SUSE-CU-2024:3211-1: Security update of suse/manager/5.0/x86_64/server
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jul 18 07:06:57 UTC 2024
SUSE Container Update Advisory: suse/manager/5.0/x86_64/server
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:3211-1
Container Tags : suse/manager/5.0/x86_64/server:5.0.0 , suse/manager/5.0/x86_64/server:5.0.0.5.44 , suse/manager/5.0/x86_64/server:latest
Container Release : 5.44
Severity : critical
Type : security
References : 1187446 1188441 1192014 1195709 1197484 1204562 1205604 1208283
1209627 1211246 1216594 1216598 1216717 1217979 1218215 1218609
1218668 1218722 1218926 1219108 1219547 1220117 1221101 1221361
1221401 1221482 1221634 1221831 1222086 1222104 1222330 1222332
1222584 1222849 1223050 1223100 1223264 1223278 1223301 1223428
1223430 1223596 1223605 1223766 1223849 1223979 1223980 1224038
1224044 1224051 1224100 1224207 1224242 1224282 1224320 1224388
1224392 1224400 1224410 1224788 1224877 1225291 1225551 1225551
1225598 1225904 1225912 1225971 1225972 1226008 1226217 1226407
1226415 1226492 1226586 1226642 1227186 1227187 1227318 1227333
1227350 CVE-2021-33813 CVE-2023-25577 CVE-2023-30861 CVE-2023-3758
CVE-2023-38469 CVE-2023-38471 CVE-2023-38709 CVE-2023-51385 CVE-2024-20696
CVE-2024-20697 CVE-2024-22195 CVE-2024-24795 CVE-2024-27316 CVE-2024-28085
CVE-2024-32487 CVE-2024-34064 CVE-2024-34069 CVE-2024-34397 CVE-2024-34459
CVE-2024-35195 CVE-2024-37370 CVE-2024-37371 CVE-2024-39894 CVE-2024-4317
CVE-2024-4418 CVE-2024-4603 CVE-2024-4741 CVE-2024-4741 CVE-2024-6387
-----------------------------------------------------------------
The container suse/manager/5.0/x86_64/server was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1693-1
Released: Thu Mar 30 10:16:39 2023
Summary: Security update for python-Werkzeug
Type: security
Severity: important
References: 1208283,CVE-2023-25577
This update for python-Werkzeug fixes the following issues:
- CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields (bsc#1208283).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2263-1
Released: Mon May 22 12:16:13 2023
Summary: Security update for python-Flask
Type: security
Severity: important
References: 1211246,CVE-2023-30861
This update for python-Flask fixes the following issues:
- CVE-2023-30861: Fixed a potential cookie confusion due to incorrect
caching (bsc#1211246).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1624-1
Released: Mon May 13 16:26:07 2024
Summary: Security update for python-Werkzeug
Type: security
Severity: important
References: 1223979,CVE-2024-34069
This update for python-Werkzeug fixes the following issues:
- CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain (bsc#1223979).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1764-1
Released: Thu May 23 04:56:40 2024
Summary: Recommended update for jackson
Type: recommended
Severity: moderate
References:
This update for jackson fixes the following issues:
jackson-annotations was upgraded to version 2.16.1:
- Added new OptBoolean valued property in @JsonTypeInfo to allow per-type configuration of strict type id handling
- Allow per-type configuration of strict type id handling
- Added JsonTypeInfo.Value object (backport from 3.0)
- Added new JsonTypeInfo.Id.SIMPLE_NAME
jackson-bom was upgraded to version 2.16.1:
- Added dependency for jackson-module-android-record. This new module offers support for Record type on Android
platform, where Java records are supported through 'de-sugaring'
jackson-core was upgraded to version 2.16.1:
- NPE in Version.equals() if snapshot-info null
- NPE in 'FastDoubleParser', method 'JavaBigDecimalParser.parseBigDecimal()'
- JsonPointer.append(JsonPointer.tail()) includes the original pointer
- Change StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION default to false in Jackson 2.16
- Improve error message for StreamReadConstraints violations
- JsonFactory implementations should respect CANONICALIZE_FIELD_NAMES
- Root cause for failing test for testMangledIntsBytes() in ParserErrorHandlingTest
- Allow all array elements in JsonPointerBasedFilter
- Indicate explicitly blocked sources as 'REDACTED' instead of 'UNKNOWN' in JsonLocation
- Start using AssertJ in unit tests
- Allow configuring spaces before and/or after the colon in DefaultPrettyPrinter (for Canonical JSON)
- Add configurable limit for the maximum number of bytes/chars of content to parse before failing
- Add configurable limit for the maximum length of Object property names to parse before failing
- Add configurable processing limits for JSON generator (StreamWriteConstraints)
- Compare _snapshotInfo in Version
- Add JsonGeneratorDecorator to allow decorating JsonGenerators
- Add full set of BufferRecyclerPool implementations
- Add configurable error report behavior via ErrorReportConfiguration
- Make ByteSourceJsonBootstrapper use StringReader for < 8KiB byte[] inputs
- Allow pluggable buffer recycling via new RecyclerPool extension point
- Change parsing error message to mention -INF
jackson-databind was upgraded to version 2.16.1:
- JsonSetter(contentNulls = FAIL) is ignored in delegating @JsonCreator argument
- Primitive array deserializer not being captured by DeserializerModifier
- JsonNode.findValues() and findParents() missing expected values in 2.16.0
- Incorrect deserialization for BigDecimal numbers
- Add a way to configure caches Jackson uses
- Mix-ins do not work for Enums
- Map deserialization results in different numeric classes based on json ordering (BigDecimal / Double) when used in
combination with @JsonSubTypes
- Generic class with generic field of runtime type Double is deserialized as BigDecimal when used with
@JsonTypeInfo and JsonTypeInfo.As.EXISTING_PROPERTY
- Combination of @JsonUnwrapped and @JsonAnySetter results in BigDecimal instead of Double
- @JsonIgnoreProperties not working with @JsonValue
- Deprecated JsonNode.with(String) suggests using JsonNode.withObject(String) but it is not the same thing
- Difference in the handling of ObjectId-property inJsonIdentityInfo depending on the deserialization route
- Add new OptBoolean valued property in @JsonTypeInfo, handling, to allow per-polymorphic type loose Type Id handling
- Fixed regression in 2.15.0 that reaks deserialization for records when
mapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE)
- Incorrect target type when disabling coercion, trying to deserialize String from Array/Object
- @JsonProperty on constructor parameter changes default field serialization order
- Create new JavaType subtype IterationType (extending SimpleType)
- Use JsonTypeInfo.Value for annotation handling
- Add JsonNodeFeature.WRITE_PROPERTIES_SORTED for sorting ObjectNode properties on serialization
(for Canonical JSON)
- Optimize ObjectNode findValue(s) and findParent(s) fast paths
- Locale '' is deserialised as null if ACCEPT_EMPTY_STRING_AS_NULL_OBJECT is enabled
- Add guardrail setting for TypeParser handling of type parameters
- Use @JsonProperty for Enum values also when READ_ENUMS USING_TO_STRING enabled
- Fix Enum deserialization to use @JsonProperty, @JsonAlias even if EnumNamingStrategy used
- Use @JsonProperty and lowercase feature when serializing Enums despite using toString()
- Use @JsonProperty over EnumNamingStrategy for Enum serialization
- Actually cache EnumValues#internalMap
- ObjectMapper.valueToTree() will ignore the configuration SerializationFeature.WRAP_ROOT_VALUE
- Provide the 'ObjectMapper.treeToValue(TreeNode, TypeReference)' method
- Expose NativeImageUtil.isRunningInNativeImage() method
- Add JsonTypeInfo.Id.SIMPLE_NAME which defaults type id to Class.getSimpleName()
- Impossible to deserialize custom Throwable sub-classes that do not have single-String constructors
- java.desktop module is no longer optional
- ClassUtil fails with java.lang.reflect.InaccessibleObjectException trying to setAccessible on OptionalInt with
JDK 17+
- Support sequenced collections (JDK 21)
- Add withObjectProperty(String), withArrayProperty(String) in JsonNode
- Change JsonNode.withObject(String) to work similar to withArray() wrt argument
- Log WARN if deprecated subclasses of PropertyNamingStrategy is used
- NPE when transforming a tree to a model class object, at ArrayNode.elements()
- Deprecated ObjectReader.withType(Type) has no direct replacement; need forType(Type)
- Add new DefaultTyping.NON_FINAL_AND_ENUMS to allow Default Typing for Enums
- Do not rewind position when serializing direct ByteBuffer
- Exception when deserialization of private record with default constructor
- BeanDeserializer updates currentValue incorrectly when deserialising empty Object
jackson-dataformats-binary was upgraded to version 2.16.1:
- (ion) NullPointerException in IonParser.nextToken()
- (smile) Remove Smile-specific buffer-recycling
jackson-modules-base was upgraded to version 2.16.1:
- (afterburner) Disable when running in native-image
- (afterburner) IncompatibleClassChangeError when deserializing a class implementing an interface with default get/set
implementations
- (blackbird) BlackBird proxy object error in Java 17
- (blackbird) Disable when running in native-image
- (guice) Add guice7 (jakarta.inject) module
jackson-parent was upgraded to version 2.16:
- Upgrade to oss-parent 56 (tons of plugin updates to resolve Maven warnings, new Moditect plugin)
jackson-parent, fasterxml-oss-parent:
- Added to SUSE Manager 4.3 as it is needed by `jackson-modules-base`
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1850-1
Released: Thu May 30 13:46:58 2024
Summary: Recommended update for sg3_utils
Type: recommended
Severity: moderate
References: 1219547
This update for sg3_utils fixes the following issue:
- sg_inq: re-add Unit serial number field (bsc#1219547)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1851-1
Released: Thu May 30 13:53:44 2024
Summary: Recommended update for dwz
Type: recommended
Severity: low
References: 1221634
This update for dwz fixes the following issues:
- Clean up leftover temporary file (bsc#1221634)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1852-1
Released: Thu May 30 14:02:02 2024
Summary: Recommended update for wicked
Type: recommended
Severity: moderate
References: 1205604,1218926,1219108,1224100
This update for wicked fixes the following issues:
- client: fix ifreload to pull UP ports/links again when the config
of their master/lower changed (bsc#1224100, gh#openSUSE/wicked#1014)
- cleanup: fix ni_fsm_state_t enum-int-mismatch warnings
- cleanup: fix overflow warnings in a socket testcase on i586
- ifcheck: report new and deleted configs as changed (bsc#1218926)
- man: improve ARP configuration options in the wicked-config.5
- bond: add ports when master is UP to avoid port MTU revert (bsc#1219108)
- cleanup: fix interface dependencies and shutdown order (bsc#1205604)
- removed patches included in the source archive
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1863-1
Released: Thu May 30 14:18:27 2024
Summary: Security update for python-Jinja2
Type: security
Severity: moderate
References: 1218722,1223980,CVE-2024-22195,CVE-2024-34064
This update for python-Jinja2 fixes the following issues:
- Fixed HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-34064, bsc#1223980, CVE-2024-22195, bsc#1218722)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1874-1
Released: Fri May 31 05:05:25 2024
Summary: Security update for Java
Type: security
Severity: important
References: 1187446,1224410,CVE-2021-33813
This update for Java fixes thefollowing issues:
apiguardian was updated to vesion 1.1.2:
- Added LICENSE/NOTICE to the generated jar
- Allow @API to be declared at the package level
- Explain usage of Status.DEPRECATED
- Include OSGi metadata in manifest
assertj-core was implemented at version 3.25.3:
- New package implementation needed by Junit5
byte-buddy was updated to version v1.14.16:
- `byte-buddy` is required by `assertj-core`
- Changes in version v1.14.16:
* Update ASM and introduce support for Java 23.
- Changes in version v1.14.15:
* Allow attaching from root on J9.
- Changes of v1.14.14:
* Adjust type validation to accept additional names that are
legal in the class file format.
* Fix dynamic attach on Windows when a service user is active.
* Avoid failure when using Android's strict mode.
dom4j was updated to version 2.1.4:
- Improvements and potentially breaking changes:
* Added new factory method org.dom4j.io.SAXReader.createDefault(). It has more secure defaults than new SAXReader(),
which uses system XMLReaderFactory.createXMLReader() or SAXParserFactory.newInstance().newSAXParser().
* If you use some optional dependency of dom4j (for example Jaxen, xsdlib etc.), you need to specify an explicit
dependency on it in your project. They are no longer marked as a mandatory transitive dependency by dom4j.
* Following SAX parser features are disabled by default in DocumentHelper.parse() for security reasons (they were
enabled in previous versions):
+ http://xml.org/sax/properties/external-general-entities
+ http://xml.org/sax/properties/external-parameter-entities
- Other changes:
* Do not depend on jtidy, since it is not used during build
* Fixed license to Plexus
* JPMS: Add the Automatic-Module-Name attribute to the manifest.
* Make a separate flavour for a minimal `dom4j-bootstrap` package used to build `jaxen` and full `dom4j`
* Updated pull-parser version
* Reuse the writeAttribute method in writeAttributes
* Support build on OS with non-UTF8 as default charset
* Gradle: add an automatic module name
* Use Correct License Name 'Plexus'
* Possible vulnerability of DocumentHelper.parseText() to XML injection
* CVS directories left in the source tree
* XMLWriter does not escape supplementary unicode characters correctly
* writer.writeOpen(x) doesn't write namespaces
* Fixed concurrency problem with QNameCache
* All dependencies are optional
* SAXReader: hardcoded namespace features
* Validate QNames
* StringIndexOutOfBoundsException in XMLWriter.writeElementContent()
* TreeNode has grown some generics
* QName serialization fix
* DocumentException initialize with nested exception
* Accidentally occurring error in a multi-threaded test
* Added compatibility with W3C DOM Level 3
* Use Java generics
hamcrest:
- `hamcrest-core` has been replaced by `hamcrest` (no source changes)
junit had the following change:
- Require hamcrest >= 2.2
junit5 was updated to version 5.10.2:
- Conditional execution based on OS architectures
- Configurable cleanup mode for @TempDir
- Configurable thread mode for @Timeout
- Custom class loader support for class/method selectors, @MethodSource, @EnabledIf, and @DisabledIf
- Dry-run mode for test execution
- Failure threshold for @RepeatedTest
- Fixed build with the latest open-test-reporting milestone
- Fixed dependencies in module-info.java files
- Fixed unreported exception error that is fatal with JDK 21
- Improved configurability of parallel execution
- New @SelectMethod support in test @Suite classes.
- New ConsoleLauncher subcommand for test discovery without execution
- New convenience base classes for implementing ArgumentsProvider and ArgumentConverter
- New IterationSelector
- New LauncherInterceptor SPI
- New NamespacedHierarchicalStore for use in third-party test engines
- New TempDirFactory SPI for customizing how temporary directories are created
- New testfeed details mode for ConsoleLauncher
- New TestInstancePreConstructCallback extension API
- Numerous bug fixes and minor improvements
- Parameter injection for @MethodSource methods
- Promotion of various experimental APIs to stable
- Reusable parameter resolution for custom extension methods via ExecutableInvoker
- Stacktrace pruning to hide internal JUnit calls
- The binaries are compatible with java 1.8
- Various improvements to ConsoleLauncher
- XML reports in new Open Test Reporting format
jdom:
- Security issues fixed:
* CVE-2021-33813: Fixed an XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service
via a crafted HTTP request (bsc#1187446)
- Other changes and bugs fixed:
* Fixed wrong entries in changelog (bsc#1224410)
* The packages `jaxen`, `saxpath` and `xom` are now separate standalone packages instead of being part of `jdom`
jaxen was implemented at version 2.0.0:
- New standalone RPM package implementation, originally part of `jdom` source package
- Classpaths are much smaller and less complex, and will suppress a lot of noise from static analysis tools.
- The Jaxen core code is also a little smaller and has fixed a few minor bugs in XPath evaluation
- Despite the major version bump, this should be a drop in replacement for almost every project.
The two major possible incompatibilities are:
* The minimum supported Java version is now 1.5, up from 1.4 in 1.2.0 and 1.3 in 1.1.6.
* dom4j, XOM, and JDOM are now optional dependencies so if a project was depending on them to be loaded transitively
it will need to add explicit dependencies to build.
jopt-simple:
- Included jopt-simple to Package Hub 15 SP5 (no source changes)
objectweb-asm was updated to version 9.7:
- New Opcodes.V23 constant for Java 23
- Bugs fixed
* Fixed unit test regression in dex2jar.
* Fixed 'ClassNode#outerClass' with incorrect JavaDocs.
* asm-bom packaging should be 'pom'.
* The Textifier prints a supplementary space at the end of each method that throws at least one exception.
open-test-reporting:
- Included `open-test-reporting-events` and `open-test-reporting-schema` to the channels as they are runtime
dependencies of Junit5 (no source changes)
saxpath was implemented at version 1.0 FCS:
- New standalone RPM package implementation, originally part of `jdom` source package (openSUSE Leap 15.5 package only)
xom was implemented at version 1.3.9:
- New standalone RPM package implementation, originally part of `jdom` source package
- The Nodes and Elements classes are iterable so you can use the enhanced for loop syntax on instances of these classes.
- The copy() method is now covariant.
- Adds Automatic-Moduole-Name to jar
- Remove direct dependency on xml-apis:xml-apis artifact since these classes are now available in the core runtime.
- Eliminate usage of com.sun classes to make XOM compatible with JDK 16.
- Replace remaining usages of StringBuffer with StringBuilder to slightly improve performance.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1876-1
Released: Fri May 31 06:47:32 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1221361
This update for aaa_base fixes the following issues:
- Fix the typo to set JAVA_BINDIR in the csh variant of the alljava profile script (bsc#1221361)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1877-1
Released: Fri May 31 06:48:40 2024
Summary: Recommended update for fdupes
Type: recommended
Severity: moderate
References: 1195709,1197484
This update for fdupes fixes the following issues:
- Do not use sqlite, as this pulls sqlite into Ring0 at no real benefit performance wise
- Update to 2.3.0:
* Add --cache option to speed up file comparisons
* Use nanosecond precision for file times, if available
* Fix compilation issue on OpenBSD
* Other changes like fixing typos, wording, etc.
- update to 2.2.1:
* Fix bug in code meant to skip over the current log file when --log option is given
* Updates to copyright notices in source code
* Add --deferconfirmation option
* Check that files marked as duplicates haven't changed during program execution before deleting them
* Update documentation to indicate units for SIZE in command-line options
* Move some configuration settings to configure.ac file
- Fixes for the new wrapper:
* Order duplicates by name, to get a reproducible file set (bsc#1197484)
* Remove redundant order parameter from fdupes invocation
* Modernize code, significantly reduce allocations
* Exit immediately when mandatory parameters are missing
* Remove obsolete buildroot parameter
* Add some tests for the wrapper
- Do not link the files as given by fdupes, but turn them into relative links
- Support multiple directories given (as glob to the macro)
- Handle symlinks (-s argument) correctly
- Simplify macros.fdupes to speed up the process (bsc#1195709)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1880-1
Released: Fri May 31 08:45:12 2024
Summary: Security update for python-requests
Type: security
Severity: moderate
References: 1224788,CVE-2024-35195
This update for python-requests fixes the following issues:
- CVE-2024-35195: Fixed cert verification regardless of changes to the value of `verify` (bsc#1224788).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1883-1
Released: Fri May 31 09:31:11 2024
Summary: Recommended update for iputils
Type: recommended
Severity: moderate
References: 1224877
This update for iputils fixes the following issue:
- 'arping: Fix 1s delay on exit for unsolicited arpings',
backport upstream fix (bsc#1224877)
- Backport proposed fix for regression in upstream commit 4db1de6 (bsc#1224877)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1887-1
Released: Fri May 31 19:08:38 2024
Summary: Recommended update for suse-module-tools
Type: recommended
Severity: moderate
References: 1192014,1216717,1217979,1223278,1224320
This update for suse-module-tools fixes the following issues:
- Include unblacklist in initramfs (bsc#1224320)
- regenerate-initrd-posttrans: run update-bootloader --refresh for XEN (bsc#1223278)
- 60-io-scheduler.rules: test for 'scheduler' sysfs attribute (bsc#1216717)
- README: Update blacklist description (gh#openSUSE/suse-module-tools#71)
- macros.initrd: %regenerate_initrd_post: don't fail if mkdir is unavailable (bsc#1217979)
- Don't rebuild existing initramfs images if the environment variable
SKIP_REGENERATE_ALL=1 is set (bsc#1192014)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1897-1
Released: Mon Jun 3 10:45:08 2024
Summary: Recommended update for postfix
Type: recommended
Severity: moderate
References: 1223264,1224207
This update for postfix fixes the following issues:
- config.postfix needs updating (bsc#1224207)
* chkconfig to systemctl
* Link Cyrus lmtp only if this exsists
* /usr/lib64/sasl2 does not need to exist
* Fetch timezone via readlink from /etc/localtime
- Set inet_interfaces to loopback-only instead of localhost as
proposed in man 5 postconf (bsc#1223264)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1941-1
Released: Fri Jun 7 16:33:38 2024
Summary: Security update for sssd
Type: security
Severity: important
References: 1223050,1223100,CVE-2023-3758
This update for sssd fixes the following issues:
- CVE-2023-3758: Fixed race condition during authorization leads to GPO policies functioning inconsistently (bsc#1223100).
The following non-security bugs were fixed:
- Use the name from the cached entries when updating them to avoid
capitalization problems (bsc#1223050).
- Extend sssctl command line tool to manage the cached GPOs;
(jsc#PED-7677).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1943-1
Released: Fri Jun 7 17:04:06 2024
Summary: Security update for util-linux
Type: security
Severity: important
References: 1218609,1220117,1221831,1223605,CVE-2024-28085
This update for util-linux fixes the following issues:
- CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. (bsc#1221831)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1950-1
Released: Fri Jun 7 17:20:14 2024
Summary: Security update for glib2
Type: security
Severity: moderate
References: 1224044,CVE-2024-34397
This update for glib2 fixes the following issues:
Update to version 2.78.6:
+ Fix a regression with IBus caused by the fix for CVE-2024-34397
Changes in version 2.78.5:
+ Fix CVE-2024-34397: GDBus signal subscriptions for well-known
names are vulnerable to unicast spoofing. (bsc#1224044)
+ Bugs fixed:
- gvfs-udisks2-volume-monitor SIGSEGV in
g_content_type_guess_for_tree() due to filename with bad
encoding
- gcontenttype: Make filename valid utf-8 string before processing.
- gdbusconnection: Don't deliver signals if the sender doesn't match.
Changes in version 2.78.4:
+ Bugs fixed:
- Fix generated RST anchors for methods, signals and properties.
- docs/reference: depend on a native gtk-doc.
- gobject_gdb.py: Do not break bt on optimized build.
- gregex: clean up usage of _GRegex.jit_status.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1951-1
Released: Fri Jun 7 17:27:16 2024
Summary: Recommended update for libbpf
Type: recommended
Severity: moderate
References: 1221101
This update for libbpf fixes the following issues:
- Fixed potential null pointer dereference in bpf_object__collect_prog_relos() (bsc#1221101)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1954-1
Released: Fri Jun 7 18:01:06 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1221482
This update for glibc fixes the following issues:
- Also include stat64 in the 32-bit libc_nonshared.a workaround
(bsc#1221482)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1956-1
Released: Mon Jun 10 04:50:39 2024
Summary: Recommended update for google-errorprone, guava
Type: recommended
Severity: moderate
References:
This update for google-errorprone, guava fixes the following issues:
guava:
- guava was updated to version 33.1.0:
* Changes of version 33.1.0:
+ Updated our Error Prone dependency to 2.26.1, which includes
a JPMS-ready jar of annotations. If you use the Error Prone
annotations in a modular build of your own code, you may need
to add a requires line for them.
+ base: Added a Duration overload for
Suppliers.memoizeWithExpiration.
+ base: Deprecated the remaining two overloads of
Throwables.propagateIfPossible. They won't be deleted, but we
recommend migrating off them.
+ cache: Fixed a bug that could cause false 'recursive load'
reports during refresh.
+ graph: Changed the return types of transitiveClosure() and
reachableNodes() to Immutable* types. reachableNodes() already
returned an immutable object (even though that was not
reflected in the declared return type); transitiveClosure()
used to return a mutable object. The old signatures remain
available, so this change does not break binary compatibility.
+ graph: Changed the behavior of views returned by graph
accessor methods that take a graph element as input: They now
throw IllegalStateException when that element is removed from
the graph.
+ hash: Optimized Checksum-based hash functions for Java 9+.
+ testing: Exposed FakeTicker Duration methods to Android users.
+ util.concurrent: Deprecated the constructors of
UncheckedExecutionException and ExecutionError that don't
accept a cause. We won't remove these constructors, but we
recommend migrating off them, as users of those classes often
assume that instances will contain a cause.
+ util.concurrent: Improved the correctness of racy accesses for
J2ObjC users.
* Changes of version 33.0.0:
+ This version of guava-android contains some package-private
methods whose signature includes the Java 8 Collector API.
This is a test to identify any problems before we expose those
methods publicly to users. Please report any problems that you
encounter.
+ Changed various classes to catch Exception instead of
RuntimeException even when only RuntimeException is
theoretically possible. This can help code that throws
undeclared exceptions, as some bytecode rewriters (e.g.,
Robolectric) and languages (e.g., Kotlin) do.
+ Added an Automatic-Module-Name to failureaccess, Guava's one
strong runtime dependency.
+ reflect: In guava-android only, removed
Invokable.getAnnotatedReturnType() and
Parameter.getAnnotatedType(). These methods never worked in an
Android VM, and to reflect that, they were born @Deprecated,
@Beta, and @DoNotCall. They're now preventing us from rolling
out some new Android compatibility testing. This is the only
binary-incompatible change in this release, and it should have
no effect in practice. Still, we bump the major version number
to follow Semantic Versioning.
+ util.concurrent: Changed our implementations to avoid eagerly
initializing loggers during class loading. This can help
performance, especially under Android.
* Changes of version 32.1.3:
+ Changed Gradle Metadata to include dependency versions
directly. This may address 'Could not find some-dependency'
errors that some users have reported (which might be a result
of users' excluding guava-parent).
+ collect: Changed Multisets.unmodifiableMultiset(set)
.removeIf(predicate) to throw an exception always, even if
nothing matches predicate.
+ graph: Fixed the behavior of Graph/ValueGraph views for a node
when that node is removed from the graph.
+ io: Fixed Files.createTempDir and FileBackedOutputStream under
Windows services, a rare use case. (The fix actually covers
only Java 9+ because Java 8 would require an additional
approach. Let us know if you need support under Java 8.)
+ net: Made MediaType.parse allow and skip over whitespace
around the / and = separator tokens in addition to the ;
separator, for which it was already being allowed.
+ util.concurrent: Tweaked Futures.getChecked
constructor-selection behavior: The method continues to prefer
to call constructors with a String parameter, but now it
breaks ties based on whether the constructor has a Throwable
parameter. Beyond that, the choice of constructor remains
undefined. (For this and other reasons, we discourage the use
of getChecked.)
* Changes of version 32.1.2:
+ Removed the section of our Gradle metadata that caused Gradle
to report conflicts with listenablefuture.
+ Changed our Maven project to avoid affecting which version of
Mockito our Gradle users see.
+ collect: Under J2CL, exposed ImmutableList and ImmutableSet
methods copyOf and of for JavaScript usage.
+ net: Optimized InternetDomainName construction.
* Changes of version 32.1.1:
+ Fixed our broken Gradle metadata from 32.1.0. Sorry again for
the trouble. If you use Gradle, please still read the release
notes from that version: You may still see errors from the new
checking that the metadata enables, and the release notes
discuss how to fix those errors.
* Changes of version 32.1.0:
+ collect: Tweaked more nullness annotations.
+ hash: Enhanced crc32c() to use Java's hardware-accelerated
implementation where available.
+ util.concurrent: Added Duration-based default methods to
ListeningExecutorService.
+ Began updating Javadoc to focus less on APIs that have been
superseded by additions to the JDK. We're also looking to add
more documentation that directs users to JDK equivalents for
our APIs. Further PRs welcome!
+ Fixed some problems with using Guava from a Java Agent.
(But we don't test that configuration, and we don't know how
well we'll be able to keep it working.)
+ Fixed BootstrapMethodError when using CacheBuilder from a
custom system class loader. (As with the previous item,
we're not sure how well we'll be able to keep this use case
working.)
+ Suppressed a harmless unusable-by-js warning seen by users of
guava-gwt.
- Fix version mismatch in the ant build files.
- The binaries are compatible with java 1.8
google-errorprone, google-errorprone-annotations:
- google-errorprone and google-errorprone-annotations were updated to version 2.26.1:
* Changes of version 2.26.1:
+ Fixes the module name: from 'com.google.errorprone.annotation'
to 'com.google.errorprone.annotations'. Amends the OSGi build
not to include 'Automatic-Module-Name' in the MANIFEST.MF for the
'annotations' project.
* Changes of version 2.26.0:
+ The 'annotations' artifact now includes a module-info.java for
Java Platform Module System support.
+ Disabled checks passed to -XepPatchChecks are now ignored,
instead of causing a crash.
+ New checks:
- SystemConsoleNull: Null-checking System.console() is not a
reliable way to detect if the console is connected to a
terminal.
- EnumOrdinal: Discourage uses of Enum.ordinal()
+ Closed issues:
- Add module-info.java
- 2.19.x: Exception thrown when a disabled check is passed to
-XepPatchChecks
- Ignore disabled checks passed to -XepPatchChecks
- feat: add jpms definition for annotations
- Add the 'compile' goal for 'compile-java9'
* Changes of version 2.25.0:
+ New checks:
- JUnitIncompatibleType: Detects incompatible types passed to
an assertion, similar to TruthIncompatibleType
- RedundantSetterCall: Detects fields set twice in the same
chained expression. Generalization of previous
ProtoRedundantSet check to also handle AutoValue.
+ Closed issues:
- Crash in UnnecessaryStringBuilder
- Fix typos
- Add support for specifying badEnclosingTypes for BadImport
via flags
- Some BugPattern docs are missing code examples
- Remove incorrect statement from BugPattern index doc
- Do not report NonFinalStaticField findings for fields
modified in @BeforeAll methods
* Changes of version 2.24.1:
+ Add an assertion to try to help debug
* Changes of version 2.24.0:
+ New checks:
- MultipleNullnessAnnotations: Discourage multiple nullness
annotations
- NullableTypeParameter: Discourage nullness annotations on
type parameters
- NullableWildcard: Discourage nullness annotations on
wildcards
- SuperCallToObjectMethod: Generalization of
SuperEqualsIsObjectEquals, now covers hashCode
* Changes of version 2.23.0:
+ New checks: DuplicateDateFormatField, NonFinalStaticField,
StringCharset, StringFormatWithLiteral,
SuperEqualsIsObjectEquals
+ Bug fixes and improvements
* Changes of version 2.22.0:
+ New checks:
- ClosingStandardOutputStreams: Prevents accidentally closing
System.{out,err} with try-with-resources
- TruthContainsExactlyElementsInUsage: containsExactly is
preferred over containsExactlyElementsIn when creating new
iterables
- UnnecessaryAsync: detects unnecessary use of async
primitives in local (and hence single-threaded) scopes
- ReturnAtTheEndOfVoidFunction: detects unnecessary return
statements at the end of void functions
- MultimapKeys: Suggests using keySet() instead of iterating
over Multimap.keys(), which does not collapse duplicates
+ Bug fixes and improvements:
- Don't complain about literal IP addresses in
AddressSelection
- Prevent SuggestedFixes#renameMethod from modifying return
type declaration
- Fix UnusedVariable false positives for private record
parameters
- When running in conservative mode, no longer assume that
implementations of Map.get, etc. return null
- CanIgnoreReturnValueSuggester: Support additional exempting
method annotations
- UnusedVariable: exclude junit5's @RegisterExtension
- Support running all available patch checks
- Upgrade java-diff-utils 4.0 -> 4.12
- Flag unused Refaster template parameters
- Support @SuppressWarnings('all')
- Prevent Refaster UMemberSelect from matching method
parameters
- MissingDefault : Don't require // fall out comments on
expression switches
- Skip UnnecessaryLambda findings for usages in enhanced for
loops
- Fix bug where nested MissingBraces violations' suggested
fixes result in broken code
- Add support for specifying exemptPrefixes/exemptNames for
UnusedVariable via flags
- UnusedMethod: Added exempting variable annotations
* Changes of version 2.21.1:
+ Handle overlapping ranges in suppressedRegions
+ Add AddressSelection to discourage APIs that convert a
hostname to a single address
* Changes of version 2.21.0:
+ New Checkers:
- AttemptedNegativeZero: Prevents accidental use of -0, which
is the same as 0. The floating-point negative zero is -0.0.
- ICCProfileGetInstance: Warns on uses of
ICC_Profile.getInstance(String), due to JDK-8191622.
- MutableGuiceModule: Fields in Guice modules should be final.
- NullableOptional: Discourages @Nullable-annotated Optionals.
- OverridingMethodInconsistentArgumentNamesChecker: Arguments
of overriding method are inconsistent with overridden
method.
+ Fixed issues:
- Avoid MemberName IOOBE on lambda parameters inside
overriding methods
- Improve LockOnNonEnclosingClassLiteral documentation
- Security scan reported high CVE for
com.google.guava:guava:31.1-jre
- Upgrade guava to 32.0.1
- Proposal: checker to prevent other checkers from calling
javac methods that changed across JDKs
- Add support in ASTHelpersSuggestions for getEnclosedElements
* Changes of version 2.20.0:
+ This release is compatible with early-access builds of JDK 21.
+ New Checkers: InlineTrivialConstant, UnnecessaryStringBuilder,
BanClassLoader, DereferenceWithNullBranch, DoNotUseRuleChain,
LockOnNonEnclosingClassLiteral, MissingRefasterAnnotation,
NamedLikeContextualKeyword, NonApiType
+ Fixes issues:
- Introduce MissingRefasterAnnotation checker
- Fix minor typo in URepeated
- Drop unused constant Template#AUTOBOXING_DEFAULT
- Introduce command-line flag -XepAllSuggestionsAsWarnings
- JDK21 compatibility
- Add OSGi runtime metadata to error-prone's MANIFEST.MF files
- Use EISOP Checker Framework version 3.34.0-eisop1
- NotJavadoc pattern does not allow Javadoc on module
declarations
- ErrorProneInjector incorrectly picks up the no-args
constructor
- Several high CVEs related to dependency
com.google.protobuf:protobuf-java:3.19.2
- Upgrade protobuf-java to 3.19.6
* Changes of version 2.19.1:
+ This release fixes a binary compatibility issue when running
on JDK 11
* Changes of version 2.19.0:
+ New Checkers: NotJavadoc, StringCaseLocaleUsage,
UnnecessaryTestMethodPrefix
+ Fixes issues:
- Exclude inner classes annotated with @Nested from
ClassCanBeStatic rule
- Optimize VisitorState#getSymbolFromName
- ClassCanBeStatic: Exclude JUnit @Nested classes
- BadImport: flag static import of newInstance methods
- Support given for enforcing DirectInvocationOnMock: issue
3396
- Handle yield statement case in ASTHelpers#targetType
- Should ASTHelpers.getSymbol(Tree) be annotated with
@Nullable?
- Fix '@' character in javadoc code snippets
- Replace guava cache with caffeine
- Discourage APIs locale-dependent APIs like
String.to{Lower,Upper}Case
- Introduce StringCaseLocaleUsage check
* Changes of version 2.18.0:
+ New Checkers: InjectOnBugCheckers, LabelledBreakTarget,
UnusedLabel, YodaCondition
+ Fixes issues:
- @SuppressWarnings('InlineFormatString') doesn't work
- Refaster: support method invocation type argument inlining
- java.lang.IllegalArgumentException: Cannot edit synthetic
AST nodes with specific record constructor
- Rename class to match filename
- Optimize VisitorState#getSymbolFromName
- refactor: refactor bad smell UnusedLabel
- LambdaFunctionalInterface crash with
IllegalArgumentException when processing an enum constructor
taking a lambda
- Fix JDK 20-ea build compatibility
- UngroupedOverloads: ignore generated constructors
- [errorprone 2.17.0] NPE in
StatementSwitchToExpressionSwitch.analyzeSwitchTree
- StatementSwitchToExpressionSwitch: handle empty statement
blocks
- StatementSwitchToExpressionSwitch: only trigger on
compatible target versions
- Fix Finalize bugpattern to match protected finalize()
- Make MemoizeConstantVisitorStateLookups check suppressible
* Changes of version 2.17.0:
+ New Checkers: AvoidObjectArrays, Finalize, IgnoredPureGetter,
ImpossibleNullComparison, MathAbsoluteNegative, NewFileSystem,
StatementSwitchToExpressionSwitch, UnqualifiedYield
+ Fixed issues:
- InvalidParam warning on Javadoc for Java record components
- UnusedMethod flags @JsonValue methods as unused
- UnusedMethod: Add more JPA lifecycle annotations or make
annotations configurable
- UnusedMethod: Support additional exempting method
annotations
- Have InvalidParam support records
- Fix -XepDisableAllWarnings flag when passed on its own
- ASTHelpersSuggestions does not flag call to packge() on
com.sun.tools.javac.code.Symbol.ClassSymbol
- @SupressWarnings on record compact constructor causes crash
* Changes of version 2.16.0:
+ New Checkers: ASTHelpersSuggestions,
CanIgnoreReturnValueSuggester, LenientFormatStringValidation,
UnnecessarilyUsedValue
+ Fixed issues:
- Avoid using non-ASCII Unicode characters outside of comments
and literals
- NullPointerException thrown during analysis
- NPE analysing new style switch statement (2.14.0)
- ImmutableChecker handles null types
- Drop pre-JDK 11 logic from Refaster's Inliner class
* Changes of version 2.15.0:
+ New Checkers: BuilderReturnThis,
CanIgnoreReturnValueSuggester, CannotMockFinalClass,
CannotMockFinalMethod, DirectInvocationOnMock, ExtendsObject,
MockNotUsedInProduction, NoCanIgnoreReturnValueOnClasses,
NullArgumentForNonNullParameter, SelfAlwaysReturnsThis,
UnsafeWildcard, UnusedTypeParameter
* Changes of version 2.14.0:
+ New checkers: BanJNDI, EmptyTopLevelDeclaration,
ErroneousBitwiseExpression,
FuzzyEqualsShouldNotBeUsedInEqualsMethod, Interruption,
NullableOnContainingClass
* Changes of version 2.13.1:
+ Fix a crash in UnnecessaryBoxedVariable
+ Include the unicode character in the diagnostic message
* Changes of version 2.13.0:
+ Handle all annotations with the simple name Generated in
-XepDisableWarningsInGeneratedCode
+ Reconcile BugChecker#isSuppressed with suppression handling in
ErrorProneScanner
+ Fix a bug in enclosingPackage
+ Improve performance of fix application
+ Implicitly treat @AutoBuilder setter methods as
@CanIgnoreReturnValue.
+ Remove some obsolete checks
(PublicConstructorForAbstractClass, HashCodeToString)
* Changes of version 2.12.1:
+ This release adds an infrastructure optimization to AppliedFix
source code processing.
* Changes of version 2.12.0:
+ New checks: BoxedPrimitiveEquality, DoubleBraceInitialization,
IgnoredPureGetter, LockOnBoxedPrimitive, IncorrectMainMethod,
LongDoubleConversion, RobolectricShadowDirectlyOn,
StaticAssignmentOfThrowable, UnnecessaryLongToIntConversion,
Varifier
- Do not require maven-javadoc-plugin as it's not being used
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1962-1
Released: Mon Jun 10 13:09:11 2024
Summary: Security update for libvirt
Type: security
Severity: moderate
References: 1222584,1223849,CVE-2024-4418
This update for libvirt fixes the following issues:
- CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is removed from client event loop. (bsc#1223849)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1963-1
Released: Mon Jun 10 13:09:41 2024
Summary: Security update for apache2
Type: security
Severity: important
References: 1221401,1222330,1222332,CVE-2023-38709,CVE-2024-24795,CVE-2024-27316
This update for apache2 fixes the following issues:
- CVE-2023-38709: Fixed HTTP response splitting (bsc#1222330).
- CVE-2024-24795: Fixed HTTP response splitting in multiple modules (bsc#1222332).
- CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames can be utilized for DoS attacks (bsc#1221401).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1994-1
Released: Tue Jun 11 15:03:55 2024
Summary: Recommended update for iputils
Type: recommended
Severity: moderate
References:
This update for iputils fixes the following issue:
- After upstream merged the fix, update git commit hashes.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1997-1
Released: Tue Jun 11 17:24:32 2024
Summary: Recommended update for e2fsprogs
Type: recommended
Severity: moderate
References: 1223596
This update for e2fsprogs fixes the following issues:
- EA Inode handling fixes:
- e2fsck: add more checks for ea inode consistency (bsc#1223596)
- e2fsck: fix golden output of several tests (bsc#1223596)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1998-1
Released: Tue Jun 11 22:53:43 2024
Summary: Recommended update for yast2-registration
Type: recommended
Severity: moderate
References: 1223301
This update for yast2-registration fixes the following issue:
- Ensure add_on_others in autoyast profile are added (bsc#1223301)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2024-1
Released: Thu Jun 13 16:15:18 2024
Summary: Recommended update for jitterentropy
Type: recommended
Severity: moderate
References: 1209627
This update for jitterentropy fixes the following issues:
- Fixed a stack corruption on s390x: [bsc#1209627]
* Output size of the STCKE command on s390x is 16 bytes, compared
to 8 bytes of the STCK command. Fix a stack corruption in the
s390x version of jent_get_nstime(). Add some more detailed
information on the STCKE command.
Updated to 3.4.1
* add FIPS 140 hints to man page
* simplify the test tool to search for optimal configurations
* fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0
* enhancement: add ARM64 assembler code to read high-res timer
-----------------------------------------------------------------
Advisory ID: 33664
Released: Thu Jun 13 21:03:11 2024
Summary: Recommended update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings
Type: recommended
Severity: important
References: 1222086,1223430,1223766,1224242
This update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings fixes the following issues:
- Fix the dependency for Packagekit-backend-zypp in SUMa 4.3 (bsc#1224242)
- Improve updating of installed multiversion packages
- Fix decision introspection going into an endless loop in some cases
- Split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- Improve checks against corrupt rpm
- Fixed check for outdated repo metadata as non-root user (bsc#1222086)
- Add ZYPP_API for exported functions and switch to visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- Fix download from gpgkey URL (bsc#1223430)
- Delay zypp lock until command options are parsed (bsc#1223766)
- Unify message format
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2059-1
Released: Tue Jun 18 13:11:29 2024
Summary: Security update for openssl-1_1
Type: security
Severity: important
References: 1225551,CVE-2024-4741
This update for openssl-1_1 fixes the following issues:
- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2060-1
Released: Tue Jun 18 13:11:47 2024
Summary: Security update for less
Type: security
Severity: important
References: 1222849,CVE-2024-32487
This update for less fixes the following issues:
- CVE-2024-32487: Fixed OS command injection via a newline character in the file name. (bsc#1222849)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2066-1
Released: Tue Jun 18 13:16:09 2024
Summary: Security update for openssl-3
Type: security
Severity: important
References: 1223428,1224388,1225291,1225551,CVE-2024-4603,CVE-2024-4741
This update for openssl-3 fixes the following issues:
Security issues fixed:
- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)
- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)
Other issues fixed:
- Enable livepatching support (bsc#1223428)
- Fix HDKF key derivation (bsc#1225291, gh#openssl/openssl#23448, + gh#openssl/openssl#23456)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2075-1
Released: Tue Jun 18 17:52:50 2024
Summary: Recommended update for sudo
Type: recommended
Severity: moderate
References: 1222104,1226008
This update for sudo fixes the following issues:
- Revert the 'Match using canonicalized directories where possible.'
feature just for SLE-15 This causes a breaking change in behavior
for some customers (bsc#1222104, bsc#1226008)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2083-1
Released: Wed Jun 19 08:33:38 2024
Summary: Security update for libarchive
Type: security
Severity: important
References: 1225971,1225972,CVE-2024-20696,CVE-2024-20697
This update for libarchive fixes the following issues:
- CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability (bsc#1225972).
- CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2085-1
Released: Wed Jun 19 11:36:00 2024
Summary: recommended update for python-requests
Type: recommended
Severity: moderate
References: 1225912
This update for python-requests fixes the following issue:
- Allow the usage of 'verify' parameter as a directory. (bsc#1225912)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2086-1
Released: Wed Jun 19 11:48:24 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1188441
This update for gcc13 fixes the following issues:
Update to GCC 13.3 release
- Removed Fiji support from the GCN offload compiler as that is requiring
Code Object version 3 which is no longer supported by llvm18.
- Avoid combine spending too much compile-time and memory doing nothing
on s390x. [bsc#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2104-1
Released: Thu Jun 20 10:44:39 2024
Summary: Recommended update for google-cloud SDK
Type: recommended
Severity: moderate
References:
This update for protobuf and python-grpcio fixes the following issue:
- Add python311 binaries to Python Module.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2172-1
Released: Mon Jun 24 05:51:55 2024
Summary: Recommended update for iproute2
Type: recommended
Severity: moderate
References: 1204562
This update for iproute2 fixes the following issues:
iproute2 was updated to version 6.4 (jsc#PED-6820 jsc#PED-6844, jsc#PED-8358):
- Fixed display of bound but unconnected sockets (bsc#1204562)
- Changes in version 6.4:
* bridge: mdb: added underlay destination IP support, UDP
destination port support, destination VNI support, source VNI
support, outgoing interface support
* macvlan: added the 'bclim' parameter
- Changes in version 6.3:
* New release of iproute2 corresponding to the 6.3 kernel.
No large feature improvements only incremental improvements to
the bridge mdb support, mostly just bug fixes.
- Changes in version 6.2:
* f_flower: Introduce L2TPv3 support
* bridge: fdb: Add support for locked FDB entries
* bridge: link: Add MAC Authentication Bypass (MAB) support
* ip: Support --json on `ip neigh get`
* tc: Add JSON output to tc-class
- Changes in version 6.1:
* man: ss.8: fix a typo
* testsuite: fix build failure
* genl: remove unused vars in Makefile
* json: do not escape single quotes
* ip-monitor: Do not error out when RTNLGRP_STATS is not available
* ip-link: man: Document existence of netns argument in add command
* macsec: add Extended Packet Number support
* macsec: add user manual description for extended packet number feature
* ip: xfrm: support 'external' (`collect_md`) mode in xfrm interfaces
* ip: xfrm: support adding xfrm metadata as lwtunnel info in routes
* ip: add NLM_F_ECHO support
* libnetlink: add offset for nl_dump_ext_ack_done
* tc/tc_monitor: print netlink extack message
* rtnetlink: add new function rtnl_echo_talk()
* ip: fix return value for rtnl_talk failures
* iplink_bridge: Add no_linklocal_learn option support
* devlink: use dl_no_arg instead of checking dl_argc == 0
* devlink: remove dl_argv_parse_put
* mnlg: remove unnused mnlg_socket structure
* utils: extract CTRL_ATTR_MAXATTR and save it
* devlink: expose nested devlink for a line card object
* devlink: load port-ifname map on demand
* devlink: fix parallel flash notifications processing
* devlink: move use_iec into struct dl
* devlink: fix typo in variable name in ifname_map_cb()
* devlink: load ifname map on demand from ifname_map_rev_lookup() as well
* dcb: unblock mnl_socket_recvfrom if not message received
* libnetlink: Fix memory leak in __rtnl_talk_iov()
* tc_util: Fix no error return when large parent id used
* tc_util: Change datatype for maj to avoid overflow issue
* ss: man: add missing entries for MPTCP
* ss: man: add missing entries for TIPC
* ss: usage: add missing parameters
* ss: re-add TIPC query support
* devlink: Fix setting parent for 'rate add'
* link: display 'allmulti' counter
* seg6: add support for flavors in SRv6 End* behaviors
* tc: ct: Fix invalid pointer dereference
* uapi: update from 6.1 pre rc1
* u32: fix json formatting of flowid
* tc_stab: remove dead code
* uapi: update for in.h and ip.h
* remove #if 0 code
* tc: add json support to size table
* tc: put size table options in json object
* tc/basic: fix json output filter
* iplink: support JSON in MPLS output
* tc: print errors on stderr
* ip: print mpls errors on stderr
* tc: make prefix const
* man: add missing tc class show
* iplink_can: add missing `]' of the bitrate, dbitrate and termination arrays
* ip link: add sub-command to view and change DSA conduit interface
- Changes in version 6.0:
* ipstats: Add param.h for musl
* Update kernel headers
* libbpf: add xdp program name support
* iplink: bond_slave: add per port prio support
* seg6: add support for SRv6 Headend Reduced Encapsulation
* lib: Introduce ppp protocols
* f_flower: Introduce PPPoE support
- Changes in version 5.19:
* ip/iplink_virt_wifi: add support for virt_wifi
* Update kernel headers
* libnetlink: Add filtering to rtnl_statsdump_req_filter()
* ipstats: Add a 'set' command
* ipstats: Add a group 'link'
* libbpf: Use bpf_object__load instead of bpf_object__load_xattr
* uapi: change name for zerocopy sendfile in tls
* bridge: vxlan device vnifilter support
* f_flower: Add num of vlans parameter
- Changes in version 5.18:
* The build issues with libbpf should be fixed now.
* Building with clang is now supported.
* There are still some warnings with gcc-12 that will need to be
fixed in the upstream kernel headers.
- Changes in version 5.17:
* lib/fs: fix memory leak in get_task_name()
* bridge: Remove vlan listing from `bridge link`
* bond: add arp_missed_max option
* libnetlink: fix socket leak in rtnl_open_byproto()
* dcb: Fix error reporting when accessing 'dcb app'
* tc_util: Fix parsing action control with space and slash
* lib: fix ax25.h include for musl
* uapi: add missing rose and ax25 files
* rdma: Fix res_print_uint() and add res_print_u64()
* tc: Add support for ce_threshold_value/mask in fq_codel
- Add tmpfiles.d conf for /run/netns
- Changes in version 5.16:
* devlink: Fix cmd_dev_param_set() to check configuration mode
* ip: add AMT support
* iplink_can: fix configuration ranges in print_usage() and add
unit
* tc: flower: Fix buffer overflow on large labels
* ip/ipnexthop: fix unsigned overflow in parse_nh_group_type_res()
* tc/m_vlan: fix print_vlan() conditional on TCA_VLAN_ACT_PUSH_ETH
* iplink_can: add new CAN FD bittiming parameters:
Transmitter Delay Compensation (TDC)
- Changes in version 5.15:
* lib: bpf_legacy: fix bpffs mount when /sys/fs/bpf exists
* man: devlink-port: fix the devlink port add synopsis
* man: devlink-port: fix pfnum for devlink port add
* iptuntap: fix multi-queue flag display
* mptcp: unbreak JSON endpoint list
* ipneigh: add support to print brief output of neigh cache in
tabular format
* ip/bond: add LACP active support
* ip/tunnel: always print all known attributes
* Add, show, link, remove IOAM namespaces and schemas
* New IOAM6 encap type for routes
* tc/skbmod: Introduce SKBMOD_F_ECN option
* tc/f_flower: fix port range parsing
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2179-1
Released: Mon Jun 24 11:30:16 2024
Summary: Recommended update for sssd
Type: recommended
Severity: moderate
References: 1226407
This update for sssd fixes the following issue:
- Reenable pam_sss after upgrade, was removed by sssd-common postun
(bsc#1226407)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2200-1
Released: Tue Jun 25 13:53:17 2024
Summary: Security update for avahi
Type: security
Severity: moderate
References: 1216594,1216598,1226586,CVE-2023-38469,CVE-2023-38471
This update for avahi fixes the following issues:
- CVE-2023-38471: Fixed a reachable assertion in dbus_set_host_name. (bsc#1216594)
- CVE-2023-38469: Fixed a reachable assertion in avahi_dns_packet_append_record. (bsc#1216598)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2214-1
Released: Tue Jun 25 17:11:26 2024
Summary: Recommended update for util-linux
Type: recommended
Severity: moderate
References: 1225598
This update for util-linux fixes the following issue:
- Fix hang of lscpu -e (bsc#1225598)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2229-1
Released: Wed Jun 26 08:20:55 2024
Summary: Recommended update for apache2
Type: recommended
Severity: important
References: 1226217
This update for apache2 fixes the following issues:
- Apache ignores headers sent by CGI scripts (bsc#1226217)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2234-1
Released: Wed Jun 26 12:54:27 2024
Summary: Recommended update for suse-module-tools
Type: recommended
Severity: moderate
References: 1224400
This update for suse-module-tools fixes the following issue:
- Version update, udevrules: activate CPUs on hotplug for s390, too (bsc#1224400)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2239-1
Released: Wed Jun 26 13:09:10 2024
Summary: Recommended update for systemd
Type: recommended
Severity: critical
References: 1226415
This update for systemd contains the following fixes:
- testsuite: move a misplaced %endif
- Do not remove existing configuration files in /etc. If these files were
modified on the systemd, that may cause unwanted side effects (bsc#1226415).
- Import upstream commit (merge of v254.13)
Use the pty slave fd opened from the namespace when transient service is running in a container.
This revert the backport of the broken commit until a fix is released in the v254-stable tree.
- Import upstream commit (merge of v254.11)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/e8d77af4240894da620de74fbc7823aaaa448fef...85db84ee440eac202c4b5507e96e1704269179bc
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2241-1
Released: Wed Jun 26 15:37:28 2024
Summary: Recommended update for wicked
Type: recommended
Severity: important
References: 1218668
This update for wicked fixes the following issues:
- Fix VLANs/bonds randomly not coming up after reboot or wicked restart. [bsc#1218668]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2264-1
Released: Tue Jul 2 10:14:25 2024
Summary: Recommended update for python-rpm-macros
Type: recommended
Severity: moderate
References:
This update for python-rpm-macros fixes the following issues:
- Update to version 20240618.1e386da:
* Fix python_clone sed regex
- Update to version 20240614.02920b8:
* Make sure that RPM_BUILD_ROOT env is set
* don't eliminate any cmdline arguments in the shebang line
* Create python313 macros
- Update to version 20240415.c664b45:
* Fix typo 310 -> 312 in default-prjconf
- Update to version 20240202.501440e:
* SPEC0: Drop python39, add python312 to buildset (#169)
- Update to version 20231220.98427f3:
* fix python2_compile macro
- Update to version 20231207.46c2ec3:
* make FLAVOR_compile compatible with python2
- Update to version 20231204.dd64e74:
* Combine fix_shebang in one line
* New macro FLAVOR_fix_shebang_path
* Use realpath in %python_clone macro shebang replacement
* Compile and fix_shebang in %python_install macros
- Update to version 20231010.0a1f0d9:
* Revert 'Compile and fix_shebang in %python_install macros'
- Update to version 20231010.a32e110:
* Compile and fix_shebang in %python_install macros
- Update to version 20231005.bf2d3ab:
* Fix shebang also in sbin with macro _fix_shebang
- Update to version 20230609.6fe8111:
* move compile loop to python
* remove python38
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2266-1
Released: Tue Jul 2 10:14:58 2024
Summary: Security update for postgresql16
Type: security
Severity: moderate
References: 1224038,1224051,CVE-2024-4317
This update for postgresql16 fixes the following issues:
PostgreSQL upgrade to version 16.3 (bsc#1224051):
- CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038).
Bug fixes:
- Fix incompatibility with LLVM 18.
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
- Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work.
- Remove constraints file because improved memory usage for s390x
- Use %patch -P N instead of deprecated %patchN.
Release notes:
- https://www.postgresql.org/docs/release/16.3/
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2275-1
Released: Tue Jul 2 16:33:30 2024
Summary: Security update for openssh
Type: security
Severity: important
References: 1226642,CVE-2024-6387
This update for openssh fixes the following issues:
- CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642)
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2024:2282-1
Released: Tue Jul 2 22:41:28 2024
Summary: Optional update for openscap, scap-security-guide
Type: optional
Severity: moderate
References:
This update for scap-security-guide and openscap provides the SCAP tooling
for SLE Micro 5.3, 5.4, 5.5.
This includes shipping openscap dependencies libxmlsec1-1 and libxmlsec1-openssl for SLE Micro.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2284-1
Released: Wed Jul 3 05:27:30 2024
Summary: Recommended update for gmavenplus-plugin, istack-commons, replacer, xmvn
Type: recommended
Severity: moderate
References:
This update for gmavenplus-plugin, istack-commons, replacer, xmvn fixes the following issues:
gmavenplus-plugin, istack-commons, replacer, xmvn:
- Fixed build with `maven-plugin-plugin`
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2290-1
Released: Wed Jul 3 11:35:00 2024
Summary: Security update for libxml2
Type: security
Severity: low
References: 1224282,CVE-2024-34459
This update for libxml2 fixes the following issues:
- CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2306-1
Released: Fri Jul 5 10:28:10 2024
Summary: Recommended update for libvirt
Type: recommended
Severity: moderate
References: 1226492
This update for libvirt fixes the following issue:
- qemu: Fix migration with custom XML (bsc#1226492)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2307-1
Released: Fri Jul 5 12:04:34 2024
Summary: Security update for krb5
Type: security
Severity: important
References: 1227186,1227187,CVE-2024-37370,CVE-2024-37371
This update for krb5 fixes the following issues:
- CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186).
- CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187).
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2024:2316-1
Released: Mon Jul 8 11:18:56 2024
Summary: Optional update for NetworkManager
Type: optional
Severity: low
References: 1227333
This optional update for NetworkManager fixes the following issue:
- No-change rebuild to include NetworkManager-wwan in the SLE-Module-Desktop-Applications_15-SP6 product (bsc#1227333)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2393-1
Released: Wed Jul 10 17:33:47 2024
Summary: Security update for openssh
Type: security
Severity: moderate
References: 1218215,1224392,1225904,1227318,1227350,CVE-2023-51385,CVE-2024-39894
This update for openssh fixes the following issues:
Security fixes:
- CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318).
Other fixes:
- Add obsoletes for openssh-server-config-rootlogin (bsc#1227350).
- Add #include <stdlib.h> in some files added by the ldap patch to
fix build with gcc14 (bsc#1225904).
- Remove the recommendation for openssh-server-config-rootlogin
from openssh-server (bsc#1224392).
The following package changes have been done:
- glibc-2.38-150600.14.5.1 updated
- libxml2-2-2.10.3-150500.5.17.1 updated
- libsmartcols1-2.39.3-150600.4.6.2 updated
- libgcc_s1-13.3.0+git8781-150000.1.12.1 updated
- libsolv-tools-base-0.7.29-150400.3.22.4 added
- libprocps8-3.3.17-150000.7.39.1 updated
- procps-3.3.17-150000.7.39.1 updated
- libgobject-2_0-0-2.78.6-150600.4.3.1 updated
- libglib-2_0-0-2.78.6-150600.4.3.1 updated
- grafana-formula-0.10.2-150600.1.1 updated
- image-sync-formula-0.1.1713446632.c61236a-150600.1.1 updated
- libcom_err2-1.47.0-150600.4.3.2 updated
- gio-branding-SLE-15-150600.35.2.1 updated
- libblkid1-2.39.3-150600.4.6.2 updated
- libprotobuf-lite25_1_0-25.1-150600.16.4.2 updated
- libuuid1-2.39.3-150600.4.6.2 updated
- libsystemd0-254.13-150600.4.5.1 updated
- openssl-3-3.1.4-150600.5.7.1 updated
- libopenssl-3-fips-provider-3.1.4-150600.5.7.1 updated
- krb5-1.20.1-150600.11.3.1 updated
- fdupes-2.3.0-150400.3.3.1 updated
- libzypp-17.34.1-150600.3.4.6 updated
- dwz-0.12-150000.3.8.1 updated
- libgio-2_0-0-2.78.6-150600.4.3.1 updated
- util-linux-2.39.3-150600.4.6.2 updated
- libsolv-tools-0.7.29-150400.3.22.4 updated
- zypper-1.14.71-150600.10.2.7 updated
- iputils-20221126-150500.3.8.2 updated
- libavahi-common3-0.8-150600.15.3.1 updated
- aaa_base-84.87+git20180409.04c9dae-150300.10.20.1 updated
- libmount1-2.39.3-150600.4.6.2 updated
- libfdisk1-2.39.3-150600.4.6.2 updated
- systemd-254.13-150600.4.5.1 updated
- libopenssl3-3.1.4-150600.5.7.1 updated
- libstdc++6-13.3.0+git8781-150000.1.12.1 updated
- libudev1-254.13-150600.4.5.1 updated
- libarchive13-3.7.2-150600.3.3.1 updated
- libatomic1-13.3.0+git8781-150000.1.12.1 updated
- libgmodule-2_0-0-2.78.6-150600.4.3.1 updated
- glib2-tools-2.78.6-150600.4.3.1 updated
- glibc-locale-base-2.38-150600.14.5.1 updated
- libbpf1-1.2.2-150600.3.3.1 added
- libgomp1-13.3.0+git8781-150000.1.12.1 updated
- libipa_hbac0-2.9.3-150600.3.6.2 updated
- libitm1-13.3.0+git8781-150000.1.12.1 updated
- libjitterentropy3-3.4.1-150000.1.12.1 updated
- liblsan0-13.3.0+git8781-150000.1.12.1 updated
- libpq5-16.2-150600.16.2.1 updated
- libquadmath0-13.3.0+git8781-150000.1.12.1 updated
- libsgutils2-1_48-2-1.48+11.56e7b2f-150600.3.3.11 updated
- libsss_idmap0-2.9.3-150600.3.6.2 updated
- libsss_nss_idmap0-2.9.3-150600.3.6.2 updated
- libxml2-tools-2.10.3-150500.5.17.1 updated
- openssh-common-9.6p1-150600.6.6.1 updated
- python-rpm-macros-20240618.1e386da-150400.3.13.1 updated
- release-notes-susemanager-5.0.0-150600.19.1 updated
- ruby-solv-0.7.29-150400.3.22.4 updated
- sitemesh-2.1-0.150600.8.70 updated
- sudo-1.9.15p5-150600.3.3.2 updated
- susemanager-schema-utility-5.0.10-150600.1.1 updated
- util-linux-systemd-2.39.3-150600.4.6.2 updated
- uyuni-config-modules-5.0.9-150600.1.1 updated
- woodstox-4.4.2-150600.1.104 updated
- libyui16-4.5.3-150500.3.7.8 updated
- libyui-ncurses16-4.5.3-150500.3.7.8 updated
- glibc-locale-2.38-150600.14.5.1 updated
- libavahi-client3-0.8-150600.15.3.1 updated
- libopenssl1_1-1.1.1w-150600.5.3.1 updated
- postgresql16-16.2-150600.16.2.1 updated
- sg3_utils-1.48+11.56e7b2f-150600.3.3.11 updated
- libsss_certmap0-2.9.3-150600.3.6.2 updated
- iproute2-6.4-150600.7.3.1 updated
- glibc-devel-2.38-150600.14.5.1 updated
- openssh-fips-9.6p1-150600.6.6.1 updated
- susemanager-docs_en-5.0-150600.9.1 updated
- spacewalk-java-lib-5.0.11-150600.1.5 updated
- uyuni-reportdb-schema-5.0.6-150600.1.4 updated
- suse-module-tools-15.6.10-150600.3.6.2 updated
- less-643-150600.3.3.1 updated
- libyui-ncurses-pkg16-4.5.3-150500.3.7.9 updated
- apache2-prefork-2.4.58-150600.5.6.1 updated
- openssh-server-9.6p1-150600.6.6.1 updated
- openssh-clients-9.6p1-150600.6.6.1 updated
- wicked-0.6.75-150600.11.6.1 updated
- wicked-service-0.6.75-150600.11.6.1 updated
- postgresql16-server-16.2-150600.16.2.1 updated
- postfix-3.8.4-150600.3.3.1 updated
- susemanager-docs_en-pdf-5.0-150600.9.1 updated
- susemanager-schema-5.0.10-150600.1.1 updated
- susemanager-sync-data-5.0.5-150600.1.1 updated
- udev-254.13-150600.4.5.1 updated
- yast2-pkg-bindings-4.6.5-150600.3.2.8 updated
- apache2-2.4.58-150600.5.6.1 updated
- openssh-9.6p1-150600.6.6.1 updated
- grub2-2.12-150600.6.13 updated
- grub2-i386-pc-2.12-150600.6.13 updated
- python3-uyuni-common-libs-5.0.4-150600.1.42.1 updated
- python3-susemanager-retail-1.0.1658330139.861779d-150600.1.2 updated
- python3-solv-0.7.29-150400.3.22.4 updated
- python3-schema-0.6.7-150600.1.2 updated
- python3-looseversion-1.0.2-150600.3.6.2 updated
- python3-itsdangerous-1.1.0-1.6 added
- python3-click-7.0-1.27 added
- python3-Werkzeug-1.0.1-150300.3.8.1 added
- prometheus-exporters-formula-1.4.1-150600.1.1 updated
- libvirt-libs-10.0.0-150600.8.6.2 updated
- postgresql16-contrib-16.2-150600.16.2.1 updated
- sssd-ldap-2.9.3-150600.3.6.2 updated
- sssd-2.9.3-150600.3.6.2 updated
- sssd-krb5-common-2.9.3-150600.3.6.2 updated
- libnm0-1.44.2-150600.3.2.1 updated
- susemanager-build-keys-15.5.1-150600.3.1 updated
- grub2-x86_64-efi-2.12-150600.6.13 updated
- susemanager-retail-tools-1.0.1658330139.861779d-150600.1.2 updated
- virtual-host-gatherer-1.0.27-150600.7.7.2 updated
- python3-libxml2-2.10.3-150500.5.17.1 updated
- inter-server-sync-0.3.4-150600.1.3 updated
- spacewalk-backend-sql-postgresql-5.0.8-150600.3.44.7 updated
- sssd-krb5-2.9.3-150600.3.6.2 updated
- sssd-dbus-2.9.3-150600.3.6.2 updated
- python3-sssd-config-2.9.3-150600.3.6.2 updated
- sssd-ad-2.9.3-150600.3.6.2 updated
- typelib-1_0-NM-1_0-1.44.2-150600.3.2.1 updated
- jdom-1.1.3-150200.12.8.2 updated
- jackson-core-2.16.1-150200.3.14.7 updated
- jackson-annotations-2.16.1-150200.3.14.4 updated
- dom4j-2.1.4-150200.12.10.2 updated
- spacewalk-base-minimal-5.0.9-150600.1.9 updated
- susemanager-build-keys-web-15.5.1-150600.3.1 updated
- spacecmd-5.0.8-150600.3.118.1 updated
- python3-Jinja2-2.10.1-150000.3.13.1 updated
- virtual-host-gatherer-Nutanix-1.0.27-150600.7.7.2 updated
- virtual-host-gatherer-Libvirt-1.0.27-150600.7.7.2 updated
- sssd-tools-2.9.3-150600.3.6.2 updated
- sssd-ipa-2.9.3-150600.3.6.2 updated
- guava-33.1.0-150200.3.10.1 updated
- jackson-databind-2.16.1-150200.3.18.1 updated
- istack-commons-runtime-3.0.7-150200.5.8.1 updated
- tomcat-taglibs-standard-1_2_5-1.2.5-150600.1.101 updated
- quartz-2.3.0-150600.1.104 updated
- protobuf-java-25.1-150600.16.4.2 updated
- prometheus-client-java-0.3.0-150600.1.100 updated
- objectweb-asm-9.7-150200.3.15.2 updated
- mvel2-2.2.6.Final-150600.1.102 updated
- lucene-2.4.1-150600.1.104 updated
- kie-soup-7.17.0.Final-150600.1.95 updated
- kie-api-7.17.0-150600.1.94 updated
- jpa-api-2.2.2-150600.1.9 updated
- ical4j-3.0.18-150600.1.90 updated
- hibernate-commons-annotations-5.0.4-150600.1.103 updated
- ehcache-2.10.1-150600.1.105 updated
- drools-7.17.0-150600.1.91 updated
- spacewalk-base-minimal-config-5.0.9-150600.1.9 updated
- python3-Flask-1.0.4-150400.7.64 added
- pgjdbc-ng-0.8.7-150600.1.99 updated
- jackson-module-jaxb-annotations-2.16.1-150200.5.11.1 updated
- byte-buddy-dep-1.11.12-150600.1.9 updated
- optaplanner-7.17.0-150600.1.92 updated
- hibernate-types-2.16.2-150600.1.5 updated
- byte-buddy-1.11.12-150600.1.9 updated
- xmlsec-2.0.7-150600.1.96 updated
- statistics-1.0.2-150600.1.99 updated
- spark-core-2.9.3-150600.1.135 updated
- python3-rhnlib-5.0.3-150600.3.45.1 updated
- subscription-matcher-0.38-150600.1.1 updated
- jakarta-commons-validator-1.1.4-21.150600.19.115 updated
- python3-requests-2.25.1-150300.3.12.2 updated
- spacewalk-backend-5.0.8-150600.3.44.7 updated
- python3-spacewalk-client-tools-5.0.6-150600.3.90.8 updated
- spacewalk-client-tools-5.0.6-150600.3.90.8 updated
- spacewalk-base-5.0.9-150600.1.9 updated
- hibernate5-core-5.3.25-150600.1.88 updated
- struts-1.2.9-162.150600.33.5 updated
- spacewalk-backend-sql-5.0.8-150600.3.44.7 updated
- python3-spacewalk-certs-tools-5.0.6-150600.1.1 updated
- spacewalk-certs-tools-5.0.6-150600.1.1 updated
- spacewalk-admin-5.0.7-150600.1.1 updated
- hibernate5-ehcache-5.3.25-150600.1.88 updated
- hibernate5-c3p0-5.3.25-150600.1.88 updated
- spacewalk-java-postgresql-5.0.11-150600.1.5 updated
- virtual-host-gatherer-VMware-1.0.27-150600.7.7.2 updated
- virtual-host-gatherer-libcloud-1.0.27-150600.7.7.2 updated
- cobbler-3.3.3-150600.3.3 updated
- spacewalk-backend-server-5.0.8-150600.3.44.7 updated
- susemanager-sls-5.0.9-150600.1.1 updated
- spacewalk-html-5.0.9-150600.1.9 updated
- yast2-registration-4.6.2-150600.3.3.2 updated
- spacewalk-java-config-5.0.11-150600.1.5 updated
- spacewalk-backend-xmlrpc-5.0.8-150600.3.44.7 updated
- spacewalk-backend-xml-export-libs-5.0.8-150600.3.44.7 updated
- spacewalk-backend-package-push-server-5.0.8-150600.3.44.7 updated
- spacewalk-backend-iss-5.0.8-150600.3.44.7 updated
- spacewalk-backend-app-5.0.8-150600.3.44.7 updated
- spacewalk-taskomatic-5.0.11-150600.1.5 updated
- spacewalk-java-5.0.11-150600.1.5 updated
- spacewalk-backend-iss-export-5.0.8-150600.3.44.7 updated
- billing-data-service-5.0.3-150600.1.1 added
- spacewalk-common-5.0.3-150600.1.1 updated
- susemanager-tools-5.0.8-150600.1.1 updated
- spacewalk-backend-tools-5.0.8-150600.3.44.7 updated
- spacewalk-setup-5.0.5-150600.1.1 updated
- spacewalk-utils-5.0.4-150600.1.1 updated
- spacewalk-postgresql-5.0.3-150600.1.1 updated
- spacewalk-utils-extras-5.0.4-150600.1.1 updated
- susemanager-5.0.8-150600.1.1 updated
- container:suse-manager-5.0-init-5.0.0-5.0.0-5.19 added
- bea-stax-1.2.0-9.63 removed
- bea-stax-api-1.2.0-9.63 removed
- container:suse-manager-5.0-init-5.0.0-rc-5.0.0-rc-4.59 removed
- geronimo-stax-1_0-api-1.2-150200.15.8.1 removed
- golang-github-lusitaniae-apache_exporter-1.0.0-150000.1.20.1 removed
- isorelax-0.1-150200.11.4.4 removed
- jaxen-1.1.6-150200.12.4.4 removed
- libduktape206-2.6.0-150500.4.5.1 removed
- libproxy1-0.5.3-150600.2.2 removed
- libpxbackend-1_0-0.5.3-150600.2.1 removed
- spacewalk-backend-applet-5.0.6-150600.3.42.13 removed
- ws-jaxme-0.5.2-150200.12.4.3 removed
- xom-1.2b1-150200.12.4.4 removed
- xpp2-2.1.10-150200.11.4.3 removed
More information about the sle-container-updates
mailing list