplocale-global-locale.patch: duplocale: protect use of global locale
(bsc#1220441, BZ #23970)
- qsort-invalid-cmp.patch: qsort: handle degenerated compare function
(bsc#1218866)
- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr
(bsc#1217445, BZ #31113)
- gnutls
-
- Security fix: [bsc#1218865, CVE-2024-0553]
* Incomplete fix for CVE-2023-5981.
* The response times to malformed ciphertexts in RSA-PSK
ClientKeyExchange differ from response times of ciphertexts
with correct PKCS#1 v1.5 padding.
* Add gnutls-CVE-2024-0553.patch
- grub2
-
- Fix btrfs subvolume for platform modules not mounting at runtime when the
default subvolume is the topmost root tree (bsc#1228124)
* grub2-btrfs-06-subvol-mount.patch
- Rediff
* 0001-Unify-the-check-to-enable-btrfs-relative-path.patch
- gtk2
-
- Add CVE-2024-6655.patch: CVE-2024-6655 Stop looking for modules
in cwd (bsc#1228120).
- hawk2
-
- Update to version 2.6.4+git.1708604510.dc8c081f:
* Enable ACL (bsc#1214396,bsc#1219548)
- krb5
-
- Fix vulnerabilities in GSS message token handling, add patch
0013-Fix-vulnerabilities-in-GSS-message-token-handling.patch
* CVE-2024-37370, bsc#1227186
* CVE-2024-37371, bsc#1227187
- Fix memory leaks, add patch 0012-Fix-two-unlikely-memory-leaks.patch
* CVE-2024-26458, bsc#1220770
* CVE-2024-26461, bsc#1220771
- resource-agents
-
- Azure-lb fails if IPv6 disabled (bsc#1223554)
Add upstream patch:
Add a new parameter: listen
This parameter can have following walues:
default: Neither -4 nor -6 will be used. The default behavior of socat and nc will be used.
socat: Listen only on IPv4 addresses
nc: If net.ipv6.bindv6only = 0 => Listen on both IPv4 and IP6 addresses
If net.ipv6.bindv6only = 1 => Listen only on IPv4 addresses
ipv4only: Listen only on IPv4 addresses.
ipv6enable: Enable TCP6 support.
nc: Listen only on IPv6 adresses independent of net.ipv6.bindv6only
socat: If net.ipv6.bindv6only = 0 => Listen on both IPv4 and IP6 addresses.
If net.ipv6.bindv6only = 1 => Listen only on IPv6 adresses.
Add patch:
0001-Azure-lb-fails-if-IPv6-disabled.patch
- resource-agents:azure-lb IPv6 support (bsc#1220997)
Add patch:
0001-Support-IPv6-with-Azure-load-balncer.patch
- less
-
- Fix CVE-2024-32487, mishandling of \n character in paths when
LESSOPEN is set leads to OS command execution
(CVE-2024-32487, bsc#1222849)
* CVE-2024-32487.patch
- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
metacharacters, bsc#1219901
* CVE-2022-48624.patch
- libqt5-qtbase
-
- Added a patch from upstream to prepare the code so that the
following patch can be applied (which fixes QTBUG-95277):
* 0001-H2-emit-encrypted-for-at-least-the-first-reply_-similar-to.patch
- Add rebased upstream patch to delay any HTTP2 communication until
encrypted() can be responded to (bsc#1227426, CVE-2024-39936).
* 0001-HTTP2-Delay-any-communication-until-encrypted-can-be.patch
- Add upstream patch to fix a NULL pointer dereference via the
function QXcbConnection::initializeAllAtoms() when there is
anomalous behavior from the X server (bsc#1222120,
CVE-2023-45935):
* 0001-xcb-guard-a-pointer-before-usage.patch
- Add patch from upstream to fix a regression in the ODBC driver
(bsc#1227513, QTBUG-112375):
* 0001-QSQL-ODBC-fix-regression-trailing-NUL.patch
* 0002-SQL-ODBC-Pass-correct-length-to-SQLColAttribute.patch
- Add upstream patches to fix an incorrect integer overflow check
(boo#1218413, CVE-2023-51714):
* 0001-HPack-fix-a-Yoda-Condition.patch
* 0002-HPack-fix-incorrect-integer-overflow-check.patch
- Add upstream patch to fix a potential overflow in
assemble_hpack_block():
* 0001-Http2-fix-potential-overflow-in-assemble_hpack_block.patch
- use pkgconfig(icu-18n) to select current icu
- Add patches from upstream that fixes a buffer overflow in
QXmlStreamReader (bsc#1214327, CVE-2023-37369, QTBUG-91889):
* 0001-Dont-parse-XML-symbols-longer-than-4096-characters.patch
* CVE-2023-37369-qtbase-5.15.diff
- gcc13
-
- Update to GCC 13.3 release
- Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761
- Removed gcc13-pr111731.patch now included upstream
- Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from
the GCN offload compiler as that is requiring Code Object version 3
which is no longer supported by llvm18.
- Add gcc13-pr101523.patch to avoid combine spending too much
compile-time and memory doing nothing on s390x. [boo#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- Add gcc13-pr111731.patch to fix unwinding for JIT code.
[bsc#1221239]
- Revert libgccjit dependency change. [boo#1220724]
- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.
- Use %patch -P N instead of %patchN.
- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
- fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
* Includes fix for building TVM. [boo#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[boo#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
in gcc13-devel. [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
are linked against libstdc++6.
- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205
- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
* Includes fix for building mariadb on i686. [bsc#1217667]
* Remove pr111411.patch contained in the update.
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
- avahi
-
- Add avahi-CVE-2023-38472.patch: Fix reachable assertion in
avahi_rdata_parse (bsc#1216853, CVE-2023-38472).
- Add avahi-CVE-2023-38471.patch: Extract host name using
avahi_unescape_label (bsc#1216594, CVE-2023-38471).
- Add avahi-CVE-2023-38469.patch: Reject overly long TXT resource
records (bsc#1216598, CVE-2023-38469).
- util-linux
-
- agetty: Prevent login cursor escape (bsc#1194818,
util-linux-agetty-prevent-cursor-escape.patch).
- fix Xen virtualization type misidentification bsc#1215918
lscpu-fix-parameter-order-for-ul_prefix_fopen.patch
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- c-ares
-
- CVE-2024-25629.patch: fix out of bounds read in ares__read_line()
(bsc#1220279, CVE-2024-25629)
- libfastjson
-
- fix CVE-2020-12762 integer overflow and out-of-bounds write via a
large JSON file (bsc#1171479)
add 0001-Fix-CVE-2020-12762.patch
- mozilla-nss
-
- Updated nss-fips-approved-crypto-non-ec.patch to enforce
approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).
- Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh
depends on it and will create a broken, empty config, if sed is
missing (bsc#1227918)
- update to NSS 3.101.2
* bmo#1905691 - ChaChaXor to return after the function
- Added nss-fips-safe-memset.patch, fixing bsc#1222811.
- Removed some dead code from nss-fips-constructor-self-tests.patch.
- Rebased nss-fips-approved-crypto-non-ec.patch on above changes.
- Added nss-fips-aes-gcm-restrict.patch, fixing bsc#1222830.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222813,
bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118.
- Updated nss-fips-approved-crypto-non-ec.patch and
nss-fips-constructor-self-tests.patch, fixing bsc#1222807,
bsc#1222828, bsc#1222834.
- Updated nss-fips-approved-crypto-non-ec.patch, fixing bsc#1222804,
bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116.
- update to NSS 3.101.1
* bmo#1901932 - missing sqlite header.
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
- update to NSS 3.101
* bmo#1900413 - add diagnostic assertions for SFTKObject refcount.
* bmo#1899759 - freeing the slot in DeleteCertAndKey if authentication failed
* bmo#1899883 - fix formatting issues.
* bmo#1889671 - Add Firmaprofesional CA Root-A Web to NSS.
* bmo#1899593 - remove invalid acvp fuzz test vectors.
* bmo#1898830 - pad short P-384 and P-521 signatures gtests.
* bmo#1898627 - remove unused FreeBL ECC code.
* bmo#1898830 - pad short P-384 and P-521 signatures.
* bmo#1898825 - be less strict about ECDSA private key length.
* bmo#1854439 - Integrate HACL* P-521.
* bmo#1854438 - Integrate HACL* P-384.
* bmo#1898074 - memory leak in create_objects_from_handles.
* bmo#1898858 - ensure all input is consumed in a few places in mozilla::pkix
* bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
* bmo#1748105 - clean up escape handling
* bmo#1896353 - Use lib::pkix as default validator instead of the old-one
* bmo#1827444 - Need to add high level support for PQ signing.
* bmo#1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation
* bmo#1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
* bmo#1893404 - Allow for non-full length ecdsa signature when using softoken
* bmo#1830415 - Modification of .taskcluster.yml due to mozlint indent defects
* bmo#1793811 - Implement support for PBMAC1 in PKCS#12
* bmo#1897487 - disable VLA warnings for fuzz builds.
* bmo#1895032 - remove redundant AllocItem implementation.
* bmo#1893334 - add PK11_ReadDistrustAfterAttribute.
* bmo#215997 - Clang-formatting of SEC_GetMgfTypeByOidTag update
* bmo#1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
* bmo#1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile.
* bmo#1830415 - Switch to the mozillareleases/image_builder image
- Follow upstream changes in nss-fips-constructor-self-tests.patch (switch from ec_field_GFp to ec_field_plain)
- Remove part of nss-fips-zeroization.patch that got removed upstream
- update to NSS 3.100
- bmo#1893029 - merge pk11_kyberSlotList into pk11_ecSlotList for
faster Xyber operations.
- bmo#1893752 - remove ckcapi.
- bmo#1893162 - avoid a potential PK11GenericObject memory leak.
- bmo#671060 - Remove incomplete ESDH code.
- bmo#215997 - Decrypt RSA OAEP encrypted messages.
- bmo#1887996 - Fix certutil CRLDP URI code.
- bmo#1890069 - Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
- bmo#676118 - Add ability to encrypt and decrypt CMS messages using ECDH.
- bmo#676100 - Correct Templates for key agreement in smime/cmsasn.c.
- bmo#1548723 - Moving the decodedCert allocation to NSS.
- bmo#1885404 - Allow developers to speed up repeated local execution
of NSS tests that depend on certificates.
- update to NSS 3.99
* Removing check for message len in ed25519 (bmo#1325335)
* add ed25519 to SECU_ecName2params. (bmo#1884276)
* add EdDSA wycheproof tests. (bmo#1325335)
* nss/lib layer code for EDDSA. (bmo#1325335)
* Adding EdDSA implementation. (bmo#1325335)
* Exporting Certificate Compression types (bmo#1881027)
* Updating ACVP docker to rust 1.74 (bmo#1880857)
* Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335)
* Add NSS_CMSRecipient_IsSupported. (bmo#1877730)
- update to NSS 3.98
* bmo#1780432 - (CVE-2023-5388) Timing attack against RSA decryption
in TLS
* bmo#1879513 - Certificate Compression: enabling the check that
the compression was advertised
* bmo#1831552 - Move Windows workers to nss-1/b-win2022-alpha
* bmo#1879945 - Remove Email trust bit from OISTE WISeKey
Global Root GC CA
* bmo#1877344 - Replace `distutils.spawn.find_executable` with
`shutil.which` within `mach` in `nss`
* bmo#1548723 - Certificate Compression: Updating nss_bogo_shim to
support Certificate compression
* bmo#1548723 - TLS Certificate Compression (RFC 8879) Implementation
* bmo#1875356 - Add valgrind annotations to freebl kyber operations
for constant-time execution tests
* bmo#1870673 - Set nssckbi version number to 2.66
* bmo#1874017 - Add Telekom Security roots
* bmo#1873095 - Add D-Trust 2022 S/MIME roots
* bmo#1865450 - Remove expired Security Communication RootCA1 root
* bmo#1876179 - move keys to a slot that supports concatenation in
PK11_ConcatSymKeys
* bmo#1876800 - remove unmaintained tls-interop tests
* bmo#1874937 - bogo: add support for the -ipv6 and -shim-id shim
flags
* bmo#1874937 - bogo: add support for the -curves shim flag and
update Kyber expectations
* bmo#1874937 - bogo: adjust expectation for a key usage bit test
* bmo#1757758 - mozpkix: add option to ignore invalid subject
alternative names
* bmo#1841029 - Fix selfserv not stripping `publicname:` from -X value
* bmo#1876390 - take ownership of ecckilla shims
* bmo#1874458 - add valgrind annotations to freebl/ec.c
* bmo#864039 - PR_INADDR_ANY needs PR_htonl before assignment to inet.ip
* bmo#1875965 - Update zlib to 1.3.1
- Use %patch -P N instead of deprecated %patchN.
- update to NSS 3.97
* bmo#1875506 - make Xyber768d00 opt-in by policy
* bmo#1871631 - add libssl support for xyber768d00
* bmo#1871630 - add PK11_ConcatSymKeys
* bmo#1775046 - add Kyber and a PKCS#11 KEM interface to softoken
* bmo#1871152 - add a FreeBL API for Kyber
* bmo#1826451 - part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff
* bmo#1826451 - part 1: add a script for vendoring kyber from pq-crystals repo
* bmo#1835828 - Removing the calls to RSA Blind from loader.*
* bmo#1874111 - fix worker type for level3 mac tasks
* bmo#1835828 - RSA Blind implementation
* bmo#1869642 - Remove DSA selftests
* bmo#1873296 - read KWP testvectors from JSON
* bmo#1822450 - Backed out changeset dcb174139e4f
* bmo#1822450 - Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation
* bmo#1871219 - Wrap CC shell commands in gyp expansions
- update to NSS 3.96.1
* bmo#1869408 - Use pypi dependencies for MacOS worker in ./build_gyp.sh
* bmo#1830978 - p7sign: add -a hash and -u certusage (also p7verify cleanups)
* bmo#1867408 - add a defensive check for large ssl_DefSend return values
* bmo#1869378 - Add dependency to the taskcluster script for Darwin
* bmo#1869378 - Upgrade version of the MacOS worker for the CI
- add nss-allow-slow-tests-s390x.patch: "certutil dump keys with
explicit default trust flags" test needs longer than the allowed
6 seconds on s390x
- update to NSS 3.95
* bmo#1842932 - Bump builtins version number.
* bmo#1851044 - Remove Email trust bit from Autoridad de Certificacion
Firmaprofesional CIF A62634068 root cert.
* bmo#1855318 - Remove 4 DigiCert (Symantec/Verisign) Root Certificates
* bmo#1851049 - Remove 3 TrustCor Root Certificates from NSS.
* bmo#1850982 - Remove Camerfirma root certificates from NSS.
* bmo#1842935 - Remove old Autoridad de Certificacion Firmaprofesional
Certificate.
* bmo#1860670 - Add four Commscope root certificates to NSS.
* bmo#1850598 - Add TrustAsia Global Root CA G3 and G4 root certificates.
* bmo#1863605 - Include P-384 and P-521 Scalar Validation from HACL*
* bmo#1861728 - Include P-256 Scalar Validation from HACL*.
* bmo#1861265 - After the HACL 256 ECC patch, NSS incorrectly encodes
256 ECC without DER wrapping at the softoken level
* bmo#1837987 - Add means to provide library parameters to C_Initialize
* bmo#1573097 - clang format
* bmo#1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
* bmo#1858241 - Typo in ssl3_AppendHandshakeNumber
* bmo#1858241 - Introducing input check of ssl3_AppendHandshakeNumber
* bmo#1573097 - Fix Invalid casts in instance.c
- update to NSS 3.94
* bmo#1853737 - Updated code and commit ID for HACL*
* bmo#1840510 - update ACVP fuzzed test vector: refuzzed with
current NSS
* bmo#1827303 - Softoken C_ calls should use system FIPS setting
to select NSC_ or FC_ variants
* bmo#1774659 - NSS needs a database tool that can dump the low level
representation of the database
* bmo#1852179 - declare string literals using char in pkixnames_tests.cpp
* bmo#1852179 - avoid implicit conversion for ByteString
* bmo#1818766 - update rust version for acvp docker
* bmo#1852011 - Moving the init function of the mpi_ints before
clean-up in ec.c
* bmo#1615555 - P-256 ECDH and ECDSA from HACL*
* bmo#1840510 - Add ACVP test vectors to the repository
* bmo#1849077 - Stop relying on std::basic_string<uint8_t>
* bmo#1847845 - Transpose the PPC_ABI check from Makefile to gyp
- rebased patches
- added nss-fips-test.patch to fix broken test
- Update to NSS 3.93:
* bmo#1849471 - Update zlib in NSS to 1.3.
* bmo#1848183 - softoken: iterate hashUpdate calls for long inputs.
* bmo#1813401 - regenerate NameConstraints test certificates (boo#1214980).
- Rebase nss-fips-pct-pubkeys.patch.
- update to NSS 3.92
* bmo#1822935 - Set nssckbi version number to 2.62
* bmo#1833270 - Add 4 Atos TrustedRoot Root CA certificates to NSS
* bmo#1839992 - Add 4 SSL.com Root CA certificates
* bmo#1840429 - Add Sectigo E46 and R46 Root CA certificates
* bmo#1840437 - Add LAWtrust Root CA2 (4096)
* bmo#1822936 - Remove E-Tugra Certification Authority root
* bmo#1827224 - Remove Camerfirma Chambers of Commerce Root.
* bmo#1840505 - Remove Hongkong Post Root CA 1
* bmo#1842928 - Remove E-Tugra Global Root CA ECC v3 and RSA v3
* bmo#1842937 - Avoid redefining BYTE_ORDER on hppa Linux
- update to NSS 3.91
* bmo#1837431 - Implementation of the HW support check for ADX instruction
* bmo#1836925 - Removing the support of Curve25519
* bmo#1839795 - Fix comment about the addition of ticketSupportsEarlyData
* bmo#1839327 - Adding args to enable-legacy-db build
* bmo#1835357 - dbtests.sh failure in "certutil dump keys with explicit
default trust flags"
* bmo#1837617 - Initialize flags in slot structures
* bmo#1835425 - Improve the length check of RSA input to avoid heap overflow
* bmo#1829112 - Followup Fixes
* bmo#1784253 - avoid processing unexpected inputs by checking for
m_exptmod base sign
* bmo#1826652 - add a limit check on order_k to avoid infinite loop
* bmo#1834851 - Update HACL* to commit 5f6051d2
* bmo#1753026 - add SHA3 to cryptohi and softoken
* bmo#1753026 - HACL SHA3
* bmo#1836781 - Disabling ASM C25519 for A but X86_64
- removed upstreamed patch nss-fix-bmo1836925.patch
- update to NSS 3.90.3
* bmo#1901080 - GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
* bmo#1748105 - clean up escape handling.
* bmo#1895032 - remove redundant AllocItem implementation.
* bmo#1836925 - Disable ASM support for Curve25519.
* bmo#1836781 - Disable ASM support for Curve25519 for all but X86_64.
- remove upstreamed nss-fix-bmo1836925.patch
- Adding nss-fips-bsc1223724.patch to fix startup crash of Firefox
when using FIPS-mode (bsc#1223724).
- Added "Provides: nss" so other RPMs that require 'nss' can
be installed (jira PED-6358).
- update to NSS 3.90.2
* bmo#1780432 - (CVE-2023-5388) Timing attack against RSA
decryption in TLS. (bsc#1216198)
* bmo#1867408 - add a defensive check for large ssl_DefSend
return values.
- libgudev
-
- Update to version 237:
+ Fix reading double precision floats from sysfs attributes in
locales that use comma as a separator
+ Fix compilation warning
+ Fix headers to help with build reproducibility
+ Clarify licensing information
- Changes from version 236:
+ Fix meson project name to match autotools.
- Changes from version 235:
+ Port build system to meson and remove autotools
+ Fix conversion of sysfs attributes to boolean.
- Add meson BuildRequires and macros following upstreams port.
- Enable pkgconfig(umockdev-1.0) BuildRequires and test macro.
- Update Licence tag to LGPL-2.1-or-later.
- update to 234:
* Clarify that _get_sysfs_attr() functions are cached
* Add functions to get uncached sysfs attributes
- Update to version 233:
+ Require glib 2.38.
+ Small documentation updates.
+ Remove gnome-common build dependency.
- Use modern macros.
- Modernize spec-file by calling spec-cleaner
- ncurses
-
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
* Backport from ncurses-6.4-20230615.patch
improve checks in convert_string() for corrupt terminfo entry
- nghttp2
-
- security update
- added patches
fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-1.patch
fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-2.patch
- openssl-1_1
-
- Security fix: [bsc#1227138, CVE-2024-5535]
* SSL_select_next_proto buffer overread
* Add openssl-CVE-2024-5535.patch
- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
security vulnerability. Calling the function SSL_free_buffers()
potentially caused memory to be accessed that was previously
freed in some situations and a malicious attacker could attempt
to engineer a stituation where this occurs to facilitate a
denial-of-service attack. [CVE-2024-4741, bsc#1225551]
- Security fix: [bsc#1222548, CVE-2024-2511]
* Fix unconstrained session cache growth in TLSv1.3
* Add openssl-CVE-2024-2511.patch
- Security fix: [bsc#1219243, CVE-2024-0727]
* Add NULL checks where ContentInfo data can be NULL
* Add openssl-CVE-2024-0727.patch
- pacemaker
-
- tools: CIB clients retry signon upon an EAGAIN error (gh#ClusterLabs/pacemaker#3567, bsc#1224183)
* bsc#1224183-0002-Fix-tools-CIB-clients-retry-signon-upon-an-EAGAIN-er.patch
- libcib: new function cib__signon_attempts() (gh#ClusterLabs/pacemaker#3567, bsc#1224183)
* bsc#1224183-0001-Refactor-libcib-new-function-cib__signon_attempts.patch
- libcrmcommon: reject ISO 8601 duration without any values (gh#ClusterLabs/pacemaker#3517)
* pacemaker#3517-0002-Low-libcrmcommon-reject-ISO-8601-duration-without-an.patch
- libstonithd: prevent to free 'op_reply' repeatedly in 'stonith_send_command' (gh#ClusterLabs/pacemaker#3517)
* pacemaker#3517-0001-prevent-to-free-op_reply-repeatedly-in-stonith_send_.patch
- tools: make crm_mon exit upon loss of the attached pseudo-terminal (bsc#1220229, gh#ClusterLabs/pacemaker#3430)
* bsc#1220229-0001-Fix-tools-make-crm_mon-exit-upon-loss-of-the-attache.patch
- libcib: Don't incorrectly expand "++" and "+=" in XML attr values (gh#ClusterLabs/pacemaker#3413)
* pacemaker#3413-0003-Fix-libcib-Don-t-incorrectly-expand-and-in-XML-attr-.patch
- libpacemaker: pcmk__inject_failcount should set an integer value (gh#ClusterLabs/pacemaker#3413)
* pacemaker#3413-0001-Low-libpacemaker-pcmk__inject_failcount-should-set-a.patch
- scheduler: log unknown nodes in location constraints (gh#ClusterLabs/pacemaker#3409, CLBZ#5415)
* pacemaker#3409-0007-Log-scheduler-log-unknown-nodes-in-location-constrai.patch
- scheduler: correct lifetime deprecation warning (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0006-Log-scheduler-correct-lifetime-deprecation-warning.patch
- tools: honor rules when getting utilization attributes with crm_resource (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0005-Fix-tools-honor-rules-when-getting-utilization-attri.patch
- scheduler: deprecate support for default instance attributes (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0004-Low-scheduler-deprecate-support-for-default-instance.patch
- scheduler: use default timeout (20s) if user configures 0 (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0003-Fix-scheduler-use-default-timeout-20s-if-user-config.patch
- tools: crm_resource should ignore resource meta-attribute node expressions (gh#ClusterLabs/pacemaker#3409)
* pacemaker#3409-0001-Fix-tools-crm_resource-should-ignore-resource-meta-a.patch
- fencer: always format time_t values as long long (gh#ClusterLabs/pacemaker#3407)
* pacemaker#3407-0001-Log-fencer-always-format-time_t-values-as-long-long.patch
- libcrmcommon: NULL-check strdup() in pcmk__register_message() (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0004-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch
- libcrmcommon: NULL-check strdup() in pcmk__register_format() (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0003-Low-libcrmcommon-NULL-check-strdup-in-pcmk__register.patch
- libpacemaker: Correctly free graphs and synapses (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0002-Low-libpacemaker-Correctly-free-graphs-and-synapses.patch
- libcrmcommon: Initialize some variables (gh#ClusterLabs/pacemaker#3394)
* pacemaker#3394-0001-Low-libcrmcommon-Initialize-some-variables.patch
- HealthSMART:fix the description of temp_lower_limit (gh#ClusterLabs/pacemaker#3392)
* pacemaker#3392-0001-Doc-HealthSMART-fix-the-description-of-temp_lower_li.patch
- cibsecret: Use 'ps axww' to avoid truncating issue (gh#ClusterLabs/pacemaker#3384)
* pacemaker#3384-0001-Fix-cibsecret-Use-ps-axww-to-avoid-truncating-issue.patch
- libcrmcommon: Don't try to parse XML from bad .bz2 file (gh#ClusterLabs/pacemaker#3361)
* pacemaker#3361-0001-Low-libcrmcommon-Don-t-try-to-parse-XML-from-bad-.bz.patch
- libcrmcommon: use uint32_t for 32-bit magic numbers (gh#ClusterLabs/pacemaker#3381)
* pacemaker#3381-0001-Fix-libcrmcommon-use-uint32_t-for-32-bit-magic-numbe.patch
- libcrmcommon: Use free_xml in html_free_priv. (gh#ClusterLabs/pacemaker#3380)
* pacemaker#3380-0003-Low-libcrmcommon-Use-free_xml-in-html_free_priv.patch
- libcrmcommon: Free error strings in html/xml outputters. (gh#ClusterLabs/pacemaker#3380)
* pacemaker#3380-0002-Low-libcrmcommon-Free-error-strings-in-html-xml-outp.patch
- libcrmcommon: Free text/curses private list data. (gh#ClusterLabs/pacemaker#3380)
* pacemaker#3380-0001-Low-libcrmcommon-Free-text-curses-private-list-data.patch
- tools: Fix argument validation for crm_attribute update. (gh#ClusterLabs/pacemaker#3379)
* pacemaker#3379-0001-Low-tools-Fix-argument-validation-for-crm_attribute-.patch
- libcrmcommon: Always output request= in XML output. (gh#ClusterLabs/pacemaker#3362)
* pacemaker#3362-0001-Low-libcrmcommon-Always-output-request-in-XML-output.patch
- tools: Fix memory leak in crm_mon with HTML output (gh#ClusterLabs/pacemaker#3332)
* pacemaker#3332-0001-Low-tools-Fix-memory-leak-in-crm_mon-with-HTML-outpu.patch
- attrd: write Pacemaker Remote node attributes even if not in cache (gh#ClusterLabs/pacemaker#3304)
* pacemaker#3304-0001-Fix-attrd-write-Pacemaker-Remote-node-attributes-eve.patch
- agents: Use attrd_updater dampen delay in SysInfo (gh#ClusterLabs/pacemaker#3286)
* pacemaker#3286-0002-Fix-agents-Use-attrd_updater-dampen-delay-in-SysInfo.patch
- libcrmcommon: Check correct env vars in pcmk__node_attr_target() (gh#ClusterLabs/pacemaker#3286)
* pacemaker#3286-0001-Low-libcrmcommon-Check-correct-env-vars-in-pcmk__nod.patch
- scheduler: restore nvpair behavior without id-ref (gh#ClusterLabs/pacemaker#3292)
* pacemaker#3292-0004-Low-scheduler-restore-nvpair-behavior-without-id-ref.patch
- libcrmcommon: fix NULL dereference in expand_idref() (gh#ClusterLabs/pacemaker#3292)
* pacemaker#3292-0002-Low-libcrmcommon-fix-NULL-dereference-in-expand_idre.patch
- scheduler: improve logs for invalid id-ref's (gh#ClusterLabs/pacemaker#3292)
* pacemaker#3292-0001-Log-scheduler-improve-logs-for-invalid-id-ref-s.patch
- pacemaker-attrd,libcrmcluster: avoid use-after-free when remote node in cluster node cache (gh#ClusterLabs/pacemaker#3293)
* pacemaker#3293-0002-Fix-pacemaker-attrd-libcrmcluster-avoid-use-after-fr.patch
- libcrmcluster: avoid use-after-free in trace log (gh#ClusterLabs/pacemaker#3293)
* pacemaker#3293-0001-Low-libcrmcluster-avoid-use-after-free-in-trace-log.patch
- HealthSmart: Check the parameter values of check_temperature to avoid error output (gh#ClusterLabs/pacemaker#3289)
* pacemaker#3289-0001-Fix-HealthSmart-Check-the-parameter-values-of-check_.patch
- agents: handle dampening parameter consistently and correctly
* 0001-Fix-agents-handle-dampening-parameter-consistently-a.patch
- crm_resource: make --wait wait for pending actions in CIB
* 0001-Refactor-crm_resource-make-wait-wait-for-pending-act.patch
- agents: HealthCPU - fix the validation of input
* 0001-fix-the-validation-of-input.patch
- python3
-
- Add CVE-2024-4032-private-IP-addrs.patch to fix bsc#1226448
(CVE-2024-4032) rearranging definition of private v global IP
addresses.
- Add CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
fixing bsc#1226447 (CVE-2024-0397) by removing memory race
condition in ssl.SSLContext certificate store methods.
- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
gh#python/cpython!16557) fixes syslog making default "ident"
from sys.argv[0].
- Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that
it uses features sniffing, not just comparing version number
(bsc#1220664, bsc#1219559, bsc#1221563, bsc#1222075).
- Remove support-expat-CVE-2022-25236-patched.patch, which was
the previous name of this patch.
- Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping
failing tests.
- Refresh patches:
- CVE-2023-27043-email-parsing-errors.patch
- fix_configure_rst.patch
- skip_if_buildbot-extend.patch
- bsc#1221854 (CVE-2024-0450) Add
CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
detecting the vulnerability of the "quoted-overlap" zipbomb
(from gh#python/cpython!110016).
- Add bh42369-thread-safety-zipfile-SharedFile.patch (from
gh#python/cpython!26974) required by the previous patch.
- Add expat-260-test_xml_etree-reparse-deferral.patch to make the
interpreter work with patched libexpat in our distros.
- Move all patches from locally sourced to the branch
opensuse-3.6 branch at GitHub repo, and move all metadata to
commits themselves (readable in the headers of each patch).
- Add bpo-41675-modernize-siginterrupt.patch to make Python build
cleanly even on more recent SPs of SLE-15
(gh#python/cpython#85841).
- Remove patches:
- bpo36263-Fix_hashlib_scrypt.patch - fix against bug in
OpenSSL fixed in 1.1.1c (gh#openssl/openssl!8483), so this
patch is redundant on all SUSE-supported distros
- python-3.3.0b1-test-posix_fadvise.patch - protection
against the kernel issues which has been fixed in
gh#torvalds/linux@3d3727cdb07f, which has been included in
all our kernels more recent than SLE-11.
- python-3.3.3-skip-distutils-test_sysconfig_module.patch -
skips a test, which should be relevant only for testing on
Mac OS X systems with universal builds. I have no valid
record, that this test would be ever problematic on Linux.
- bpo-36576-skip_tests_for_OpenSSL-111.patch, which was
included already in Python 3.5.
- (bsc#1219666, CVE-2023-6597) Add
CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
gh#python/cpython!99930) fixing symlink bug in cleanup of
tempfile.TemporaryDirectory.
- Merge together bpo-36576-skip_tests_for_OpenSSL-111.patch into
skip_SSL_tests.patch, and make them include all conditionals.
- Refresh CVE-2023-27043-email-parsing-errors.patch to
gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).
- libqb
-
- ipc: Retry receiving credentials if the the message is short (gh#ClusterLabs/libqb#476, rh#2111711, bsc#1224183)
* bsc#1224183-0001-ipc-Retry-receiving-credentials-if-the-the-message-i.patch
- qrencode
-
- update to 4.1.1 (jsc#PED-7296):
* Some minor bugs in Micro QR Code generation have been fixed.
* The data capacity calculations are now correct. These bugs probably did not
affect the Micro QR Code generation.
- update to 4.1.0:
* Command line tool "qrencode" has been improved:
* New option "--inline" has been added. (Thanks to @jp-bennett)
* New option "--strict-version" has been added.
* UTF8 mode now supports ANSI256 color. (Thanks to András Veres-
Szentkirályi)
* Micro QR Code no longer requires to specify the version number.
* 'make check' allows to run the test programs. (Thanks to Jan Tojnar)
* Some compile time warnings have been fixed.
* Various CMake support improvements. (Thanks to @mgorny and @sdf5)
* Some minor bug fixes. (Thanks to Lonnie Abelbeck and Frédéric Wang)
* Some documentation/manpage improvements. (Thanks to Dan Jacobson)
* Some performance improvements. (Thanks to @4061N and Mika Lindqvist)
- remove qrencode-fix-installation.patch (upstream)
- Update to version 4.0.2
* Build script fixes. (Thanks to @mgorny)
version 4.0.1
* CMake support improved.
* New test scripts have been added.
* Some compile time warnings have been fixed.
- Refreshed qrencode-fix-installation.patch
- libsolv
-
- removed dependency on external find program in the repo2solv tool
- bindings: fix return value of repodata.add_solv()
- new SOLVER_FLAG_FOCUS_NEW flag
- bump version to 0.7.30
- add a conflict to older libsolv-tools to libsolv-tools-base
- report unsupported compression in solv_xfopen() with errno
- fix return value of repodata.add_solv() in the bindings
- fix SHA-224 oid in solv_pgpvrfy
- improve updating of installed multiversion packages
- fix decision introspection going into an endless loop in some
cases
- added experimental lua bindings
- bump version to 0.7.29
- split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- build for multiple python versions [jsc#PED-6218]
- bump version to 0.7.28
- libssh
-
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1227396)
- added libssh-fix-ipv6-hostname-regression.patch
- Update to 0.9.8: [jsc#PED-7719, bsc#1218126, CVE-2023-48795]
* Rebase 0001-disable-timeout-test-on-slow-buildsystems.patch
* Remove patches fixed in the update:
- CVE-2019-14889.patch
- 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch
- Update to version 0.9.8
* Fix CVE-2023-6004: Command injection using proxycommand (bsc#1218209)
* Fix CVE-2023-48795: Potential downgrade attack using strict kex (bsc#1218126)
* Fix CVE-2023-6918: Missing checks for return values of MD functions (bsc#1218186)
* Allow @ in usernames when parsing from URI composes
- Update to version 0.9.7
* Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm
guessing (bsc#1211188)
* Fix CVE-2023-2283: a possible authorization bypass in
pki_verify_data_signature under low-memory conditions (bsc#1211190)
* Fix several memory leaks in GSSAPI handling code
- Update to version 0.9.6 (bsc#1189608, CVE-2021-3634)
* https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6
- Add missing BR for openssh needed for tests
- update to 0.9.5 (bsc#1174713, CVE-2020-16135):
* CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
* Improve handling of library initialization (T222)
* Fix parsing of subsecond times in SFTP (T219)
* Make the documentation reproducible
* Remove deprecated API usage in OpenSSL
* Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
* Define version in one place (T226)
* Prevent invalid free when using different C runtimes than OpenSSL (T229)
* Compatibility improvements to testsuite
- Update to version 0.9.4
* https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
* Fix possible Denial of Service attack when using AES-CTR-ciphers
CVE-2020-1730 (bsc#1168699)
- libssh2_org
-
- Fix an issue with Encrypt-then-MAC family. [bsc#1221622]
* Test the ETM feature in the remote end's configuration when
receiving data. Upstream issue: #1331.
* Add libssh2_org-ETM-remote.patch
- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com"
when configuring custom method list. [bsc#1218971, CVE-2023-48795]
* The strict-kex extension is announced in the list of available
KEX methods. However, when the default KEX method list is modified
or replaced, the extension is not added back automatically.
* Add libssh2_org-CVE-2023-48795-ext.patch
- suseconnect-ng
-
- Update version to 1.11
- Added uname as collector
- Added SAP workload detection
- Added detection of container runtimes
- Multiple fixes on ARM64 detection
- Use `read_values` for the CPU collector on Z
- Fixed data collection for ppc64le
- Grab the home directory from /etc/passwd if needed (bsc#1226128)
- Update version to 1.10.0
* Build zypper-migration and zypper-packages-search as standalone
binaries rather then one single binary
* Add --gpg-auto-import-keys flag before action in zypper command (bsc#1219004)
* Include /etc/products.d in directories whose content are backed
up and restored if a zypper-migration rollback happens. (bsc#1219004)
* Add the ability to upload the system uptime logs, produced by the
suse-uptime-tracker daemon, to SCC/RMT as part of keepalive report.
(jsc#PED-7982) (jsc#PED-8018)
* Add support for third party packages in SUSEConnect
* Refactor existing system information collection implementation
- Update to version 1.9.0
* Fix certificate import for Yast when using a registration proxy with
self-signed SSL certificate (bsc#1223107)
- Update to version 1.8.0
* Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)
- Update to version 1.7.0
* Allow SUSEConnect on read write transactional systems (bsc#1219425)
- tiff
-
- security update:
* CVE-2024-7006 [bsc#1228924]
Fix pointer deref in tif_dirinfo.c
+ tiff-CVE-2024-7006.patch
- security update:
* CVE-2023-3164 [bsc#1212233]
Fix heap buffer overflow in tiffcrop
+ tiff-CVE-2023-3164.patch
- security update:
* CVE-2023-40745[bsc#1214687] CVE-2023-41175[bsc#1214686] [bsc#1221187]
CVE-2023-38288[bsc#1213590]
Fix potential int overflow in raw2tiff.c and tiffcp.c
Rename tiff-CVE-2023-38288.patch into
tiff-CVE-2023-38288,CVE-2023-40745,CVE-2023-41175.patch
- security update:
* CVE-2023-52356 [bsc#1219213]
Fix segfault in TIFFReadRGBATileExt()
+ tiff-CVE-2023-52356.patch
- libvirt
-
- CVE-2024-2494: remote: check for negative array lengths before
allocation
8a3f8d95-CVE-2024-2494.patch, 1b8c1ce7-adapt-libssh2-api.patch
bsc#1221815
- libxml2
-
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
xmlHTMLPrintFileContext in xmllint.c
* Added libxml2-CVE-2024-34459.patch
- Security fix (CVE-2024-25062, bsc#1219576) use-after-free in XMLReader
* Added libxml2-CVE-2024-25062.patch
- libzypp
-
- Make sure not to statically linked installed tools (bsc#1228787)
- version 17.35.8 (35)
- MediaPluginType must be resolved to a valid MediaHandler
(bsc#1228208)
- version 17.35.7 (35)
- Export CredentialManager for legacy YAST versions (bsc#1228420)
- version 17.35.6 (35)
- Export asSolvable for YAST (bsc#1228420)
- Fix 4 typos in zypp.conf.
- version 17.35.5 (35)
- Fix typo in the geoip update pipeline (bsc#1228206)
- Export RepoVariablesStringReplacer for yast2 (bsc#1228138)
- version 17.35.4 (35)
- Translation: updated .pot file.
- Conflict with python zypp-plugin < 0.6.4 (bsc#1227793)
Older zypp-plugins reject stomp headers including a '-'. Like the
'content-length' header we may send.
- Fix int overflow in Provider (fixes #559)
This patch fixes an issue in safe_strtonum which caused
timestamps to overflow in the Provider message parser.
- Fix error reporting on repoindex.xml parse error (bsc#1227625)
- version 17.35.3 (35)
- Keep UrlResolverPlugin API public (fixes #560)
- Blacklist /snap executables for 'zypper ps' (bsc#1226014)
- Fix handling of buddies when applying locks (bsc#1225267)
Buddy pairs (like -release package and product) internally share
the same status object. When applying locks from query results
the locked bit must be set if either item is locked.
- version 17.35.2 (35)
- Install zypp/APIConfig.h legacy include (fixes #557)
- version 17.35.1 (35)
- Update soname due to RepoManager refactoring and cleanup.
- version 17.35.0 (35)
- Workaround broken libsolv-tools-base requirements (fixes
openSUSE/zypper#551)
- Strip ssl_clientkey from repo urls (bsc#1226030)
- Remove protobuf build dependency.
- Lazily attach medium during refresh workflows (bsc#1223094)
- Refactor RepoManager and add Service workflows.
- version 17.34.2 (34)
- zypp-tui: Make sure translated texts use the correct textdomain
(fixes #551)
- Skip libproxy1 requires for tumbleweed.
- version 17.34.1 (34)
- don't require libproxy1 on tumbleweed, it is optional now
- version 17.34.0 (34)
- Fix versioning scheme
- version 17.33.4 (35)
- add one more missing export for libyui-qt-pkg
- Revert eintrSafeCall behavior to setting errno to 0.
- version 17.33.3 (34)
- fix up requires_eq usage for libsolv-tools-base
- add one more missing export for PackageKit
- version 17.33.2
- version 17.33.1 (33)
- switch to reduced size libsolv-tools-base (jsc#PED-8153)
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- Add ZYPP_API for exported functions and switch to
visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- version 17.33.0 (33)
- Fix download from gpgkey URL (bsc#1223430, fixes openSUSE/zypper#546)
- version 17.32.6 (32)
- Don't try to refresh volatile media as long as raw metadata are
present (bsc#1223094)
- version 17.32.5 (32)
- Fix creation of sibling cache dirs with too restrictive mode
(bsc#1222398)
Some install workflows in YAST may lead to too restrictive (0700)
raw cache directories in case of newly created repos. Later
commands running with user privileges may not be able to access
these repos.
- version 17.32.4 (32)
- Update RepoStatus fromCookieFile according to the files mtime
(bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)
- Fixup New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
Fixed the name of the keyword to "support_superseded" as it was
agreed on in jsc#OBS-301.
- version 17.32.2 (32)
- Add resolver option 'removeUnneeded' to file weak remove jobs
for unneeded packages (bsc#1175678)
- version 17.32.1 (32)
- Add resolver option 'removeOrphaned' for distupgrade
(bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)
- ProblemSolution::skipsPatchesOnly overload to handout the
patches.
- Remove https->http redirection exceptions for
download.opensuse.org.
- version 17.31.32 (22)
- tui: allow to access the underlying ostream of out::Info.
- Add MLSep: Helper to produce not-NL-terminated multi line
output.
- version 17.31.31 (22)
- applydeltaprm: Create target directory if it does not exist
(bsc#1219442)
- Add ProblemSolution::skipsPatchesOnly (for openSUSE/zypper#514)
- Fix problems with EINTR in ExternalDataSource::getline (fixes
bsc#1215698)
- version 17.31.30 (22)
- CheckAccessDeleted: fix running_in_container detection
(bsc#1218782)
- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime
(bsc#1218831)
- Make Wakeup class EINTR safe.
- Add a way to cancel media operations on shutdown
(openSUSE/zypper#522)
This patch adds a mechanism to signal libzypp that a shutdown was
requested, usually when CTRL+C was pressed by the user. Currently
only the media backend will utilize this, but can be extended to
all code paths that use g_poll() to wait for events.
- Manually poll fds for curl in MediaCurl.
Using curl_easy_perform does not give us the required control on
when we want to cancel a download. Switching to the MultiCurl
implementation with a external poll() event loop will give us
much more freedom and helps us to improve our Ctrl+C handling.
- Move reusable curl poll code to curlhelper.h.
- version 17.31.29 (22)
- Fix to build with libxml 2.12.x (fixes #505)
- version 17.31.28 (22)
- shadow
-
- bsc#1228770: Fix not copying of skel files
Update shadow-CVE-2013-4235.patch
- bsc#916845 (CVE-2013-4235): Fix TOCTOU race condition
Add shadow-CVE-2013-4235.patch
- netcfg
-
- Add krb-prop entry, fix for bsc#1211886.
- ocfs2-tools
-
- OCFS2 writes delay on large volumes - slow la window lookup from global_bitmap (bsc#1219224)
* bsc1219224-debugfs.ocfs2-support-recording-gd-bg_contig_free_bi.patch
- fsck.ocfs2: add the ability to clear jbd2 errno (bsc#1216834)
+ mounted.ocfs2-use-sys-sysmacros.h-include-for-makede.patch
+ Fix-build-failure-with-glibc-2.28.patch
+ bsc1216834-fsck.ocfs2-add-the-ability-to-clear-jbd2-errno.patch
- openssh
-
- Add patches from upstream to change the default value of
UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
This makes ssh update the known_hosts stored keys with all
published versions by the server (after it's authenticated
with an existing key), which will allow to identify the
server with a different key if the existing key is considered
insecure at some point in the future (bsc#1222831).
* 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
* 0002-upstream-disable-UpdateHostkeys-by-default-if.patch
- Add patches openssh-7.7p1-seccomp_getuid.patch and
openssh-bsc1216474-s390-leave-fds-open.patch
(bsc#1216474, bsc#1218871)
- Fix hostbased ssh login failing occasionally with "signature
unverified: incorrect signature" by fixing a typo in patch
(bsc#1221123):
* openssh-7.8p1-role-mls.patch
- Added openssh-cve-2023-51385.patch (bsc#1218215, CVE-2023-51385).
This limits the use of shell metacharacters in host- and
user names.
- pam-config
-
- Fix pam_gnome_keyring module for AUTH.
[pam-config-fix-pam_gnome_keyring.patch, bsc#1219767]
- pam
-
- Prevent cursor escape from the login prompt [bsc#1194818]
* Added: pam-bsc1194818-cursor-escape.patch
- perl
-
- fix space calculation issues in pp_pack.c [bnc#1082216]
[CVE-2018-6913]
* new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
[CVE-2018-6798]
new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
new patch: perl-net-ftp-tls13.diff
- python-azure-agent
-
- Restart the agent (bsc#1227600)
+ The agent service gets restarted in post but may fail due to a missing
config file. config files were split into their own package previously.
When we detect that we have to restore a config file we also need
to restart the agent again.
- Add agent-btrfs-use-f.patch (bsc#1227711)
+ Use the proper option to force btrfs to overwrite a file system on the
resource disk if one already exists.
- Set Provisioning.Agent parameter to 'cloud-init' in SLE Micro >= 5.5
(bsc#1227106).
- Do not package waagent2.0 in Python 3 builds.
- Drop obsolete otherproviders keyword from Conflicts statements
- Do not require wicked in non-SUSE build environments.
- Apply python3 interpreter patch in non SLE build environments
(bcs#1227067)
- Simplify %suse_version conditionals
- Use the -Z option for mv and cp in the posttrans to properly handle
SELinux context (bsc#1225946)
- Keep the existing config file (bsc#1222620)
+ During separation of the config file into subpackages it was forgotten
that on update of the main package the previously provided config file
would be removed. SInce we do not know which flavor of our images the
package is being upgraded on, preserve the previously existing config
file. This will orphan the file if non of the -config-* packages gets
installed.
- Do not force wicked dependency for networking, allow NM in SLE Micro 5.5
and for ALP based products
- Change patch syntax in preparetion for RPM 4.20
- Recognise SLE-Micro as a SLE based distro
+ Add agent-micro-is-sles.patch
- Create sub-packages for the config (jsc#PED-7869)
+ Remove config manipulation from image building
+ Set up a config for SLE-Micro
+ Makes deafult upstream config available
- Update to 2.9.1.1 (bsc#1217301, bsc#1217302)
+ Update remove-mock.patch
+ Download certificates when goal state source is fast track #2761
+ Increase the max number of extension events by 20% #2785
+ Remove version suffix from extension slice #2782
+ Support int type for eventPid and eventTid fields #2786
+ Improve log for swap counter not found #2789
+ Remove cgroup files during deprovisioning #2790
+ Log VM architecture in heartbeat telemetry for arm64 adoption
monitoring #2818
+ Enforce memory usage for agent #2671
+ Use common download logic for agent downloads #2682
+ Implement Fedora distro #2642
+ Report message in handler heartbeat #2688
+ Remove dependency on pathlib from makepkg #2717
+ Do not fetch extensions goal state in log collector #2713
+ Update log collector unit file to remove memory limit #2757
+ Fix bug in get_dhcp_pid (CoreOS) #2784
+ Fetch full distro version for mariner #2773
From 2.9.04
+ Resource Governance on extensions (CPU monitoring and enforcing & Memory
monitoring) #2632 #2581 #2555
+ Agent resource governance #2597 #2591 #2546
+ monitor system-wide memory metrics (#2610)
+ Additional telemetry for goal state (#2675)
+ HostGAPlugin usage improvements #2662 #2673 #2655 #2651
+ Add logging statements for mrseq migration during update (#2667)
+ Logcollector memory usage #2658 #2637
+ Update Log Collector default in Comments and Readme (#2608)
+ Improve telemetry success and failure markers (#2605) #2604 #2599
+ Fix formatting of exceptions on Python 3.10
(traceback.format's etype argument) (#2663)
+ Fix UNKNOWN(Zombie) Process in unexpected processes check (#2644)
+ SUSE: Fix valid values for DHCLIENT_HOSTNAME_OPTION (#2643)
+ Debian - string conversion for systemd service (#2574)
+ Do not set a CPU quota on the agent for RHEL and Centos (#2685) #2689 #2693
+ support rhel distro (#2620) #2598
+ Added support for devuan linux distribution (#2553)
No incremental updates between 2.8.011 and 2.9.0.4
- Clean up conditions in spec file:
+ There is no maintained distro > 1315 (SLE12) AND < 1500
(SLE15). Only openSUSE 13.2 and 13.3 lived in that space, but
they are clearly not the target of this spec file.
+ if 0%{?Suse_version} && 0{?suse_version} > 1315: no need to
first validate suse_version being defined: whenever it
is > 1315, must be defined.
- Add patch remove-mock.patch:
* Use unittest.mock first, falling back to mock if required.
- Tighten Requires against python3-mock.
- python-Jinja2
-
- Add CVE-2024-34064.patch upstream patch
(CVE-2024-34064, bsc#1223980, gh#pallets/jinja@0668239dc6b4)
Also fixes (CVE-2024-22195, bsc#1218722)
- python-PyYAML
-
- reenable the cython yaml loader (bsc#1225641)
- python-adal
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.2.7
+ For detailed information about changes see the
HISTORY.txt file provided with this package
- New upstream release
+ Version 1.2.6
+ For detailed information about changes see the
HISTORY.txt file provided with this package
- python-applicationinsights
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.11.10
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-argcomplete
-
- Fix update-alternatives, bsc#1224109
- Use update-alternatives for package binaries to avoid conflict with
python311 stack. bsc#1219305
- python-azure-ai-anomalydetector
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 3.0.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-ai-metricsadvisor
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b4
- New upstream release
+ Version 1.0.0b4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-ai-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-ai-textanalytics
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 5.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 5.1.0.0 to ensure
proper upgrade from previous version 5.1.0b7
- Update Requires from setup.py
- New upstream release
+ Version 5.1.0b7
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.1.0b6
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.1.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-appconfiguration
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.2.0.0 to ensure
proper upgrade from previous version 1.2.0b2
- New upstream release
+ Version 1.2.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.2.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-applicationinsights
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.1.1
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-batch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 12.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-cognitiveservices-anomalydetector
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-formrecognizer
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-inkrecognizer
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-knowledge-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-cognitiveservices-knowledge-qnamaker
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-language-luis
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-language-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-cognitiveservices-language-spellcheck
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-language-textanalytics
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.2.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-cognitiveservices-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-cognitiveservices-personalizer
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-autosuggest
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-customimagesearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-customsearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-entitysearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-imagesearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-newssearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-cognitiveservices-search-videosearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-visualsearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-search-websearch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-vision-computervision
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.9.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.8.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-cognitiveservices-vision-contentmoderator
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-vision-customvision
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cognitiveservices-vision-face
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-cognitiveservices-vision-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-common
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.28
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.1.27
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-communication-administration
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0b4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-communication-chat
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Temporarily override package version to 1.0.0.0 to allow
upgrades from the previous 1.0.0b5 version
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b5
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0b4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-communication-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-communication-sms
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Temporarily override package version to 1.0.0.0 to allow
upgrades from the previous 1.0.0b6 version
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b6
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-core
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-cosmos
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-data-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-datalake-store
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.0.52
+ For detailed information about changes see the
HISTORY.rst file provided with this package
- python-azure-devops
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Revert previous change use to %pyunittest to invoke testsuite
- %check: use %pyunittest rpm macro
- python-azure-eventgrid
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 4.7.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.7.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 4.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 4.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.1.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-eventhub-checkpointstoreblob
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.1.3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update BuildRequires and Requires from setup.py
- New upstream release
+ Version 1.1.2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-eventhub
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 5.7.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.6.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.3.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 5.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-functions-devops-build
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-graphrbac
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-identity
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.10.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Drop patches for issues fixed upstream
+ ai_relax-python-depends.patch
- Override upstream version with 1.10.0.0 to ensure
proper upgrade from previous version 1.10.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.10.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Add patch to relax Python dependencies in setup.py
+ ai_relax-python-depends.patch
- Update Requires from setup.py
- New upstream release
+ Version 1.9.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.8.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.7.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.7.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.6.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.6.0.0 to ensure
proper upgrade from previous version 1.6.0b3
- New upstream release
+ Version 1.6.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.6.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-keyvault-administration
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 4.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 4.0.0.0 to ensure
proper upgrade from previous version 4.0.0b3
- Update Requires from setup.py
- New upstream release
+ Version 4.0.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-keyvault-certificates
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 4.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-keyvault-keys
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 4.5.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 4.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 4.5.0.0 to ensure
proper upgrade from previous version 4.5.0b6
- New upstream release
+ Version 4.5.0b6
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 4.5.0b5
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 4.5.0b4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 4.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 4.4.0.0 to ensure
proper upgrade from previous version 4.4.0b4
- New upstream release
+ Version 4.4.0b4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.4.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 4.3.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-keyvault-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Switch to explicit namespace packages on Python 3 (PEP 420)
- python-azure-keyvault-secrets
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 4.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-keyvault
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Only build Python3 flavors for distributions 15 and greater
- python-azure-loganalytics
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.1.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-advisor
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-alertsmanagement
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-apimanagement
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 3.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-appconfiguration
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.1.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-applicationinsights
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 3.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 2.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-appplatform
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 6.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 6.0.0.0 to ensure
proper upgrade from previous version 6.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 6.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-attestation
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-authorization
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-automanage
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-automation
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-azurestackhci
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0rc1
- python-azure-mgmt-azurestack
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-batchai
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-batch
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 16.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 16.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 15.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 14.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-billing
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-botservice
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- python-azure-mgmt-cdn
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 12.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-cognitiveservices
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 13.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 13.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 12.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 11.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-commerce
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-communication
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b4
- python-azure-mgmt-compute
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 26.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 26.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 25.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 24.0.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 24.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-consumption
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-containerinstance
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- Downgrade to previous upstream release
+ Version 2.0.0
+ Required to unbreak Azure CLI packages (bsc#1183865)
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-containerregistry
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-containerservice
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 19.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 19.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 18.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 17.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 16.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 16.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 16.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 16.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 16.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 15.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 15.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 14.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-core
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.3.0.0 to ensure
proper upgrade from previous version 1.3.0b3
- New upstream release
+ Version 1.3.0b3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.3.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-cosmosdb
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.0.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 6.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-costmanagement
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 3.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-databoxedge
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-databricks
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-datafactory
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 2.2.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 2.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- New upstream release
+ Version 0.15.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-datalake-analytics
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-datalake-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-mgmt-datalake-store
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-datamigration
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 10.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 9.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-datashare
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-deploymentmanager
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-devspaces
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-devtestlabs
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-dns
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 8.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-documentdb
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-edgegateway
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-eventgrid
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 10.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 10.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-eventhub
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 10.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-frontdoor
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
HISTORY.txt file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-hanaonazure
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-hdinsight
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-healthcareapis
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-hybridcompute
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 7.0.0.0 to ensure
proper upgrade from previous version 7.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 7.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-imagebuilder
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-iotcentral
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 9.0.0.0 to ensure
proper upgrade from previous version 9.0.0b1
- New upstream release
+ Version 9.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 4.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-iothubprovisioningservices
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-iothub
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-keyvault
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-kubernetesconfiguration
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-kusto
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-labservices
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-loganalytics
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 13.0.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 12.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 11.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 10.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-logic
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-machinelearningcompute
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-machinelearningservices
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-managedservices
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 6.0.0.0 to ensure
proper upgrade from previous version 6.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 6.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-managementgroups
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-managementpartner
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-maps
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-marketplaceordering
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-media
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 7.0.0.0 to ensure
proper upgrade from previous version 7.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 7.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-mixedreality
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-monitor
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 3.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 3.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-msi
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 6.0.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Updates Requires from setup.py
- python-azure-mgmt-netapp
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.0.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 5.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-network
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 19.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 19.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-notificationhubs
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-mgmt-peering
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-policyinsights
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-powerbiembedded
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-privatedns
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-rdbms
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 10.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 10.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 9.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 9.1.0.0 to ensure
proper upgrade from previous version 9.1.0b1
- New upstream release
+ Version 9.1.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 9.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 8.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 8.1.0.0 to ensure
proper upgrade from previous version 8.1.0b4
- New upstream release
+ Version 8.1.0b4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 8.1.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-recoveryservicesbackup
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 5.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.1.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 4.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 3.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 0.11.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.10.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-recoveryservices
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-redhatopenshift
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-redis
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 13.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 13.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 12.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-regionmove
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-relay
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-reservations
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-resourcegraph
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-resourcemover
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.1.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-scheduler
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-search
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 8.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-security
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-serialconsole
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-servermanager
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-servicebus
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 7.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-servicefabric
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-signalr
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b2
- New upstream release
+ Version 1.0.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-sqlvirtualmachine
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-sql
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 4.0.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 3.0.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 3.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-storagecache
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 0.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Summary and %description from setup.py
- python-azure-mgmt-storageimportexport
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-storagesync
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0b1
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0b1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-storage
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 20.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 19.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 19.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 18.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 17.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 17.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-streamanalytics
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 1.0.0.0 to ensure
proper upgrade from previous version 1.0.0rc1
- Update Requires from setup.py
- python-azure-mgmt-subscription
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt-synapse
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 2.1.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-mgmt-trafficmanager
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Rename HISTORY.rst to CHANGELOG.md in %files section
- Rename README.rst to README.md in %files section
- Update Requires from setup.py
- python-azure-mgmt-vmwarecloudsimple
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-mgmt-web
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 6.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 6.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 5.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 1.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-mgmt
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Add additional packages from the Azure SDK to Requires
+ python-azure-mgmt-app
- Add additional packages from the Azure SDK to Requires
+ python-azure-mgmt-agfood
+ python-azure-mgmt-agrifood
+ python-azure-mgmt-avs
+ python-azure-mgmt-chaos
+ python-azure-mgmt-connectedvmware
+ python-azure-mgmt-dataprotection
+ python-azure-mgmt-deviceupdate
+ python-azure-mgmt-digitaltwins
+ python-azure-mgmt-edgeorder
+ python-azure-mgmt-elastic
+ python-azure-mgmt-extendedlocation
+ python-azure-mgmt-fluidrelay
+ python-azure-mgmt-guestconfig
+ python-azure-mgmt-hybridnetwork
+ python-azure-mgmt-loadtestservice
+ python-azure-mgmt-logz
+ python-azure-mgmt-mobilenetwork
+ python-azure-mgmt-oep
+ python-azure-mgmt-orbital
+ python-azure-mgmt-purview
+ python-azure-mgmt-quantum
+ python-azure-mgmt-quota
+ python-azure-mgmt-recoveryservicessiterecovery
+ python-azure-mgmt-resourceconnector
+ python-azure-mgmt-resourcehealth
+ python-azure-mgmt-servicefabricmanagedclusters
+ python-azure-mgmt-servicelinker
+ python-azure-mgmt-storagepool
+ python-azure-mgmt-testbase
+ python-azure-mgmt-videoanalyzer
+ python-azure-mgmt-webpubsub
- python-azure-monitor
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-multiapi-storage
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.9.0
+ For detailed information about changes see the
README.rst file provided with this package
- New upstream release
+ Version 0.8.0
+ For detailed information about changes see the
README.rst file provided with this package
- New upstream release
+ Version 0.7.0
+ For detailed information about changes see the
README.rst file provided with this package
- New upstream release
+ Version 0.6.2
+ For detailed information about changes see the
README.rst file provided with this package
- Update Requires from setup.py
- python-azure-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-sdk
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Add additional packages from the Azure SDK to Requires
+ python-azure-agrifood-farming
+ python-azure-agrifood-nspkg
+ python-azure-ai-formrecognizer
+ python-azure-ai-language-nspkg
+ python-azure-ai-language-questionanswering
+ python-azure-ai-translation-document
+ python-azure-ai-translation-nspkg
+ python-azure-communication-identity
+ python-azure-communication-networktraversal
+ python-azure-communication-phonenumbers
+ python-azure-confidentialledger
+ python-azure-containerregistry
+ python-azure-core-tracing-opencensus
+ python-azure-core-tracing-opentelemetry
+ python-azure-data-tables
+ python-azure-digitaltwins-core
+ python-azure-digitaltwins-nspkg
+ python-azure-eventhub-checkpointstoreblob-aio
+ python-azure-media-nspkg
+ python-azure-media-videoanalyzer-edge
+ python-azure-messaging-nspkg
+ python-azure-messaging-webpubsubservice
+ python-azure-mixedreality-authentication
+ python-azure-mixedreality-nspkg
+ python-azure-monitor-nspkg
+ python-azure-monitor-query
+ python-azure-purview-account
+ python-azure-purview-administration
+ python-azure-purview-catalog
+ python-azure-purview-nspkg
+ python-azure-purview-scanning
+ python-azure-schemaregistry
+ python-azure-schemaregistry-avroserializer
+ python-azure-security-attestation
+ python-azure-security-nspkg
+ python-azure-storage-file-datalake
+ python-azure-storage-file-share
+ python-azure-storage-queue
+ python-azure-synapse-managedprivateendpoints
+ python-azure-synapse-monitoring
+ python-azure-template
- Remove packages that are included via python-azure-mgmt from Requires
+ python-azure-mgmt-commerce
+ python-azure-mgmt-documentdb
+ python-azure-mgmt-iothubprovisioningservices
+ python-azure-mgmt-servermanager
+ python-azure-mgmt-web
- python-azure-search-documents
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 11.2.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Remove temporary version override
- New upstream release
+ Version 11.2.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Override upstream version with 11.2.0.0 to ensure
proper upgrade from previous version 11.2.0b2
- Update Requires from setup.py
- New upstream release
+ Version 11.2.0b2
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 11.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-search-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Fix issues with Python multi-flavor builds
+ Create directories using %pythond_expand in %install section
+ Use canonical %{python_sitelib} path in %files section
- python-azure-servicebus
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 7.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 7.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 7.3.4
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.3.3
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 7.3.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.3.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.1.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.1.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 7.0.1
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-servicefabric
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 8.2.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 8.0.0.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- python-azure-servicemanagement-legacy
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-storage-common
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-storage-file
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-storage-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-synapse-accesscontrol
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.7.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-synapse-artifacts
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.12.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 0.11.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 0.10.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- Update Requires from setup.py
- New upstream release
+ Version 0.9.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.8.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python-azure-synapse-nspkg
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-azure-synapse-spark
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- New upstream release
+ Version 0.7.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.6.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.5.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- New upstream release
+ Version 0.4.0
+ For detailed information about changes see the
CHANGELOG.md file provided with this package
- python3-azuremetadata
-
- Version 5.1.6
Fix empty list attributes (bsc#1218760)
- python-dnspython
-
- Add new patches to solve DoS:
- CVE-2023-29483-pre1.patch
- CVE-2023-29483.patch
(bsc#1222693, CVE-2023-29483, gh#rthalley/dnspython#1044)
- python-idna
-
- Add CVE-2024-3651.patch, backported from upstream commit
gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
(bsc#1222842, CVE-2024-3651)
- python-msal-extensions
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update to version 1.0.0
+ New: Add a new platform-independent build_encrypted_persistence() API. (#87, #110)
+ Remove: Old TokenCache API which has been deprecated for 2 years. (#110)
+ Enhancement: Make all platform-dependent parameters optional (#103)
+ Enhancement: Provide PersistenceEncryptError and PersistenceDecryptError,
currently raised when encryption on Windows fails. (#108)
+ Enhancement: The data file will be created with 600 permission when
running in Unix-like systems. (#107)
- Update to version 0.3.1
+ Enhancement: Better concurrency (#61, #63, #100)
+ Bugfix: Now supports user home dir in drive root on Windows (#83, #84)
+ Enhancement: This package can now be run inside container
+ Enhancement: Improvement compatibility with PyInstaller 3.5 on Python 2.7 (#85, #91)
+ Enhancement: Catchable exception when persistence is unavailable (#92, #93)
+ Enhancement: Support dependency portalocker 2.0+ (#94, #97)
+ Enhancement: Improve documentation (#77, #102)
+ Including license in release package (#76)
- python-msal
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update to version 1.17.0
+ New: Define some Cloud Instance constants and the usage
pattern of using them (#221, #433)
+ Enhancement: Lazy-load dependencies so that the start-up
and run time will usually be faster. (#423, #454)
+ Enhancement: Bubble up token refresh exceptions (#431, #434)
+ Enhancement: Documents a simpler http_cache usage pattern (#439)
+ Enhancement: Expose authority discovery error for troubleshooting (#443)
+ Enhancement: Actionable exception message when local machine
time error is detected (#446, #449, #453)
+ Enhancement: Actionable exception message when username
password flow encounters errors with ADFS (#456, #458)
- Update to version 1.16.0
+ New feature: Introducing a new http_cache parameter, whose documentation
is available by searching http_cache (dict) from our API Reference Doc
(Implementation #407). If an app utilizes this feature, it will also
address #80 & #334.
+ Improvement: Prevent concurrent interactive flows listening on same port
when running on Windows (#427)
+ Improvement: Detecting Regional Endpoint from env var. Also ensure the
entire regional endpoint behavior needs to opt in. (#425)
- from version 1.15.0
+ New feature: Now both initiate_auth_code_flow() and acquire_token_interactive()
accept a new optional parameter max_age which is the allowable elapsed time
in seconds since the last time the End-User was actively authenticated. If
the elapsed time is greater than this value, Microsoft identity platform
will actively re-authenticate the End-User. (#381, #389)
+ Improvement: MSAL will now automatically utilize a backup authentication
system, to provide better resiliency. (#376, #395, #409)
+ Improvement: Previously, acquire_token_interactive() was not able to be aborted
by CTRL+C when running on Windows. It is now fixed. (#393, #404)
+ Bugfix: The http cache feature shipped in #379 came with an unexpected side
effect to slow down the Device Code Flow. Now fixed. (#408, #410)
+ Change: Adopting cryptography 35.0.0 (#414)
- from version 1.14.0
UPDATE: There was a bug in this version, being fixed in subsequent
1.15.0. We recommend everyone to upgrade to msal>=1.15.0,<2.
There is no API-level change in this MSAL release. So, all existing
apps do not need any code changes. Just upgrade, and your app will
gain the following behaviors.
+ Behavior Change: By default, MSAL Python will launch Edge browser when
running on Linux, when Edge is installed on current desktop. (#388)
+ Behavior Change: MSAL Python will use an in-memory http-level cache.
This would improve the latency in normal cases, and improve responsiveness
for invalid requests and outage. (#159, #379)
+ Behavior Change: MSAL Python will no longer use env var REGION_NAME as
the Azure region name. (#394, #382)
+ Bugfix: MSAL Python will no longer throw exception when your app
excludes the profile scope. (#387, #390)
- from version 1.13.0
+ New feature: MSAL supports a confidential client being authenticated
by a pre-signed assertion. Usage:
cca = ConfidentialClientApplication(
...,
client_credential={"client_assertion": "...a JWT with claims aud, exp, iss, jti, nbf, and sub..."},
...)
This can be useful for where the signing takes place externally for
example using Azure Key Vault (AKV). AKV sample included (#161, #271).
+ Improvement: Skip unnecessary and repetitive region detection. (#372, #373)
- Update to version 1.12.0
+ New feature: MSAL Python supports ConfidentialClientApplication(..., azure_region=...).
If your app is deployed in Azure, you can use this new feature to pin a region.
(#295, #358)
+ New feature: Historically MSAL Python attempts to acquire a Refresh Token (RT) by
default. Since this version, MSAL Python supports ConfidentialClientApplication(...,
excluse_scopes=["offline_access"]) to opt out of RT (#207, #361)
+ Improvement: acquire_token_interactive(...) can also trigger browser when
running inside WSL (8d86917)
+ Adjustment: get_accounts(...) would automatically combine equivalent accounts,
so that your account selector widget could be easier to use (#349)
+ Document: MSAL Python has long been accepting acquire_token_interactive(..., prompt="create"),
now we officially documented it. (#356, #360)
- from version 1.11.0
+ Enhancement: ConfidentialClientApplication also supports
acquire_token_by_username_password() now. (#294, #344)
+ Enhancement: PublicClientApplication's acquire_token_interactive() also supports WSL Ubuntu
18.04 (#332, #333)
+ Enhancement: Enable a retry once behavior on connection error. (But this is only available
from the default http client. If your app supplies your customized http_client via MSAL
constructors, it is your http_client's job to decide whether retry.) (#326)
+ Enhancement: MSAL improves the internal telemetry mechanism. (#137, #175, #329, #345)
+ Bugfix: Better compatibility on handling SAML token when using
acquire_token_by_username_password() with ADFS. (#336)
- Update to version 1.10.0
+ Enhancement: Proactive access token (AT) refreshing. Previously, an AT is
either valid or expired. If an AT expires and your network happens to have
a glitch, your app wouldn't be able to auth. Now, MSAL Python attempts to
refresh some AT (typically long-lived AT) half way towards their expiration,
and silently ignores the error and retries next time, so that your app would
be more resilient. All these happen automatically, without any code change
to your app. (#176, #312, #320)
+ Adjustment: MSAL Python will keep RT in token cache even when its usage
encounters an "invalid_grant" error, so that the RT would likely still
be used by other requests. (#314, #315)
- from version 1.9.0
+ Enhancement: Starting from this version, MSAL will be compatible with both
PyJWT 1.x and PyJWT 2.x (#293, #296)
+ Enhancement: Better support for upcoming Azure CLI's SSH extension (#300, #298)
+ Enhancement: Better deprecation message for get_authorization_request_url()
and acquire_token_by_authorization_code(). (#301, #303)
+ Enhancement: Better exception message when using incorrect case in client_id.
(#304, #307)
+ Other improvements.
- Update to version 1.8.0
+ New feature: A new extra_scopes_to_consent parameter is introduced
to the acquire_token_interactive(...) API (#212, #286)
+ Adjustment to previous version 1.7.0: Lazy import webbrowser module
only when necessary (#287, #288)
- from version 1.7.0
+ New feature: A new initiate_auth_code_flow() & acquire_token_by_auth_code_flow()
API, which automatically provides PKCE protection for you (#276, #255).
(You are recommended to use these 2 new APIs to replace the previous
get_authorization_request_url() and acquire_token_by_authorization_code().)
+ New feature: A new acquire_token_interactive() (#138, #260, #282), comes with
a sample (#283)
+ Bugfix: Now MSAL Python can properly access those Refresh Tokens which were
keyed slightly differently by different apps. (#279, #280)
- python-msrestazure
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-msrest
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-pydocumentdb
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-requests
-
- Update CVE-2024-35195.patch to allow the usage of "verify" parameter
as a directory, bsc#1225912
- Add CVE-2024-35195.patch (CVE-2024-35195, bsc#1224788)
- Add httpbin.patch to fix a test failure caused by the previous patch.
- salt
-
- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master
- Mark python3-CherryPy as recommended package for the testsuite
- Added:
* add-missing-contextvars-dependency-in-salt.version.patch
* make-reactor-engine-less-blocking-the-eventpublisher.patch
* prevent-possible-exception-in-tornado.concurrent.fut.patch
* skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
* remove-unused-import-causing-delays-on-starting-salt.patch
* prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
* remove-redundant-_file_find-call-to-the-master.patch
* make-logging-calls-lighter.patch
* improve-broken-events-catching-and-reporting.patch
* do-not-call-the-async-wrapper-calls-with-the-separat.patch
* make-salt-master-self-recoverable-on-killing-eventpu.patch
* speed-up-salt.matcher.confirm_top-by-using-__context.patch
- Make "man" a recommended package instead of required
- Convert oscap output to UTF-8
- Make Salt compatible with Python 3.11
- Ignore non-ascii chars in oscap output (bsc#1219001)
- Fix detected issues in Salt tests when running on VMs
- Make importing seco.range thread safe (bsc#1211649)
- Fix problematic tests and allow smooth tests executions
on containers
- Discover Ansible playbook files as "*.yml" or "*.yaml"
files (bsc#1211888)
- Provide user(salt)/group(salt) capabilities for RPM 4.19
- Extend dependencies for python3-salt-testsuite
and python3-salt packages
- Improve Salt and testsuite packages multibuild
- Enable multibuilld and create test flavor
- Prevent exceptions with fileserver.update when called
via state (bsc#1218482)
- Improve pip target override condition with VENV_PIP_TARGET
environment variable (bsc#1216850)
- Fixed KeyError in logs when running a state that fails
- Added:
* fixed-keyerror-in-logs-when-running-a-state-that-fai.patch
* fix-salt-warnings-and-testuite-for-python-3.11-635.patch
* discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch
* decode-oscap-byte-stream-to-string-bsc-1219001.patch
* fix-tests-failures-and-errors-when-detected-on-vm-ex.patch
* allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch
* improve-pip-target-override-condition-with-venv_pip_.patch
* make-importing-seco.range-thread-safe-bsc-1211649.patch
* fix-problematic-tests-and-allow-smooth-tests-executi.patch
* switch-oscap-encoding-to-utf-8-639.patch
- Prevent directory traversal when creating syndic cache directory
on the master (CVE-2024-22231, bsc#1219430)
- Prevent directory traversal attacks in the master's serve_file
method (CVE-2024-22232, bsc#1219431)
- Added:
* fix-cve-2024-22231-and-cve-2024-22232-bsc-1219430-bs.patch
- Ensure that pillar refresh loads beacons from pillar without restart
- Fix the aptpkg.py unit test failure
- Prefer unittest.mock to python-mock in test suite
- Enable "KeepAlive" probes for Salt SSH executions (bsc#1211649)
- Revert changes to set Salt configured user early in the stack (bsc#1216284)
- Align behavior of some modules when using salt-call via symlink (bsc#1215963)
- Fix gitfs "__env__" and improve cache cleaning (bsc#1193948)
- Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed
- Added:
* enable-keepalive-probes-for-salt-ssh-executions-bsc-.patch
* update-__pillar__-during-pillar_refresh.patch
* fix-gitfs-__env__-and-improve-cache-cleaning-bsc-119.patch
* prefer-unittest.mock-for-python-versions-that-are-su.patch
* revert-make-sure-configured-user-is-properly-set-by-.patch
* fix-the-aptpkg.py-unit-test-failure.patch
* dereference-symlinks-to-set-proper-__cli-opt-bsc-121.patch
- python-setuptools
-
- Add patch CVE-2024-6345-code-execution-via-download-funcs.patch:
* Sanitize any VCS URL we download. (CVE-2024-6345, bsc#1228105)
- python-uamqp
-
- Add patch to fix potential double-free in link_frame_received()
+ CVE-2024-27099.patch (CVE-2024-27099, bsc#1220535)
- Add patch to fix compatibility with OpenSSL 3.x
+ u_OpenSSL3.0-support.patch (bsc#1217782)
- Add patch to fix use-after-free issue in open_get_offered_capabilities()
+ CVE-2024-25110.patch (CVE-2024-25110, bsc#1219867)
- python-urllib3
-
- Add CVE-2024-37891.patch (bsc#1226469, CVE-2024-37891)
- zypp-plugin
-
- Fix stomp header regex to include '-' (bsc#1227793)
- version 0.6.4
- singlespec in Tumbleweed must support multiple python3 flavors
in the future gh#openSUSE/python-rpm-macros#66
- Provide python3-zypp-plugin down to SLE12 (bsc#1081596)
- Provide python3-zypp-plugin in SLE12-SP3 (bsc#1081596)
- regionServiceClientConfigAzure
-
- Update to version 2.2.0 (jsc#PCT-360)
+ Add IPv6 certs to enable IPv6 access of the update infrastructure
+ Add noipv6.patch to patch out IPv6 on SLE 12, no IPv6 support in SLE 12
in the Public Cloud
- Update to version 2.1.0 (bsc#1217537)
+ Replace certs 23.100.36.229.pem and 40.121.202.140.pem (4096 length):
rgnsrv-azure-westus -> 23.100.36.229.pem expires 9 years
rgnsrv-azure-eastus -> 40.121.202.140.pem expires 10 years
- rubygem-rack
-
- security update
- added patches
fix CVE-2024-25126 [bsc#1220239], Denial of Service Vulnerability in Rack Content-Type Parsing
+ rubygem-rack-CVE-2024-25126.patch
fix CVE-2024-26141 [bsc#1220242], Denial of Service Vulnerability in Range request header parsing
+ rubygem-rack-CVE-2024-26141.patch
fix CVE-2024-26146 [bsc#1220248], Denial of Service vulnerability in Rack headers parsing routine
+ rubygem-rack-CVE-2024-26146.patch
- rubygem-sass
-
- updated to version 3.7.4
no changelog found
- updated to version 3.7.3
no changelog found
- updated to version 3.7.2
no changelog found
- updated to version 3.6.0
no changelog found
- updated to version 3.5.7
no changelog found
- updated to version 3.5.6
no changelog found
- updated to version 3.5.5
no changelog found
- runc
-
[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.14. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.14>.
Includes the patch for CVE-2024-45310. bsc#1230092
- Rebase patches:
* 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
* 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
* 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
* 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch
[ This was only ever released for SLES and Leap. ]
- Update to runc v1.1.13. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.13>.
- Rebase patches:
* 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
* 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
* 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Backport <https://github.com/opencontainers/runc/pull/3931> to fix a
performance issue when running lots of containers, caused by systemd getting
too many mount notifications. bsc#1214960
+ 0004-bsc1214960-nsenter-cloned_binary-remove-bindfd-logic.patch
- Add upstream patch <https://github.com/opencontainers/runc/pull/4219> to
properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
+ 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
+ 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
+ 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Update to runc v1.1.12. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.12>. bsc#1218894
* This release fixes a container breakout vulnerability (CVE-2024-21626). For
more details, see the upstream security advisory:
<https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
* Remove upstreamed patches:
- CVE-2024-21626.patch
* Update runc.keyring to match upstream changes.
- sapconf
-
- version update from 5.0.6 to 5.0.7
- add require of package sysctl-logger
(jsc#PED-5025)
- suppress error message regarding missing systemd service file
during posttrans script
- saptune
-
- update package version of saptune to 3.1.3
* remove note 1868829 from solution S4HANA-APPSERVER as it is a
HANA DB note and was added by accident
(bsc#1226093)
* for verify and simulate output table - wrap content of the
columns 'actual', 'expected' and 'override', if they exceed a
width of 30 characters (e.g. net.ipv4.ip_local_reserved_ports)
* support inline comments in /etc/sysconfig/saptune
* change handling of the performance options.
Check, if the settings are supported in the get-Functions too.
This should fix the problem with some special Azure VMs
(E20d_v5) on newer SLES SPs
(jsc#SAPSOL-110)
* SAP Note 2578899 updated to Version 48
setting kernel.pid_max to 4194304 and
start sysctl-logger service
- add require of package sysctl-logger for 15SP4 and 15SP5 too
(jsc#PED-6220)
- update package version of saptune to 3.1.2
* to support setups with saptune monitoring and heavy automation
we limited the setting of our saptune lock to commands having
the potential to change anything in the system.
(bsc#1219500)
* fix timestamp in log messages of saptune
* remove redundant version information in header comment of
note definition files
* SAP Note 1656250 updated to Version 63
SAP Note 1771258 updated to Version 8
SAP Note 2382421 updated to Version 45
SAP Note 3024346 updated to Version 10
but without parameter value changes, only house keeping of the
version section and comment updates
* SAP Note 1984787 updated to Version 42
SAP Note 2578899 updated to Version 47
- add require of package sysctl-logger for 15SP6
(jsc#PED-5025)
- sed
-
- 0001-sed-set-correct-umask-on-temporary-files.patch
Fix for bsc#1221218
- 000release-packages:sle-ha-release
-
n/a
- 000release-packages:sle-module-basesystem-release
-
n/a
- 000release-packages:sle-module-desktop-applications-release
-
n/a
- 000release-packages:sle-module-development-tools-release
-
n/a
- 000release-packages:sle-module-public-cloud-release
-
n/a
- 000release-packages:sle-module-sap-applications-release
-
n/a
- 000release-packages:sle-module-server-applications-release
-
n/a
- strace
-
- Change the license to the correct LGPL-2.1-or-later
(bsc#1228216).
- sudo
-
- Fix NOPASSWD issue introduced by patches for CVE-2023-42465
[bsc#1221151, bsc#1221134]
* Update sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
* Enable running regression selftests during build time.
- Security fix: [bsc#1219026, bsc#1220389, CVE-2023-42465]
* Try to make sudo less vulnerable to ROWHAMMER attacks.
* Add sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
- supportutils-plugin-ha-sap
-
- Update to version 0.0.5+git.1709295499.1c8e8cd
* adapt documentation links
* add support for SAP systemd services regarding SID retrieval
* add information about SAP related systemd services
* add information about sapcontrol function GetStartProfile
* add information from daemon.ini
* collect hook script logs (suschksrv and saphanasr_multitarget_hook)
* collect logs of sap_suse_cluster_connector and sapstartsrv
* Add python version
* Check sudoers for srhook configuration
- supportutils-plugin-suse-public-cloud
-
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
+ Remove duplicate data collection for the plugin itself
+ Collect archive metering data when available
+ Query billing flavor status
- supportutils
-
- Changes to version 3.2.8
+ Avoid getting duplicate kernel verifications in boot.text (pr#190)
+ lvm: suppress file descriptor leak warnings from lvm commands (pr#191)
+ docker_info: Add timestamps to container logs (pr#196)
+ Key value pairs and container log timestamps (bsc#1222021 PED-8211, pr#198)
+ Update supportconfig get pam.d sorted (pr#199)
+ yast_files: Exclude .zcat (pr#201)
+ Sanitize grub bootloader (bsc#1227127, pr#203)
+ Sanitize regcodes (pr#204)
+ Improve product detection (pr#205)
+ Add read_values for s390x (bsc#1228265, pr#206)
+ hardware_info: Remove old alsa ver check (pr#209)
+ drbd_info: Fix incorrect escape of quotes (pr#210)
- Changes in version 3.1.30
+ Added -V key:value pair option (bsc#1222021, PED-8211)
+ Avoid getting duplicate kernel verifications in boot.text (pr#193)
+ Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082)
+ Includes container log timestamps (pr#197)
- Changes to version 3.1.29
+ Extended scaling for performance (bsc#1214713)
+ Fixed kdumptool output error (bsc#1218632)
+ Corrected podman ID errors (bsc#1218812)
+ Duplicate non root podman entries removed (bsc#1218814)
+ Corrected get_sles_ver for SLE Micro (bsc#1219241)
+ Check nvidida-persistenced state (bsc#1219639)
- Additional changes in version 3.1.28
+ ipset - List entries for all sets
+ ipvsadm - Inspect the virtual server table (pr#185)
+ Correctly detects Xen Dom0 (bsc#1218201)
+ Fixed smart disk error (bsc#1218282)
- Changes in version 3.1.28
+ Inhibit the conversion of port numbers to port names for network files (cherry picked from commit 55f5f716638fb15e3eb1315443949ed98723d250)
+ powerpc: collect rtas_errd.log and lp_diag.log files (pr#175)
+ Get list of pam.d file (cherry picked from commit eaf35c77fd4bc039fd7e3d779ec1c2c6521283e2)
+ Remove supportutils requires for util-linux-systemd and kmod (bsc#1193173)
+ Added missing klp information to kernel-livepatch.txt (bsc#1216390)
+ Fixed plugins creating empty files when using supportconfig.rc (bsc#1216388)
+ Provides long listing for /etc/sssd/sssd.conf (bsc#1211547)
+ Optimize lsof usage (bsc#1183663)
+ Added mokutil commands for secureboot (pr#179)
+ Collects chrony or ntp as needed (bsc#1196293)
- Changes in version 3.1.27
+ Fixed podman display issue (bsc#1217287)
+ Added nvme-stas configuration to nvme.txt (bsc#1216049)
+ Added timed command to fs-files.txt (bsc#1216827)
+ Collects zypp history file issue#166 (bsc#1216522)
+ Changed -x OPTION to really be exclude only (issue#146)
+ Collect HA related rpm package versions in ha.txt (pr#169)
- suse-build-key
-
- extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)
- gpg-pubkey-39db7c82-5f68629b.asc
+ gpg-pubkey-39db7c82-66c5d91a.asc
- added missing ; in shell script (bsc#1227681)
- Added new keys of the SLE Micro 6.0 / SLES 16 series, and auto import
them. (bsc#1227429)
gpg-pubkey-09d9ea69-645b99ce.asc: Main SLE Micro 6/SLES 16 key
gpg-pubkey-73f03759-626bd414.asc: Backup SLE Micro 6/SLES 16 key.
- Switch container key to be default RSA 4096bit. (jsc#PED-2777)
- run rpm commands in import script only when libzypp is not
active. bsc#1219189 bsc#1219123
- run import script also in %posttrans section, but only when
libzypp is not active. bsc#1219189 bsc#1219123
- systemd-default-settings
-
- Import 0.10
5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)
- Import 0.9
bb859bf user@.service: Disable controllers by default (jsc#PED-2276)
- The usage of drop-ins is now the official way for configuring systemd and its
various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
"feature" has been abandoned.
- Import 0.8
f34372f User priority '26' for SLE-Micro
c8b6f0a Revert "Convert more drop-ins into early ones"
- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
6b8dde1 Convert more drop-ins into early ones
- systemd-presets-branding-SLE
-
- Enable sysctl-logger (jsc#PED-5024)
- systemd-presets-common-SUSE
-
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked
(bsc#1200731 ltc#198485 https://github.com/ibm-power-utilities/powerpc-utils/pull/84)
Support both the old and new service to avoid complex version interdependency.
- timezone
-
- update to 2024a:
* Kazakhstan unifies on UTC+5. This affects Asia/Almaty and
Asia/Qostanay which together represent the eastern portion of the
country that will transition from UTC+6 on 2024-03-01 at 00:00 to
join the western portion. (Thanks to Zhanbolat Raimbekov.)
* Palestine springs forward a week later than previously predicted
in 2024 and 2025. (Thanks to Heba Hamad.) Change spring-forward
predictions to the second Saturday after Ramadan, not the first;
this also affects other predictions starting in 2039.
* Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
not 00:00. (Thanks to Đoàn Trần Công Danh.)
* From 1947 through 1949, Toronto's transitions occurred at 02:00
not 00:00. (Thanks to Chris Walton.)
* In 1911 Miquelon adopted standard time on June 15, not May 15.
* The FROM and TO columns of Rule lines can no longer be "minimum"
or an abbreviation of "minimum", because TZif files do not support
DST rules that extend into the indefinite past - although these
rules were supported when TZif files had only 32-bit data, this
stopped working when 64-bit TZif files were introduced in 1995.
This should not be a problem for realistic data, since DST was
first used in the 20th century. As a transition aid, FROM columns
like "minimum" are now diagnosed and then treated as if they were
the year 1900; this should suffice for TZif files on old systems
with only 32-bit time_t, and it is more compatible with bugs in
2023c-and-earlier localtime.c. (Problem reported by Yoshito
Umaoka.)
* localtime and related functions no longer mishandle some
timestamps that occur about 400 years after a switch to a time
zone with a DST schedule. In 2023d data this problem was visible
for some timestamps in November 2422, November 2822, etc. in
America/Ciudad_Juarez. (Problem reported by Gilmore Davidson.)
* strftime %s now uses tm_gmtoff if available. (Problem and draft
patch reported by Dag-Erling Smørgrav.)
* The strftime man page documents which struct tm members affect
which conversion specs, and that tzset is called. (Problems
reported by Robert Elz and Steve Summit.)
- update to 2023d:
* Ittoqqortoormiit, Greenland changes time zones on
2024-03-31.
* Vostok, Antarctica changed time zones on 2023-12-18.
* Casey, Antarctica changed time zones five times since
2020.
* Code and data fixes for Palestine timestamps starting in
2072.
* A new data file zonenow.tab for timestamps starting now.
* Fix predictions for DST transitions in Palestine in
2072-2075, correcting a typo introduced in 2023a.
* Vostok, Antarctica changed to +05 on 2023-12-18. It had
been at +07 (not +06) for years.
* Change data for Casey, Antarctica to agree with
timeanddate.com, by adding five time zone changes since 2020.
Casey is now at +08 instead of +11.
* Much of Greenland, represented by America/Nuuk, changed
its standard time from -03 to -02 on 2023-03-25, not on
2023-10-28.
* localtime.c no longer mishandles TZif files that contain
a single transition into a DST regime. Previously,
it incorrectly assumed DST was in effect before the transition
too.
* tzselect no longer creates temporary files.
* tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL,
PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles
regular expressions of the form /X{2,}/.
* ISO 6709 coordinates when using an awk that lacks the
GNU extension of newlines in -v option-arguments.
* Non UTF-8 locales when using an iconv command that
lacks the GNU //TRANSLIT extension.
* zic no longer mishandles data for Palestine after the
year 2075.
- Refresh tzdata-china.diff
- unzip
-
- Use %patch -P N instead of deprecated %patchN.
- Build unzip-rcc using multibuild and update unzip-rcc.spec file
- util-linux-systemd
-
- agetty: Prevent login cursor escape (bsc#1194818,
util-linux-agetty-prevent-cursor-escape.patch).
- fix Xen virtualization type misidentification bsc#1215918
lscpu-fix-parameter-order-for-ul_prefix_fopen.patch
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- Add upstream patch
util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
bsc#1207987 gh#util-linux/util-linux@1d98827edde4
- vim
-
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330
- Updated to version 9.1 with patch level 0111, fixes the following security problems
* Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
* Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
* Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
* Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
* Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
* Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
* Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
* Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
* Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
* Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111
- wget
-
- Fix mishandled semicolons in the userinfo subcomponent could lead to an
insecure behavior in which data that was supposed to be in the userinfo
subcomponent is misinterpreted to be part of the host subcomponent.
[bsc#1226419, CVE-2024-38428, properly-re-implement-userinfo-parsing.patch]
- wicked
-
- Update to version 0.6.76
- compat-suse: warn user and create missing parent config of
infiniband children (gh#openSUSE/wicked#1027)
- client: fix origin in loaded xml-config with obsolete port
references but missing port interface config, causing a
no-carrier of master (bsc#1226125)
- ipv6: fix setup on ipv6.disable=1 kernel cmdline (bsc#1225976)
- wireless: add frequency-list in station mode (jsc#PED-8715)
- client: fix crash while hierarchy traversing due to loop in
e.g. systemd-nspawn containers (bsc#1226664)
- man: add supported bonding options to ifcfg-bonding(5) man page
(gh#openSUSE/wicked#1021)
- arputil: Document minimal interval for getopts (gh#openSUSE/wicked#1019)
- man: (re)generate man pages from md sources (gh#openSUSE/wicked#1018)
- client: warn on interface wait time reached (gh#openSUSE/wicked#1017)
- compat-suse: fix dummy type detection from ifname to not cause
conflicts with e.g. correct vlan config on dummy0.42 interfaces
(gh#openSUSE/wicked#1016)
- compat-suse: fix infiniband and infiniband child type detection
from ifname (gh#openSUSE/wicked#1015)
- Removed patches included in the source archive:
[- 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
[- 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- arp: increase arp-send retry value to avoid address configuration
failure due to ENOBUF reported by kernel while duplicate address
detection with underlying bonding in 802.3ad mode reporting link
"up & running" too early (bsc#1218668, gh#openSUSE/wicked#1020,
gh#openSUSE/wicked#1020).
[+ 0002-increase-arp-retry-attempts-on-sending-bsc1218668.patch]
- client: fix ifreload to pull UP ports/links again when the config
of their master/lower changed (bsc#1224100,gh#openSUSE/wicked#1014).
[+ 0001-ifreload-pull-UP-again-on-master-lower-changes-bsc1224100.patch]
- Update to version 0.6.75:
- cleanup: fix ni_fsm_state_t enum-int-mismatch warnings
- cleanup: fix overflow warnings in a socket testcase on i586
- ifcheck: report new and deleted configs as changed (bsc#1218926)
- man: improve ARP configuration options in the wicked-config.5
- bond: add ports when master is UP to avoid port MTU revert (bsc#1219108)
- cleanup: fix interface dependencies and shutdown order (bsc#1205604)
- Remove port arrays from bond,team,bridge,ovs-bridge (redundant)
and consistently use config and state info attached to the port
interface as in rtnetlink(7).
- Cleanup ifcfg parsing, schema configuration and service properties
- Migrate ports in xml config and policies already applied in nanny
- Remove "missed config" generation from finite state machine, which
is completed while parsing the config or while xml config migration.
- Issue a warning when "lower" interface (e.g. eth0) config is missed
while parsing config depending on it (e.g. eth0.42 vlan).
- Resolve ovs master to the effective bridge in config and wickedd
- Implement netif-check-state require checks using system relations
from wickedd/kernel instead of config relations for ifdown and add
linkDown and deleteDevice checks to all master and lower references.
- Add a `wicked <ifup|ifdown|ifreload> --dry-run …` option to show the
system/config interface hierarchies as notice with +/- marked
interfaces to setup and/or shutdown.
- Removed patches included in the source archive:
[- 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
[- 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
[- 0003-move-all-attribute-definitions-to-compiler-h.patch]
[- 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
[- 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
- client: do not convert sec to msec twice (bsc#1222105)
[+ 0005-client-do-to-not-convert-sec-to-msec-twice-bsc-1222105.patch]
- addrconf: fix fallback-lease drop (bsc#1220996)
[+ 0001-addrconf-fix-fallback-lease-drop-bsc-1220996.patch]
- extensions/nbft: use upstream `nvme nbft show` (bsc#1221358)
[+ 0002-extensions-nbft-replace-nvme-show-nbft-with-nvme-nbf.patch]
- hide secrets in debug log (bsc#1221194)
[+ 0003-move-all-attribute-definitions-to-compiler-h.patch]
[+ 0004-hide-secrets-in-debug-log-bsc-1221194.patch]
- update to version 0.6.74
+ team: add new options like link_watch_policy (jsc#PED-7183)
+ Fix memory leaks in dbus variant destroy and fsm free (gh#openSUSE/wicked#1001)
+ xpath: allow underscore in node identifier (gh#openSUSE/wicked#999)
+ vxlan: don't format unknown rtnl attrs (bsc#1219751)
- removed patches included in the source archive:
[- 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
[- 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
[- 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
[- 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
[- 0005-duid-fix-comment-for-v6time.patch]
[- 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
[- 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
[- 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
[- 0001-fix_arp_notify_loop_and_burst_sending.patch]
- ifreload: VLAN changes require device deletion (bsc#1218927)
[+ 0009-ifreload-VLAN-changes-require-device-deletion-bsc-12.patch]
- ifcheck: fix config changed check (bsc#1218926)
[+ 0008-ifcheck-fix-config-changed-check-bsc-1218926.patch]
- client: fix exit code for no-carrier status (bsc#1219265)
[+ 0007-Fix-ifstatus-exit-code-for-NI_WICKED_ST_NO_CARRIER-s.patch]
- dhcp6: omit the SO_REUSEPORT option (bsc#1215692)
[+ 0006-dhcp6-omit-the-SO_REUSEPORT-option-bsc-1215692.patch]
- duid: fix comment for v6time
(https://github.com/openSUSE/wicked/pull/989)
[+ 0005-duid-fix-comment-for-v6time.patch]
- rtnl: fix peer address parsing for non ptp-interfaces
(https://github.com/openSUSE/wicked/pull/987,
https://github.com/openSUSE/wicked/pull/988)
[+ 0003-rtnl-pass-ifname-in-newaddr-parsing-and-logging.patch]
[+ 0004-rtnl-parse-peer-address-on-non-ptp-interfaces.patch]
- system-updater: Parse updater format from XML configuration to
ensure install calls can run.
(https://github.com/openSUSE/wicked/pull/985)
[+ 0002-system-updater-Parse-updater-format-from-XML-configu.patch]
- xen
-
- bsc#1228574 - VUL-0: CVE-2024-31145: xen: error handling in x86
IOMMU identity mapping (XSA-460)
xsa460.patch
- bsc#1228575 - VUL-0: CVE-2024-31146: xen: PCI device pass-through
with shared resources (XSA-461)
xsa461.patch
- bsc#1227355 - VUL-0: CVE-2024-31143: xen: double unlock in x86
guest IRQ handling (XSA-458)
xsa458.patch
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
Corrections to the following patches
xsa456-5.patch
xsa456-6.patch
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
xsa456-0a.patch
xsa456-0b.patch
xsa456-0c.patch
xsa456-0d.patch
xsa456-0e.patch
xsa456-0f.patch
xsa456-0g.patch
xsa456-0h.patch
xsa456-0i.patch
xsa456-0j.patch
xsa456-0k.patch
xsa456-0l.patch
xsa456-0m.patch
xsa456-0n.patch
xsa456-0o.patch
xsa456-0p.patch
xsa456-1.patch
xsa456-2.patch
xsa456-3.patch
xsa456-4.patch
xsa456-5.patch
xsa456-6.patch
xsa456-7.patch
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
xsa454-1.patch
xsa454-2.patch
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
for BTC/SRSO mitigations (XSA-455)
xsa455.patch
- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
Sampling (XSA-452)
xsa452-1.patch
xsa452-2.patch
xsa452-3.patch
xsa452-4.patch
xsa452-5.patch
xsa452-6.patch
xsa452-7.patch
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
Race Conditions (XSA-453)
xsa453-1.patch
xsa453-2.patch
xsa453-3.patch
xsa453-4.patch
xsa453-5.patch
xsa453-6.patch
xsa453-7.patch
xsa453-8.patch
- Modified xsa451.patch (bsc#1219885)
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
exceptions from emulation stubs (XSA-451)
xsa451.patch
- xkbcomp
-
- U_Ignore-xkb_keycodes.maximum-of-255.patch
* fix keyboard layouts in XWayland applications when having
several keyboard layouts enabled (boo#1219505)
- xterm
-
- xterm-reset-parsing-state.patch: A bug in the parser for several
escape sequences causes the first character following the
sequence to be ignored (bsc#1220585). Patch backported from
version 335n.
- yast2
-
- Reimplemented the hardcoded product mapping to support also the
migration from SLE_HPC to SLES SP6+ (with the HPC module)
(bsc#1220567)
- 4.3.70
- yast2-network
-
- Guard secret attributes against leaking to the log (bsc#1221194)
- 4.3.89
- yast2-packager
-
- Reimplemented the hardcoded product mapping to support also the
migration from SLE_HPC to SLES SP6+ (with the HPC module)
(bsc#1220567)
- 4.3.27
- yast2-registration
-
- Set the new product mapping when upgrading SLE_HPC to SLES SP6+
(with the HPC module), use the old product mapping when upgrading
from SLE_HPC-SP3 to SLE_HPC-SP4 (bsc#1220567)
- 4.3.29
- zypper
-
- Show rpm install size before installing (bsc#1224771)
If filesystem snapshots are taken before the installation (e.g.
by snapper) no disk space is freed by removing old packages. In
this case the install size of all packages is a hint how much
additional disk space is needed by the new packages static
content.
- version 1.14.76
- Fix readline setup to handle Ctrl-C and Ctrl-D corrrectly
(bsc#1227205)
- version 1.14.75
- Let_readline_abort_on_Ctrl-C (bsc#1226493)
- packages: add '--system' to show @System packages (bsc#222971)
- version 1.14.74
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- BuildRequires: libzypp-devel >= 17.33.0.
- Delay zypp lock until command options are parsed (bsc#1223766)
- version 1.14.73
- Unify message format(fixes #485)
- version 1.14.72
- switch cmake build type to RelWithDebInfo
- modernize spec file (remove Authors section, use proper macros,
remove redundant clean section, don't mark man pages as doc)
- switch to -O2 -fvisibility=hidden -fpie:
* PIC is not needed as no shared lib is built
* fstack-protector-strong is default on modern dists and would
be downgraded by fstack-protector
* default visibility hidden allows better optimisation
* O2 is reducing inlining bloat
- > 18% reduced binary size
- remove procps requires (was only for ZMD which is dropped)
(jsc#PED-8153)
- Do not try to refresh repo metadata as non-root user
(bsc#1222086)
Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
list them.
- Don't print 'reboot required' message if download-only or
dry-run (fixes #529)
Instead point out that a reboot would be required if the option
was not used.
- Resepect zypper.conf option `showAlias` search commands
(bsc#1221963)
Repository::asUserString (or Repository::label) respects the
zypper.conf option, while name/alias return the property.
- version 1.14.71
- dup: New option --remove-orphaned to remove all orphaned
packages in dup (bsc#1221525)
- version 1.14.70
- info,summary: Support VendorSupportOption flag
VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires: libzypp-devel >= 17.32.0.
API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
The problem description() is one rule out possibly many in
completeProblemInfo() the solver has chosen to represent the
problem. So either description or completeProblemInfo should be
printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
first one (bsc#1218171)
- version 1.14.69