openSUSE-2024-81 low openSUSE Backports SLE-15-SP6 Update This update for hello ships a testupdate to 15 sp6 backports. hello-2.12.1-bp156.2.2.1.src.rpm hello-2.12.1-bp156.2.2.1.x86_64.rpm hello-debuginfo-2.12.1-bp156.2.2.1.x86_64.rpm hello-debugsource-2.12.1-bp156.2.2.1.x86_64.rpm hello-lang-2.12.1-bp156.2.2.1.noarch.rpm hello-2.12.1-bp156.2.2.1.i586.rpm hello-debuginfo-2.12.1-bp156.2.2.1.i586.rpm hello-debugsource-2.12.1-bp156.2.2.1.i586.rpm hello-2.12.1-bp156.2.2.1.aarch64.rpm hello-debuginfo-2.12.1-bp156.2.2.1.aarch64.rpm hello-debugsource-2.12.1-bp156.2.2.1.aarch64.rpm hello-2.12.1-bp156.2.2.1.ppc64le.rpm hello-debuginfo-2.12.1-bp156.2.2.1.ppc64le.rpm hello-debugsource-2.12.1-bp156.2.2.1.ppc64le.rpm hello-2.12.1-bp156.2.2.1.s390x.rpm hello-debuginfo-2.12.1-bp156.2.2.1.s390x.rpm hello-debugsource-2.12.1-bp156.2.2.1.s390x.rpm openSUSE-2024-155 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 125.0.6422.141 (boo#1225690) * CVE-2024-5493: Heap buffer overflow in WebRTC * CVE-2024-5494: Use after free in Dawn * CVE-2024-5495: Use after free in Dawn * CVE-2024-5496: Use after free in Media Session * CVE-2024-5497: Out of bounds memory access in Keyboard Inputs * CVE-2024-5498: Use after free in Presentation API * CVE-2024-5499: Out of bounds write in Streams API chromedriver-125.0.6422.141-bp156.2.3.1.x86_64.rpm chromium-125.0.6422.141-bp156.2.3.1.src.rpm chromium-125.0.6422.141-bp156.2.3.1.x86_64.rpm chromedriver-125.0.6422.141-bp156.2.3.1.aarch64.rpm chromium-125.0.6422.141-bp156.2.3.1.aarch64.rpm openSUSE-2024-150 moderate openSUSE Backports SLE-15-SP6 Update This update for libhtp fixes the following issues: - CVE-2024-23837: excessive processing time of HTTP headers can lead to denial of service (boo#1220403) libhtp-0.5.42-bp156.3.3.1.src.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.x86_64.rpm libhtp-devel-0.5.42-bp156.3.3.1.x86_64.rpm libhtp2-0.5.42-bp156.3.3.1.x86_64.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.x86_64.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.i586.rpm libhtp-devel-0.5.42-bp156.3.3.1.i586.rpm libhtp2-0.5.42-bp156.3.3.1.i586.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.i586.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.aarch64.rpm libhtp-devel-0.5.42-bp156.3.3.1.aarch64.rpm libhtp2-0.5.42-bp156.3.3.1.aarch64.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.aarch64.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp-devel-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp2-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.s390x.rpm libhtp-devel-0.5.42-bp156.3.3.1.s390x.rpm libhtp2-0.5.42-bp156.3.3.1.s390x.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.s390x.rpm openSUSE-2024-157 important openSUSE Backports SLE-15-SP6 Update This update for nano fixes the following issues: - CVE-2024-5742: Avoid privilege escalations via symlink attacks on emergency save file (boo#1226099) nano-7.2-bp156.3.3.1.src.rpm nano-7.2-bp156.3.3.1.x86_64.rpm nano-debuginfo-7.2-bp156.3.3.1.x86_64.rpm nano-debugsource-7.2-bp156.3.3.1.x86_64.rpm nano-lang-7.2-bp156.3.3.1.noarch.rpm nano-7.2-bp156.3.3.1.i586.rpm nano-debuginfo-7.2-bp156.3.3.1.i586.rpm nano-debugsource-7.2-bp156.3.3.1.i586.rpm nano-7.2-bp156.3.3.1.aarch64.rpm nano-debuginfo-7.2-bp156.3.3.1.aarch64.rpm nano-debugsource-7.2-bp156.3.3.1.aarch64.rpm nano-7.2-bp156.3.3.1.ppc64le.rpm nano-debuginfo-7.2-bp156.3.3.1.ppc64le.rpm nano-debugsource-7.2-bp156.3.3.1.ppc64le.rpm nano-7.2-bp156.3.3.1.s390x.rpm nano-debuginfo-7.2-bp156.3.3.1.s390x.rpm nano-debugsource-7.2-bp156.3.3.1.s390x.rpm openSUSE-2024-163 moderate openSUSE Backports SLE-15-SP6 Update This update for virtme fixes the following issues: - Fix virtiofsd search path virtme-1.25-bp156.2.3.1.noarch.rpm virtme-1.25-bp156.2.3.1.src.rpm openSUSE-2024-164 moderate openSUSE Backports SLE-15-SP6 Update This update for opi fixes the following issues: - Version 5.2.0 * Add config option to reverse option order - Version 5.1.0 * Increase prio from 90 to 70 for packman/openh264 repos - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [boo#1212476] - Version 5.2.0 * Add config option to reverse option order - Version 5.1.0 * Increase prio from 90 to 70 for packman/openh264 repos opi-5.2.0-bp156.2.3.1.noarch.rpm opi-5.2.0-bp156.2.3.1.src.rpm openSUSE-2024-161 moderate openSUSE Backports SLE-15-SP6 Update plasma5-workspace was updated to fix the following issue: - Fixed ksmserver authentication (CVE-2024-36041, boo#1225774). - Fixed a regression introduced by the preceding change (kde#487912, boo#1226110): gmenudbusmenuproxy-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-session-5.27.11-bp156.3.3.1.noarch.rpm plasma5-session-wayland-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-workspace-5.27.11-bp156.3.3.1.src.rpm plasma5-workspace-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-workspace-devel-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-workspace-lang-5.27.11-bp156.3.3.1.noarch.rpm plasma5-workspace-libs-5.27.11-bp156.3.3.1.x86_64.rpm xembedsniproxy-5.27.11-bp156.3.3.1.x86_64.rpm gmenudbusmenuproxy-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-session-wayland-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-workspace-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-workspace-devel-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-workspace-libs-5.27.11-bp156.3.3.1.aarch64.rpm xembedsniproxy-5.27.11-bp156.3.3.1.aarch64.rpm gmenudbusmenuproxy-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-session-wayland-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-workspace-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-workspace-devel-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-workspace-libs-5.27.11-bp156.3.3.1.ppc64le.rpm xembedsniproxy-5.27.11-bp156.3.3.1.ppc64le.rpm openSUSE-2024-159 moderate openSUSE Backports SLE-15-SP6 Update This update for gajim, python-css-parser fixes the following issues: gajim changes: Express python dependencies directly. (boo#1225938) python-css-parser changes: update to 1.0.10 (boo#1225938): * Fix selector specificity calculation for pseudo-classes update to 1.0.9: * replace deprecated use of cgi.parse_header * drop python 3.6 support update to 1.0.8: * Replace removed assertEquals with assertEqual * Upgrade other unittest asserts for clearer error messages * tests: adjust exception string checks for python 3.11 * tests: fix warning about \( and \o being invalid sequences * Fix serialization of unknown rules containing comments - drop relax_error_msg_check.patch (upstream) gajim-1.8.4-bp156.2.3.1.noarch.rpm gajim-1.8.4-bp156.2.3.1.src.rpm gajim-lang-1.8.4-bp156.2.3.1.noarch.rpm python-css-parser-1.0.10-bp156.4.3.1.src.rpm python311-css-parser-1.0.10-bp156.4.3.1.noarch.rpm openSUSE-2024-261 moderate openSUSE Backports SLE-15-SP6 Update This update for vlc fixes the following issues: Update to version 3.0.21: + Decoders: * Improve Opus ambisonic support * Fix some ASS subtitle rendering issues * Fix Opus in MP4 behaviour * Fix VAAPI hw decoding with some drivers + Input: * Add support for HTTP content range handling according to RFC 9110 * Fix some HLS Adaptive Streaming not working in audio-only mode + Video Output: * Super Resolution scaling with AMD GPUs * The D3D11 HDR option can also turn on/off HDR for all sources regardless of the display * Improve subtitles rendering on Apple platforms of notably Asian languages by correcting font fallback lookups + Video Filter: * New AMD VQ Enhancer filter * Add D3D11 option to use NVIDIA TrueHDR to generate HDR from SDR sources + Audio Output: * Fix regression on macOS causing crashes when using audio devices with more than 9 channels + Services Discovery: * Fix exposed UPnP directory URL schemes to be compliant with RFC 3986 + libVLC: * the HWND passed to libvlc_media_player_set_hwnd must have the WS_CLIPCHILDREN style set. * Fix crashes when using caopengllayer + Misc: * Fix various warnings, leaks and potential crashes * Fix security integer overflow in MMS module libvlc5-3.0.21-bp156.2.3.1.x86_64.rpm libvlccore9-3.0.21-bp156.2.3.1.x86_64.rpm vlc-3.0.21-bp156.2.3.1.src.rpm vlc-3.0.21-bp156.2.3.1.x86_64.rpm vlc-codec-fluidsynth-3.0.21-bp156.2.3.1.x86_64.rpm vlc-codec-gstreamer-3.0.21-bp156.2.3.1.x86_64.rpm vlc-devel-3.0.21-bp156.2.3.1.x86_64.rpm vlc-jack-3.0.21-bp156.2.3.1.x86_64.rpm vlc-lang-3.0.21-bp156.2.3.1.noarch.rpm vlc-noX-3.0.21-bp156.2.3.1.x86_64.rpm vlc-opencv-3.0.21-bp156.2.3.1.x86_64.rpm vlc-qt-3.0.21-bp156.2.3.1.x86_64.rpm vlc-vdpau-3.0.21-bp156.2.3.1.x86_64.rpm libvlc5-3.0.21-bp156.2.3.1.aarch64.rpm libvlccore9-3.0.21-bp156.2.3.1.aarch64.rpm vlc-3.0.21-bp156.2.3.1.aarch64.rpm vlc-codec-fluidsynth-3.0.21-bp156.2.3.1.aarch64.rpm vlc-codec-gstreamer-3.0.21-bp156.2.3.1.aarch64.rpm vlc-devel-3.0.21-bp156.2.3.1.aarch64.rpm vlc-jack-3.0.21-bp156.2.3.1.aarch64.rpm vlc-noX-3.0.21-bp156.2.3.1.aarch64.rpm vlc-opencv-3.0.21-bp156.2.3.1.aarch64.rpm vlc-qt-3.0.21-bp156.2.3.1.aarch64.rpm vlc-vdpau-3.0.21-bp156.2.3.1.aarch64.rpm libvlc5-3.0.21-bp156.2.3.1.ppc64le.rpm libvlccore9-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-codec-fluidsynth-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-codec-gstreamer-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-devel-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-jack-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-noX-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-opencv-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-qt-3.0.21-bp156.2.3.1.ppc64le.rpm vlc-vdpau-3.0.21-bp156.2.3.1.ppc64le.rpm openSUSE-2024-171 moderate openSUSE Backports SLE-15-SP6 Update This update for python-python-sql fixes the following issues: - update to 1.5.1: * Use parameter for start and end of WINDOW FRAME * Use parameter for limit and offset - version 1.5.0: * naming scheme broken upstream * Add MERGE query * Support “UPSERT” with ON CONFLICT clause on INSERT query * Remove default escape char on LIKE and ILIKE * Add GROUPING SETS, CUBE, and ROLLUP clauses for GROUP BY. python-python-sql-1.5.1-bp156.2.3.1.src.rpm python311-python-sql-1.5.1-bp156.2.3.1.noarch.rpm openSUSE-2024-168 important openSUSE Backports SLE-15-SP6 Update This update for gdcm fixes the following issues: - CVE-2024-22373: Fixed out-of-bounds write vulnerability in JPEG2000Codec::DecodeByStreamsCommon (boo#1223398). gdcm-3.0.24-bp156.2.4.1.src.rpm gdcm-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-applications-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-devel-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-examples-3.0.24-bp156.2.4.1.x86_64.rpm libgdcm3_0-3.0.24-bp156.2.4.1.x86_64.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.x86_64.rpm python3-gdcm-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-applications-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-devel-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-examples-3.0.24-bp156.2.4.1.aarch64.rpm libgdcm3_0-3.0.24-bp156.2.4.1.aarch64.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.aarch64.rpm python3-gdcm-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-applications-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-devel-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-examples-3.0.24-bp156.2.4.1.ppc64le.rpm libgdcm3_0-3.0.24-bp156.2.4.1.ppc64le.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.ppc64le.rpm python3-gdcm-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-3.0.24-bp156.2.4.1.s390x.rpm gdcm-applications-3.0.24-bp156.2.4.1.s390x.rpm gdcm-devel-3.0.24-bp156.2.4.1.s390x.rpm gdcm-examples-3.0.24-bp156.2.4.1.s390x.rpm libgdcm3_0-3.0.24-bp156.2.4.1.s390x.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.s390x.rpm python3-gdcm-3.0.24-bp156.2.4.1.s390x.rpm openSUSE-2024-173 moderate openSUSE Backports SLE-15-SP6 Update This update for shadowsocks-v2ray-plugin fixes the following issues: Update version to 5.15.1 * Fixed crash (boo#1226385) golang-github-teddysun-v2ray-plugin-5.15.1-bp156.2.3.1.noarch.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.src.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.x86_64.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.i586.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.aarch64.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.ppc64le.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.s390x.rpm openSUSE-2024-166 moderate openSUSE Backports SLE-15-SP6 Update This update for gh fixes the following issues: Update to version 2.51.0: * Gracefully degrade when fetching annotations fails due to 403 (#9113) * replaced deprecated --json-result flag with --format=json in the gh at docstring. * Specify rpm repository to avoid conflicts with community repositories * Add `signer-repo` and `signer-workflow` flags to `gh attestation verify` (#9137) * Ensure signed RPMs have attestations Update to version 2.50.0: * Build completions during release on macos * Add build provenance for gh CLI releases (#9087) * Add integration tests for `gh attestation verify` shared workflow use case (#9107) * Update readme about MacOS pkg * Remove `v` prefix when `pkgmacos` is called * Integrate argument array to remove duplicate code * Added native min os version blocking * Fix distribution.xml + min macos version requirements * Fix directory already exists * Add a `gh variable get FOO` command (#9106) * Add comment to pr diff regex * Update regex in changedFilesNames to handle quoted paths * fix: rename the `Attempts` field to `Attempt`; expose in `gh run view` and `gh run ls` (#8905) * Change minimum build script macOS version * Cleanup pkgmacos build script * Removed redundant specifications * feat: add support for stateReason in `gh pr view` (#9080) * Update choice title * Update pkg title * update generated content for man pages and website * williammartin simplifications * remove no-op if clause that returns 'No Aliases' * Conditionalize references, remove redundant alias * list the various alias permutations for the command and subcommands * Remove TODO and add comment on LoginFlow tests * Comment the purpose of the helper config contract * Test git credentials are configured in LoginFlow * Add HelperConfig contract test and FakeHelperConfig * Inject GitCredentialFlow to LoginFlow as test seam * Removed unused param flagDryRun from upgradeFunc * Added summary TTY message to tests * Added TTY message to summarize checking extension upgrades * Add Helper test for Windows * Add tests for gitcredentials Updater * Fix mistaken git installation error check * Move gitcredentials HelperConfig and add tests * Comment the new gitcredentials package * Comment the git credential flow * Remove unnecessary credential setup private method * Use tighter interface in setup-git * Rename gitcredentials Configure to ConfigureOurs * Make gitcredential helper smarter * Move fetching configured helper into gitcredentials * Extract units for configuring and updating git credential helpers * Implement ExportData to filter json fields * fix: rename fields list * feat: add json output for PR checks * Fix doc bug for gh run watch gh-2.51.0-bp156.2.3.1.src.rpm gh-2.51.0-bp156.2.3.1.x86_64.rpm gh-bash-completion-2.51.0-bp156.2.3.1.noarch.rpm gh-fish-completion-2.51.0-bp156.2.3.1.noarch.rpm gh-zsh-completion-2.51.0-bp156.2.3.1.noarch.rpm gh-2.51.0-bp156.2.3.1.i586.rpm gh-2.51.0-bp156.2.3.1.aarch64.rpm gh-2.51.0-bp156.2.3.1.ppc64le.rpm gh-2.51.0-bp156.2.3.1.s390x.rpm openSUSE-2024-170 moderate openSUSE Backports SLE-15-SP6 Update This update for rubygem-bcrypt_pbkdf fixes the following issues: Updated to version 1.1.1 - see installed CHANGELOG.md ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.x86_64.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.x86_64.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.x86_64.rpm rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.src.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.i586.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.i586.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.i586.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.aarch64.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.aarch64.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.aarch64.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.ppc64le.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.ppc64le.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.ppc64le.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.s390x.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.s390x.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.s390x.rpm openSUSE-2024-174 moderate openSUSE Backports SLE-15-SP6 Update This update for sngrep fixes the following issues: - CVE-2024-35434: heap buffer overflow in rtp_check_packet sngrep-1.8.1-bp156.2.3.1.src.rpm sngrep-1.8.1-bp156.2.3.1.x86_64.rpm sngrep-1.8.1-bp156.2.3.1.i586.rpm sngrep-1.8.1-bp156.2.3.1.aarch64.rpm sngrep-1.8.1-bp156.2.3.1.ppc64le.rpm sngrep-1.8.1-bp156.2.3.1.s390x.rpm openSUSE-2024-193 moderate openSUSE Backports SLE-15-SP6 Update This update for keepassxc fixes the following issues: Update to 2.7.9: - Changes: - Passkeys: Ability to easily remove a passkey from an entry [#10777] - Snap: Use new desktop portal for native messaging integration [#10906] - Fixes: - Improve entry placeholder/reference feature [#10846] - Improve CSV importing when title field isn't specified [#10843] - Improve encrypted Bitwarden importing [#10800] - Improve database settings UX [#10821] - Improve handling of clipboard actions from entry preview [#10810] - Improve group/entry view resize behavior and set sensible defaults [#10641] - Passkeys: Fix incorrect username fill [#10874] - Passkeys: Return additional data to the extension [#10857] - Fix password clear timer inconsistency on unlock view [#10708] - Fix portability check [#10760] - Fix page overflow on HTML exports [#10735] - Fix broken builds when using system provided zxcvbn [#10717] - Fix copy password button when text is selected [#10853] - Fix tab ordering on application settings pages [#10907] - SSH Agent: Fix broken decrypt button [#10638] - Flatpak: Fix configuration settings off-by-one error [#10688] keepassxc-2.7.9-bp156.2.3.1.src.rpm keepassxc-2.7.9-bp156.2.3.1.x86_64.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.x86_64.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.x86_64.rpm keepassxc-lang-2.7.9-bp156.2.3.1.noarch.rpm keepassxc-2.7.9-bp156.2.3.1.aarch64.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.aarch64.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.aarch64.rpm keepassxc-2.7.9-bp156.2.3.1.ppc64le.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.ppc64le.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.ppc64le.rpm keepassxc-2.7.9-bp156.2.3.1.s390x.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.s390x.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.s390x.rpm openSUSE-2024-194 moderate openSUSE Backports SLE-15-SP6 Update This update for keybase-client fixes the following issues: Update to version 6.2.8 * Update client CA * Fix incomplete locking in config file handling. - Update the Image dependency to address CVE-2023-29408 / boo#1213928. This is done via the new update-image-tiff.patch. - Limit parallel test execution as that seems to cause failing builds on OBS that don't occur locally. - Integrate KBFS packages previously build via own source package * Upstream integrated these into the same source. * Also includes adding kbfs-related patches ensure-mount-dir-exists.patch and ensure-service-stop-unmounts-filesystem.patch. - Upgrade Go version used for compilation to 1.19. - Use Systemd unit file from upstream source. kbfs-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-git-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-tool-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm keybase-client-6.2.8-bp156.2.3.1.src.rpm keybase-client-6.2.8-bp156.2.3.1.x86_64.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-6.2.8-bp156.2.3.1.i586.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.i586.rpm kbfs-git-6.2.8-bp156.2.3.1.i586.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.i586.rpm kbfs-tool-6.2.8-bp156.2.3.1.i586.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.i586.rpm keybase-client-6.2.8-bp156.2.3.1.i586.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.i586.rpm kbfs-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-git-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-tool-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm keybase-client-6.2.8-bp156.2.3.1.aarch64.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-git-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-tool-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm keybase-client-6.2.8-bp156.2.3.1.ppc64le.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-6.2.8-bp156.2.3.1.s390x.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm kbfs-git-6.2.8-bp156.2.3.1.s390x.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm kbfs-tool-6.2.8-bp156.2.3.1.s390x.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm keybase-client-6.2.8-bp156.2.3.1.s390x.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm openSUSE-2024-180 moderate openSUSE Backports SLE-15-SP6 Update This update for perl-Test-MockModule fixes the following issues: Update to version 0.178.0: - 6724a30 - Simplify CI workflow - Nicolas R - 1801372 - Multiple improvements - Nicolas R - e97e316 - Add protection to _replace_sub - Nicolas R perl-Test-MockModule-0.178.0-bp156.2.3.1.noarch.rpm perl-Test-MockModule-0.178.0-bp156.2.3.1.src.rpm openSUSE-2024-181 moderate openSUSE Backports SLE-15-SP6 Update This update for perl-Minion fixes the following issues: - updated to 10.29 see /usr/share/doc/packages/perl-Minion/Changes - updated to 10.28 see /usr/share/doc/packages/perl-Minion/Changes 10.28 2023-11-217 - Improved repair and history performance in most cases. 10.27 2023-11-20 - Improved repair performance in cases where there are a lot of finished jobs with dependencies. - updated to 10.26 see /usr/share/doc/packages/perl-Minion/Changes 10.26 2023-11-10 - Added type information to worker status. - Improved workers by calling srand() after starting a new job process. perl-Minion-10.290.0-bp156.3.3.1.noarch.rpm perl-Minion-10.290.0-bp156.3.3.1.src.rpm openSUSE-2024-182 moderate openSUSE Backports SLE-15-SP6 Update This update for perl-Perl-Tidy fixes the following issues: - updated to 20240511 ## 2024 05 11 - The option --valign-signed-numbers, or -vsn is now the default. It was introduced in the previous release has been found to significantly improve the overall appearance of columns of signed and unsigned numbers. See the previous Change Log entry for an example. This will change the formatting in scripts with columns of vertically aligned signed and unsigned numbers. Use -nvsn to turn this option off and avoid this change. - Previously, a line break was made before a short concatenated terminal quoted string, such as "\n", if the previous line had a greater starting indentation. The break is now placed after the short quote. This keeps code a little more compact. For example: # old rule: break before "\n" here because '$name' has more indentation: my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var", $name, "remove", "UNCHECKED" ) . "\n"; # new rule: break after a short terminal quote like "\n" for compactness; my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var", $name, "remove", "UNCHECKED" ) . "\n"; - The option --delete-repeated-commas is now the default. It makes the following checks and changes: - Repeated commas like ',,' are removed with a warning - Repeated fat commas like '=> =>' are removed with a warning - The combination '=>,' produces a warning but is not changed These warnings are only output if --warning-output, or -w, is set. Use --nodelete-repeated-commas, or -ndrc, to retain repeated commas. - The operator ``**=`` now has spaces on both sides by default. Previously, there was no space on the left. This change makes its spacing the same as all other assignment operators. The previous behavior can be obtained with the parameter setting -nwls='**='. - The option --file-size-order, or -fso is now the default. When perltidy is given a list of multiple filenames to process, they are sorted by size and processed in order of increasing size. This can significantly reduce memory usage by Perl. This option has always been used in testing, where typically several jobs each operating on thousands of filenames are running at the same time and competing for system resources. If this option is not wanted for some reason, it can be deactivated with -nfso. - In the option --dump-block-summary, the number of sub arguments indicated for each sub now includes any leading object variable passed with an arrow-operator call. Previously the count would have been decreased by one in this case. This change is needed for compatibility with future updates. - Fix issue git #138 involving -xlp (--extended-line-up-parentheses). When multiple-line quotes and regexes have long secondary lines, these line lengths could influencing some spacing and indentation, but they should not have since perltidy has no control over their indentation. This has been fixed. This will mainly influence code which uses -xlp and has long multi-line quotes. - Add option --minimize-continuation-indentation, -mci (see git #137). This flag allows perltidy to remove continuation indentation in some special cases where it is not really unnecessary. For a simple example, the default formatting for the following snippet is: # perltidy -nmci $self->blurt( "Error: No INPUT definition for type '$type', typekind '" . $type->xstype . "' found" ); The second and third lines are one level deep in a container, and are also statement continuations, so they get indented by the sum of the -i value and the -ci value. If this flag is set, the indentation is reduced by -ci spaces, giving # perltidy -mci $self->blurt( "Error: No INPUT definition for type '$type', typekind '" . $type->xstype . "' found" ); This situation is relatively rare except in code which has long quoted strings and the -nolq flag is also set. This flag is currently off by default, but it could become the default in a future version. - Add options --dump-mismatched-args (or -dma) and --warn-mismatched-arg (or -wma). These options look for and report instances where the number of args expected by a sub appear to differ from the number passed to the sub. The -dump version writes the results for a single file to standard output and exits: perltidy -dma somefile.pl >results.txt The -warn version formats as normal but reports any issues as warnings in the error file: perltidy -wma somefile.pl The -warn version may be customized with the following additional parameters if necessary to avoid needless warnings: --warn-mismatched-arg-types=s (or -wmat=s), --warn-mismatched-arg-exclusion-list=s (or -wmaxl=s), and --warn-mismatched-arg-undercount-cutoff=n (or -wmauc=n). --warn-mismatched-arg-overcount-cutoff=n (or -wmaoc=n). These are explained in the manual. - Add option --valign-wide-equals, or -vwe, for issue git #135. Setting this parameter causes the following assignment operators = **= += *= &= <<= &&= -= /= |= >>= ||= //= .= %= ^= x= to be aligned vertically with the ending = all aligned. For example, here is the default formatting of a snippet of code: $str .= SPACE x $total_pad_count; $str_len += $total_pad_count; $total_pad_count = 0; $str .= $rfields->[$j]; $str_len += $rfield_lengths->[$j]; And here is the same code formatted with -vwe: # perltidy -vwe $str .= SPACE x $total_pad_count; $str_len += $total_pad_count; $total_pad_count = 0; $str .= $rfields->[$j]; $str_len += $rfield_lengths->[$j]; This option currently is off by default to avoid changing existing formatting. - Added control --delete-interbracket-arrows, or -dia, to delete optional hash ref and array ref arrows between brackets as in the following expression (see git #131) return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'}; # perltidy -dia gives: return $self->{'commandline'}{'arg_list'}[0][0]{'hostgroups'}; Added the opposite control --aia-interbracket-arrows, or -aia, to add arrows. So applied to the previous line the arrows are restored: # perltidy -aia return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'}; The manual describes additional controls for adding and deleting just selected interbracket arrows. - updated to 20240202 see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md ## 2024 02 02 - Added --valign-signed-numbers, or -vsn. This improves the appearance of columns of numbers by aligning leading algebraic signs. For example: # perltidy -vsn my $xyz_shield = [ [ -0.060, -0.060, 0. ], [ 0.060, -0.060, 0. ], [ 0.060, 0.060, 0. ], [ -0.060, 0.060, 0. ], [ -0.0925, -0.0925, 0.092 ], [ 0.0925, -0.0925, 0.092 ], [ 0.0925, 0.0925, 0.092 ], [ -0.0925, 0.0925, 0.092 ], ]; # perltidy -nvsn (current DEFAULT) my $xyz_shield = [ [ -0.060, -0.060, 0. ], [ 0.060, -0.060, 0. ], [ 0.060, 0.060, 0. ], [ -0.060, 0.060, 0. ], [ -0.0925, -0.0925, 0.092 ], [ 0.0925, -0.0925, 0.092 ], [ 0.0925, 0.0925, 0.092 ], [ -0.0925, 0.0925, 0.092 ], ]; This new option works well but is currently OFF to allow more testing and fine-tuning. It is expected to be activated in a future release. - Added --dump-mixed-call-parens (-dmcp ) which will dump a list of operators which are sometimes followed by parens and sometimes not. This can be useful for developing a uniform style for selected operators. Issue git #128. For example perltidy -dmcp somefile.pl >out.txt produces lines like this, where the first number is the count of uses with parens, and the second number is the count without parens. k:caller:2:1 k:chomp:3:4 k:close:7:4 - Added --want-call-parens=s (-wcp=s) and --nowant-call-parens=s (-nwcp=s) options which will warn of paren uses which do not match a selected style. The manual has details. But for example, perltidy -wcp='&' somefile.pl will format as normal but warn if any user subs are called without parens. - Added --dump-unusual-variables (-duv) option to dump a list of variables with certain properties of interest. For example perltidy -duv somefile.pl >vars.txt produces a file with lines which look something like 1778:u: my $input_file 6089:r: my $j: reused - see line 6076 The values on the line which are separated by colons are: line number - the number of the line of the input file issue - a single letter indicating the issue, see below variable name - the name of the variable, preceded by a keyword note - an optional note referring to another line The issue is indicated by a letter which may be one of: r: reused variable name s: sigil change but reused bareword p: lexical variable with scope in multiple packages u: unused variable This is very useful for locating problem areas and bugs in code. - Added a related flag --warn-variable-types=string (-wvt=string) option to warn if certain types of variables are found in a script. The types are a space-separated string which may include 'r', 's', and 'p' but not 'u'. For example perltidy -wvt='r s' somefile.pl will check for and warn if any variabls of type 'r', or 's' are seen, but not 'p'. All possible checks may be indicated with a '*' or '1': perltidy -wvt='*' somefile.pl The manual has further details. - All parameters taking integer values are now checked for out-of-range values before processing starts. When a maximum or maximum range is exceeded, the new default behavior is to write a warning message, reset the value to its default setting, and continue. This default behavior can be changed with the new parameter --integer-range-check=n, or -irc=n, as follows: n=0 skip check completely (for stress-testing perltidy only) n=1 reset bad values to defaults but do not issue a warning n=2 reset bad values to defaults and issue a warning [DEFAULT] n=3 stop immediately if any values are out of bounds The settings n=0 and n=1 are mainly useful for testing purposes. - The --dump-block-summary (-dbs) option now includes the number of sub args in the 'type' column. For example, 'sub(9)' indicates a sub with 9 args. Subs whose arg count cannot easily be determined are indicated as 'sub(*)'. The count does not include a leading '$self' or '$class' arg. - Added flag --space-signature-paren=n, or -ssp=n (issue git #125). This flag works the same as the existing flag --space-prototype-paren=n except that it applies to the space before the opening paren of a sub signature instead of a sub prototype. Previously, there was no control over this (a space always occurred). For example, given the following line: sub circle( $xc, $yc, $rad ); The following results can now be obtained, according to the value of n: sub circle( $xc, $yc, $rad ); # n=0 [no space] sub circle( $xc, $yc, $rad ); # n=1 [default; same as input] sub circle ( $xc, $yc, $rad ); # n=2 [space] The spacing in previous versions of perltidy corresponded to n=2 (always a space). The new default value, n=1, will produce a space if and only if there was a space in the input text. - The --dump-block-summary option can report an if-elsif-elsif-.. chain as a single line item with the notation -dbt='elsif3', for example, where the '3' is an integer which specifies the minimum number of elsif blocks required for a chain to be reported. The manual has details. - Fix problem c269, in which the new -ame parameter could incorrectly emit an else block when two elsif blocks were separated by a hanging side comment (a very rare situation). - When braces are detected to be unbalanced, an attempt is made to localize the error by comparing the indentation at closing braces with their actual nesting levels. This can be useful for files which have previously been formatted by perltidy. To illustrate, a test was made in which the closing brace at line 30644 was commented out in a file with a total of over 62000 lines. The new error message is Final nesting depth of '{'s is 1 The most recent un-matched '{' is on line 6858 ... Table of nesting level differences at closing braces. This might help localize brace errors if the file was previously formatted. line: (brace level) - (level expected from old indentation) 30643: 0 30645: 1 Previously, the error file only indicated that the error in this case was somewhere after line 6858, so the new table is very helpful. Closing brace indentation is checked because it is unambiguous and can be done very efficiently. - The -DEBUG option no longer automatically also writes a .LOG file. Use --show-options if the .LOG file is needed. - The run time of this version with all new options in use is no greater than that of the previous version thanks to optimization work. perl-Perl-Tidy-20240511.0.0-bp156.2.3.1.noarch.rpm perl-Perl-Tidy-20240511.0.0-bp156.2.3.1.src.rpm openSUSE-2024-175 moderate openSUSE Backports SLE-15-SP6 Update This update for cockpit fixes the following issues: - disable selinux on leap versions without selinux - set libexec dir to %_libexecdir (boo#1223533) - new version 316: * cockpit.js API: Fix format_bytes() units - new version 315: * Networking: Show additional ports for each firewall zone * Networking: List Firewall active zones when unprivileged * Inline documentation * Support for transient virtual machines * UEFI for virtual machines * Unattended virtual machines installation * Localize times * Better support for various TLS certificate formats * Overview: Add CPU utilization to usage card * Dashboard: Support SSH identity unlocking when adding new machines * SElinux: Introduce an Ansible automation script * Machines: Support 'bridge' type network interfaces * Machines: Support 'bus' type disk configuration cockpit-316-bp156.2.3.1.src.rpm cockpit-316-bp156.2.3.1.x86_64.rpm cockpit-bridge-316-bp156.2.3.1.x86_64.rpm cockpit-devel-316-bp156.2.3.1.x86_64.rpm cockpit-doc-316-bp156.2.3.1.noarch.rpm cockpit-kdump-316-bp156.2.3.1.noarch.rpm cockpit-networkmanager-316-bp156.2.3.1.noarch.rpm cockpit-packagekit-316-bp156.2.3.1.noarch.rpm cockpit-pcp-316-bp156.2.3.1.x86_64.rpm cockpit-selinux-316-bp156.2.3.1.noarch.rpm cockpit-storaged-316-bp156.2.3.1.noarch.rpm cockpit-system-316-bp156.2.3.1.noarch.rpm cockpit-ws-316-bp156.2.3.1.x86_64.rpm cockpit-316-bp156.2.3.1.aarch64.rpm cockpit-bridge-316-bp156.2.3.1.aarch64.rpm cockpit-devel-316-bp156.2.3.1.aarch64.rpm cockpit-pcp-316-bp156.2.3.1.aarch64.rpm cockpit-ws-316-bp156.2.3.1.aarch64.rpm cockpit-316-bp156.2.3.1.ppc64le.rpm cockpit-bridge-316-bp156.2.3.1.ppc64le.rpm cockpit-devel-316-bp156.2.3.1.ppc64le.rpm cockpit-pcp-316-bp156.2.3.1.ppc64le.rpm cockpit-ws-316-bp156.2.3.1.ppc64le.rpm cockpit-316-bp156.2.3.1.s390x.rpm cockpit-bridge-316-bp156.2.3.1.s390x.rpm cockpit-devel-316-bp156.2.3.1.s390x.rpm cockpit-pcp-316-bp156.2.3.1.s390x.rpm cockpit-ws-316-bp156.2.3.1.s390x.rpm openSUSE-2024-176 moderate openSUSE Backports SLE-15-SP6 Update This update for opi fixes the following issues: - Version 5.2.1 * Update freeoffice.py opi-5.2.1-bp156.2.6.1.noarch.rpm opi-5.2.1-bp156.2.6.1.src.rpm openSUSE-2024-177 moderate openSUSE Backports SLE-15-SP6 Update This update for mygnuhealth fixes the following issues: - version 2.2.0 * Support for Kivy 2.3.0 * Localization. MyGNUHealth now has support for different languages. English, Spanish and Chinese are available to use, and French, German, Italian are ready to be translated. There will be a translation component for MyGNUHealth at Codeberg's Weblate instance. * Bluetooth functionality: Starting with MyGH series 2.2 we provide bluetooth integration for open compatible devices and health trackers. We include the link with the Pinetime Smartwatch (experimental) and the possibility to link to any open hardware device (glucometer, scales, blood pressure monitors, .. ). We need to get a list of available medical devices that respect our privacy and freedom, so let us know of any! * Charts now allow to select date ranges with calendar widgets The Book of Life have a revised format for the pages. The charts have been improved in the format and include x axis labels. mygnuhealth-2.2.0-bp156.2.3.1.src.rpm mygnuhealth-2.2.0-bp156.2.3.1.x86_64.rpm mygnuhealth-2.2.0-bp156.2.3.1.aarch64.rpm mygnuhealth-2.2.0-bp156.2.3.1.ppc64le.rpm mygnuhealth-2.2.0-bp156.2.3.1.s390x.rpm openSUSE-2024-178 moderate openSUSE Backports SLE-15-SP6 Update This update for python-Routes fixes the following issues: - update to 2.5.1: * Add compatibility for Python 3.7+. * Add graceful fallback for invalid character encoding from request object. * Enhanced performance for matching routes that share the same static prefix. * Fixed issue with child routes not passing route conditions to the Mapper.connect call. * Fixed documentation to reflect default value for minimization. * Allow backslash to escape special characters in route paths. * Resolve invalid escape sequences. * Remove support for Python 2.6, 3.3, and 3.4. * Remove obsolete Python 2.3 compat code. - update to 2.4.1: * Release as a universal wheel. PR #75. * Convert readthedocs links for their .org -> .io migration for hosted projects. - update to 2.3.1: * Backwards compatability fix - connect should work with mandatory routename and optional path. Patch by Davanum Srinivas (PR #65). * Fix sub_domain equivalence check. Patch by Nikita Uvarov * Add support for protocol-relative URLs generation (i.e. starting with double slash ``//``). PR #60. Patch by Sviatoslav Sydorenko. * Add support for the ``middleware`` extra requirement, making possible to depend on ``webob`` optionally. PR #59. Patch by Sviatoslav Sydorenko. * Fix matching of an empty string route, which led to exception in earlier versions. PR #58. Patch by Sviatoslav Sydorenko. * Add support for the ``requirements`` option when using mapper.resource to create routes. PR #57. Patch by Sean Dague. * Concatenation fix when using submappers with path prefixes. Multiple submappers combined the path prefix inside the controller argument in non-obvious ways. The controller argument will now be properly carried through when using submappers. PR #28. - update to 2.2: * Fix Python 3 support. Patch by Victor Stinner. - update to 2.1: * Fix 3 other route matching groups in route.py to use anonymous groups for optional sections to avoid exceeding regex limits. Fixes #15. * Printing a mapper now includes the Controller/action parameters from the route. Fixes #11. * Fix regression that didn't allow passing in params 'host', 'protocol', or 'anchor'. They can now be passed in with a trailing '_' as was possible before commit d1d1742903fa5ca24ef848a6ae895303f2661b2a. Fixes #7. * URL generation with/without SCRIPT_NAME was resulting in the URL cache failing to return the appropriate cached URL generation. The URL cache should always include the SCRIPT_NAME, even if its empty, in the cache to avoid this, and now does. Fixes #6. * Extract Route creation into separate method in Mapper. Subclasses of Route can be created by Mappers now. * Use the first X_FORWARDED_FOR value if there are multiple proxies in the path. Fixes #5. * Python 3.2/3.3 Support. Fixes Issue #2. Thanks to Alejandro Sánchez for the pull request! - Update to version 1.13: * Fix bug with dots forcing extension by default. The portion with the dot can now be recognized. Patch by Michael Basnight. python-Routes-2.5.1-bp156.2.1.src.rpm python3-Routes-2.5.1-bp156.2.1.noarch.rpm openSUSE-2024-184 moderate openSUSE Backports SLE-15-SP6 Update This update for python-guessit, python-rebulk fixes the following issues: python-guessit: - Raise version requirement for python-rebulk (fixes boo#1226826) python-rebulk: - Update to version 3.2.0 Features: * dependencies: Add python 3.11 support and drop python 3.6 support. Fixes: * Remove pytest-runner from setup_requires. python-guessit-3.8.0-bp156.2.3.1.src.rpm python3-guessit-3.8.0-bp156.2.3.1.noarch.rpm python-rebulk-3.2.0-bp156.4.3.1.src.rpm python3-rebulk-3.2.0-bp156.4.3.1.noarch.rpm openSUSE-2024-191 moderate openSUSE Backports SLE-15-SP6 Update This update for wg-info fixes the following issues: * Fix regex escaping wg-info-20240702.9b5c479-bp156.2.3.1.noarch.rpm wg-info-20240702.9b5c479-bp156.2.3.1.src.rpm openSUSE-2024-188 moderate openSUSE Backports SLE-15-SP6 Update This update for tryton, trytond, trytond_account, trytond_account_invoice, trytond_currency, trytond_purchase fixes the following issues: Changes in trytond_purchase: - Version 6.0.16 - Bugfix Release Changes in trytond_currency: - Version 6.0.6 - Bugfix Release Changes in trytond_account_invoice: - Version 6.0.18 - Bugfix Release Changes in trytond_account: - Version 6.0.26 - Bugfix Release Changes in trytond: - Version 6.0.48 - Bugfix Release Changes in tryton: - Version 6.0.40 - Bugfix Release tryton-6.0.40-bp156.2.3.1.noarch.rpm tryton-6.0.40-bp156.2.3.1.src.rpm trytond-6.0.48-bp156.2.3.1.noarch.rpm trytond-6.0.48-bp156.2.3.1.src.rpm trytond_account-6.0.26-bp156.2.3.1.noarch.rpm trytond_account-6.0.26-bp156.2.3.1.src.rpm trytond_account_invoice-6.0.18-bp156.2.3.1.noarch.rpm trytond_account_invoice-6.0.18-bp156.2.3.1.src.rpm trytond_currency-6.0.6-bp156.4.3.1.noarch.rpm trytond_currency-6.0.6-bp156.4.3.1.src.rpm trytond_purchase-6.0.16-bp156.2.3.1.noarch.rpm trytond_purchase-6.0.16-bp156.2.3.1.src.rpm openSUSE-2024-189 moderate openSUSE Backports SLE-15-SP6 Update This update for mtail fixes the following issues: - Adjust system call filter for Leap 15.6 mtail-3.0.0rc51-bp156.4.3.1.src.rpm mtail-3.0.0rc51-bp156.4.3.1.x86_64.rpm mtail-3.0.0rc51-bp156.4.3.1.i586.rpm mtail-3.0.0rc51-bp156.4.3.1.aarch64.rpm mtail-3.0.0rc51-bp156.4.3.1.ppc64le.rpm mtail-3.0.0rc51-bp156.4.3.1.s390x.rpm openSUSE-2024-195 moderate openSUSE Backports SLE-15-SP6 Update This update for afl fixes the following issues: Updated to 4.21c: * afl-fuzz - fixed a regression in afl-fuzz that resulted in a 5-10% performace loss do a switch from gettimeofday() to clock_gettime() which should be rather three times faster. The reason for this is unknown. - new queue selection algorithm based on 2 core years of queue data analysis. gives a noticable improvement on coverage although the results seem counterintuitive :-) - added AFL_DISABLE_REDUNDANT for huge queues - added `AFL_NO_SYNC` environment variable that does what you think it does - fix AFL_PERSISTENT_RECORD - run custom_post_process after standard trimming - prevent filenames in the queue that have spaces - minor fix for FAST schedules - more frequent stats update when syncing (todo: check performance impact) - now timing of calibration, trimming and syncing is measured seperately, thanks to @eqv! - -V timing is now accurately the fuzz time (without syncing), before long calibration times and syncing could result in now fuzzing being made when the time was already run out until then, thanks to @eqv! - fix -n uninstrumented mode when ending fuzzing - enhanced the ASAN configuration - make afl-fuzz use less memory with cmplog and fix a memleak * afl-cc: - re-enable i386 support that was accidently disabled - fixes for LTO and outdated afl-gcc mode for i386 - fix COMPCOV split compare for old LLVMs - disable xml/curl/g_ string transform functions because we do not check for null pointers ... TODO - ensure shared memory variables are visible in weird build setups - compatability to new LLVM 19 changes * afl-cmin - work with input files that have a space * afl-showmap - fix memory leak on shmem testcase usage (thanks to @ndrewh) - minor fix to collect coverage -C (thanks to @bet4it) * Fixed a shmem mmap bug (that rarely came up on MacOS) * libtokencap: script generate_libtoken_dict.sh added by @a-shvedov Updated to 4.20c: + A new forkserver communication model is now introduced. afl-fuzz is backward compatible to old compiled targets if they are not built for CMPLOG/Redqueen, but new compiled targets will not work with old afl-fuzz versions! + Recompile all targets that are instrumented for CMPLOG/Redqueen! - AFL++ now supports up to 4 billion coverage edges, up from 6 million. - New compile option: `make PERFORMANCE=1` - this will enable special CPU dependent optimizations that make everything more performant - but the binaries will likely won't work on different platforms. Also enables a faster hasher if the CPU requirements are met. - The persistent record feature (see config.h) was expanded to also support replay, thanks to @quarta-qti ! - afl-fuzz: - the new deterministic fuzzing feature is now activated by default, deactivate with -z. Parameters -d and -D are ignored. - small improvements to CMPLOG/redqueen - workround for a bug with MOpt -L when used with -M - in the future we will either remove or rewrite MOpt. - fix for `-t xxx+` feature - -e extension option now saves the queue items, crashes, etc. with the extension too - fixes for trimmming, correct -V time and reading stats on resume by eqv thanks a lot! - afl-cc: - added collision free caller instrumentation to LTO mode. activate with `AFL_LLVM_LTO_CALLER=1`. You can set a max depth to go through single block functions with `AFL_LLVM_LTO_CALLER_DEPTH` (default 0) - fixes for COMPCOV/LAF and most other modules - fix for GCC_PLUGIN cmplog that broke on std::strings - afl-whatsup: - now also displays current average speed - small bugfixes - Fixes for aflpp custom mutator and standalone tool - Minor edits to afl-persistent-config - Prevent temporary files being left behind on aborted afl-whatsup - More CPU benchmarks added to benchmark/ Updated to 4.10c: - afl-fuzz: - default power schedule is now EXPLORE, due a fix in fast schedules explore is slightly better now. - fixed minor issues in the mutation engine, thanks to @futhewo for reporting! - better deterministic fuzzing is now available, benchmarks have shown to improve fuzzing. Enable with -D. Thanks to @kdsjZh for the PR! - afl-cc: - large rewrite by @SonicStark which fixes a few corner cases, thanks! - LTO mode now requires llvm 12+ - workaround for ASAN with gcc_plugin mode - instrumentation: - LLVM 18 support, thanks to @devnexen! - Injection (SQL, LDAP, XSS) fuzzing feature now available, see `instrumentation/README.injections.md` how to activate/use/expand. - compcov/LAF-intel: - floating point splitting bug fix by @hexcoder - due a bug in LLVM 17 integer splitting is disabled there! - when splitting floats was selected, integers were always split as well, fixed to require AFL_LLVM_LAF_SPLIT_COMPARES or _ALL as it should - dynamic instrumentation filtering for LLVM NATIVE, thanks @Mozilla! see utils/dynamic_covfilter/README.md - qemu_mode: - plugins are now activated by default and a new module is included that produces drcov compatible traces for lighthouse/lightkeeper/... thanks to @JRomainG to submitting! - updated Nyx checkout (fixes a bug) and some QOL - updated the custom grammar mutator - document afl-cmin does not work on macOS (but afl-cmin.bash does) afl-4.21c-bp156.2.3.1.src.rpm afl-4.21c-bp156.2.3.1.x86_64.rpm afl-4.21c-bp156.2.3.1.i586.rpm afl-4.21c-bp156.2.3.1.aarch64.rpm afl-4.21c-bp156.2.3.1.ppc64le.rpm afl-4.21c-bp156.2.3.1.s390x.rpm openSUSE-2024-196 moderate openSUSE Backports SLE-15-SP6 Update This update for tpm-fido fixes the following issues: - Require system-user-tss for tss group - Ensure uhid module is loaded on boot so udev will set permissions tpm-fido-20230621.5f8828b-bp156.2.3.1.src.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.x86_64.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.i586.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.aarch64.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.ppc64le.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.s390x.rpm openSUSE-2024-206 moderate openSUSE Backports SLE-15-SP6 Update This update for cockpit fixes the following issues: - new version 320: * pam-ssh-add: Fix insecure killing of session ssh-agent (boo#1226040, CVE-2024-6126) - changes in older versions: * Storage: Btrfs snapshots * Podman: Add image pull action * Files: Bookmark support * webserver: System user changes * Metrics: Grafana setup now prefers Valkey - Invalid json against the storaged manifest boo#1227299 cockpit-320-bp156.2.6.3.src.rpm cockpit-320-bp156.2.6.3.x86_64.rpm cockpit-bridge-320-bp156.2.6.3.x86_64.rpm cockpit-devel-320-bp156.2.6.3.x86_64.rpm cockpit-doc-320-bp156.2.6.3.noarch.rpm cockpit-kdump-320-bp156.2.6.3.noarch.rpm cockpit-networkmanager-320-bp156.2.6.3.noarch.rpm cockpit-packagekit-320-bp156.2.6.3.noarch.rpm cockpit-pcp-320-bp156.2.6.3.x86_64.rpm cockpit-selinux-320-bp156.2.6.3.noarch.rpm cockpit-storaged-320-bp156.2.6.3.noarch.rpm cockpit-system-320-bp156.2.6.3.noarch.rpm cockpit-ws-320-bp156.2.6.3.x86_64.rpm cockpit-320-bp156.2.6.3.aarch64.rpm cockpit-bridge-320-bp156.2.6.3.aarch64.rpm cockpit-devel-320-bp156.2.6.3.aarch64.rpm cockpit-pcp-320-bp156.2.6.3.aarch64.rpm cockpit-ws-320-bp156.2.6.3.aarch64.rpm cockpit-320-bp156.2.6.3.ppc64le.rpm cockpit-bridge-320-bp156.2.6.3.ppc64le.rpm cockpit-devel-320-bp156.2.6.3.ppc64le.rpm cockpit-pcp-320-bp156.2.6.3.ppc64le.rpm cockpit-ws-320-bp156.2.6.3.ppc64le.rpm cockpit-320-bp156.2.6.3.s390x.rpm cockpit-bridge-320-bp156.2.6.3.s390x.rpm cockpit-devel-320-bp156.2.6.3.s390x.rpm cockpit-pcp-320-bp156.2.6.3.s390x.rpm cockpit-ws-320-bp156.2.6.3.s390x.rpm openSUSE-2024-200 moderate openSUSE Backports SLE-15-SP6 Update This update for obs-service-download_url fixes the following issues: Update to version 0.2.1: * CVE-2024-22033: fixed argument parsing option injection (boo#1227203) obs-service-download_url-0.2.1-bp156.2.3.1.noarch.rpm obs-service-download_url-0.2.1-bp156.2.3.1.src.rpm openSUSE-2024-270 moderate openSUSE Backports SLE-15-SP6 Update This update for AusweisApp fixes the following issues: Version 2.1.1 - Visual adjustments and optimization of the graphical user interface. - Fixed rarely occurring problems in connection with the browser used. - Textual adjustments. - Fixed READER messages in the SDK when using unknown cards or when the connection to the card is unstable. Version 2.1.0 - Visual adjustments and optimization of the graphical user interface. - Improved detection of system language on macOS. - Removed the five minutes time limit for password entry when the ID card is placed on the reader. - Fixed display of changed device names when using "Smartphone as card reader". - Add an option to disable animations. - Fixed the behavior of "Smartphone as card reader" with activated password entry when using a PUK. - Fixed of the connection test with a password-protected proxy in the diagnostics on desktop systems. - Drop support for macOS 11 Big Sur. - Fixed processing of certificates with CAv3 extension. - Unified documentation for installation and integration. - Update of OpenSSL to version 3.1.5. Version 2.0.3 - Fixed crash on macOS 11. - Fixed missing German translation. - Fixed display of release notes. Version 2.0.2 - Avoid showing hints to the PIN reset service. Version 2.0.1 - Fixed an issue where settings were not saved on iOS and macOS. - Fixed entitlements on macOS. Version 2.0.0 - Renamed AusweisApp2 to AusweisApp. - Completely revised graphical user interface. - Dark mode is now supported on all platforms. - The display in landscape mode has been optimized and is now set automatically. - System font and size are now honored by the app. - Optimized usability of the title bar. - Online help is no longer available. - The provider list is no longer integrated in AusweisApp but can now be accessed via the AusweisApp website. - History of authentication processes has been removed. - The PDF export function for personal data has been removed. AusweisApp-2.1.1-bp156.2.1.src.rpm AusweisApp-2.1.1-bp156.2.1.x86_64.rpm AusweisApp-2.1.1-bp156.2.1.aarch64.rpm AusweisApp-2.1.1-bp156.2.1.ppc64le.rpm AusweisApp-2.1.1-bp156.2.1.s390x.rpm openSUSE-2024-202 moderate openSUSE Backports SLE-15-SP6 Update This update for Botan fixes the following issues: Update to 2.19.5: * Fix multiple Denial of service attacks due to X.509 cert processing: * CVE-2024-34702 - boo#1227238 * CVE-2024-34703 - boo#1227607 * CVE-2024-39312 - boo#1227608 * Fix a crash in OCB * Fix a test failure in compression with certain versions of zlib * Fix some iterator debugging errors in TLS CBC decryption. * Avoid a miscompilation in ARIA when using XCode 14 Botan-2.19.5-bp156.3.3.1.src.rpm Botan-2.19.5-bp156.3.3.1.x86_64.rpm Botan-doc-2.19.5-bp156.3.3.1.noarch.rpm libbotan-2-19-2.19.5-bp156.3.3.1.x86_64.rpm libbotan-devel-2.19.5-bp156.3.3.1.x86_64.rpm python3-botan-2.19.5-bp156.3.3.1.x86_64.rpm Botan-2.19.5-bp156.3.3.1.i586.rpm libbotan-2-19-2.19.5-bp156.3.3.1.i586.rpm libbotan-2-19-32bit-2.19.5-bp156.3.3.1.x86_64.rpm libbotan-devel-2.19.5-bp156.3.3.1.i586.rpm libbotan-devel-32bit-2.19.5-bp156.3.3.1.x86_64.rpm python3-botan-2.19.5-bp156.3.3.1.i586.rpm Botan-2.19.5-bp156.3.3.1.aarch64.rpm libbotan-2-19-2.19.5-bp156.3.3.1.aarch64.rpm libbotan-2-19-64bit-2.19.5-bp156.3.3.1.aarch64_ilp32.rpm libbotan-devel-2.19.5-bp156.3.3.1.aarch64.rpm libbotan-devel-64bit-2.19.5-bp156.3.3.1.aarch64_ilp32.rpm python3-botan-2.19.5-bp156.3.3.1.aarch64.rpm Botan-2.19.5-bp156.3.3.1.ppc64le.rpm libbotan-2-19-2.19.5-bp156.3.3.1.ppc64le.rpm libbotan-devel-2.19.5-bp156.3.3.1.ppc64le.rpm python3-botan-2.19.5-bp156.3.3.1.ppc64le.rpm Botan-2.19.5-bp156.3.3.1.s390x.rpm libbotan-2-19-2.19.5-bp156.3.3.1.s390x.rpm libbotan-devel-2.19.5-bp156.3.3.1.s390x.rpm python3-botan-2.19.5-bp156.3.3.1.s390x.rpm openSUSE-2024-207 moderate openSUSE Backports SLE-15-SP6 Update This update for orthanc-ohif fixes the following issues: Version 1.3: * Updated OHIF to 3.8.3 * Enabled support for segmentation and microscopy modes Note that the microscopy mode is not stable yet in OHIF! * Fixed wrong MIME type for app-config.js that prevents the OHIF viewer from loading with Orthanc 1.12.2 orthanc-ohif-1.3-bp156.2.3.1.src.rpm orthanc-ohif-1.3-bp156.2.3.1.x86_64.rpm orthanc-ohif-1.3-bp156.2.3.1.aarch64.rpm orthanc-ohif-1.3-bp156.2.3.1.ppc64le.rpm orthanc-ohif-1.3-bp156.2.3.1.s390x.rpm openSUSE-2024-204 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933) * CVE-2024-6290: Use after free in Dawn * CVE-2024-6291: Use after free in Swiftshader * CVE-2024-6292: Use after free in Dawn * CVE-2024-6293: Use after free in Dawn * CVE-2024-6100: Type Confusion in V8 * CVE-2024-6101: Inappropriate implementation in WebAssembly * CVE-2024-6102: Out of bounds memory access in Dawn * CVE-2024-6103: Use after free in Dawn * CVE-2024-5830: Type Confusion in V8 * CVE-2024-5831: Use after free in Dawn * CVE-2024-5832: Use after free in Dawn * CVE-2024-5833: Type Confusion in V8 * CVE-2024-5834: Inappropriate implementation in Dawn * CVE-2024-5835: Heap buffer overflow in Tab Groups * CVE-2024-5836: Inappropriate Implementation in DevTools * CVE-2024-5837: Type Confusion in V8 * CVE-2024-5838: Type Confusion in V8 * CVE-2024-5839: Inappropriate Implementation in Memory Allocator * CVE-2024-5840: Policy Bypass in CORS * CVE-2024-5841: Use after free in V8 * CVE-2024-5842: Use after free in Browser UI * CVE-2024-5843: Inappropriate implementation in Downloads * CVE-2024-5844: Heap buffer overflow in Tab Strip * CVE-2024-5845: Use after free in Audio * CVE-2024-5846: Use after free in PDFium * CVE-2024-5847: Use after free in PDFium - Amend fix_building_widevinecdm_with_chromium.patch to allow Widevine on ARM64 (boo#1226170) chromedriver-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromedriver-debuginfo-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromium-126.0.6478.126-bp156.2.6.1.src.rpm chromium-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromium-debuginfo-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromedriver-126.0.6478.126-bp156.2.6.1.aarch64.rpm chromedriver-debuginfo-126.0.6478.126-bp156.2.6.1.aarch64.rpm chromium-126.0.6478.126-bp156.2.6.1.aarch64.rpm chromium-debuginfo-126.0.6478.126-bp156.2.6.1.aarch64.rpm openSUSE-2024-203 critical openSUSE Backports SLE-15-SP6 Update This update for znc fixes the following issues: Update to 1.9.1 (boo#1227393, CVE-2024-39844) * This is a security release to fix CVE-2024-39844: remote code execution vulnerability in modtcl. To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all. * Improve tooltips in webadmin. znc-1.9.1-bp156.2.3.1.src.rpm znc-1.9.1-bp156.2.3.1.x86_64.rpm znc-devel-1.9.1-bp156.2.3.1.x86_64.rpm znc-lang-1.9.1-bp156.2.3.1.noarch.rpm znc-perl-1.9.1-bp156.2.3.1.x86_64.rpm znc-python3-1.9.1-bp156.2.3.1.x86_64.rpm znc-tcl-1.9.1-bp156.2.3.1.x86_64.rpm znc-1.9.1-bp156.2.3.1.i586.rpm znc-devel-1.9.1-bp156.2.3.1.i586.rpm znc-perl-1.9.1-bp156.2.3.1.i586.rpm znc-python3-1.9.1-bp156.2.3.1.i586.rpm znc-tcl-1.9.1-bp156.2.3.1.i586.rpm znc-1.9.1-bp156.2.3.1.aarch64.rpm znc-devel-1.9.1-bp156.2.3.1.aarch64.rpm znc-perl-1.9.1-bp156.2.3.1.aarch64.rpm znc-python3-1.9.1-bp156.2.3.1.aarch64.rpm znc-tcl-1.9.1-bp156.2.3.1.aarch64.rpm znc-1.9.1-bp156.2.3.1.ppc64le.rpm znc-devel-1.9.1-bp156.2.3.1.ppc64le.rpm znc-perl-1.9.1-bp156.2.3.1.ppc64le.rpm znc-python3-1.9.1-bp156.2.3.1.ppc64le.rpm znc-tcl-1.9.1-bp156.2.3.1.ppc64le.rpm znc-1.9.1-bp156.2.3.1.s390x.rpm znc-devel-1.9.1-bp156.2.3.1.s390x.rpm znc-perl-1.9.1-bp156.2.3.1.s390x.rpm znc-python3-1.9.1-bp156.2.3.1.s390x.rpm znc-tcl-1.9.1-bp156.2.3.1.s390x.rpm openSUSE-2024-212 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 126.0.6478.182 (boo#1227979): - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Use after free in Screen Capture - CVE-2024-6775: Use after free in Media Stream - CVE-2024-6776: Use after free in Audio - CVE-2024-6777: Use after free in Navigation - CVE-2024-6778: Race in DevTools - CVE-2024-6779: Out of bounds memory access in V8 chromedriver-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromedriver-debuginfo-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromium-126.0.6478.182-bp156.2.11.1.src.rpm chromium-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromium-debuginfo-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromedriver-126.0.6478.182-bp156.2.11.1.aarch64.rpm chromedriver-debuginfo-126.0.6478.182-bp156.2.11.1.aarch64.rpm chromium-126.0.6478.182-bp156.2.11.1.aarch64.rpm chromium-debuginfo-126.0.6478.182-bp156.2.11.1.aarch64.rpm openSUSE-2024-209 moderate openSUSE Backports SLE-15-SP6 Update This update for cobbler fixes the following issues: - Update to 3.3.6 * Upstream all openSUSE specific patches that were maintained in Git * Fix rename of items that had uppercase letters * Skip inconsistent collections instead of crashing the daemon - Update to 3.3.5 * Added collection indicies for UUID's, MAC's, IP addresses and hostnames (boo#1219933) * Re-added to_dict() caching * Added lazy loading for the daemon (off by default) - Update to 3.3.4 * Added cobbler-tests-containers subpackage * Updated the distro_signatures.json database * The default name for grub2-efi changed to grubx64.efi to match the DHCP template cobbler-3.3.6-bp156.2.3.1.noarch.rpm cobbler-3.3.6-bp156.2.3.1.src.rpm cobbler-tests-3.3.6-bp156.2.3.1.noarch.rpm cobbler-tests-containers-3.3.6-bp156.2.3.1.noarch.rpm openSUSE-2024-210 important openSUSE Backports SLE-15-SP6 Update This update for global fixes the following issues: - CVE-2024-38448: htags may allow code execution via untrusted dbpath (boo#1226420) global-6.6.9-bp156.3.3.1.src.rpm global-6.6.9-bp156.3.3.1.x86_64.rpm global-debuginfo-6.6.9-bp156.3.3.1.x86_64.rpm global-debugsource-6.6.9-bp156.3.3.1.x86_64.rpm global-6.6.9-bp156.3.3.1.i586.rpm global-debuginfo-6.6.9-bp156.3.3.1.i586.rpm global-debugsource-6.6.9-bp156.3.3.1.i586.rpm global-6.6.9-bp156.3.3.1.aarch64.rpm global-debuginfo-6.6.9-bp156.3.3.1.aarch64.rpm global-debugsource-6.6.9-bp156.3.3.1.aarch64.rpm global-6.6.9-bp156.3.3.1.ppc64le.rpm global-debuginfo-6.6.9-bp156.3.3.1.ppc64le.rpm global-debugsource-6.6.9-bp156.3.3.1.ppc64le.rpm global-6.6.9-bp156.3.3.1.s390x.rpm global-debuginfo-6.6.9-bp156.3.3.1.s390x.rpm global-debugsource-6.6.9-bp156.3.3.1.s390x.rpm openSUSE-2024-213 moderate openSUSE Backports SLE-15-SP6 Update This update for robin-map fixes the following issues: Update to version 1.3.0: * Add erase_fast(iterator pos) method which in contrast to erase(iterator pos) doesn't return an iterator, avoiding the cost of looking for the next element after erasure of the element at iterator pos. Changes of version 1.2.2: * Specify library version & versioning rules in headers * Mark error_message in numeric_cast as unused to avoid compiler warning in some cases * Remove support for CMake < 3.3 robin-map-1.3.0-bp156.2.3.1.src.rpm robin-map-devel-1.3.0-bp156.2.3.1.noarch.rpm openSUSE-2024-215 moderate openSUSE Backports SLE-15-SP6 Update This update for python-sentry-sdk fixes the following issues: - CVE-2024-40647: Do not leak environment variables to child processes. (bsc#1228128) python-sentry-sdk-0.14.4-bp156.4.3.1.src.rpm python3-sentry-sdk-0.14.4-bp156.4.3.1.noarch.rpm openSUSE-2024-216 moderate openSUSE Backports SLE-15-SP6 Update This update for deepin-branding-openSUSE fixes the following issues: - Update default wallpaper (boo#1228113) deepin-branding-openSUSE-15.4-bp156.5.3.1.src.rpm deepin-desktop-schemas-branding-openSUSE-15.4-bp156.5.3.1.noarch.rpm deepin-launcher-branding-openSUSE-15.4-bp156.5.3.1.noarch.rpm openSUSE-2024-225 moderate openSUSE Backports SLE-15-SP6 Update This update for assimp fixes the following issues: - CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class (boo#1228142), assimp-5.3.1-bp156.3.3.1.src.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.x86_64.rpm assimp-debugsource-5.3.1-bp156.3.3.1.x86_64.rpm assimp-devel-5.3.1-bp156.3.3.1.x86_64.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.x86_64.rpm libassimp5-5.3.1-bp156.3.3.1.x86_64.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.x86_64.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.aarch64.rpm assimp-debugsource-5.3.1-bp156.3.3.1.aarch64.rpm assimp-devel-5.3.1-bp156.3.3.1.aarch64.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.aarch64.rpm libassimp5-5.3.1-bp156.3.3.1.aarch64.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.aarch64.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-debugsource-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-devel-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.ppc64le.rpm libassimp5-5.3.1-bp156.3.3.1.ppc64le.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.s390x.rpm assimp-debugsource-5.3.1-bp156.3.3.1.s390x.rpm assimp-devel-5.3.1-bp156.3.3.1.s390x.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.s390x.rpm libassimp5-5.3.1-bp156.3.3.1.s390x.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.s390x.rpm openSUSE-2024-226 moderate openSUSE Backports SLE-15-SP6 Update This update for gh fixes the following issues: Update to version 2.53.0: * CVE-2024-6104: gh: hashicorp/go-retryablehttp: url might write sensitive information to log file (boo#1227035) * Disable `TestGetTrustedRoot/successfully_verifies_TUF_root` test due to https://github.com/cli/cli/issues/8928 * Rename package directory and files * Rename package name to `update_branch` * Rename `gh pr update` to `gh pr update-branch` * Add test case for merge conflict error * Handle merge conflict error * Return error if PR is not mergeable * Replace literals with consts for `Mergeable` field values * Add separate type for `PullRequest.Mergeable` field * Remove unused flag * Print message on stdout instead of stderr * Raise error if editor is used in non-tty mode * Add tests for JSON field support on issue and pr view commands * docs: Update documentation for `gh repo create` to clarify owner * Ensure PR does not panic when stateReason is requested * Enable to use --web even though editor is enabled by config * Add editor hint message * Use prefer_editor_prompt config by `issue create` * Add prefer_editor_prompt config * Add `issue create --editor` * Update create.go * gh attestation trusted-root subcommand (#9206) * Fetch variable selected repo relationship when required * Add `createdAt` field to tests * Add `createdAt` field to `Variable` type * Add test for exporting as JSON * Add test for JSON output * Only populate selected repo information for JSON output * Add test to verify JSON exporter gets set * Add `--json` option support * Use `Variable` type defined in `shared` package * Add tests for JSON output * Move `Variable` type and `PopulateSelectedRepositoryInformation` func to shared * Fix query parameter name * Update tests to account for ref comparison step * Improve query variable names * Check if PR branch is already up-to-date * Add `ComparePullRequestBaseBranchWith` function * Run `go mod tidy` * Add test to verify `--repo` requires non-empty selector * Require non-empty selector when `--repo` override is used * Run `go mod tidy` * Register `update` command * Add tests for `pr update` command * Add `pr update` command * Add `UpdatePullRequestBranch` method * Upgrade `shurcooL/githubv4` Update to version 2.52.0: * Attestation Verification - Buffer Fix * Remove beta note from attestation top level command * Removed beta note from `gh at download`. * Removed beta note from `gh at verify`, clarified reusable workflows use case. * add `-a` flag to `gh run list` gh-2.53.0-bp156.2.6.1.src.rpm gh-2.53.0-bp156.2.6.1.x86_64.rpm gh-bash-completion-2.53.0-bp156.2.6.1.noarch.rpm gh-fish-completion-2.53.0-bp156.2.6.1.noarch.rpm gh-zsh-completion-2.53.0-bp156.2.6.1.noarch.rpm gh-2.53.0-bp156.2.6.1.i586.rpm gh-2.53.0-bp156.2.6.1.aarch64.rpm gh-2.53.0-bp156.2.6.1.ppc64le.rpm gh-2.53.0-bp156.2.6.1.s390x.rpm openSUSE-2024-220 moderate openSUSE Backports SLE-15-SP6 Update This update for caddy fixes the following issues: - Update to version 2.8.4: * cmd: fix regression in auto-detect of Caddyfile (#6362) * Tag v2.8.3 was mistakenly made on the v2.8.2 commit and is skipped - Update to version 2.8.2: * cmd: fix auto-detetction of .caddyfile extension (#6356) * caddyhttp: properly sanitize requests for root path (#6360) * caddytls: Implement certmagic.RenewalInfoGetter * build(deps): bump golangci/golangci-lint-action from 5 to 6 (#6361) - Update to version 2.8.1: * caddyhttp: Fix merging consecutive `client_ip` or `remote_ip` matchers (#6350) * core: MkdirAll appDataDir in InstanceID with 0o700 (#6340) - Update to version 2.8.0: * acmeserver: Add `sign_with_root` for Caddyfile (#6345) * caddyfile: Reject global request matchers earlier (#6339) * core: Fix bug in AppIfConfigured (fix #6336) * fix a typo (#6333) * autohttps: Move log WARN to INFO, reduce confusion (#6185) * reverseproxy: Support HTTP/3 transport to backend (#6312) * context: AppIfConfigured returns error; consider not-yet-provisioned modules (#6292) * Fix lint error about deprecated method in smallstep/certificates/authority * go.mod: Upgrade dependencies * caddytls: fix permission requirement with AutomationPolicy (#6328) * caddytls: remove ClientHelloSNICtxKey (#6326) * caddyhttp: Trace individual middleware handlers (#6313) * templates: Add `pathEscape` template function and use it in file browser (#6278) * caddytls: set server name in context (#6324) * chore: downgrade minimum Go version in go.mod (#6318) * caddytest: normalize the JSON config (#6316) * caddyhttp: New experimental handler for intercepting responses (#6232) * httpcaddyfile: Set challenge ports when http_port or https_port are used * logging: Add support for additional logger filters other than hostname (#6082) * caddyhttp: Log 4xx as INFO; 5xx as ERROR (close #6106) * Second half of 6dce493 * caddyhttp: Alter log message when request is unhandled (close #5182) * chore: Bump Go version in CI (#6310) * go.mod: go 1.22.3 * Fix typos (#6311) * reverseproxy: Pointer to struct when loading modules; remove LazyCertPool (#6307) * tracing: add trace_id var (`http.vars.trace_id` placeholder) (#6308) * go.mod: CertMagic v0.21.0 * reverseproxy: Implement health_follow_redirects (#6302) * caddypki: Allow use of root CA without a key. Fixes #6290 (#6298) * go.mod: Upgrade to quic-go v0.43.1 * reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301) * caddytls: Ability to drop connections (close #6294) * build(deps): bump golangci/golangci-lint-action from 4 to 5 (#6289) * httpcaddyfile: Fix expression matcher shortcut in snippets (#6288) * caddytls: Evict internal certs from cache based on issuer (#6266) * chore: add warn logs when using deprecated fields (#6276) * caddyhttp: Fix linter warning about deprecation * go.mod: Upgrade to quic-go v0.43.0 * fileserver: Set "Vary: Accept-Encoding" header (see #5849) * events: Add debug log * reverseproxy: handle buffered data during hijack (#6274) * ci: remove `android` and `plan9` from cross-build workflow (#6268) * run `golangci-lint run --fix --fast` (#6270) * caddytls: Option to configure certificate lifetime (#6253) * replacer: Implement `file.*` global replacements (#5463) * caddyhttp: Address some Go 1.20 features (#6252) * Quell linter (false positive) * reverse_proxy: Add grace_period for SRV upstreams to Caddyfile (#6264) * doc: add `verifier` in `ClientAuthentication` caddyfile marshaler doc (#6263) * caddytls: Add Caddyfile support for on-demand permission module (close #6260) * reverseproxy: Remove long-deprecated buffering properties * reverseproxy: Reuse buffered request body even if partially drained * reverseproxy: Accept EOF when buffering * logging: Fix default access logger (#6251) * fileserver: Improve Vary handling (#5849) * cmd: Only validate config is proper JSON if config slice has data (#6250) * staticresp: Use the evaluated response body for sniffing JSON content-type (#6249) * encode: Slight fix for the previous commit * encode: Improve Etag handling (fix #5849) * httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148) * caddyfile: Populate regexp matcher names by default (#6145) * caddyhttp: record num. bytes read when response writer is hijacked (#6173) * caddyhttp: Support multiple logger names per host (#6088) * chore: fix some typos in comments (#6243) * encode: Configurable compression level for zstd (#6140) * caddytls: Remove shim code supporting deprecated lego-dns (#6231) * connection policy: add `local_ip` matcher (#6074) * reverseproxy: Wait for both ends of websocket to close (#6175) * caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229) * caddytls: Still provision permission module if ask is specified * fileserver: read etags from precomputed files (#6222) * fileserver: Escape # and ? in img src (fix #6237) * reverseproxy: Implement modular CA provider for TLS transport (#6065) * caddyhttp: Apply auto HTTPS redir to all interfaces (fix #6226) * cmd: Fix panic related to config filename (fix #5919) * cmd: Assume Caddyfile based on filename prefix and suffix (#5919) * admin: Make `Etag` a header, not a trailer (#6208) * caddyhttp: remove duplicate strings.Count in path matcher (fixes #6233) (#6234) * caddyconfig: Use empty struct instead of bool in map (close #6224) (#6227) * gitignore: Add rule for caddyfile.go (#6225) * chore: Fix broken links in README.md (#6223) * chore: Upgrade some dependencies (#6221) * caddyhttp: Add plaintext response to `file_server browse` (#6093) * admin: Use xxhash for etag (#6207) * modules: fix some typo in conments (#6206) * caddyhttp: Replace sensitive headers with REDACTED (close #5669) * caddyhttp: close quic connections when server closes (#6202) * reverseproxy: Use xxhash instead of fnv32 for LB (#6203) * caddyhttp: add http.request.local{,.host,.port} placeholder (#6182) * chore: upgrade deps (#6198) * chore: remove repetitive word (#6193) * Added a null check to avoid segfault on rewrite query ops (#6191) * rewrite: `uri query` replace operation (#6165) * logging: support `ms` duration format and add docs (#6187) * replacer: use RWMutex to protect static provider (#6184) * caddyhttp: Allow `header` replacement with empty string (#6163) * vars: Make nil values act as empty string instead of `"<nil>"` (#6174) * chore: Update quic-go to v0.42.0 (#6176) * caddyhttp: Accept XFF header values with ports, when parsing client IP (#6183) * reverseproxy: configurable active health_passes and health_fails (#6154) * reverseproxy: Configurable forward proxy URL (#6114) * caddyhttp: upgrade to cel v0.20.0 (#6161) * chore: Bump Chroma to v2.13.0, includes new Caddyfile lexer (#6169) * caddyhttp: suppress flushing if the response is being buffered (#6150) * chore: encode: use FlushError instead of Flush (#6168) * encode: write status immediately when status code is informational (#6164) * httpcaddyfile: Keep deprecated `skip_log` in directive order (#6153) * httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors (#5865) * rewrite: Implement `uri query` operations (#6120) * fix struct names (#6151) * fileserver: Preserve query during canonicalization redirect (#6109) * logging: Implement `log_append` handler (#6066) * httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113) * logging: Implement `append` encoder, allow flatter filters config (#6069) * ci: fix the integration test `TestLeafCertLoaders` (#6149) * vars: Allow overriding `http.auth.user.id` in replacer as a special case (#6108) * caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) * cmd: Adjust config load logs/errors (#6032) * reverseproxy: SRV dynamic upstream failover (#5832) * ci: bump golangci/golangci-lint-action from 3 to 4 (#6141) * core: OnExit hooks (#6128) * cmd: fix the output of the `Usage` section (#6138) * caddytls: verifier: caddyfile: re-add Caddyfile support (#6127) * acmeserver: add policy field to define allow/deny rules (#5796) * reverseproxy: cookie should be Secure and SameSite=None when TLS (#6115) * caddytest: Rename adapt tests to `*.caddyfiletest` extension (#6119) * tests: uses testing.TB interface for helper to be able to use test server in benchmarks. (#6103) * caddyfile: Assert having a space after heredoc marker to simply check (#6117) * chore: Update Chroma to get the new Caddyfile lexer (#6118) * reverseproxy: use context.WithoutCancel (#6116) * caddyfile: Reject directives in the place of site addresses (#6104) * caddyhttp: Register post-shutdown callbacks (#5948) * caddyhttp: Only attempt to enable full duplex for HTTP/1.x (#6102) * caddyauth: Drop support for `scrypt` (#6091) * Revert "caddyfile: Reject long heredoc markers (#6098)" (#6100) * caddyauth: Rename `basicauth` to `basic_auth` (#6092) * logging: Inline Caddyfile syntax for `ip_mask` filter (#6094) * caddyfile: Reject long heredoc markers (#6098) * chore: Rename CI jobs, run on M1 mac (#6089) * update comment * improved list * fix: add back text/* * fix: add more media types to the compressed by default list * acmeserver: support specifying the allowed challenge types (#5794) * matchers: Drop `forwarded` option from `remote_ip` matcher (#6085) * caddyhttp: Test cases for `%2F` and `%252F` (#6084) * bump to golang 1.22 (#6083) * fileserver: Browse can show symlink target if enabled (#5973) * core: Support NO_COLOR env var to disable log coloring (#6078) * build(deps): bump peter-evans/repository-dispatch from 2 to 3 (#6080) * Update comment in setcap helper script * caddytls: Make on-demand 'ask' permission modular (#6055) * core: Add `ctx.Slogger()` which returns an `slog` logger (#5945) * chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 (#6043) * chore: enabling a few more linters (#5961) * caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) * caddyfile: Switch to slices.Equal for better performance (#6061) * tls: modularize trusted CA providers (#5784) * logging: Automatic `wrap` default for `filter` encoder (#5980) * caddyhttp: Fix panic when request missing ClientIPVarKey (#6040) * caddyfile: Normalize & flatten all unmarshalers (#6037) * cmd: reverseproxy: log: use caddy logger (#6042) * matchers: `query` now ANDs multiple keys (#6054) * caddyfile: Add heredoc support to `fmt` command (#6056) * refactor: move automaxprocs init in caddycmd.Main() * caddyfile: Allow heredoc blank lines (#6051) * httpcaddyfile: Add optional status code argument to `handle_errors` directive (#5965) * httpcaddyfile: Rewrite `root` and `rewrite` parsing to allow omitting matcher (#5844) * fileserver: Implement caddyfile.Unmarshaler interface (#5850) * reverseproxy: Add `tls_curves` option to HTTP transport (#5851) * caddyhttp: Security enhancements for client IP parsing (#5805) * replacer: Fix escaped closing braces (#5995) * filesystem: Globally declared filesystems, `fs` directive (#5833) * ci/cd: use the build tag `nobadger` to exclude badgerdb (#6031) * httpcaddyfile: Fix redir <to> html (#6001) * httpcaddyfile: Support client auth verifiers (#6022) * tls: add reuse_private_keys (#6025) * reverseproxy: Only change Content-Length when full request is buffered (#5830) * Switch Solaris-derivatives away from listen_unix (#6021) * build(deps): bump actions/upload-artifact from 3 to 4 (#6013) * build(deps): bump actions/setup-go from 4 to 5 (#6012) * chore: check against errors of `io/fs` instead of `os` (#6011) * caddyhttp: support unix sockets in `caddy respond` command (#6010) * fileserver: Add total file size to directory listing (#6003) * httpcaddyfile: Fix cert file decoding to load multiple PEM in one file (#5997) * build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#5994) * cmd: use automaxprocs for better perf in containers (#5711) * logging: Add `zap.Option` support (#5944) * httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990) * metrics: Record request metrics on HTTP errors (#5979) * go.mod: Updated quic-go to v0.40.1 (#5983) * fileserver: Enable compression for command by default (#5855) * fileserver: New --precompressed flag (#5880) * caddyhttp: Add `uuid` to access logs when used (#5859) * proxyprotocol: use github.com/pires/go-proxyproto (#5915) * cmd: Preserve LastModified date when exporting storage (#5968) * core: Always make AppDataDir for InstanceID (#5976) * chore: cross-build for AIX (#5971) * caddytls: Sync distributed storage cleaning (#5940) * caddytls: Context to DecisionFunc (#5923) * tls: accept placeholders in string values of certificate loaders (#5963) * templates: Offically make templates extensible (#5939) * http2 uses new round-robin scheduler (#5946) * panic when reading from backend failed to propagate stream error (#5952) * chore: Bump otel to v1.21.0. (#5949) * httpredirectlistener: Only set read limit for when request is HTTP (#5917) * fileserver: Add .m4v for browse template icon * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924) * go.mod: update quic-go version to v0.40.0 (#5922) * update quic-go to v0.39.3 (#5918) * chore: Fix usage pool comment (#5916) * test: acmeserver: add smoke test for the ACME server directory (#5914) * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913) * caddyhttp: Adjust `scheme` placeholder docs (#5910) * go.mod: Upgrade quic-go to v0.39.1 * go.mod: CVE-2023-45142 Update opentelemetry (#5908) * templates: Delete headers on `httpError` to reset to clean slate (#5905) * httpcaddyfile: Remove port from logger names (#5881) * core: Apply SO_REUSEPORT to UDP sockets (#5725) * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848) * cmd: Add newline character to version string in CLI output (#5895) * core: quic listener will manage the underlying socket by itself (#5749) * templates: Clarify `include` args docs, add `.ClientIP` (#5898) * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) * cmd: upgrade: resolve symlink of the executable (#5891) * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883) - CVEs: * CVE-2024-22189 (boo#1222468) * CVE-2023-45142 - Update to version 2.7.6: * caddytls: Sync distributed storage cleaning (#5940) * caddytls: Context to DecisionFunc (#5923) * tls: accept placeholders in string values of certificate loaders (#5963) * templates: Offically make templates extensible (#5939) * http2 uses new round-robin scheduler (#5946) * panic when reading from backend failed to propagate stream error (#5952) * chore: Bump otel to v1.21.0. (#5949) * httpredirectlistener: Only set read limit for when request is HTTP (#5917) * fileserver: Add .m4v for browse template icon * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924) * go.mod: update quic-go version to v0.40.0 (#5922) * update quic-go to v0.39.3 (#5918) * chore: Fix usage pool comment (#5916) * test: acmeserver: add smoke test for the ACME server directory (#5914) * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913) * caddyhttp: Adjust `scheme` placeholder docs (#5910) * go.mod: Upgrade quic-go to v0.39.1 * go.mod: CVE-2023-45142 Update opentelemetry (#5908) * templates: Delete headers on `httpError` to reset to clean slate (#5905) * httpcaddyfile: Remove port from logger names (#5881) * core: Apply SO_REUSEPORT to UDP sockets (#5725) * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848) * cmd: Add newline character to version string in CLI output (#5895) * core: quic listener will manage the underlying socket by itself (#5749) * templates: Clarify `include` args docs, add `.ClientIP` (#5898) * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) * cmd: upgrade: resolve symlink of the executable (#5891) * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883) - Update to version 2.7.5: * admin: Respond with 4xx on non-existing config path (#5870) * ci: Force the Go version for govulncheck (#5879) * fileserver: Set canonical URL on browse template (#5867) * tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag (#5852) * reverseproxy: Add more debug logs (#5793) * reverseproxy: Fix `least_conn` policy regression (#5862) * reverseproxy: Add logging for dynamic A upstreams (#5857) * reverseproxy: Replace health header placeholders (#5861) * httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output (#5860) * cmd: Fix exiting with custom status code, add `caddy -v` (#5874) * reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers (#5828) * reverseproxy: Fix retries on "upstreams unavailable" error (#5841) * httpcaddyfile: Enable TLS for catch-all site if `tls` directive is specified (#5808) * encode: Add `application/wasm*` to the default content types (#5869) * fileserver: Add command shortcuts `-l` and `-a` (#5854) * go.mod: Upgrade dependencies incl. x/net/http * templates: Add dummy `RemoteAddr` to `httpInclude` request, proxy compatibility (#5845) * reverseproxy: Allow fallthrough for response handlers without routes (#5780) * fix: caddytest.AssertResponseCode error message (#5853) * build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#5847) * build(deps): bump actions/checkout from 3 to 4 (#5846) * caddyhttp: Use LimitedReader for HTTPRedirectListener * fileserver: browse template SVG icons and UI tweaks (#5812) * reverseproxy: fix nil pointer dereference in AUpstreams.GetUpstreams (#5811) * httpcaddyfile: fix placeholder shorthands in named routes (#5791) * cmd: Prevent overwriting existing env vars with `--envfile` (#5803) * ci: Run govulncheck (#5790) * logging: query filter for array of strings (#5779) * logging: Clone array on log filters, prevent side-effects (#5786) * fileserver: Export BrowseTemplate * ci: ensure short-sha is exported correctly on all platforms (#5781) * caddyfile: Fix case where heredoc marker is empty after newline (#5769) * go.mod: Update quic-go to v0.38.0 (#5772) * chore: Appease gosec linter (#5777) * replacer: change timezone to UTC for "time.now.http" placeholders (#5774) * caddyfile: Adjust error formatting (#5765) * update quic-go to v0.37.6 (#5767) * httpcaddyfile: Stricter errors for site and upstream address schemes (#5757) * caddyfile: Loosen heredoc parsing (#5761) * fileserver: docs: clarify the ability to produce JSON array with `browse` (#5751) * fix package typo (#5764) caddy-2.8.4-bp156.3.3.1.src.rpm caddy-2.8.4-bp156.3.3.1.x86_64.rpm caddy-bash-completion-2.8.4-bp156.3.3.1.noarch.rpm caddy-fish-completion-2.8.4-bp156.3.3.1.noarch.rpm caddy-zsh-completion-2.8.4-bp156.3.3.1.noarch.rpm caddy-2.8.4-bp156.3.3.1.i586.rpm caddy-2.8.4-bp156.3.3.1.aarch64.rpm caddy-2.8.4-bp156.3.3.1.ppc64le.rpm caddy-2.8.4-bp156.3.3.1.s390x.rpm openSUSE-2024-229 moderate openSUSE Backports SLE-15-SP6 Update This update for python-csvkit fixes the following issues: - Add missing Requires. (boo#1227705) python-csvkit-1.0.5-bp156.4.3.1.src.rpm python3-csvkit-1.0.5-bp156.4.3.1.noarch.rpm openSUSE-2024-224 moderate openSUSE Backports SLE-15-SP6 Update This update for keybase-client fixes the following issues: - Update the Image dependency to address CVE-2024-24792 (boo#1227167). kbfs-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-git-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-tool-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm keybase-client-6.2.8-bp156.2.6.1.src.rpm keybase-client-6.2.8-bp156.2.6.1.x86_64.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-6.2.8-bp156.2.6.1.i586.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.i586.rpm kbfs-git-6.2.8-bp156.2.6.1.i586.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.i586.rpm kbfs-tool-6.2.8-bp156.2.6.1.i586.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.i586.rpm keybase-client-6.2.8-bp156.2.6.1.i586.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.i586.rpm kbfs-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-git-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-tool-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm keybase-client-6.2.8-bp156.2.6.1.aarch64.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-git-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-tool-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm keybase-client-6.2.8-bp156.2.6.1.ppc64le.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-6.2.8-bp156.2.6.1.s390x.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm kbfs-git-6.2.8-bp156.2.6.1.s390x.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm kbfs-tool-6.2.8-bp156.2.6.1.s390x.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm keybase-client-6.2.8-bp156.2.6.1.s390x.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm openSUSE-2024-221 important openSUSE Backports SLE-15-SP6 Update This update for python-nltk fixes the following issues: - CVE-2024-39705: Fixed remote code execution through unsafe pickle usage (boo#1227174). python-nltk-3.7-bp156.4.3.1.src.rpm python3-nltk-3.7-bp156.4.3.1.noarch.rpm openSUSE-2024-233 moderate openSUSE Backports SLE-15-SP6 Update This update for virtme fixes the following issues: Update to 1.26: * Proper integration with Arch * Inclusion of a vng manpage * The host's /tmp is now also visible from the guest * A new --configitem option that allows to quickly change specific kernel config options (with --build) * Bug fixes virtme-1.26-bp156.2.6.1.noarch.rpm virtme-1.26-bp156.2.6.1.src.rpm openSUSE-2024-235 moderate openSUSE Backports SLE-15-SP6 Update This update for mpv fixes the following issues: Update to version 0.38.0+git20240618.bc5ab97d: - Fixed jerky playing, including desync (boo#1228348) libmpv2-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.x86_64.rpm mpv-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.src.rpm mpv-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.x86_64.rpm mpv-bash-completion-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.noarch.rpm mpv-devel-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.x86_64.rpm mpv-zsh-completion-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.noarch.rpm libmpv2-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.aarch64.rpm mpv-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.aarch64.rpm mpv-devel-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.aarch64.rpm openSUSE-2024-231 moderate openSUSE Backports SLE-15-SP6 Update This update for python-notebook fixes the following issues: - Update to 5.7.11 * sanitizer fix CVE-2021-32798 (boo#1227583) - Update to 5.7.10 * no upstream changelog - Update to 5.7.9 * Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) * Update from preact to React jupyter-notebook-5.7.11-bp156.4.3.1.noarch.rpm jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch.rpm jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch.rpm jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch.rpm python-notebook-5.7.11-bp156.4.3.1.src.rpm python3-notebook-5.7.11-bp156.4.3.1.noarch.rpm python3-notebook-lang-5.7.11-bp156.4.3.1.noarch.rpm openSUSE-2024-237 moderate openSUSE Backports SLE-15-SP6 Update This update for gnuhealth fixes the following issues: - version 4.4.1 * Issue #15: readfp on setup.py no longer supported since python 3.12 * Issue #33: health orthanc: Errors on imaging request when worklist template set on imaging test type gnuhealth-4.4.1-bp156.2.3.1.noarch.rpm gnuhealth-4.4.1-bp156.2.3.1.src.rpm gnuhealth-orthanc-4.4.1-bp156.2.3.1.noarch.rpm openSUSE-2024-236 moderate openSUSE Backports SLE-15-SP6 Update This update for python-schema fixes the following issues: - build for both Python 3.6 and 3.11 (boo#1228797) python-schema-0.6.7-bp156.4.3.1.src.rpm python3-schema-0.6.7-bp156.4.3.1.noarch.rpm python311-schema-0.6.7-bp156.4.3.1.noarch.rpm openSUSE-2024-238 moderate openSUSE Backports SLE-15-SP6 Update This update for yt-dlp fixes the following issues: - Update to release 2024.08.01 * youtube: * Change default player clients to ios,tv * Fix n function name extraction for player 20dfca59 * Fix age-verification workaround - Update to release 2024.07.25 * youtube: Fix n function name extraction for player 3400486c - Update to release 2024.07.16 * Support auto-tty and no_color-tty for --color * youtube: Avoid poToken experiment player responses - Update to release 2024.07.09 * youtube: Remove broken n function extraction fallback - Update to release 2024.07.01: * Properly sanitize file-extension to prevent file system modification and RCE. Unsafe extensions are now blocked from being downloaded. [CVE-2024-38519 boo#1227305] python311-yt-dlp-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-2024.08.01-bp156.2.3.1.src.rpm yt-dlp-bash-completion-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-fish-completion-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-zsh-completion-2024.08.01-bp156.2.3.1.noarch.rpm openSUSE-2024-239 moderate openSUSE Backports SLE-15-SP6 Update This update for ksh fixes the following issues: - fix segfault in variable substitution [boo#1129288] - fix untrusted environment execution [boo#1160796] [CVE-2019-14868] ksh-93vu-bp156.6.3.1.src.rpm ksh-93vu-bp156.6.3.1.x86_64.rpm ksh-devel-93vu-bp156.6.3.1.x86_64.rpm ksh-93vu-bp156.6.3.1.i586.rpm ksh-devel-93vu-bp156.6.3.1.i586.rpm ksh-93vu-bp156.6.3.1.aarch64.rpm ksh-devel-93vu-bp156.6.3.1.aarch64.rpm ksh-93vu-bp156.6.3.1.ppc64le.rpm ksh-devel-93vu-bp156.6.3.1.ppc64le.rpm ksh-93vu-bp156.6.3.1.s390x.rpm ksh-devel-93vu-bp156.6.3.1.s390x.rpm openSUSE-2024-240 moderate openSUSE Backports SLE-15-SP6 Update This update for tryton, trytond, trytond_account_invoice, trytond_purchase fixes the following issues: Changes in tryton: - Version 6.0.41 - Bugfix Release Changes in trytond: - Version 6.0.50 - Bugfix Release Changes in trytond_purchase: - Version 6.0.17 - Bugfix Release Changes in trytond_account_invoice: - Version 6.0.19 - Bugfix Release tryton-6.0.41-bp156.2.6.1.noarch.rpm tryton-6.0.41-bp156.2.6.1.src.rpm trytond-6.0.50-bp156.2.6.1.noarch.rpm trytond-6.0.50-bp156.2.6.1.src.rpm trytond_account_invoice-6.0.19-bp156.2.6.1.noarch.rpm trytond_account_invoice-6.0.19-bp156.2.6.1.src.rpm trytond_purchase-6.0.17-bp156.2.6.1.noarch.rpm trytond_purchase-6.0.17-bp156.2.6.1.src.rpm openSUSE-2024-241 moderate openSUSE Backports SLE-15-SP6 Update This update for mygnuhealth, python-bleak fixes the following issues: Changes in mygnuhealth: - version 2.2.1 * Fix issue #34 - MyGH crashes when clicking 'Network' * translation update - added dependency on bleak Changes in python-bleak: - Introduce version 0.22.2: mygnuhealth-2.2.1-bp156.2.6.1.src.rpm mygnuhealth-2.2.1-bp156.2.6.1.x86_64.rpm python-bleak-0.22.2-bp156.2.1.src.rpm python311-bleak-0.22.2-bp156.2.1.noarch.rpm python-bleak-test-0.22.2-bp156.2.1.src.rpm python-dbus_fast-2.22.1-bp156.2.1.src.rpm python311-dbus_fast-2.22.1-bp156.2.1.x86_64.rpm python-dbus_fast-test-2.22.1-bp156.2.1.src.rpm python311-dbus_fast-2.22.1-bp156.2.1.i586.rpm mygnuhealth-2.2.1-bp156.2.6.1.aarch64.rpm python311-dbus_fast-2.22.1-bp156.2.1.aarch64.rpm mygnuhealth-2.2.1-bp156.2.6.1.ppc64le.rpm python311-dbus_fast-2.22.1-bp156.2.1.ppc64le.rpm mygnuhealth-2.2.1-bp156.2.6.1.s390x.rpm python311-dbus_fast-2.22.1-bp156.2.1.s390x.rpm openSUSE-2024-246 moderate openSUSE Backports SLE-15-SP6 Update This update for thunar fixes the following issues: - Update to 4.18.11: * Use parent windows for undo/redo dialog (#1393) * Fix for misc_open_new_windows_in_split_view (#889) * Dont add directories to recent:/// (#1372) * build: clang: Fix -Wmissing-noreturn * build: clang: Fix -Wsingle-bit-bitfield-constant-conversion * Focus split view pane on DnD events (#1243) * Dont reload folder when "draw_frames" is set (#1337) * Allow submenu UCAs in toolbar (#780) * Fix shortcuts for ucas in subfolders (#1043) * Dont show 'open location' on recent icon(#1297) * Fix for image preview visibility (#1285) * Prevent focus stealing of file transfer dialog (#643) * Dont update "last-view" when searching (#1278) * Translation Updates - Update to 4.18.10: * Prevent infinite reload loop for symlinks (#1270) - Update to 4.18.9: * g_file_get_basename over realpath (#1030) * Fix and simplify symlink resolver (#1260) * Fix thumbnailer symlink support (#1260) * Prevent GLib GIO CRITICAL (#1204) * Translation Updates libthunarx-3-0-4.18.11-bp156.2.3.1.x86_64.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.x86_64.rpm thunar-4.18.11-bp156.2.3.1.src.rpm thunar-4.18.11-bp156.2.3.1.x86_64.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.x86_64.rpm thunar-debugsource-4.18.11-bp156.2.3.1.x86_64.rpm thunar-devel-4.18.11-bp156.2.3.1.x86_64.rpm thunar-lang-4.18.11-bp156.2.3.1.noarch.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.x86_64.rpm libthunarx-3-0-4.18.11-bp156.2.3.1.aarch64.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.aarch64.rpm thunar-4.18.11-bp156.2.3.1.aarch64.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.aarch64.rpm thunar-debugsource-4.18.11-bp156.2.3.1.aarch64.rpm thunar-devel-4.18.11-bp156.2.3.1.aarch64.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.aarch64.rpm libthunarx-3-0-4.18.11-bp156.2.3.1.ppc64le.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-debugsource-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-devel-4.18.11-bp156.2.3.1.ppc64le.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.ppc64le.rpm libthunarx-3-0-4.18.11-bp156.2.3.1.s390x.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.s390x.rpm thunar-4.18.11-bp156.2.3.1.s390x.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.s390x.rpm thunar-debugsource-4.18.11-bp156.2.3.1.s390x.rpm thunar-devel-4.18.11-bp156.2.3.1.s390x.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.s390x.rpm openSUSE-2024-248 moderate openSUSE Backports SLE-15-SP6 Update This update for iodine fixes the following issues: - Comment out PrivateDevices in hardening, (boo#1216238 and boo#1228788). Modified: * iodine.service. * iodined.service. - Comment out ProtectClock in hardening, (boo#1206835). Modified: * iodine.service. * iodined.service. iodine-0.7.0-bp156.6.3.1.src.rpm iodine-0.7.0-bp156.6.3.1.x86_64.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.x86_64.rpm iodine-debugsource-0.7.0-bp156.6.3.1.x86_64.rpm iodine-0.7.0-bp156.6.3.1.i586.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.i586.rpm iodine-debugsource-0.7.0-bp156.6.3.1.i586.rpm iodine-0.7.0-bp156.6.3.1.aarch64.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.aarch64.rpm iodine-debugsource-0.7.0-bp156.6.3.1.aarch64.rpm iodine-0.7.0-bp156.6.3.1.ppc64le.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.ppc64le.rpm iodine-debugsource-0.7.0-bp156.6.3.1.ppc64le.rpm iodine-0.7.0-bp156.6.3.1.s390x.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.s390x.rpm iodine-debugsource-0.7.0-bp156.6.3.1.s390x.rpm openSUSE-2024-249 low openSUSE Backports SLE-15-SP6 Update This update for debhelper fixes the following issues: - fix perl compatibility for Leap (boo#1228955) debhelper-13.11.5-bp156.2.3.1.noarch.rpm debhelper-13.11.5-bp156.2.3.1.src.rpm openSUSE-2024-287 moderate openSUSE Backports SLE-15-SP6 Update This update for cockpit, cockpit-machines fixes the following issues: Changes in cockpit: - Fix libexecdir for leap and sle (boo#1223533) - Fix systemd units folder for leap and sle (boo#1226541) - Recommend cockpit-packagekit if zypper is installed - new version 321: * Bug fixes and performance improvements - update_version.sh: use instead of `osc service mr` to do version updates. updated README.packaging Changes in cockpit-machines: - Add initial package of version 316 cockpit-machines-316-bp156.2.2.noarch.rpm cockpit-machines-316-bp156.2.2.src.rpm cockpit-321-bp156.2.9.1.src.rpm cockpit-321-bp156.2.9.1.x86_64.rpm cockpit-bridge-321-bp156.2.9.1.x86_64.rpm cockpit-devel-321-bp156.2.9.1.x86_64.rpm cockpit-doc-321-bp156.2.9.1.noarch.rpm cockpit-kdump-321-bp156.2.9.1.noarch.rpm cockpit-networkmanager-321-bp156.2.9.1.noarch.rpm cockpit-packagekit-321-bp156.2.9.1.noarch.rpm cockpit-pcp-321-bp156.2.9.1.x86_64.rpm cockpit-selinux-321-bp156.2.9.1.noarch.rpm cockpit-storaged-321-bp156.2.9.1.noarch.rpm cockpit-system-321-bp156.2.9.1.noarch.rpm cockpit-ws-321-bp156.2.9.1.x86_64.rpm cockpit-321-bp156.2.9.1.aarch64.rpm cockpit-bridge-321-bp156.2.9.1.aarch64.rpm cockpit-devel-321-bp156.2.9.1.aarch64.rpm cockpit-pcp-321-bp156.2.9.1.aarch64.rpm cockpit-ws-321-bp156.2.9.1.aarch64.rpm cockpit-321-bp156.2.9.1.ppc64le.rpm cockpit-bridge-321-bp156.2.9.1.ppc64le.rpm cockpit-devel-321-bp156.2.9.1.ppc64le.rpm cockpit-pcp-321-bp156.2.9.1.ppc64le.rpm cockpit-ws-321-bp156.2.9.1.ppc64le.rpm cockpit-321-bp156.2.9.1.s390x.rpm cockpit-bridge-321-bp156.2.9.1.s390x.rpm cockpit-devel-321-bp156.2.9.1.s390x.rpm cockpit-pcp-321-bp156.2.9.1.s390x.rpm cockpit-ws-321-bp156.2.9.1.s390x.rpm openSUSE-2024-294 moderate openSUSE Backports SLE-15-SP6 Update This update for kanidm fixes the following issues: - kanidm version 1.3.3~git0.f075d13: * Release 1.3.3 * Mail substr index (#2981) kanidm-1.3.3~git0.f075d13-bp156.4.1.src.rpm kanidm-1.3.3~git0.f075d13-bp156.4.1.x86_64.rpm kanidm-clients-1.3.3~git0.f075d13-bp156.4.1.x86_64.rpm kanidm-docs-1.3.3~git0.f075d13-bp156.4.1.x86_64.rpm kanidm-server-1.3.3~git0.f075d13-bp156.4.1.x86_64.rpm kanidm-unixd-clients-1.3.3~git0.f075d13-bp156.4.1.x86_64.rpm kanidm-1.3.3~git0.f075d13-bp156.4.1.aarch64.rpm kanidm-clients-1.3.3~git0.f075d13-bp156.4.1.aarch64.rpm kanidm-docs-1.3.3~git0.f075d13-bp156.4.1.aarch64.rpm kanidm-server-1.3.3~git0.f075d13-bp156.4.1.aarch64.rpm kanidm-unixd-clients-1.3.3~git0.f075d13-bp156.4.1.aarch64.rpm openSUSE-2024-254 important openSUSE Backports SLE-15-SP6 Update This update for chromium, gn, rust-bindgen fixes the following issues: - Chromium 127.0.6533.119 (boo#1228941) * CVE-2024-7532: Out of bounds memory access in ANGLE * CVE-2024-7533: Use after free in Sharing * CVE-2024-7550: Type Confusion in V8 * CVE-2024-7534: Heap buffer overflow in Layout * CVE-2024-7535: Inappropriate implementation in V8 * CVE-2024-7536: Use after free in WebAudio - Chromium 127.0.6533.88 (boo#1228628, boo#1228940, boo#1228942) * CVE-2024-6988: Use after free in Downloads * CVE-2024-6989: Use after free in Loader * CVE-2024-6991: Use after free in Dawn * CVE-2024-6992: Out of bounds memory access in ANGLE * CVE-2024-6993: Inappropriate implementation in Canvas * CVE-2024-6994: Heap buffer overflow in Layout * CVE-2024-6995: Inappropriate implementation in Fullscreen * CVE-2024-6996: Race in Frames * CVE-2024-6997: Use after free in Tabs * CVE-2024-6998: Use after free in User Education * CVE-2024-6999: Inappropriate implementation in FedCM * CVE-2024-7000: Use after free in CSS. Reported by Anonymous * CVE-2024-7001: Inappropriate implementation in HTML * CVE-2024-7003: Inappropriate implementation in FedCM * CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-6990: Uninitialized Use in Dawn * CVE-2024-7255: Out of bounds read in WebTransport * CVE-2024-7256: Insufficient data validation in Dawn gh: - Update to version 0.20240730: * Rust: link_output, depend_output and runtime_outputs for dylibs * Add missing reference section to function_toolchain.cc * Do not cleanup args.gn imports located in the output directory. * Fix expectations in NinjaRustBinaryTargetWriterTest.SwiftModule * Do not add native dependencies to the library search path * Support linking frameworks and swiftmodules in Rust targets * [desc] Silence print() statements when outputing json * infra: Move CI/try builds to Ubuntu-22.04 * [MinGW] Fix mingw building issues * [gn] Fix "link" in the //examples/simple_build/build/toolchain/BUILD.gn * [template] Fix "rule alink_thin" in the //build/build_linux.ninja.template * Allow multiple --ide switches * [src] Add "#include <limits>" in the //src/base/files/file_enumerator_win.cc * Get updates to infra/recipes.py from upstream * Revert "Teach gn to handle systems with > 64 processors" * [apple] Rename the code-signing properties of create_bundle * Fix a typo in "gn help refs" output * Revert "[bundle] Use "phony" builtin tool for create_bundle targets" * [bundle] Use "phony" builtin tool for create_bundle targets * [ios] Simplify handling of assets catalog * [swift] List all outputs as deps of "source_set" stamp file * [swift] Update `gn check ...` to consider the generated header * [swift] Set `restat = 1` to swift build rules * Fix build with gcc12 * [label_matches] Add new functions label_matches(), filter_labels_include() and filter_labels_exclude() * [swift] Remove problematic use of "stamp" tool * Implement new --ninja-outputs-file option. * Add NinjaOutputsWriter class * Move InvokePython() function to its own source file. * zos: build with -DZOSLIB_OVERRIDE_CLIB to override creat * Enable C++ runtime assertions in debug mode. * Fix regression in MakeRelativePath() * fix: Fix Windows MakeRelativePath. * Add long path support for windows * Ensure read_file() files are considered by "gn analyze" * apply 2to3 to for some Python scripts * Add rustflags to desc and help output * strings: support case insensitive check only in StartsWith/EndsWith * add .git-blame-ignore-revs * use std::{string,string_view}::{starts_with,ends_with} * apply clang-format to all C++ sources * add forward declaration in rust_values.h * Add `root_patterns` list to build configuration. * Use c++20 in GN build * update windows sdk to 2024-01-11 * update windows sdk * Add linux-riscv64. * Update OWNERS list. * remove unused function * Ignore build warning -Werror=redundant-move * Fix --as=buildfile `gn desc deps` output. * Update recipe engine to 9dea1246. * treewide: Fix spelling mistakes Added rust-bindgen: - Version 0.69.1 chromedriver-127.0.6533.119-bp156.2.14.1.x86_64.rpm chromedriver-debuginfo-127.0.6533.119-bp156.2.14.1.x86_64.rpm chromium-127.0.6533.119-bp156.2.14.1.src.rpm chromium-127.0.6533.119-bp156.2.14.1.x86_64.rpm chromium-debuginfo-127.0.6533.119-bp156.2.14.1.x86_64.rpm gn-0.20240730-bp156.2.3.1.src.rpm gn-0.20240730-bp156.2.3.1.x86_64.rpm gn-debuginfo-0.20240730-bp156.2.3.1.x86_64.rpm gn-debugsource-0.20240730-bp156.2.3.1.x86_64.rpm rust-bindgen-0.69.1-bp156.2.1.src.rpm rust-bindgen-0.69.1-bp156.2.1.x86_64.rpm rust-bindgen-debuginfo-0.69.1-bp156.2.1.x86_64.rpm gn-0.20240730-bp156.2.3.1.i586.rpm gn-debuginfo-0.20240730-bp156.2.3.1.i586.rpm gn-debugsource-0.20240730-bp156.2.3.1.i586.rpm rust-bindgen-0.69.1-bp156.2.1.i586.rpm rust-bindgen-debuginfo-0.69.1-bp156.2.1.i586.rpm chromedriver-127.0.6533.119-bp156.2.14.1.aarch64.rpm chromedriver-debuginfo-127.0.6533.119-bp156.2.14.1.aarch64.rpm chromium-127.0.6533.119-bp156.2.14.1.aarch64.rpm chromium-debuginfo-127.0.6533.119-bp156.2.14.1.aarch64.rpm gn-0.20240730-bp156.2.3.1.aarch64.rpm gn-debuginfo-0.20240730-bp156.2.3.1.aarch64.rpm gn-debugsource-0.20240730-bp156.2.3.1.aarch64.rpm rust-bindgen-0.69.1-bp156.2.1.aarch64.rpm rust-bindgen-debuginfo-0.69.1-bp156.2.1.aarch64.rpm gn-0.20240730-bp156.2.3.1.ppc64le.rpm gn-debuginfo-0.20240730-bp156.2.3.1.ppc64le.rpm gn-debugsource-0.20240730-bp156.2.3.1.ppc64le.rpm rust-bindgen-0.69.1-bp156.2.1.ppc64le.rpm rust-bindgen-debuginfo-0.69.1-bp156.2.1.ppc64le.rpm gn-0.20240730-bp156.2.3.1.s390x.rpm gn-debuginfo-0.20240730-bp156.2.3.1.s390x.rpm gn-debugsource-0.20240730-bp156.2.3.1.s390x.rpm rust-bindgen-0.69.1-bp156.2.1.s390x.rpm rust-bindgen-debuginfo-0.69.1-bp156.2.1.s390x.rpm openSUSE-2024-328 moderate openSUSE Backports SLE-15-SP6 Update This update for roundcubemail fixes the following issues: Update to 1.6.8 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: * Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] * Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] * Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] CHANGELOG * Managesieve: Protect special scripts in managesieve_kolab_master mode * Fix newmail_notifier notification focus in Chrome (#9467) * Fix fatal error when parsing some TNEF attachments (#9462) * Fix double scrollbar when composing a mail with many plain text lines (#7760) * Fix decoding mail parts with multiple base64-encoded text blocks (#9290) * Fix bug where some messages could get malformed in an import from a MBOX file (#9510) * Fix invalid line break characters in multi-line text in Sieve scripts (#9543) * Fix bug where "with attachment" filter could fail on some fts engines (#9514) * Fix bug where an unhandled exception was caused by an invalid image attachment (#9475) * Fix bug where a long subject title could not be displayed in some cases (#9416) * Fix infinite loop when parsing malformed Sieve script (#9562) * Fix bug where imap_conn_option's 'socket' was ignored (#9566) * Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] * Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] * Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] roundcubemail-1.6.8-bp156.2.3.1.noarch.rpm roundcubemail-1.6.8-bp156.2.3.1.src.rpm openSUSE-2024-258 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: - Chromium 128.0.6613.84 (boo#1229591) * CVE-2024-7964: Use after free in Passwords * CVE-2024-7965: Inappropriate implementation in V8 * CVE-2024-7966: Out of bounds memory access in Skia * CVE-2024-7967: Heap buffer overflow in Fonts * CVE-2024-7968: Use after free in Autofill * CVE-2024-7969: Type Confusion in V8 * CVE-2024-7971: Type confusion in V8 * CVE-2024-7972: Inappropriate implementation in V8 * CVE-2024-7973: Heap buffer overflow in PDFium * CVE-2024-7974: Insufficient data validation in V8 API * CVE-2024-7975: Inappropriate implementation in Permissions * CVE-2024-7976: Inappropriate implementation in FedCM * CVE-2024-7977: Insufficient data validation in Installer * CVE-2024-7978: Insufficient policy enforcement in Data Transfer * CVE-2024-7979: Insufficient data validation in Installer * CVE-2024-7980: Insufficient data validation in Installer * CVE-2024-7981: Inappropriate implementation in Views * CVE-2024-8033: Inappropriate implementation in WebApp Installs * CVE-2024-8034: Inappropriate implementation in Custom Tabs * CVE-2024-8035: Inappropriate implementation in Extensions * Various fixes from internal audits, fuzzing and other initiatives chromedriver-128.0.6613.84-bp156.2.17.1.x86_64.rpm chromedriver-debuginfo-128.0.6613.84-bp156.2.17.1.x86_64.rpm chromium-128.0.6613.84-bp156.2.17.1.src.rpm chromium-128.0.6613.84-bp156.2.17.1.x86_64.rpm chromium-debuginfo-128.0.6613.84-bp156.2.17.1.x86_64.rpm chromedriver-128.0.6613.84-bp156.2.17.1.aarch64.rpm chromedriver-debuginfo-128.0.6613.84-bp156.2.17.1.aarch64.rpm chromium-128.0.6613.84-bp156.2.17.1.aarch64.rpm chromium-debuginfo-128.0.6613.84-bp156.2.17.1.aarch64.rpm openSUSE-2024-300 moderate openSUSE Backports SLE-15-SP6 Update This update for ntpd-rs fixes the following issues: - Introducing ntpd-rs version 1.2.3 ntpd-rs-1.2.3-bp156.2.1.src.rpm ntpd-rs-1.2.3-bp156.2.1.x86_64.rpm ntpd-rs-common-1.2.3-bp156.2.1.noarch.rpm ntpd-rs-1.2.3-bp156.2.1.i586.rpm ntpd-rs-1.2.3-bp156.2.1.aarch64.rpm ntpd-rs-1.2.3-bp156.2.1.ppc64le.rpm ntpd-rs-1.2.3-bp156.2.1.s390x.rpm openSUSE-2024-264 moderate openSUSE Backports SLE-15-SP6 Update This update for retry fixes the following issues: - Update to version 1723625520.fd868ce: * Add an option for infinite retries retry-1723625520.fd868ce-bp156.2.3.1.noarch.rpm retry-1723625520.fd868ce-bp156.2.3.1.src.rpm openSUSE-2024-266 moderate openSUSE Backports SLE-15-SP6 Update This update for xfwm4 fixes the following issues: - Fix user-after-free in tabwinRemoveClient with (boo#1228524) xfwm4-4.18.0-bp156.3.3.1.src.rpm xfwm4-4.18.0-bp156.3.3.1.x86_64.rpm xfwm4-branding-upstream-4.18.0-bp156.3.3.1.noarch.rpm xfwm4-debuginfo-4.18.0-bp156.3.3.1.x86_64.rpm xfwm4-debugsource-4.18.0-bp156.3.3.1.x86_64.rpm xfwm4-lang-4.18.0-bp156.3.3.1.noarch.rpm xfwm4-4.18.0-bp156.3.3.1.aarch64.rpm xfwm4-debuginfo-4.18.0-bp156.3.3.1.aarch64.rpm xfwm4-debugsource-4.18.0-bp156.3.3.1.aarch64.rpm xfwm4-4.18.0-bp156.3.3.1.ppc64le.rpm xfwm4-debuginfo-4.18.0-bp156.3.3.1.ppc64le.rpm xfwm4-debugsource-4.18.0-bp156.3.3.1.ppc64le.rpm xfwm4-4.18.0-bp156.3.3.1.s390x.rpm xfwm4-debuginfo-4.18.0-bp156.3.3.1.s390x.rpm xfwm4-debugsource-4.18.0-bp156.3.3.1.s390x.rpm openSUSE-2024-273 moderate openSUSE Backports SLE-15-SP6 Update rust-bindgen was updated to fix the following issues: Update to version 0.70.1: * Revert "Only trigger the publish workflow manually" * Fix `collapsible_match` clippy warning * Add `#[clippy::allow]` attribute to `const` layout tests * Fix creduce example * Fix creduce install link * Fix create-tag.yml Update to version 0.70.0: * Fix generation of extern "C" blocks with llvm 18 * Update shlex dependency (RUSTSEC-2024-0006, boo#1229375) * Try to avoid repr(packed) for explicitly aligned types when not needed * Support Float16 * Fix alignment contribution from bitfields * Replace peeking_take_while by itertools * Add blocklist_var * Stabilize thiscall_abi * Allow older itertools * Add target mappings for riscv64imac and riscv32imafc. * Add a complex macro fallback API * Add option to use DST structs for flexible arrays * Add option to dynamically load variables * Add option in CLI to use rustified non-exhaustive enums * Remove which and lazy-static dependencies * Generate compile-time layout tests * Print bindgen-cli errors to stderr instead of stdout * Fix --formatter=prettyplease not working in bindgen-cli by adding prettyplease feature and enabling it by default for bindgen-cli * Fix --allowlist-item so anonymous enums are no longer ignored * Use clang_getFileLocation instead of clang_getSpellingLocation to fix clang-trun * Fix generated constants: f64::INFINITY, f64::NEG_ INFINITY,f64::NAN * Update tempfile and rustix due to GHSA-c827-hfw6-qwvm (boo#1229376) rust-bindgen-0.70.1-bp156.5.1.src.rpm rust-bindgen-0.70.1-bp156.5.1.x86_64.rpm rust-bindgen-debuginfo-0.70.1-bp156.5.1.x86_64.rpm rust-bindgen-0.70.1-bp156.5.1.i586.rpm rust-bindgen-debuginfo-0.70.1-bp156.5.1.i586.rpm rust-bindgen-0.70.1-bp156.5.1.aarch64.rpm rust-bindgen-debuginfo-0.70.1-bp156.5.1.aarch64.rpm rust-bindgen-0.70.1-bp156.5.1.ppc64le.rpm rust-bindgen-debuginfo-0.70.1-bp156.5.1.ppc64le.rpm rust-bindgen-0.70.1-bp156.5.1.s390x.rpm rust-bindgen-debuginfo-0.70.1-bp156.5.1.s390x.rpm openSUSE-2024-267 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 128.0.6613.113 (boo#1229897) * CVE-2024-7969: Type Confusion in V8 * CVE-2024-8193: Heap buffer overflow in Skia * CVE-2024-8194: Type Confusion in V8 * CVE-2024-8198: Heap buffer overflow in Skia chromedriver-128.0.6613.113-bp156.2.20.1.x86_64.rpm chromedriver-debuginfo-128.0.6613.113-bp156.2.20.1.x86_64.rpm chromium-128.0.6613.113-bp156.2.20.1.src.rpm chromium-128.0.6613.113-bp156.2.20.1.x86_64.rpm chromium-debuginfo-128.0.6613.113-bp156.2.20.1.x86_64.rpm chromedriver-128.0.6613.113-bp156.2.20.1.aarch64.rpm chromedriver-debuginfo-128.0.6613.113-bp156.2.20.1.aarch64.rpm chromium-128.0.6613.113-bp156.2.20.1.aarch64.rpm chromium-debuginfo-128.0.6613.113-bp156.2.20.1.aarch64.rpm openSUSE-2024-269 moderate openSUSE Backports SLE-15-SP6 Update trivy was updated to fix the following issues: Update to version 0.54.1: * fix(flag): incorrect behavior for deprected flag `--clear-cache` [backport: release/v0.54] (#7285) * fix(java): Return error when trying to find a remote pom to avoid segfault [backport: release/v0.54] (#7283) * fix(plugin): do not call GitHub content API for releases and tags [backport: release/v0.54] (#7279) * release: v0.54.0 [main] (#7075) * docs: update ecosystem page reporting with plopsec.com app (#7262) * feat(vex): retrieve VEX attestations from OCI registries (#7249) * feat(sbom): add image labels into `SPDX` and `CycloneDX` reports (#7257) * refactor(flag): return error if both `--download-db-only` and `--download-java-db-only` are specified (#7259) * fix(nodejs): detect direct dependencies when using `latest` version for files `yarn.lock` + `package.json` (#7110) * chore: show VEX notice for OSS maintainers in CI environments (#7246) * feat(vuln): add `--pkg-relationships` (#7237) * docs: show VEX cli pages + update config file page for VEX flags (#7244) * fix(dotnet): show `nuget package dir not found` log only when checking `nuget` packages (#7194) * feat(vex): VEX Repository support (#7206) * fix(secret): skip regular strings contain secret patterns (#7182) * feat: share build-in rules (#7207) * fix(report): hide empty table when all secrets/license/misconfigs are ignored (#7171) * fix(cli): error on missing config file (#7154) * fix(secret): update length of `hugging-face-access-token` (#7216) * feat(sbom): add vulnerability support for SPDX formats (#7213) * fix(secret): trim excessively long lines (#7192) * chore(vex): update subcomponents for CVE-2023-42363/42364/42365/42366 (#7201) * fix(server): pass license categories to options (#7203) * feat(mariner): Add support for Azure Linux (#7186) * docs: updates config file (#7188) * refactor(fs): remove unused field for CompositeFS (#7195) * fix: add missing platform and type to spec (#7149) * feat(misconf): enabled China configuration for ACRs (#7156) * fix: close file when failed to open gzip (#7164) * docs: Fix PR documentation to use GitHub Discussions, not Issues (#7141) * docs(misconf): add info about limitations for terraform plan json (#7143) * chore: add VEX for Trivy images (#7140) * chore: add VEX document and generator for Trivy (#7128) * fix(misconf): do not evaluate TF when a load error occurs (#7109) * feat(cli): rename `--vuln-type` flag to `--pkg-types` flag (#7104) * refactor(secret): move warning about file size after `IsBinary` check (#7123) * feat: add openSUSE tumbleweed detection and scanning (#6965) * test: add missing advisory details for integration tests database (#7122) * fix: Add dependencyManagement exclusions to the child exclusions (#6969) * fix: ignore nodes when listing permission is not allowed (#7107) * fix(java): use `go-mvn-version` to remove `Package` duplicates (#7088) * refactor(secret): add warning about large files (#7085) * feat(nodejs): add license parser to pnpm analyser (#7036) * refactor(sbom): add sbom prefix + filepaths for decode log messages (#7074) * feat: add `log.FilePath()` function for logger (#7080) * chore: bump golangci-lint from v1.58 to v1.59 (#7077) * perf(debian): use `bytes.Index` in `emptyLineSplit` to cut allocation (#7065) * refactor: pass DB dir to trivy-db (#7057) * docs: navigate to the release highlights and summary (#7072) Update to version 0.53.0 (bsc#1227022, CVE-2024-6257): * release: v0.53.0 [main] (#6855) * feat(conda): add licenses support for `environment.yml` files (#6953) * fix(sbom): fix panic when scanning SBOM file without root component into SBOM format (#7051) * feat: add memory cache backend (#7048) * fix(sbom): use package UIDs for uniqueness (#7042) * feat(php): add installed.json file support (#4865) * docs: ✨ Updated ecosystem docs with reference to new community app (#7041) * fix: use embedded when command path not found (#7037) * refactor: use google/wire for cache (#7024) * fix(cli): show info message only when --scanners is available (#7032) * chore: enable float-compare rule from testifylint (#6967) * docs: Add sudo on commands, chmod before mv on install docs (#7009) * fix(plugin): respect `--insecure` (#7022) * feat(k8s)!: node-collector dynamic commands support (#6861) * fix(sbom): take pkg name from `purl` for maven pkgs (#7008) * feat!: add clean subcommand (#6993) * chore: use `!` for breaking changes (#6994) * feat(aws)!: Remove aws subcommand (#6995) * refactor: replace global cache directory with parameter passing (#6986) * fix(sbom): use `purl` for `bitnami` pkg names (#6982) * chore: bump Go toolchain version (#6984) * refactor: unify cache implementations (#6977) * docs: non-packaged and sbom clarifications (#6975) * BREAKING(aws): Deprecate `trivy aws` as subcmd in favour of a plugin (#6819) * docs: delete unknown URL (#6972) * refactor: use version-specific URLs for documentation references (#6966) * refactor: delete db mock (#6940) * refactor: add warning if severity not from vendor (or NVD or GH) is used (#6726) * feat: Add local ImageID to SARIF metadata (#6522) * fix(suse): Add SLES 15.6 and Leap 15.6 (#6964) * feat(java): add support for sbt projects using sbt-dependency-lock (#6882) * feat(java): add support for `maven-metadata.xml` files for remote snapshot repositories. (#6950) * fix(purl): add missed os types (#6955) * fix(cyclonedx): trim non-URL info for `advisory.url` (#6952) * fix(c): don't skip conan files from `file-patterns` and scan `.conan2` cache dir (#6949) * fix(image): parse `image.inspect.Created` field only for non-empty values (#6948) * fix(misconf): handle source prefix to ignore (#6945) * fix(misconf): fix parsing of engine links and frameworks (#6937) * feat(misconf): support of selectors for all providers for Rego (#6905) * fix(license): return license separation using separators `,`, `or`, etc. (#6916) * feat(misconf): add support for AWS::EC2::SecurityGroupIngress/Egress (#6755) * BREAKING(misconf): flatten recursive types (#6862) * test: bump docker API to 1.45 (#6914) * feat(sbom): migrate to `CycloneDX v1.6` (#6903) * feat(image): Set User-Agent header for Trivy container registry requests (#6868) * fix(debian): take installed files from the origin layer (#6849) * fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken (#6858) * feat(misconf): API Gateway V1 support for CloudFormation (#6874) * feat(plugin): add support for nested archives (#6845) * fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files (#6866) * fix(secret): `Asymmetric Private Key` shouldn't start with space (#6867) * chore: auto label discussions (#5259) * docs: explain how VEX is applied (#6864) * fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase (#6852) * fix(nodejs): fix infinity loops for `pnpm` with cyclic imports (#6857) * feat(dart): use first version of constraint for dependencies using SDK version (#6239) * fix(misconf): parsing numbers without fraction as int (#6834) * fix(misconf): fix caching of modules in subdirectories (#6814) * feat(misconf): add metadata to Cloud schema (#6831) * test: replace embedded Git repository with dynamically created repository (#6824) Update to version 0.52.2: * test: bump docker API to 1.45 [backport: release/v0.52] (#6922) * fix(debian): take installed files from the origin layer [backport: release/v0.52] (#6892) Update to version 0.52.1: * release: v0.52.1 [release/v0.52] (#6877) * fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken [backport: release/v0.52] (#6888) * fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files [backport: release/v0.52] (#6881) * fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase [backport: release/v0.52] (#6878) * docs: explain how VEX is applied (#6864) * fix(nodejs): fix infinity loops for `pnpm` with cyclic imports (#6857) Update to version 0.52.0 (bsc#1224781, CVE-2024-35192): * release: v0.52.0 [main] (#6809) * fix(plugin): initialize logger (#6836) * fix(cli): always output fatal errors to stderr (#6827) * fix: close testfile (#6830) * docs(julia): add scanner table (#6826) * feat(python): add license support for `requirement.txt` files (#6782) * docs: add more workarounds for out-of-disk (#6821) * chore: improve error message for image not found (#6822) * fix(sbom): fix panic for `convert` mode when scanning json file derived from sbom file (#6808) * fix: clean up golangci lint configuration (#6797) * fix(python): add package name and version validation for `requirements.txt` files. (#6804) * feat(vex): improve relationship support in CSAF VEX (#6735) * chore(alpine): add eol date for Alpine 3.20 (#6800) * docs(plugin): add missed `plugin` section (#6799) * fix: include packages unless it is not needed (#6765) * feat(misconf): support for VPC resources for inbound/outbound rules (#6779) * chore: replace interface{} with any (#6751) * fix: close settings.xml (#6768) * refactor(go): add priority for gobinary module versions from `ldflags` (#6745) * build: use main package instead of main.go (#6766) * feat(misconf): resolve tf module from OpenTofu compatible registry (#6743) * docs: add info on adding compliance checks (#6275) * docs: Add documentation for contributing additional checks to the trivy policies repo (#6234) * feat(nodejs): add v9 pnpm lock file support (#6617) * feat(vex): support non-root components for products in OpenVEX (#6728) * feat(python): add line number support for `requirement.txt` files (#6729) * chore: respect timeout value in .golangci.yaml (#6724) * fix: node-collector high and critical cves (#6707) * Merge pull request from GHSA-xcq4-m2r3-cmrj * chore: auto-bump golang patch versions (#6711) * fix(misconf): don't shift ignore rule related to code (#6708) * feat(plugin): specify plugin version (#6683) * chore: enforce golangci-lint version (#6700) * fix(go): include only `.version`|`.ver` (no prefixes) ldflags for `gobinaries` (#6705) * fix(go): add only non-empty root modules for `gobinaries` (#6710) * refactor: unify package addition and vulnerability scanning (#6579) * fix: Golang version parsing from binaries w/GOEXPERIMENT (#6696) * feat(misconf): Add support for deprecating a check (#6664) * feat: Add Julia language analyzer support (#5635) * feat(misconf): register builtin Rego funcs from trivy-checks (#6616) * fix(report): hide empty tables if all vulns has been filtered (#6352) * feat(report): Include licenses and secrets filtered by rego to ModifiedFindings (#6483) * feat: add support for plugin index (#6674) * docs: add support table for client server mode (#6498) * fix: close APKINDEX archive file (#6672) * fix(misconf): skip Rego errors with a nil location (#6666) * refactor: move artifact types under artifact package to avoid import cycles (#6652) * refactor(misconf): remove extrafs (#6656) * refactor: re-define module structs for serialization (#6655) * chore(misconf): Clean up iac logger (#6642) * feat(misconf): support symlinks inside of Helm archives (#6621) * feat(misconf): add Terraform 'removed' block to schema (#6640) * refactor: unify Library and Package structs (#6633) * fix: use of specified context to obtain cluster name (#6645) * perf(misconf): parse rego input once (#6615) * fix(misconf): skip Rego errors with a nil location (#6638) * docs: link warning to both timeout config options (#6620) * docs: fix usage of image-config-scanners (#6635) Update to version 0.51.1: * fix(fs): handle default skip dirs properly (#6628) * fix(misconf): load cached tf modules (#6607) * fix(misconf): do not use semver for parsing tf module versions (#6614) * refactor: move setting scanners when using compliance reports to flag parsing (#6619) * feat: introduce package UIDs for improved vulnerability mapping (#6583) * perf(misconf): Improve cause performance (#6586) * docs: trivy-k8s new experiance remove un-used section (#6608) * docs: remove mention of GitLab Gold because it doesn't exist anymore (#6609) * feat(misconf): Use updated terminology for misconfiguration checks (#6476) * docs: use `generic` link from `trivy-repo` (#6606) * docs: update trivy k8s with new experience (#6465) * feat: support `--skip-images` scanning flag (#6334) * BREAKING: add support for k8s `disable-node-collector` flag (#6311) * feat: add ubuntu 23.10 and 24.04 support (#6573) * docs(go): add stdlib (#6580) * feat(go): parse main mod version from build info settings (#6564) * feat: respect custom exit code from plugin (#6584) * docs: add asdf and mise installation method (#6063) * feat(vuln): Handle scanning conan v2.x lockfiles (#6357) * feat: add support `environment.yaml` files (#6569) * fix: close plugin.yaml (#6577) * fix: trivy k8s avoid deleting non-default node collector namespace (#6559) * BREAKING: support exclude `kinds/namespaces` and include `kinds/namespaces` (#6323) * feat(go): add main module (#6574) * feat: add relationships (#6563) * docs: mention `--show-suppressed` is available in table (#6571) * chore: fix sqlite to support loong64 (#6511) * fix(debian): sort dpkg info before parsing due to exclude directories (#6551) * docs: update info about config file (#6547) * docs: remove RELEASE_VERSION from trivy.repo (#6546) * fix(sbom): change error to warning for multiple OSes (#6541) * fix(vuln): skip empty versions (#6542) * feat(c): add license support for conan lock files (#6329) * fix(terraform): Attribute and fileset fixes (#6544) * refactor: change warning if no vulnerability details are found (#6230) * refactor(misconf): improve error handling in the Rego scanner (#6527) * feat(go): parse main module of go binary files (#6530) * refactor(misconf): simplify the retrieval of module annotations (#6528) * docs(nodejs): add info about supported versions of pnpm lock files (#6510) * feat(misconf): loading embedded checks as a fallback (#6502) * fix(misconf): Parse JSON k8s manifests properly (#6490) * refactor: remove parallel walk (#5180) * fix: close pom.xml (#6507) * fix(secret): convert severity for custom rules (#6500) * fix(java): update logic to detect `pom.xml` file snapshot artifacts from remote repositories (#6412) * fix: typo (#6283) * docs(k8s,image): fix command-line syntax issues (#6403) * fix(misconf): avoid panic if the scheme is not valid (#6496) * feat(image): goversion as stdlib (#6277) * fix: add color for error inside of log message (#6493) * docs: fix links to OPA docs (#6480) * refactor: replace zap with slog (#6466) * docs: update links to IaC schemas (#6477) * chore: bump Go to 1.22 (#6075) * refactor(terraform): sync funcs with Terraform (#6415) * feat(misconf): add helm-api-version and helm-kube-version flag (#6332) * fix(terraform): eval submodules (#6411) * refactor(terraform): remove unused options (#6446) * refactor(terraform): remove unused file (#6445) * fix(misconf): Escape template value correctly (#6292) * feat(misconf): add support for wildcard ignores (#6414) * fix(cloudformation): resolve `DedicatedMasterEnabled` parsing issue (#6439) * refactor(terraform): remove metrics collection (#6444) * feat(cloudformation): add support for logging and endpoint access for EKS (#6440) * fix(db): check schema version for image name only (#6410) * feat(misconf): Support private registries for misconf check bundle (#6327) * feat(cloudformation): inline ignore support for YAML templates (#6358) * feat(terraform): ignore resources by nested attributes (#6302) * perf(helm): load in-memory files (#6383) * feat(aws): apply filter options to result (#6367) * feat(aws): quiet flag support (#6331) * fix(misconf): clear location URI for SARIF (#6405) * test(cloudformation): add CF tests (#6315) * fix(cloudformation): infer type after resolving a function (#6406) * fix(sbom): fix error when parent of SPDX Relationships is not a package. (#6399) * docs: add info about support for package license detection in `fs`/`repo` modes (#6381) * fix(nodejs): add support for parsing `workspaces` from `package.json` as an object (#6231) * fix: use `0600` perms for tmp files for post analyzers (#6386) * fix(helm): scan the subcharts once (#6382) * docs(terraform): add file patterns for Terraform Plan (#6393) * fix(terraform): сhecking SSE encryption algorithm validity (#6341) * fix(java): parse modules from `pom.xml` files once (#6312) * fix(server): add Locations for `Packages` in client/server mode (#6366) * fix(sbom): add check for `CreationInfo` to nil when detecting SPDX created using Trivy (#6346) * fix(report): don't include empty strings in `.vulnerabilities[].identifiers[].url` when `gitlab.tpl` is used (#6348) * chore(ubuntu): Add Ubuntu 22.04 EOL date (#6371) * feat(java): add support licenses and graph for gradle lock files (#6140) * feat(vex): consider root component for relationships (#6313) * fix: increase the default buffer size for scanning dpkg status files by 2 times (#6298) * chore: updates wazero to v1.7.0 (#6301) * feat(sbom): Support license detection for SBOM scan (#6072) * refactor(sbom): use intermediate representation for SPDX (#6310) * docs(terraform): improve documentation for filtering by inline comments (#6284) * fix(terraform): fix policy document retrieval (#6276) * refactor(terraform): remove unused custom error (#6303) * refactor(sbom): add intermediate representation for BOM (#6240) * fix(amazon): check only major version of AL to find advisories (#6295) * fix(db): use schema version as tag only for `trivy-db` and `trivy-java-db` registries by default (#6219) * fix(nodejs): add name validation for package name from `package.json` (#6268) * docs: Added install instructions for FreeBSD (#6293) * feat(image): customer podman host or socket option (#6256) * feat(java): mark dependencies from `maven-invoker-plugin` integration tests pom.xml files as `Dev` (#6213) * fix(license): reorder logic of how python package licenses are acquired (#6220) * test(terraform): skip cached modules (#6281) * feat(secret): Support for detecting Hugging Face Access Tokens (#6236) * fix(cloudformation): support of all SSE algorithms for s3 (#6270) * feat(terraform): Terraform Plan snapshot scanning support (#6176) * fix: typo function name and comment optimization (#6200) * fix(java): don't ignore runtime scope for pom.xml files (#6223) * fix(license): add FilePath to results to allow for license path filtering via trivyignore file (#6215) * test(k8s): use test-db for k8s integration tests (#6222) * fix(terraform): fix root module search (#6160) * test(parser): squash test data for yarn (#6203) * fix(terraform): do not re-expand dynamic blocks (#6151) * docs: update ecosystem page reporting with db app (#6201) * fix: k8s summary separate infra and user finding results (#6120) * fix: add context to target finding on k8s table view (#6099) * fix: Printf format err (#6198) * refactor: better integration of the parser into Trivy (#6183) * feat(terraform): Add hyphen and non-ASCII support for domain names in credential extraction (#6108) * fix(vex): CSAF filtering should consider relationships (#5923) * refactor(report): Replacing `source_location` in `github` report when scanning an image (#5999) * feat(vuln): ignore vulnerabilities by PURL (#6178) * feat(java): add support for fetching packages from repos mentioned in pom.xml (#6171) * feat(k8s): rancher rke2 version support (#5988) * docs: update kbom distribution for scanning (#6019) * chore: update CODEOWNERS (#6173) * fix(swift): try to use branch to resolve version (#6168) * fix(terraform): ensure consistent path handling across OS (#6161) * fix(java): add only valid libs from `pom.properties` files from `jars` (#6164) * fix(sbom): skip executable file analysis if Rekor isn't a specified SBOM source (#6163) * docs(report): add remark about `path` to filter licenses using `.trivyignore.yaml` file (#6145) * docs: update template path for gitlab-ci tutorial (#6144) * feat(report): support for filtering licenses and secrets via rego policy files (#6004) * fix(cyclonedx): move root component from scanned cyclonedx file to output cyclonedx file (#6113) * docs: add SecObserve in CI/CD and reporting (#6139) * fix(alpine): exclude empty licenses for apk packages (#6130) * docs: add docs tutorial on custom policies with rego (#6104) * fix(nodejs): use project dir when searching for workspaces for Yarn.lock files (#6102) * feat(vuln): show suppressed vulnerabilities in table (#6084) * docs: rename governance to principles (#6107) * docs: add governance (#6090) * feat(java): add dependency location support for `gradle` files (#6083) * fix(misconf): get `user` from `Config.User` (#6070) Update to version 0.49.1: * fix: check unescaped `BomRef` when matching `PkgIdentifier` (#6025) * docs: Fix broken link to "pronunciation" (#6057) * fix: fix cursor usage in Redis Clear function (#6056) * fix(nodejs): add local packages support for `pnpm-lock.yaml` files (#6034) * test: fix flaky `TestDockerEngine` (#6054) * fix(java): recursive check all nested depManagements with import scope for pom.xml files (#5982) * fix(cli): inconsistent behavior across CLI flags, environment variables, and config files (#5843) * feat(rust): Support workspace.members parsing for Cargo.toml analysis (#5285) * docs: add note about Bun (#6001) * fix(report): use `AWS_REGION` env for secrets in `asff` template (#6011) * fix: check returned error before deferring f.Close() (#6007) * feat(misconf): add support of buildkit instructions when building dockerfile from image config (#5990) * feat(vuln): enable `--vex` for all targets (#5992) * docs: update link to data sources (#6000) * feat(java): add support for line numbers for pom.xml files (#5991) * refactor(sbom): use new `metadata.tools` struct for CycloneDX (#5981) * docs: Update troubleshooting guide with image not found error (#5983) * style: update band logos (#5968) * docs: update cosign tutorial and commands, update kyverno policy (#5929) * docs: update command to scan go binary (#5969) * fix: handle non-parsable images names (#5965) * fix(amazon): save system files for pkgs containing `amzn` in src (#5951) * fix(alpine): Add EOL support for alpine 3.19. (#5938) * feat: allow end-users to adjust K8S client QPS and burst (#5910) * fix(nodejs): find licenses for packages with slash (#5836) * fix(sbom): use `group` field for pom.xml and nodejs files for CycloneDX reports (#5922) * fix: ignore no init containers (#5939) * docs: Fix documentation of ecosystem (#5940) * docs(misconf): multiple ignores in comment (#5926) * fix(secret): find aws secrets ending with a comma or dot (#5921) * docs: ✨ Updated ecosystem docs with reference to new community app (#5918) * fix(java): check if a version exists when determining GAV by file name for `jar` files (#5630) * feat(vex): add PURL matching for CSAF VEX (#5890) * fix(secret): `AWS Secret Access Key` must include only secrets with `aws` text. (#5901) * revert(report): don't escape new line characters for sarif format (#5897) * docs: improve filter by rego (#5402) * docs: add_scan2html_to_trivy_ecosystem (#5875) * fix(vm): update ext4-filesystem fix reading groupdescriptor in 32bit mode (#5888) * feat(vex): Add support for CSAF format (#5535) * feat(python): parse licenses from dist-info folder (#4724) * feat(nodejs): add yarn alias support (#5818) * refactor: propagate time through context values (#5858) * refactor: move PkgRef under PkgIdentifier (#5831) * fix(cyclonedx): fix unmarshal for licenses (#5828) * feat(vuln): include pkg identifier on detected vulnerabilities (#5439) Update to version 0.48.1: * fix(bitnami): use a different comparer for detecting vulnerabilities (#5633) * refactor(sbom): disable html escaping for CycloneDX (#5764) * refactor(purl): use `pub` from `package-url` (#5784) * docs(python): add note to using `pip freeze` for `compatible releases` (#5760) * fix(report): use OS information for OS packages purl in `github` template (#5783) * fix(report): fix error if miconfigs are empty (#5782) * refactor(vuln): don't remove VendorSeverity in JSON report (#5761) * fix(report): don't mark misconfig passed tests as failed in junit.tpl (#5767) * docs(k8s): replace --scanners config with --scanners misconfig in docs (#5746) * fix(report): update Gitlab template (#5721) * feat(secret): add support of GitHub fine-grained tokens (#5740) * fix(misconf): add an image misconf to result (#5731) * feat(secret): added support of Docker registry credentials (#5720) Update to version 0.48.0: * feat: filter k8s core components vuln results (#5713) * feat(vuln): remove duplicates in Fixed Version (#5596) * feat(report): output plugin (#4863) * docs: typo in modules.md (#5712) * feat: Add flag to configure node-collector image ref (#5710) * feat(misconf): Add `--misconfig-scanners` option (#5670) * chore: bump Go to 1.21 (#5662) * feat: Packagesprops support (#5605) * docs: update adopters discussion template (#5632) * docs: terraform tutorial links updated to point to correct loc (#5661) * fix(secret): add `sec` and space to secret prefix for `aws-secret-access-key` (#5647) * fix(nodejs): support protocols for dependency section in yarn.lock files (#5612) * fix(secret): exclude upper case before secret for `alibaba-access-key-id` (#5618) * docs: Update Arch Linux package URL in installation.md (#5619) * chore: add prefix to image errors (#5601) * docs(vuln): fix link anchor (#5606) * docs: Add Dagger integration section and cleanup Ecosystem CICD docs page (#5608) * fix: k8s friendly error messages kbom non cluster scans (#5594) * feat: set InstalledFiles for DEB and RPM packages (#5488) * fix(report): use time.Time for CreatedAt (#5598) * test: retry containerd initialization (#5597) * feat(misconf): Expose misconf engine debug logs with `--debug` option (#5550) * test: mock VM walker (#5589) * chore: bump node-collector v0.0.9 (#5591) * feat(misconf): Add support for `--cf-params` for CFT (#5507) * feat(flag): replace '--slow' with '--parallel' (#5572) * fix(report): add escaping for Sarif format (#5568) * chore: show a deprecation notice for `--scanners config` (#5587) * feat(report): Add CreatedAt to the JSON report. (#5542) (#5549) * test: mock RPM DB (#5567) * feat: add aliases to '--scanners' (#5558) * refactor: reintroduce output writer (#5564) * chore: not load plugins for auto-generating docs (#5569) * chore: sort supported AWS services (#5570) * fix: no schedule toleration (#5562) * fix(cli): set correct `scanners` for `k8s` target (#5561) * fix(sbom): add `FilesAnalyzed` and `PackageVerificationCode` fields for SPDX (#5533) * refactor(misconf): Update refactored dependencies (#5245) * feat(secret): add built-in rule for JWT tokens (#5480) * fix: trivy k8s parse ecr image with arn (#5537) * fix: fail k8s resource scanning (#5529) * refactor(misconf): don't remove Highlighted in json format (#5531) * docs(k8s): fix link in kubernetes.md (#5524) * docs(k8s): fix whitespace in list syntax (#5525) Update to version 0.47.0: * docs: add info that license scanning supports file-patterns flag (#5484) * docs: add Zora integration into Ecosystem session (#5490) * fix(sbom): Use UUID as BomRef for packages with empty purl (#5448) * fix: correct error mismatch causing race in fast walks (#5516) * docs: k8s vulnerability scanning (#5515) * docs: remove glad for java datasources (#5508) * chore: remove unused logger attribute in amazon detector (#5476) * fix: correct error mismatch causing race in fast walks (#5482) * fix(server): add licenses to `BlobInfo` message (#5382) * feat: scan vulns on k8s core component apps (#5418) * fix(java): fix infinite loop when `relativePath` field points to `pom.xml` being scanned (#5470) * fix(sbom): save digests for package/application when scanning SBOM files (#5432) * docs: fix the broken link (#5454) * docs: fix error when installing `PyYAML` for gh pages (#5462) * fix(java): download java-db once (#5442) * docs(misconf): Update `--tf-exclude-downloaded-modules` description (#5419) * feat(misconf): Support `--ignore-policy` in config scans (#5359) * docs(misconf): fix broken table for `Use container image` section (#5425) * feat(dart): add graph support (#5374) * refactor: define a new struct for scan targets (#5397) * fix(sbom): add missed `primaryURL` and `source severity` for CycloneDX (#5399) * fix: correct invalid MD5 hashes for rpms ending with one or more zero bytes (#5393) * docs: remove --scanners none (#5384) * docs: Update container_image.md #5182 (#5193) * feat(report): Add `InstalledFiles` field to Package (#4706) * feat(k8s): add support for vulnerability detection (#5268) * fix(python): override BOM in `requirements.txt` files (#5375) * docs: add kbom documentation (#5363) * test: use maximize build space for VM tests (#5362) * fix(report): add escaping quotes in misconfig Title for asff template (#5351) * fix: Report error when os.CreateTemp fails (to be consistent with other uses) (#5342) * fix: add config files to FS for post-analyzers (#5333) * fix: fix MIME warnings after updating to Go 1.20 (#5336) * build: fix a compile error with Go 1.21 (#5339) * feat: added `Metadata` into the k8s resource's scan report (#5322) * chore: update adopters template (#5330) * fix(sbom): use PURL or Group and Name in case of Java (#5154) * docs: add buildkite repository to ecosystem page (#5316) * chore: enable go-critic (#5302) * close java-db client (#5273) * fix(report): removes git::http from uri in sarif (#5244) * Improve the meaning of sentence (#5301) * add app nil check (#5274) * typo: in secret.md (#5281) * docs: add info about `github` format (#5265) * feat(dotnet): add license support for NuGet (#5217) * docs: correctly export variables (#5260) * chore: Add line numbers for lint output (#5247) * chore(cli): disable java-db flags in server mode (#5263) * feat(db): allow passing registry options (#5226) * refactor(purl): use TypeApk from purl (#5232) * chore: enable more linters (#5228) * Fix typo on ide.md (#5239) * refactor: use defined types (#5225) * fix(purl): skip local Go packages (#5190) * docs: update info about license scanning in Yarn projects (#5207) * fix link (#5203) * fix(purl): handle rust types (#5186) * chore: auto-close issues (#5177) * fix(k8s): kbom support addons labels (#5178) * test: validate SPDX with the JSON schema (#5124) * chore: bump trivy-kubernetes-latest (#5161) * docs: add 'Signature Verification' guide (#4731) * docs: add image-scanner-with-trivy for ecosystem (#5159) * fix(fs): assign the absolute path to be inspected to ROOTPATH when filesystem (#5158) * Update filtering.md (#5131) * chaging adopters discussion tempalte (#5091) * docs: add Bitnami (#5078) * feat(docker): add support for scanning Bitnami components (#5062) * feat: add support for .trivyignore.yaml (#5070) * fix(terraform): improve detection of terraform files (#4984) * feat: filter artifacts on --exclude-owned flag (#5059) * fix(sbom): cyclonedx advisory should omit `null` value (#5041) * build: maximize build space for build tests (#5072) * feat: improve kbom component name (#5058) * fix(pom): add licenses for pom artifacts (#5071) * chore: bump Go to `1.20` (#5067) * feat: PURL matching with qualifiers in OpenVEX (#5061) * feat(java): add graph support for pom.xml (#4902) * feat(swift): add vulns for cocoapods (#5037) * fix: support image pull secret for additional workloads (#5052) * fix: #5033 Superfluous double quote in html.tpl (#5036) * docs(repo): update trivy repo usage and example (#5049) * perf: Optimize Dockerfile for reduced layers and size (#5038) * feat: scan K8s Resources Kind with --all-namespaces (#5043) * fix: vulnerability typo (#5044) * docs: adding a terraform tutorial to the docs (#3708) * feat(report): add licenses to sarif format (#4866) * feat(misconf): show the resource name in the report (#4806) * chore: update alpine base images (#5015) * feat: add Package.resolved swift files support (#4932) * feat(nodejs): parse licenses in yarn projects (#4652) * fix: k8s private registries support (#5021) * bump github.com/testcontainers/testcontainers-go from 0.21.0 to 0.23.0 (#5018) * feat(vuln): support last_affected field from osv (#4944) * feat(server): add version endpoint (#4869) * feat: k8s private registries support (#4987) * fix(server): add indirect prop to package (#4974) * docs: add coverage (#4954) * feat(c): add location for lock file dependencies. (#4994) * docs: adding blog post on ec2 (#4813) * revert 32bit bins (#4977) trivy-0.54.1-bp156.2.3.1.src.rpm trivy-0.54.1-bp156.2.3.1.x86_64.rpm trivy-0.54.1-bp156.2.3.1.i586.rpm trivy-0.54.1-bp156.2.3.1.aarch64.rpm trivy-0.54.1-bp156.2.3.1.ppc64le.rpm trivy-0.54.1-bp156.2.3.1.s390x.rpm openSUSE-2024-292 moderate openSUSE Backports SLE-15-SP6 Update This update for adios fixes the following issues: - Require python3-PyYAML instead of non-existent python-PyYAML (boo#1228146) adios-gnu-mpich-hpc-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-mpich-hpc-devel-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-mpich-hpc-devel-static-1.13.1-bp156.4.3.1.noarch.rpm adios_1_13_1-gnu-mpich-hpc-1.13.1-bp156.4.3.1.src.rpm adios_1_13_1-gnu-mpich-hpc-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-mpich-hpc-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-mpich-hpc-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-gnu-mvapich2-hpc-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-mvapich2-hpc-devel-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-mvapich2-hpc-devel-static-1.13.1-bp156.4.3.1.noarch.rpm adios_1_13_1-gnu-mvapich2-hpc-1.13.1-bp156.4.3.1.src.rpm adios_1_13_1-gnu-mvapich2-hpc-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-gnu-openmpi2-hpc-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-openmpi2-hpc-devel-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-openmpi2-hpc-devel-static-1.13.1-bp156.4.3.1.noarch.rpm adios_1_13_1-gnu-openmpi2-hpc-1.13.1-bp156.4.3.1.src.rpm adios_1_13_1-gnu-openmpi2-hpc-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-gnu-openmpi3-hpc-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-openmpi3-hpc-devel-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-openmpi3-hpc-devel-static-1.13.1-bp156.4.3.1.noarch.rpm adios_1_13_1-gnu-openmpi3-hpc-1.13.1-bp156.4.3.1.src.rpm adios_1_13_1-gnu-openmpi3-hpc-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-gnu-openmpi4-hpc-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-openmpi4-hpc-devel-1.13.1-bp156.4.3.1.noarch.rpm adios-gnu-openmpi4-hpc-devel-static-1.13.1-bp156.4.3.1.noarch.rpm adios_1_13_1-gnu-openmpi4-hpc-1.13.1-bp156.4.3.1.src.rpm adios_1_13_1-gnu-openmpi4-hpc-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi2-1.13.1-bp156.4.3.1.src.rpm adios-openmpi2-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi2-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi2-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi3-1.13.1-bp156.4.3.1.src.rpm adios-openmpi3-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi3-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi3-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi4-1.13.1-bp156.4.3.1.src.rpm adios-openmpi4-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi4-devel-1.13.1-bp156.4.3.1.x86_64.rpm adios-openmpi4-devel-static-1.13.1-bp156.4.3.1.x86_64.rpm adios_1_13_1-gnu-mpich-hpc-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-mpich-hpc-devel-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-mpich-hpc-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-mvapich2-hpc-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi2-hpc-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi3-hpc-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi4-hpc-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi2-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi2-devel-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi2-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi3-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi3-devel-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi3-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi4-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi4-devel-1.13.1-bp156.4.3.1.i586.rpm adios-openmpi4-devel-static-1.13.1-bp156.4.3.1.i586.rpm adios_1_13_1-gnu-mpich-hpc-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-mpich-hpc-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-mpich-hpc-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-mvapich2-hpc-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi2-hpc-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi3-hpc-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi4-hpc-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi2-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi2-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi2-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi3-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi3-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi3-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi4-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi4-devel-1.13.1-bp156.4.3.1.aarch64.rpm adios-openmpi4-devel-static-1.13.1-bp156.4.3.1.aarch64.rpm adios_1_13_1-gnu-mpich-hpc-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-mpich-hpc-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-mpich-hpc-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-mvapich2-hpc-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-mvapich2-hpc-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi2-hpc-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi2-hpc-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi3-hpc-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi3-hpc-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi4-hpc-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios_1_13_1-gnu-openmpi4-hpc-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi2-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi2-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi2-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi3-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi3-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi3-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi4-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi4-devel-1.13.1-bp156.4.3.1.ppc64le.rpm adios-openmpi4-devel-static-1.13.1-bp156.4.3.1.ppc64le.rpm openSUSE-2024-277 moderate openSUSE Backports SLE-15-SP6 Update This update for abcde fixes the following issues: - Fix arithmetic on non-octal track numbers (boo#1219527) abcde-2.9.3-bp156.5.3.1.noarch.rpm abcde-2.9.3-bp156.5.3.1.src.rpm openSUSE-2024-276 important openSUSE Backports SLE-15-SP6 Update This update for cacti, cacti-spine fixes the following issues: - cacti 1.2.27: * CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240) * CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229) * CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238) * CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239) * CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231) * CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241) * CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236) * CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235) * CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237) * CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230) * Improve PHP 8.3 support * When importing packages via command line, data source profile could not be selected * When changing password, returning to previous page does not always work * When using LDAP authentication the first time, warnings may appear in logs * When editing/viewing devices, add IPv6 info to hostname tooltip * Improve speed of polling when Boost is enabled * Improve support for Half-Hour time zones * When user session not found, device lists can be incorrectly returned * On import, legacy templates may generate warnings * Improve support for alternate locations of Ping * Improve PHP 8.1 support for Installer * Fix issues with number formatting * Improve PHP 8.1 support when SpikeKill is run first time * Improve PHP 8.1 support for SpikeKill * When using Chinese to search for graphics, garbled characters appear. * When importing templates, preview mode will not always load * When remote poller is installed, MySQL TimeZone DB checks are not performed * When Remote Poller installation completes, no finish button is shown * Unauthorized agents should be recorded into logs * Poller cache may not always update if hostname changes * When using CMD poller, Failure and Recovery dates may have incorrect values * Saving a Tree can cause the tree to become unpublished * Web Basic Authentication does not record user logins * When using Accent-based languages, translations may not work properly * Fix automation expressions for device rules * Improve PHP 8.1 Support during fresh install with boost * Add a device "enabled/disabled" indicator next to the graphs * Notify the admin periodically when a remote data collector goes into heartbeat status * Add template for Aruba Clearpass * Add fliter/sort of Device Templates by Graph Templates - cacti-spine 1.2.27: * Restore AES Support cacti-spine-1.2.27-bp156.2.3.1.src.rpm cacti-spine-1.2.27-bp156.2.3.1.x86_64.rpm cacti-spine-debuginfo-1.2.27-bp156.2.3.1.x86_64.rpm cacti-spine-debugsource-1.2.27-bp156.2.3.1.x86_64.rpm cacti-1.2.27-bp156.2.3.1.noarch.rpm cacti-1.2.27-bp156.2.3.1.src.rpm cacti-spine-1.2.27-bp156.2.3.1.i586.rpm cacti-spine-debuginfo-1.2.27-bp156.2.3.1.i586.rpm cacti-spine-debugsource-1.2.27-bp156.2.3.1.i586.rpm cacti-spine-1.2.27-bp156.2.3.1.aarch64.rpm cacti-spine-debuginfo-1.2.27-bp156.2.3.1.aarch64.rpm cacti-spine-debugsource-1.2.27-bp156.2.3.1.aarch64.rpm cacti-spine-1.2.27-bp156.2.3.1.ppc64le.rpm cacti-spine-debuginfo-1.2.27-bp156.2.3.1.ppc64le.rpm cacti-spine-debugsource-1.2.27-bp156.2.3.1.ppc64le.rpm cacti-spine-1.2.27-bp156.2.3.1.s390x.rpm cacti-spine-debuginfo-1.2.27-bp156.2.3.1.s390x.rpm cacti-spine-debugsource-1.2.27-bp156.2.3.1.s390x.rpm openSUSE-2024-290 moderate openSUSE Backports SLE-15-SP6 Update This update for gh fixes the following issues: Update to version 2.55.0: * Add flox to linux installation instructions * Update pkg/cmd/issue/develop/develop.go * Update api/queries_branch_issue_reference.go * add testing * fix behavior for `issue develop -b non-exist-branch` * Describe bucket and state JSON fields in pr checks command * Fix pr checks exit code (#9452) * Add a note about external contributors to `working-with-us.md` * Update attestation TUF root * include required permissions to generate attestations * build(deps): bump github.com/creack/pty from 1.1.21 to 1.1.23 (#9459) * Do not generate build attestations for otherBinWorkflow.yml * Use latest checkout version, generate attestations, and specify go version file input. * Update `gh search issues --project` flag doc to specify `owner/number` syntax * Update `gh search prs --project` flag doc to specify `owner/number` syntax * build(deps): bump actions/attest-build-provenance from 1.4.0 to 1.4.1 * Minor grammatical fix * Add test cases for PGP, SSH and X.509 signatures * Explain why not looking for signature begin marker * Wrap flags with backticks, continued * Replace `--project.*` flags' `name` with `title` in docs (#9443) * Change to requiring bundle v0.2 * Fix tests * Require Sigstore Bundle v0.3 when verifying with `gh attestation` * Change `gh repo set-default --view` to print to `stderr` when no default exists (#9431) * Document that `gh run download` downloads the latest artifact by default * Deduplicate the initialization of editor mode * Update docs/triage.md * Add Acceptance Criteria requirement to triage.md for accepted issues * Add `pr create --editor` * build(deps): bump github.com/google/go-containerregistry * Fix host handling in variable and secret delete * Unify use of tab indent in non-test source files * Update `gh variable get` to use repo host * build(deps): bump actions/attest-build-provenance from 1.3.3 to 1.4.0 * Add Flox as an installation option * Update tests with changes to `gitTagInfo` function * Add example for `--notes-from-tag` * Add test for `gitTagInfo` * Use signature-stripped tag annotation content Update to version 2.54.0: * update test and remove logic to check SourceRepositoryOwnerURI is empty string * update test * minor fix * update test * added * handle attest case insensitivity * Fix missing variable * Use closure-scoped variable to catch `--remove-milestone` option * Use closure-scoped variable to catch `--remove-milestone` option * build(deps): bump github.com/google/go-containerregistry * Verify `--milestone` and `--remove-milestone` are not assignable at the same time * Assert correct parsing of `--remove-milestone` option * Verify `--body` and `--body-file` are not assignable at the same time * Add `--remove-milestone` option * Improve `--remove-milestone` option description * Point to `Editable.MilestoneId` method * build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5 * Update sigstore-go in gh CLI to v0.5.1 (#9366) * Handle `--bare` clone targets (#9271) * Slightly clarify when CLI will exit with 4 * Export databaseId for releases * Alphabetise release json fields * Add test for release view json export fields * Expose fullDatabaseId for PR json export * Add examples for template usage in PR and issue creation * document exit code behavior * Update documentation for gh api PATCH * Exit with 1 on authentication failure * Verify `--milestone` and `--remove-milestone` are not assignable at the same time * Assert correct parsing of `--remove-milestone` option * Add `--remove-milestone` option * Remove unused expected `output` from test case (with `wantsErr: true`) * Verify `--body` and `--body-file` are not assignable at the same time * Remove attestation test that requires being online (#9340) * Remove redundant whitespace gh-2.55.0-bp156.2.9.1.src.rpm gh-2.55.0-bp156.2.9.1.x86_64.rpm gh-bash-completion-2.55.0-bp156.2.9.1.noarch.rpm gh-fish-completion-2.55.0-bp156.2.9.1.noarch.rpm gh-zsh-completion-2.55.0-bp156.2.9.1.noarch.rpm gh-2.55.0-bp156.2.9.1.i586.rpm gh-2.55.0-bp156.2.9.1.aarch64.rpm gh-2.55.0-bp156.2.9.1.ppc64le.rpm gh-2.55.0-bp156.2.9.1.s390x.rpm openSUSE-2024-279 moderate openSUSE Backports SLE-15-SP6 Update This update for python-Paste fixes the following issues: Update to 3.10.1: * Correct packaging and testing when not in a clean virtualenv version 3.10.0: * Move development to https://github.com/pasteorg/paste * Vendor cgi.FieldStorage and cgitb.Hook * More cleaning of Python 2 style code. update to 3.9.0: * misc bugs + please pyflakes * Remove unused format_environ method in watchthreads APP update to 3.8.0: * remove most python2 compatibility update to 3.7.1: * The main change for 3.7.0 and beyond is dropping support for Python 2. In the past it was possible to get Paste to work in Python 2 with some effort. That's now no longer possible. If Python 2 is required for some reason, use an older version of Paste. update to 3.6.1: * Turn on github action for tests on pull requests * Add a Makefile for simple automation Update to 3.5.3: * Use importlib instead of imp with Python 3. update to 3.5.2: * Fix py3 compatibility in paste.wsgilib.catch_errors (#70) * A Python 3 application might only define `__next__`, not `next`. Use `six.next` instead. * This is very similar to https://github.com/cdent/paste/pull/53, and was apparently missed there. update to 3.5.1: * Replace deprecated threading.currentThread, getName and setDaemon with threading.current_thread, name and daemon. update to 3.5.0: * Python 3 fixes to auth and wsgi.errors handling; notably making wsgi.errors text. Update to 3.4.6: * Explicit pkg_resource dependency to easy packaging. * Remove deprecated dependencies paste/fixture.py. * Update setup.py to work with setuptools 50.1.0+ update to 3.4.3: * Patch auth ticket to be python3 compatible. update to 3.4.2: * Correct sorting of items() in EvalHTMLFormatter. * Fix next in iterators in wsgilib.py. update to 3.4.0 * Python 3 updates for use of StringIO and auth_tkt.py. * Use six.BytesIO when reading wsgi.input. * Allow binding IPv6 address when starting a server. update to 3.2.6 * Correctly handle HEAD requests (to send empty body) when gzip encoding requested. * Use is_alive instead of isAlive for Python 3.9 compatibility. * Use encodebytes instead of deprecated encodestring. * Fix Python 2 and 3 compatibility for base64. update to 3.2.3: * Correct ``100 Continue`` in Python 3 * Avoid some reference cycles through tracebacks in httpserver.py Update to 3.2.0: * Ensure unicode URLs work in TestApp. * Make LimitedLengthFile file return empty bytes. * Protect against accidental close in FieldStorage. version update to 3.1.0 * Allow anything that can read() for a file-like response, not just a ``file`` instance. Update to v3.0.8: * Fix quoting of bytestrings Update to 3.0.7: * Write bytestrings when calling wsgi_write_chunk * Revert "Remove use of OpenSSL.tsafe, which links to OpenSSL.SSL update to 3.0.5: * Use correct variable when building message for exception * Remove use of OpenSSL.tsafe, which links to OpenSSL.SSL anyways. (#16) * Fix error on httpserver shutdown * Add support for limited testing with travis-ci * Merged in hroncok/paste/py37 (pull request #41) * Don't raise StopIteration from generator, return instead * Fix up testing after switch to pytest * Make iterators Python3-compatible * Don't raise StopIteration inside a generator * add link to read the docs to README * Prepare docs for publishing to RTFD * py3 fixes for form handling in paste.fixture (#8) * paste.fixture: fix form offset handling (#12) * Don't delete dict item while iterating over same dict (#14) * Enable coverage reporting via codecov (#10) - update to 2.0.3: * Add tests/test_httpserver.py * Fix improper commas in request headers in wsgi_environ * tests/test_httpserver.py: Use `email` module instead of `mimetools` * tests/test_httpserver.py: Add test_environ_with_multiple_values * Make get all values of a header work on both Python 2 and 3 * Make get_headers default to Python 3; fallback to Python 2 * Make utility function private: _get_headers * Fix Python 3 issue in paste/fixture.py * test_wsgirequest_charset: Use UTF-8 instead of iso-8859-1 * Replace cgi.parse_qsl w/ six.moves.urllib.parse.parse_sql * replace ``has_key`` method to ``in`` operator #9 * Don't display invalid error message when socket in use * Update docs/news.txt for 2.0.2 * Added tag 2.0.2 for changeset 53f5c2cd7f50 * Python 3: App must always return binary type. * Python 3: Always encode params if passed as text types * Python 3: Don't mangle strangely encoded input * Python 3: Use the same python interpreter for CGI scripts. * Python 3: add workarounds for cgi.FieldStorage * Python 3: avoid spurious warnings * Python 3: dict.items() doesn't return a list anymore * Python 3: ignore exception details in doctests * Python 3: let html_quote() and url() always return the same type * Python 3: use compatible print syntax in example text * Change six requirement to >=1.4.0 * tox.ini: Add py35 to envlist * Enable testing with pypy * tox.ini: Measure test coverage * paste.wsgilib.add_close: Add __next__ method * Add tests for `add_close` class * Uncomment/cleanup paste.wsgilib.app_close.__next__ * Check paste.wsgilib.add_close._closed * Make add_close.next() leverage add_close.__next__() update to version 2.0.1: * Fix setup.py for six dependency: move the six dependency from extras_require to install_requires * Port paste.proxy to Python 3 * Fix paste.exceptions.serial_number_generator.hash_identifier() on Python 3 * Fix paste.util.threadedprint.uninstall() * Add README.rst file - additional changes from version 2.0: * Experimental Python 3 support * paste now requires the six module * Drop support of Python 2.5 and older * Fixed egg:Paste#cgi * In paste.httpserver: give a 100 Continue response even when the server has been configured as an HTTP/1.0 server * Fixed parsing of paths beginning with multiple forward slashes * Add tox.ini to run tests with tox on Python 2.6, 2.7 and 3.4 - Initial version, obsoletes 'python-paste' python-Paste-3.10.1-bp156.2.1.src.rpm python311-Paste-3.10.1-bp156.2.1.noarch.rpm openSUSE-2024-278 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 128.0.6613.119 (released 2024-09-02) (boo#1230108) * CVE-2024-8362: Use after free in WebAudio * CVE-2024-7970: Out of bounds write in V8 chromedriver-128.0.6613.119-bp156.2.23.1.x86_64.rpm chromium-128.0.6613.119-bp156.2.23.1.src.rpm chromium-128.0.6613.119-bp156.2.23.1.x86_64.rpm chromedriver-128.0.6613.119-bp156.2.23.1.aarch64.rpm chromium-128.0.6613.119-bp156.2.23.1.aarch64.rpm openSUSE-2024-285 moderate openSUSE Backports SLE-15-SP6 Update This update for python-PasteDeploy fixes the following issues: Ship python-PasteDeploy version 2.1.1+git.1652668078.0f0697d. python-PasteDeploy-2.1.1+git.1652668078.0f0697d-bp156.2.1.src.rpm python311-PasteDeploy-2.1.1+git.1652668078.0f0697d-bp156.2.1.noarch.rpm openSUSE-2024-289 moderate openSUSE Backports SLE-15-SP6 Update This update for python-WebTest, python-WSGIProxy2 fixes the following issues: - python-WebTest ships in version 3.0.0. - python-WSGIProxy2 is shipped in version 0.5.1. python-WSGIProxy2-0.5.1-bp156.2.1.src.rpm python311-WSGIProxy2-0.5.1-bp156.2.1.noarch.rpm python-WSGIProxy2-test-0.5.1-bp156.2.1.src.rpm python-WebTest-3.0.0-bp156.2.1.src.rpm python-WebTest-doc-3.0.0-bp156.2.1.noarch.rpm python311-WebTest-3.0.0-bp156.2.1.noarch.rpm openSUSE-2024-286 moderate openSUSE Backports SLE-15-SP6 Update This update for python-ldap fixes the following issues: python-ldap is shipped in version 3.4.4. python-ldap-3.4.4-bp156.2.1.src.rpm python3-ldap-3.4.4-bp156.2.1.i586.rpm openSUSE-2024-284 moderate openSUSE Backports SLE-15-SP6 Update This update for python-maxminddb delivers the 2.2.0 version. python-maxminddb-2.2.0-bp156.2.1.src.rpm python3-maxminddb-2.2.0-bp156.2.1.x86_64.rpm python3-maxminddb-2.2.0-bp156.2.1.i586.rpm python3-maxminddb-2.2.0-bp156.2.1.aarch64.rpm python3-maxminddb-2.2.0-bp156.2.1.ppc64le.rpm python3-maxminddb-2.2.0-bp156.2.1.s390x.rpm openSUSE-2024-313 low openSUSE Backports SLE-15-SP6 Update This update of python-django-auth-ldap is delivered in version in version 4.0.0. python-django-auth-ldap-4.0.0-bp156.2.1.src.rpm python311-django-auth-ldap-4.0.0-bp156.2.1.noarch.rpm openSUSE-2024-315 low openSUSE Backports SLE-15-SP6 Update python3-Django is needed in Backports:SLE-15-SP6 after all (jsc#PED-8919) python-Django-2.2.28-bp156.3.1.src.rpm python3-Django-2.2.28-bp156.3.1.noarch.rpm openSUSE-2024-288 moderate openSUSE Backports SLE-15-SP6 Update This update ships python-geoip. python-geoip2-2.9.0-bp156.2.1.src.rpm python3-geoip2-2.9.0-bp156.2.1.noarch.rpm openSUSE-2024-295 moderate openSUSE Backports SLE-15-SP6 Update python-django-webtest is shipped in version 1.9.12. python-django-webtest-1.9.12-bp156.2.1.src.rpm python311-django-webtest-1.9.12-bp156.2.1.x86_64.rpm python311-django-webtest-1.9.12-bp156.2.1.aarch64.rpm python311-django-webtest-1.9.12-bp156.2.1.ppc64le.rpm python311-django-webtest-1.9.12-bp156.2.1.s390x.rpm openSUSE-2024-293 low openSUSE Backports SLE-15-SP6 Update This update for python-yq fixes the following issue: - Build with python 3.11 (bsc#1229853). python-yq-3.2.2-bp156.2.3.1.src.rpm python311-yq-3.2.2-bp156.2.3.1.noarch.rpm openSUSE-2024-296 moderate openSUSE Backports SLE-15-SP6 Update This update ships python3-Pillow 8.4.0. python3-Pillow-8.4.0-bp156.2.1.src.rpm python3-Pillow-8.4.0-bp156.2.1.x86_64.rpm python3-Pillow-tk-8.4.0-bp156.2.1.x86_64.rpm python3-Pillow-8.4.0-bp156.2.1.i586.rpm python3-Pillow-tk-8.4.0-bp156.2.1.i586.rpm python3-Pillow-8.4.0-bp156.2.1.aarch64.rpm python3-Pillow-tk-8.4.0-bp156.2.1.aarch64.rpm python3-Pillow-8.4.0-bp156.2.1.ppc64le.rpm python3-Pillow-tk-8.4.0-bp156.2.1.ppc64le.rpm python3-Pillow-8.4.0-bp156.2.1.s390x.rpm python3-Pillow-tk-8.4.0-bp156.2.1.s390x.rpm openSUSE-2024-297 moderate openSUSE Backports SLE-15-SP6 Update This update for lsyncd fixes the following issues: update to version 2.3.1 (2022-11-17): * multiple bugfixes, style fixes * add nix flake support * add support for tunnel commands * add support for batchSizeLimit * add -onepass option * add crontab support * support relative executable paths lsyncd-2.3.1-bp156.4.3.1.src.rpm lsyncd-2.3.1-bp156.4.3.1.x86_64.rpm lsyncd-2.3.1-bp156.4.3.1.i586.rpm lsyncd-2.3.1-bp156.4.3.1.aarch64.rpm lsyncd-2.3.1-bp156.4.3.1.ppc64le.rpm lsyncd-2.3.1-bp156.4.3.1.s390x.rpm openSUSE-2024-299 moderate openSUSE Backports SLE-15-SP6 Update This update for virtme fixes the following issues: - Update to 1.28: * setup.py: include dependencies parsing requirements.txt * virtme-ng: fix typo in command help * virtme-configkernel: disable nvram support * configkernel: config comment cosmetics * configkernel: act more like kernel's make O=outdir * vng-run: get kdir from O=outdir * vng: propagate --verbose to configkernel * vng: alias --custom to --config * run.py: add a --qemu-opts='...' option bundling hint to help * init: Always create /run/tmp folder * Don't require ".git" to be a directory * Specify "refs/heads/__virtme__" in git push - Update to 1.27: * Introduce VNG_PACKAGE to force a proper packaging version virtme-ng v1.27 virtme-1.28-bp156.2.9.1.noarch.rpm virtme-1.28-bp156.2.9.1.src.rpm openSUSE-2024-301 moderate openSUSE Backports SLE-15-SP6 Update This update for timescaledb and orafce rebuilds them against the current releases of postgresql. postgresql12-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.src.rpm postgresql12-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql12-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql12-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql13-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.src.rpm postgresql13-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql13-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql13-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql14-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.src.rpm postgresql14-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql14-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql14-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql15-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.src.rpm postgresql15-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql15-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql15-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.x86_64.rpm postgresql13-timescaledb-2.14.0-bp156.2.2.1.src.rpm postgresql13-timescaledb-2.14.0-bp156.2.2.1.x86_64.rpm postgresql13-timescaledb-debuginfo-2.14.0-bp156.2.2.1.x86_64.rpm postgresql13-timescaledb-debugsource-2.14.0-bp156.2.2.1.x86_64.rpm postgresql14-timescaledb-2.14.0-bp156.2.2.1.src.rpm postgresql14-timescaledb-2.14.0-bp156.2.2.1.x86_64.rpm postgresql14-timescaledb-debuginfo-2.14.0-bp156.2.2.1.x86_64.rpm postgresql14-timescaledb-debugsource-2.14.0-bp156.2.2.1.x86_64.rpm postgresql15-timescaledb-2.14.0-bp156.2.2.1.src.rpm postgresql15-timescaledb-2.14.0-bp156.2.2.1.x86_64.rpm postgresql15-timescaledb-debuginfo-2.14.0-bp156.2.2.1.x86_64.rpm postgresql15-timescaledb-debugsource-2.14.0-bp156.2.2.1.x86_64.rpm postgresql16-timescaledb-2.14.0-bp156.2.2.1.src.rpm postgresql16-timescaledb-2.14.0-bp156.2.2.1.x86_64.rpm postgresql16-timescaledb-debuginfo-2.14.0-bp156.2.2.1.x86_64.rpm postgresql16-timescaledb-debugsource-2.14.0-bp156.2.2.1.x86_64.rpm postgresql12-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql12-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql12-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql13-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql13-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql13-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql14-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql14-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql14-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql15-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql15-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql15-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.i586.rpm postgresql13-timescaledb-2.14.0-bp156.2.2.1.i586.rpm postgresql13-timescaledb-debuginfo-2.14.0-bp156.2.2.1.i586.rpm postgresql13-timescaledb-debugsource-2.14.0-bp156.2.2.1.i586.rpm postgresql14-timescaledb-2.14.0-bp156.2.2.1.i586.rpm postgresql14-timescaledb-debuginfo-2.14.0-bp156.2.2.1.i586.rpm postgresql14-timescaledb-debugsource-2.14.0-bp156.2.2.1.i586.rpm postgresql15-timescaledb-2.14.0-bp156.2.2.1.i586.rpm postgresql15-timescaledb-debuginfo-2.14.0-bp156.2.2.1.i586.rpm postgresql15-timescaledb-debugsource-2.14.0-bp156.2.2.1.i586.rpm postgresql16-timescaledb-2.14.0-bp156.2.2.1.i586.rpm postgresql16-timescaledb-debuginfo-2.14.0-bp156.2.2.1.i586.rpm postgresql16-timescaledb-debugsource-2.14.0-bp156.2.2.1.i586.rpm postgresql12-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql12-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql12-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql13-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql13-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql13-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql14-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql14-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql14-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql15-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql15-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql15-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.aarch64.rpm postgresql13-timescaledb-2.14.0-bp156.2.2.1.aarch64.rpm postgresql13-timescaledb-debuginfo-2.14.0-bp156.2.2.1.aarch64.rpm postgresql13-timescaledb-debugsource-2.14.0-bp156.2.2.1.aarch64.rpm postgresql14-timescaledb-2.14.0-bp156.2.2.1.aarch64.rpm postgresql14-timescaledb-debuginfo-2.14.0-bp156.2.2.1.aarch64.rpm postgresql14-timescaledb-debugsource-2.14.0-bp156.2.2.1.aarch64.rpm postgresql15-timescaledb-2.14.0-bp156.2.2.1.aarch64.rpm postgresql15-timescaledb-debuginfo-2.14.0-bp156.2.2.1.aarch64.rpm postgresql15-timescaledb-debugsource-2.14.0-bp156.2.2.1.aarch64.rpm postgresql16-timescaledb-2.14.0-bp156.2.2.1.aarch64.rpm postgresql16-timescaledb-debuginfo-2.14.0-bp156.2.2.1.aarch64.rpm postgresql16-timescaledb-debugsource-2.14.0-bp156.2.2.1.aarch64.rpm postgresql12-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql12-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql12-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql13-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql13-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql13-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql14-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql14-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql14-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql15-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql15-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql15-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.ppc64le.rpm postgresql13-timescaledb-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql13-timescaledb-debuginfo-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql13-timescaledb-debugsource-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql14-timescaledb-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql14-timescaledb-debuginfo-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql14-timescaledb-debugsource-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql15-timescaledb-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql15-timescaledb-debuginfo-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql15-timescaledb-debugsource-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql16-timescaledb-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql16-timescaledb-debuginfo-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql16-timescaledb-debugsource-2.14.0-bp156.2.2.1.ppc64le.rpm postgresql12-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql12-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql12-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql13-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql13-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql13-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql14-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql14-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql14-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql15-orafce-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql15-orafce-debuginfo-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql15-orafce-debugsource-4.1.1+git0.519b5b5-bp156.4.2.1.s390x.rpm postgresql13-timescaledb-2.14.0-bp156.2.2.1.s390x.rpm postgresql13-timescaledb-debuginfo-2.14.0-bp156.2.2.1.s390x.rpm postgresql13-timescaledb-debugsource-2.14.0-bp156.2.2.1.s390x.rpm postgresql14-timescaledb-2.14.0-bp156.2.2.1.s390x.rpm postgresql14-timescaledb-debuginfo-2.14.0-bp156.2.2.1.s390x.rpm postgresql14-timescaledb-debugsource-2.14.0-bp156.2.2.1.s390x.rpm postgresql15-timescaledb-2.14.0-bp156.2.2.1.s390x.rpm postgresql15-timescaledb-debuginfo-2.14.0-bp156.2.2.1.s390x.rpm postgresql15-timescaledb-debugsource-2.14.0-bp156.2.2.1.s390x.rpm postgresql16-timescaledb-2.14.0-bp156.2.2.1.s390x.rpm postgresql16-timescaledb-debuginfo-2.14.0-bp156.2.2.1.s390x.rpm postgresql16-timescaledb-debugsource-2.14.0-bp156.2.2.1.s390x.rpm openSUSE-2024-302 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 128.0.6613.137 (released 2024-09-10) (boo#1230391) * CVE-2024-8636: Heap buffer overflow in Skia * CVE-2024-8637: Use after free in Media Router * CVE-2024-8638: Type Confusion in V8 * CVE-2024-8639: Use after free in Autofill chromedriver-128.0.6613.137-bp156.2.26.1.x86_64.rpm chromedriver-debuginfo-128.0.6613.137-bp156.2.26.1.x86_64.rpm chromium-128.0.6613.137-bp156.2.26.1.src.rpm chromium-128.0.6613.137-bp156.2.26.1.x86_64.rpm chromium-debuginfo-128.0.6613.137-bp156.2.26.1.x86_64.rpm chromedriver-128.0.6613.137-bp156.2.26.1.aarch64.rpm chromedriver-debuginfo-128.0.6613.137-bp156.2.26.1.aarch64.rpm chromium-128.0.6613.137-bp156.2.26.1.aarch64.rpm chromium-debuginfo-128.0.6613.137-bp156.2.26.1.aarch64.rpm openSUSE-2024-303 moderate openSUSE Backports SLE-15-SP6 Update This update for htmldoc fixes the following issues: - CVE-2024-45508: Fixed an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node [boo#1230022]. htmldoc-1.9.16-bp156.3.3.1.src.rpm htmldoc-1.9.16-bp156.3.3.1.x86_64.rpm htmldoc-1.9.16-bp156.3.3.1.i586.rpm htmldoc-1.9.16-bp156.3.3.1.aarch64.rpm htmldoc-1.9.16-bp156.3.3.1.ppc64le.rpm htmldoc-1.9.16-bp156.3.3.1.s390x.rpm openSUSE-2024-309 moderate openSUSE Backports SLE-15-SP6 Update This update for emptyepsilon fixes the following issues: Version 2024.08.09: * Add a quick&dirty way to get callback errors * Clamp the warp and jump commands * fix voice path scenario 51 * fix voice path scenario 48 * Fix the wiggle console with just 1 text line emptyepsilon-2024.08.09-bp156.3.3.1.src.rpm emptyepsilon-2024.08.09-bp156.3.3.1.x86_64.rpm emptyepsilon-2024.08.09-bp156.3.3.1.aarch64.rpm emptyepsilon-2024.08.09-bp156.3.3.1.s390x.rpm openSUSE-2024-330 moderate openSUSE Backports SLE-15-SP6 Update This update for tryton, trytond, trytond_account, trytond_stock, trytond_stock_supply fixes the following issues: Changes in tryton: - Version 6.0.43 - Bugfix Release Changes in trytond: - Version 6.0.52 - Bugfix Release Changes in trytond_stock_supply: - Version 6.0.9 - Bugfix Release Changes in trytond_stock: - Version 6.0.28 - Bugfix Release Changes in trytond_account: - Version 6.0.27 - Bugfix Release tryton-6.0.43-bp156.2.9.1.noarch.rpm tryton-6.0.43-bp156.2.9.1.src.rpm trytond-6.0.52-bp156.2.9.1.noarch.rpm trytond-6.0.52-bp156.2.9.1.src.rpm trytond_account-6.0.27-bp156.2.6.1.noarch.rpm trytond_account-6.0.27-bp156.2.6.1.src.rpm trytond_stock-6.0.28-bp156.2.3.1.noarch.rpm trytond_stock-6.0.28-bp156.2.3.1.src.rpm trytond_stock_supply-6.0.9-bp156.2.3.1.noarch.rpm trytond_stock_supply-6.0.9-bp156.2.3.1.src.rpm openSUSE-2024-308 moderate openSUSE Backports SLE-15-SP6 Update This update for python-ldap fixes the following issues: - Enable sle15_python_module_pythons (boo#1229549) python-ldap-3.4.4-bp156.5.1.src.rpm python311-ldap-3.4.4-bp156.5.1.x86_64.rpm python311-ldap-3.4.4-bp156.5.1.i586.rpm python311-ldap-3.4.4-bp156.5.1.aarch64.rpm python311-ldap-3.4.4-bp156.5.1.ppc64le.rpm python311-ldap-3.4.4-bp156.5.1.s390x.rpm openSUSE-2024-319 moderate openSUSE Backports SLE-15-SP6 Update This update for coredns fixes the following issues: Update to version 1.11.3: * optimize the performance for high qps (#6767) * bump deps * Fix zone parser error handling (#6680) * Add alternate option to forward plugin (#6681) * fix: plugin/file: return error when parsing the file fails (#6699) * [fix:documentation] Clarify autopath README (#6750) * Fix outdated test (#6747) * Bump go version from 1.21.8 to 1.21.11 (#6755) * Generate zplugin.go correctly with third-party plugins (#6692) * dnstap: uses pointer receiver for small response writer (#6644) * chore: fix function name in comment (#6608) * [plugin/forward] Strip local zone from IPV6 nameservers (#6635) - fixes CVE-2023-30464 - fixes CVE-2023-28452 Update to upstream head (git commit #5a52707): * bump deps to address security issue CVE-2024-22189 * Return RcodeServerFailure when DNS64 has no next plugin (#6590) * add plusserver to adopters (#6565) * Change the log flags to be a variable that can be set prior to calling Run (#6546) * Enable Prometheus native histograms (#6524) * forward: respect context (#6483) * add client labels to k8s plugin metadata (#6475) * fix broken link in webpage (#6488) * Repo controlled Go version (#6526) * removed the mutex locks with atomic bool (#6525) Update to version 1.11.2: * rewrite: fix multi request concurrency issue in cname rewrite (#6407) * plugin/tls: respect the path specified by root plugin (#6138) * plugin/auto: warn when auto is unable to read elements of the directory tree (#6333) * fix: make the codeowners link relative (#6397) * plugin/etcd: the etcd client adds the DialKeepAliveTime parameter (#6351) * plugin/cache: key cache on Checking Disabled (CD) bit (#6354) * Use the correct root domain name in the proxy plugin's TestHealthX tests (#6395) * Add PITS Global Data Recovery Services as an adopter (#6304) * Handle UDP responses that overflow with TC bit with test case (#6277) * plugin/rewrite: add rcode as a rewrite option (#6204) - CVE-2024-0874: coredns: CD bit response is cached and served later - Update to version 1.11.1: * Revert “plugin/forward: Continue waiting after receiving malformed responses * plugin/dnstap: add support for “extra” field in payload * plugin/cache: fix keepttl parsing - Update to version 1.11.0: * Adds support for accepting DNS connections over QUIC (doq). * Adds CNAME target rewrites to the rewrite plugin. * Plus many bug fixes, and some security improvements. * This release introduces the following backward incompatible changes: + In the kubernetes plugin, we have dropped support for watching Endpoint and Endpointslice v1beta, since all supported K8s versions now use Endpointslice. + The bufsize plugin changed its default size limit value to 1232 + Some changes to forward plugin metrics. - Update to version 1.10.1: * Corrected architecture labels in multi-arch image manifest * A new plugin timeouts that allows configuration of server listener timeout durations * acl can drop queries as an action * template supports creating responses with extended DNS errors * New weighted policy in loadbalance * Option to serve original record TTLs from cache - Update to version 1.10.0: * core: add log listeners for k8s_event plugin (#5451) * core: log DoH HTTP server error logs in CoreDNS format (#5457) * core: warn when domain names are not in RFC1035 preferred syntax (#5414) * plugin/acl: add support for extended DNS errors (#5532) * plugin/bufsize: do not expand query UDP buffer size if already set to a smaller value (#5602) * plugin/cache: add cache disable option (#5540) * plugin/cache: add metadata for wildcard record responses (#5308) * plugin/cache: add option to adjust SERVFAIL response cache TTL (#5320) * plugin/cache: correct responses to Authenticated Data requests (#5191) * plugin/dnstap: add identity and version support for the dnstap plugin (#5555) * plugin/file: add metadata for wildcard record responses (#5308) * plugin/forward: enable multiple forward declarations (#5127) * plugin/forward: health_check needs to normalize a specified domain name (#5543) * plugin/forward: remove unused coredns_forward_sockets_open metric (#5431) * plugin/header: add support for query modification (#5556) * plugin/health: bypass proxy in self health check (#5401) * plugin/health: don't go lameduck when reloading (#5472) * plugin/k8s_external: add support for PTR requests (#5435) * plugin/k8s_external: resolve headless services (#5505) * plugin/kubernetes: make kubernetes client log in CoreDNS format (#5461) * plugin/ready: reset list of readiness plugins on startup (#5492) * plugin/rewrite: add PTR records to supported types (#5565) * plugin/rewrite: fix a crash in rewrite plugin when rule type is missing (#5459) * plugin/rewrite: fix out-of-index issue in rewrite plugin (#5462) * plugin/rewrite: support min and max TTL values (#5508) * plugin/trace : make zipkin HTTP reporter more configurable using Corefile (#5460) * plugin/trace: read trace context info from headers for DOH (#5439) * plugin/tsig: add new plugin TSIG for validating TSIG requests and signing responses (#4957) * core: update gopkg.in/yaml.v3 to fix CVE-2022-28948 * core: update golang.org/x/crypto to fix CVE-2022-27191 * plugin/acl: adding a check to parse out zone info * plugin/dnstap: support FQDN TCP endpoint * plugin/errors: add stacktrace option to log a stacktrace during panic recovery * plugin/template: return SERVFAIL for zone-match regex-no-match case coredns-1.11.3-bp156.4.3.1.src.rpm coredns-1.11.3-bp156.4.3.1.x86_64.rpm coredns-extras-1.11.3-bp156.4.3.1.noarch.rpm coredns-1.11.3-bp156.4.3.1.i586.rpm coredns-1.11.3-bp156.4.3.1.aarch64.rpm openSUSE-2024-311 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 129.0.6668.58 (stable released 2024-09-17) (boo#1230678) * CVE-2024-8904: Type Confusion in V8 * CVE-2024-8905: Inappropriate implementation in V8 * CVE-2024-8906: Incorrect security UI in Downloads * CVE-2024-8907: Insufficient data validation in Omnibox * CVE-2024-8908: Inappropriate implementation in Autofill * CVE-2024-8909: Inappropriate implementation in UI chromedriver-129.0.6668.58-bp156.2.29.2.x86_64.rpm chromium-129.0.6668.58-bp156.2.29.2.src.rpm chromium-129.0.6668.58-bp156.2.29.2.x86_64.rpm chromedriver-129.0.6668.58-bp156.2.29.2.aarch64.rpm chromium-129.0.6668.58-bp156.2.29.2.aarch64.rpm openSUSE-2024-316 moderate openSUSE Backports SLE-15-SP6 Update This update for gh fixes the following issues: gh was updated to version 2.57.0: * Update go-gh to use api subdomains * Use api subdomains for commands using ghinstance package * Add test for extension install fallback to amd64 on darwin * suppress att verify output when no tty * add att verify test for custom OIDC issuer * build(deps): bump github.com/sigstore/sigstore-go from 0.6.1 to 0.6.2 * Suggest installing Rosetta when extension installation fails due to missing `darwin-arm64` binary, but a `darwin-amd64` binary is available * This commit introduces tenancy aware attestation policy building. * use sigstore-go v0.6.2 * check specific err * check err in GetLocalAttestations * check for sigstore-go validation errs * get latest sigstore-go commit * handle os.PathError in GetLocalAttestations * Move non-integration test to different test file * print verify err * check for os.PathError * dont print err content * update bundle file parsing err messages * Expand active test cases * Added `--active` flag to the `gh auth status` command Update to version 2.56.0: * Check for nil values to prevent nil dereference panic * build(deps): bump actions/attest-build-provenance from 1.4.2 to 1.4.3 * Update linux install to point to GPG troubleshoot * Revert "Remove note explaining 2 year old GPG ID change" * Remove note explaining 2 year old GPG ID change * Rename ProtobufBundle to Bundle * Upgrade to sigstore-go v0.6.1 * `gh attestation verify` handles empty JSONL files (#9541) * verify 2nd artifact without swapping order (#9532) * Improve the help message for -F (#9525) * build(deps): bump actions/attest-build-provenance from 1.4.1 to 1.4.2 (#9518) * "offline" verification using the bundle of attestations without any additional handling of the file (#9523) * Drop surplus trailing space char in flag names in web * Remove `Internal` from `gh repo create` prompt when owner is not an org (#9465) * Fix doc typo for `repo sync` * Quote repo names consistently in `gh repo sync` stdout (#9491) * update error message * rename flag to bundle-from-oci * fix the trimming of log filenames for `gh run view` * Check http scheme as well * Always print URL scheme to stdout gh-2.57.0-bp156.2.12.1.src.rpm gh-2.57.0-bp156.2.12.1.x86_64.rpm gh-bash-completion-2.57.0-bp156.2.12.1.noarch.rpm gh-debuginfo-2.57.0-bp156.2.12.1.x86_64.rpm gh-fish-completion-2.57.0-bp156.2.12.1.noarch.rpm gh-zsh-completion-2.57.0-bp156.2.12.1.noarch.rpm gh-2.57.0-bp156.2.12.1.i586.rpm gh-debuginfo-2.57.0-bp156.2.12.1.i586.rpm gh-2.57.0-bp156.2.12.1.aarch64.rpm gh-debuginfo-2.57.0-bp156.2.12.1.aarch64.rpm gh-2.57.0-bp156.2.12.1.ppc64le.rpm gh-debuginfo-2.57.0-bp156.2.12.1.ppc64le.rpm gh-2.57.0-bp156.2.12.1.s390x.rpm gh-debuginfo-2.57.0-bp156.2.12.1.s390x.rpm openSUSE-2024-314 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 129.0.6668.70 (stable released 2024-09-24) (boo#1230964) * CVE-2024-9120: Use after free in Dawn * CVE-2024-9121: Inappropriate implementation in V8 * CVE-2024-9122: Type Confusion in V8 * CVE-2024-9123: Integer overflow in Skia - bump BR for nodejs to minimal 20.0 chromedriver-129.0.6668.70-bp156.2.32.1.x86_64.rpm chromium-129.0.6668.70-bp156.2.32.1.src.rpm chromium-129.0.6668.70-bp156.2.32.1.x86_64.rpm chromedriver-129.0.6668.70-bp156.2.32.1.aarch64.rpm chromium-129.0.6668.70-bp156.2.32.1.aarch64.rpm openSUSE-2024-321 moderate openSUSE Backports SLE-15-SP6 Update This update for read-edid fixes the following issues: - Drop libx86 support, it's no longer maintained in Factory. - Add wrapper for get-edid (boo#1219395) * default to not calling VBE BIOS which may crash * print a warning message when i2c-dev driver is not loaded read-edid-3.0.2-bp156.5.3.1.src.rpm read-edid-3.0.2-bp156.5.3.1.x86_64.rpm read-edid-3.0.2-bp156.5.3.1.i586.rpm openSUSE-2024-323 moderate openSUSE Backports SLE-15-SP6 Update This update for xfce4-dict fixes the following issues: Update to version 0.8.7 * panel-plugin: Drop submenu (#2) * panel-plugin: Add submenus to toggle search mode (#2) * panel-plugin: Reduce default text size * panel-plugin: Restore function of the button in text entry * Change log level (#17) * prefs: Add radio buttons to correct group * scan-build: Fix deadcode.DeadStores * scan-build: Add false positive file * I18n: Update po/LINGUAS list * build: Use XDT_VERSION_INIT and get rid of configure.ac.in * build: Switch from intltool to gettext * Translation Updates Update to version 0.8.6 * Use getaddrinfo(3) to support IPv6 DICT servers * Add icons at missing sizes, clean up SVG metadata xfce4-dict-0.8.7-bp156.2.3.1.src.rpm xfce4-dict-0.8.7-bp156.2.3.1.x86_64.rpm xfce4-dict-lang-0.8.7-bp156.2.3.1.noarch.rpm xfce4-panel-plugin-dict-0.8.7-bp156.2.3.1.x86_64.rpm xfce4-dict-0.8.7-bp156.2.3.1.aarch64.rpm xfce4-panel-plugin-dict-0.8.7-bp156.2.3.1.aarch64.rpm xfce4-dict-0.8.7-bp156.2.3.1.ppc64le.rpm xfce4-panel-plugin-dict-0.8.7-bp156.2.3.1.ppc64le.rpm xfce4-dict-0.8.7-bp156.2.3.1.s390x.rpm xfce4-panel-plugin-dict-0.8.7-bp156.2.3.1.s390x.rpm openSUSE-2024-329 important openSUSE Backports SLE-15-SP6 Update This update for seamonkey fixes the following issues: update to SeaMonkey 2.53.19: * Cancel button in SeaMonkey bookmarking star ui not working bug 1872623. * Remove OfflineAppCacheHelper.jsm copy from SeaMonkey and use the one in toolkit bug 1896292. * Remove obsolete registerFactoryLocation calls from cZ bug 1870930. * Remove needless implements='nsIDOMEventListener' and QI bug 1611010. * Replace use of nsIStandardURL::Init bug 1864355. * Switch SeaMonkey website from hg.mozilla.org to heptapod. bug 1870934. * Allow view-image to open a data: URI by setting a flag on the loadinfo bug 1877001. * Save-link-as feature should use the loading principal and context menu using nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD bug 1879726. * Use punycode in SeaMonkey JS bug 1864287. * Font lists in preferences are no longer grouped by font type, port asynchronous handling like Bug 1399206 bug 1437393. * SeaMonkey broken tab after undo closed tab with invalid protocol bug 1885748. * SeaMonkey session restore is missing the checkboxes in the Classic theme bug 1896174. * Implement about:credits on seamonkey-project.org website bug 1898467. * Fix for the 0.0.0.0 day vulnerability oligo summary. * Link in update notification does not open Browser bug 1888364. * Update ReadExtensionPrefs in Preferences.cpp bug 1890196. * Add about:seamonkey page to SeaMonkey bug 1897801. * SeaMonkey 2.53.19 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.19 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.8.0 release notes for specific security fixes in this release. * Additional important security fixes up to Current Firefox 115.14 and Thunderbird 115.14 ESR plus many enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. seamonkey-2.53.19-bp156.2.3.1.src.rpm seamonkey-2.53.19-bp156.2.3.1.x86_64.rpm seamonkey-dom-inspector-2.53.19-bp156.2.3.1.x86_64.rpm seamonkey-irc-2.53.19-bp156.2.3.1.x86_64.rpm seamonkey-2.53.19-bp156.2.3.1.i586.rpm seamonkey-dom-inspector-2.53.19-bp156.2.3.1.i586.rpm seamonkey-irc-2.53.19-bp156.2.3.1.i586.rpm openSUSE-2024-325 moderate openSUSE Backports SLE-15-SP6 Update This update for toolbox fixes the following issues: - Revert last change and update SLE/Leap Micro images to 5.5 (boo#1227328) - Update SLE/Leap Micro images from 5.4 to 6.0 (boo#1227328) - Update to version 2.3+git20240704.84ec25e: * toolbox: use correct container state tense in msg - Update to version 2.3+git20231030.3a6ef35: * Mount /dev/pts as mount type=devpts instead of --volume * fix typo creat -> create * Remove trailing whitespace * Fix bash error when container cannot be pulled toolbox-2.3+git20240704.84ec25e-bp156.4.3.1.noarch.rpm toolbox-2.3+git20240704.84ec25e-bp156.4.3.1.src.rpm openSUSE-2024-327 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 129.0.6668.89 (stable released 2024-09-24) (boo#1231232) * CVE-2024-7025: Integer overflow in Layout * CVE-2024-9369: Insufficient data validation in Mojo * CVE-2024-9370: Inappropriate implementation in V8 chromedriver-129.0.6668.89-bp156.2.35.1.x86_64.rpm chromedriver-debuginfo-129.0.6668.89-bp156.2.35.1.x86_64.rpm chromium-129.0.6668.89-bp156.2.35.1.src.rpm chromium-129.0.6668.89-bp156.2.35.1.x86_64.rpm chromium-debuginfo-129.0.6668.89-bp156.2.35.1.x86_64.rpm chromedriver-129.0.6668.89-bp156.2.35.1.aarch64.rpm chromedriver-debuginfo-129.0.6668.89-bp156.2.35.1.aarch64.rpm chromium-129.0.6668.89-bp156.2.35.1.aarch64.rpm chromium-debuginfo-129.0.6668.89-bp156.2.35.1.aarch64.rpm openSUSE-2024-332 moderate openSUSE Backports SLE-15-SP6 Update This update for qbittorrent fixes the following issues: Update to version 5.0.0 (fixes boo#1231149) * New features: * Support creating .torrent with larger piece size * Improve tracker entries handling * Add separate filter item for tracker errors * Allow to remove tracker from tracker filter widget menu * Implement "Reannounce In" column * Expose "DHT bootstrap nodes" setting * Add support for Mark-of-the-Web (https://redcanary.com/threat-detection-report/techniques/mark-of-the-web-bypass/) * Allow to keep unwanted files in separate folder * Add "Copy Comment" to the torrent list's context menu * Allow relative profile paths * Enable Ctrl+F hotkey for more inputs * Add seeding limits to RSS and Watched folders options UI * Subcategories implicitly follow the parent category options * Add option to name each qbittorrent instance * Add button for sending test email * Allow torrents to override default share limit action * Use Start/Stop instead of Resume/Pause * Add the Popularity metric * Focus on Download button if torrent link retrieved from the clipboard * Add ability to pause/resume entire BitTorrent session * Add an option to set BitTorrent session shutdown timeout * Apply "Excluded file names" to folder names as well * Allow to use regular expression to filter torrent content * Allow to move content files to Trash instead of deleting them * Add ability to display torrent "privateness" in UI * Add a flag in "Peers" tab denoting a connection using NAT hole punching * Bug fixes: * Display error message when unrecoverable error occurred * Update size of selected files when selection is changed * Normalize tags by trimming leading/trailing whitespace * Correctly handle share limits in torrent options dialog * Adjust tracker tier when adding additional trackers * Fix inconsistent naming between "Done/Progress" column * Sanitize peer client names * Apply share limits immediately when torrent downloading is finished * Show download progress for folders with zero byte size as 100 instead of 0 * Fix highlighted piece color * Apply "merge trackers" logic regardless of way the torrent is added * Web UI: * Improve WebUI responsiveness * Do not exit the app when WebUI has failed to start * Add "Moving" filter to side panel * Add dark theme * Allow to remember torrent content files deletion * Leave the fields empty when value is invalid * Use natural sorting * Improve WebUI login behavior * Conditionally show filters sidebar * Add support for running concurrent searches * Improve accuracy of trackers list * Fix error when category doesn't exist * Improve table scrolling and selection on mobile * Restore search tabs on load * Restore previously used tab on load * Increase default height of "Share ratio limit" dialog * Use enabled search plugins by default * Add columns "Incomplete Save Path", "Info Hash v1", "Info Hash v2" * Always create generic filter items * Provide "Use Category paths in Manual Mode" option * Provide "Merge trackers to existing torrent" option * Web API: * Fix wrong timestamp values * Send binary data with filename and mime type specified * Expose API for the torrent creator * Add support for SSL torrents * Provide endpoint for listing directory content * Provide "private" flag via "torrents/info" endpoint * Add a way to download .torrent file using search plugin * Add "private" filter for "torrents/info" endpoint * Add root_path to "torrents/info" result * RSS: * Show RSS feed title in HTML browser * Allow to set delay between requests to the same host * Search: * Allow users to specify Python executable path * Lazy load search plugins * Add date column to the built-in search engine * Allow to rearrange search tabs * Other changes: * Add support for systemd power management * Add support for localized man pages * Specify a locale if none is set * Drop support for Qt5, qmake, autotools * Minimum supported versions: Qt: 6.5, Boost: 1.76, OpenSSL: 3.0.2 * Switch to C++20 Update to version 4.6.7 * Bug fixes: * The updater will launch the link to the build variant you're currently using * Web UI: * RSS: The list of feeds wouldn't load for Apply Rule * Focus on Download button if torrent link retrieved from the clipboard Update to version 4.6.6 * Bug fixes: * Fix handling of tags containing '&' character * Show scroll bar in Torrent Tags dialog * Apply bulk changes to correct content widget items * Hide zero status filters when torrents are removed * Fix `Incomplete Save Path` cannot be changed for torrents without metadata * Web UI: * Correctly apply changed "save path" of RSS rules * Clear tracker list on full update * Other changes: * Update User-Agent string for internal downloader and search engines Update to version 4.6.5 * Bug fixes: * Prevent app from being closed when disabling system tray icon * Fix <kbd>Enter</kbd> key behavior in Add new torrent dialog * Prevent invalid status filter index from being used * Add extra offset for dialog frame * Don't overwrite stored layout of main window with incorrect one * Don't forget to resume "missing files" torrent when rechecking * Web UI: * Restore ability to use server-side translation by custom WebUI * Fix wrong peer number * Other: * Improve AppStream metadata qbittorrent-5.0.0-bp156.3.3.1.src.rpm qbittorrent-5.0.0-bp156.3.3.1.x86_64.rpm qbittorrent-nox-5.0.0-bp156.3.3.1.x86_64.rpm qbittorrent-5.0.0-bp156.3.3.1.aarch64.rpm qbittorrent-nox-5.0.0-bp156.3.3.1.aarch64.rpm qbittorrent-5.0.0-bp156.3.3.1.ppc64le.rpm qbittorrent-nox-5.0.0-bp156.3.3.1.ppc64le.rpm qbittorrent-5.0.0-bp156.3.3.1.s390x.rpm qbittorrent-nox-5.0.0-bp156.3.3.1.s390x.rpm openSUSE-2024-336 moderate openSUSE Backports SLE-15-SP6 Update This update rebuilds libzypp-testsuite-tools against current libzypp. libzypp-testsuite-tools-5.0.5-bp156.3.2.1.src.rpm libzypp-testsuite-tools-5.0.5-bp156.3.2.1.x86_64.rpm libzypp-testsuite-tools-5.0.5-bp156.3.2.1.i586.rpm libzypp-testsuite-tools-5.0.5-bp156.3.2.1.aarch64.rpm libzypp-testsuite-tools-5.0.5-bp156.3.2.1.ppc64le.rpm libzypp-testsuite-tools-5.0.5-bp156.3.2.1.s390x.rpm openSUSE-2024-333 low openSUSE Backports SLE-15-SP6 Update Fix scanner search crash on startup ksanecore-23.08.5-bp156.2.3.1.src.rpm ksanecore-debugsource-23.08.5-bp156.2.3.1.x86_64.rpm ksanecore-devel-23.08.5-bp156.2.3.1.x86_64.rpm ksanecore-lang-23.08.5-bp156.2.3.1.noarch.rpm libKSaneCore1-23.08.5-bp156.2.3.1.x86_64.rpm libKSaneCore1-debuginfo-23.08.5-bp156.2.3.1.x86_64.rpm ksanecore-debugsource-23.08.5-bp156.2.3.1.i586.rpm ksanecore-devel-23.08.5-bp156.2.3.1.i586.rpm libKSaneCore1-23.08.5-bp156.2.3.1.i586.rpm libKSaneCore1-debuginfo-23.08.5-bp156.2.3.1.i586.rpm ksanecore-debugsource-23.08.5-bp156.2.3.1.aarch64.rpm ksanecore-devel-23.08.5-bp156.2.3.1.aarch64.rpm libKSaneCore1-23.08.5-bp156.2.3.1.aarch64.rpm libKSaneCore1-debuginfo-23.08.5-bp156.2.3.1.aarch64.rpm ksanecore-debugsource-23.08.5-bp156.2.3.1.ppc64le.rpm ksanecore-devel-23.08.5-bp156.2.3.1.ppc64le.rpm libKSaneCore1-23.08.5-bp156.2.3.1.ppc64le.rpm libKSaneCore1-debuginfo-23.08.5-bp156.2.3.1.ppc64le.rpm ksanecore-debugsource-23.08.5-bp156.2.3.1.s390x.rpm ksanecore-devel-23.08.5-bp156.2.3.1.s390x.rpm libKSaneCore1-23.08.5-bp156.2.3.1.s390x.rpm libKSaneCore1-debuginfo-23.08.5-bp156.2.3.1.s390x.rpm openSUSE-2024-335 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: - Chromium 129.0.6668.100 (boo#1231420) * CVE-2024-9602: Type Confusion in V8 * CVE-2024-9603: Type Confusion in V8 chromedriver-129.0.6668.100-bp156.2.38.1.x86_64.rpm chromedriver-debuginfo-129.0.6668.100-bp156.2.38.1.x86_64.rpm chromium-129.0.6668.100-bp156.2.38.1.src.rpm chromium-129.0.6668.100-bp156.2.38.1.x86_64.rpm chromium-debuginfo-129.0.6668.100-bp156.2.38.1.x86_64.rpm chromedriver-129.0.6668.100-bp156.2.38.1.aarch64.rpm chromedriver-debuginfo-129.0.6668.100-bp156.2.38.1.aarch64.rpm chromium-129.0.6668.100-bp156.2.38.1.aarch64.rpm chromium-debuginfo-129.0.6668.100-bp156.2.38.1.aarch64.rpm openSUSE-2024-337 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 130.0.6723.58 (boo#1231694) * CVE-2024-9954: Use after free in AI * CVE-2024-9955: Use after free in Web Authentication * CVE-2024-9956: Inappropriate implementation in Web Authentication * CVE-2024-9957: Use after free in UI * CVE-2024-9958: Inappropriate implementation in PictureInPicture * CVE-2024-9959: Use after free in DevTools * CVE-2024-9960: Use after free in Dawn * CVE-2024-9961: Use after free in Parcel Tracking * CVE-2024-9962: Inappropriate implementation in Permissions * CVE-2024-9963: Insufficient data validation in Downloads * CVE-2024-9964: Inappropriate implementation in Payments * CVE-2024-9965: Insufficient data validation in DevTools * CVE-2024-9966: Inappropriate implementation in Navigations chromedriver-130.0.6723.58-bp156.2.41.1.x86_64.rpm chromedriver-debuginfo-130.0.6723.58-bp156.2.41.1.x86_64.rpm chromium-130.0.6723.58-bp156.2.41.1.src.rpm chromium-130.0.6723.58-bp156.2.41.1.x86_64.rpm chromium-debuginfo-130.0.6723.58-bp156.2.41.1.x86_64.rpm chromedriver-130.0.6723.58-bp156.2.41.1.aarch64.rpm chromedriver-debuginfo-130.0.6723.58-bp156.2.41.1.aarch64.rpm chromium-130.0.6723.58-bp156.2.41.1.aarch64.rpm chromium-debuginfo-130.0.6723.58-bp156.2.41.1.aarch64.rpm