openSUSE-2024-81 low openSUSE Backports SLE-15-SP6 Update This update for hello ships a testupdate to 15 sp6 backports. hello-2.12.1-bp156.2.2.1.src.rpm hello-2.12.1-bp156.2.2.1.x86_64.rpm hello-debuginfo-2.12.1-bp156.2.2.1.x86_64.rpm hello-debugsource-2.12.1-bp156.2.2.1.x86_64.rpm hello-lang-2.12.1-bp156.2.2.1.noarch.rpm hello-2.12.1-bp156.2.2.1.i586.rpm hello-debuginfo-2.12.1-bp156.2.2.1.i586.rpm hello-debugsource-2.12.1-bp156.2.2.1.i586.rpm hello-2.12.1-bp156.2.2.1.aarch64.rpm hello-debuginfo-2.12.1-bp156.2.2.1.aarch64.rpm hello-debugsource-2.12.1-bp156.2.2.1.aarch64.rpm hello-2.12.1-bp156.2.2.1.ppc64le.rpm hello-debuginfo-2.12.1-bp156.2.2.1.ppc64le.rpm hello-debugsource-2.12.1-bp156.2.2.1.ppc64le.rpm hello-2.12.1-bp156.2.2.1.s390x.rpm hello-debuginfo-2.12.1-bp156.2.2.1.s390x.rpm hello-debugsource-2.12.1-bp156.2.2.1.s390x.rpm openSUSE-2024-155 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 125.0.6422.141 (boo#1225690) * CVE-2024-5493: Heap buffer overflow in WebRTC * CVE-2024-5494: Use after free in Dawn * CVE-2024-5495: Use after free in Dawn * CVE-2024-5496: Use after free in Media Session * CVE-2024-5497: Out of bounds memory access in Keyboard Inputs * CVE-2024-5498: Use after free in Presentation API * CVE-2024-5499: Out of bounds write in Streams API chromedriver-125.0.6422.141-bp156.2.3.1.x86_64.rpm chromium-125.0.6422.141-bp156.2.3.1.src.rpm chromium-125.0.6422.141-bp156.2.3.1.x86_64.rpm chromedriver-125.0.6422.141-bp156.2.3.1.aarch64.rpm chromium-125.0.6422.141-bp156.2.3.1.aarch64.rpm openSUSE-2024-150 moderate openSUSE Backports SLE-15-SP6 Update This update for libhtp fixes the following issues: - CVE-2024-23837: excessive processing time of HTTP headers can lead to denial of service (boo#1220403) libhtp-0.5.42-bp156.3.3.1.src.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.x86_64.rpm libhtp-devel-0.5.42-bp156.3.3.1.x86_64.rpm libhtp2-0.5.42-bp156.3.3.1.x86_64.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.x86_64.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.i586.rpm libhtp-devel-0.5.42-bp156.3.3.1.i586.rpm libhtp2-0.5.42-bp156.3.3.1.i586.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.i586.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.aarch64.rpm libhtp-devel-0.5.42-bp156.3.3.1.aarch64.rpm libhtp2-0.5.42-bp156.3.3.1.aarch64.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.aarch64.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp-devel-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp2-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.ppc64le.rpm libhtp-debugsource-0.5.42-bp156.3.3.1.s390x.rpm libhtp-devel-0.5.42-bp156.3.3.1.s390x.rpm libhtp2-0.5.42-bp156.3.3.1.s390x.rpm libhtp2-debuginfo-0.5.42-bp156.3.3.1.s390x.rpm openSUSE-2024-157 important openSUSE Backports SLE-15-SP6 Update This update for nano fixes the following issues: - CVE-2024-5742: Avoid privilege escalations via symlink attacks on emergency save file (boo#1226099) nano-7.2-bp156.3.3.1.src.rpm nano-7.2-bp156.3.3.1.x86_64.rpm nano-debuginfo-7.2-bp156.3.3.1.x86_64.rpm nano-debugsource-7.2-bp156.3.3.1.x86_64.rpm nano-lang-7.2-bp156.3.3.1.noarch.rpm nano-7.2-bp156.3.3.1.i586.rpm nano-debuginfo-7.2-bp156.3.3.1.i586.rpm nano-debugsource-7.2-bp156.3.3.1.i586.rpm nano-7.2-bp156.3.3.1.aarch64.rpm nano-debuginfo-7.2-bp156.3.3.1.aarch64.rpm nano-debugsource-7.2-bp156.3.3.1.aarch64.rpm nano-7.2-bp156.3.3.1.ppc64le.rpm nano-debuginfo-7.2-bp156.3.3.1.ppc64le.rpm nano-debugsource-7.2-bp156.3.3.1.ppc64le.rpm nano-7.2-bp156.3.3.1.s390x.rpm nano-debuginfo-7.2-bp156.3.3.1.s390x.rpm nano-debugsource-7.2-bp156.3.3.1.s390x.rpm openSUSE-2024-163 moderate openSUSE Backports SLE-15-SP6 Update This update for virtme fixes the following issues: - Fix virtiofsd search path virtme-1.25-bp156.2.3.1.noarch.rpm virtme-1.25-bp156.2.3.1.src.rpm openSUSE-2024-164 moderate openSUSE Backports SLE-15-SP6 Update This update for opi fixes the following issues: - Version 5.2.0 * Add config option to reverse option order - Version 5.1.0 * Increase prio from 90 to 70 for packman/openh264 repos - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [boo#1212476] - Version 5.2.0 * Add config option to reverse option order - Version 5.1.0 * Increase prio from 90 to 70 for packman/openh264 repos opi-5.2.0-bp156.2.3.1.noarch.rpm opi-5.2.0-bp156.2.3.1.src.rpm openSUSE-2024-161 moderate openSUSE Backports SLE-15-SP6 Update plasma5-workspace was updated to fix the following issue: - Fixed ksmserver authentication (CVE-2024-36041, boo#1225774). - Fixed a regression introduced by the preceding change (kde#487912, boo#1226110): gmenudbusmenuproxy-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-session-5.27.11-bp156.3.3.1.noarch.rpm plasma5-session-wayland-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-workspace-5.27.11-bp156.3.3.1.src.rpm plasma5-workspace-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-workspace-devel-5.27.11-bp156.3.3.1.x86_64.rpm plasma5-workspace-lang-5.27.11-bp156.3.3.1.noarch.rpm plasma5-workspace-libs-5.27.11-bp156.3.3.1.x86_64.rpm xembedsniproxy-5.27.11-bp156.3.3.1.x86_64.rpm gmenudbusmenuproxy-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-session-wayland-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-workspace-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-workspace-devel-5.27.11-bp156.3.3.1.aarch64.rpm plasma5-workspace-libs-5.27.11-bp156.3.3.1.aarch64.rpm xembedsniproxy-5.27.11-bp156.3.3.1.aarch64.rpm gmenudbusmenuproxy-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-session-wayland-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-workspace-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-workspace-devel-5.27.11-bp156.3.3.1.ppc64le.rpm plasma5-workspace-libs-5.27.11-bp156.3.3.1.ppc64le.rpm xembedsniproxy-5.27.11-bp156.3.3.1.ppc64le.rpm openSUSE-2024-159 moderate openSUSE Backports SLE-15-SP6 Update This update for gajim, python-css-parser fixes the following issues: gajim changes: Express python dependencies directly. (boo#1225938) python-css-parser changes: update to 1.0.10 (boo#1225938): * Fix selector specificity calculation for pseudo-classes update to 1.0.9: * replace deprecated use of cgi.parse_header * drop python 3.6 support update to 1.0.8: * Replace removed assertEquals with assertEqual * Upgrade other unittest asserts for clearer error messages * tests: adjust exception string checks for python 3.11 * tests: fix warning about \( and \o being invalid sequences * Fix serialization of unknown rules containing comments - drop relax_error_msg_check.patch (upstream) gajim-1.8.4-bp156.2.3.1.noarch.rpm gajim-1.8.4-bp156.2.3.1.src.rpm gajim-lang-1.8.4-bp156.2.3.1.noarch.rpm python-css-parser-1.0.10-bp156.4.3.1.src.rpm python311-css-parser-1.0.10-bp156.4.3.1.noarch.rpm openSUSE-2024-171 moderate openSUSE Backports SLE-15-SP6 Update This update for python-python-sql fixes the following issues: - update to 1.5.1: * Use parameter for start and end of WINDOW FRAME * Use parameter for limit and offset - version 1.5.0: * naming scheme broken upstream * Add MERGE query * Support “UPSERT” with ON CONFLICT clause on INSERT query * Remove default escape char on LIKE and ILIKE * Add GROUPING SETS, CUBE, and ROLLUP clauses for GROUP BY. python-python-sql-1.5.1-bp156.2.3.1.src.rpm python311-python-sql-1.5.1-bp156.2.3.1.noarch.rpm openSUSE-2024-168 important openSUSE Backports SLE-15-SP6 Update This update for gdcm fixes the following issues: - CVE-2024-22373: Fixed out-of-bounds write vulnerability in JPEG2000Codec::DecodeByStreamsCommon (boo#1223398). gdcm-3.0.24-bp156.2.4.1.src.rpm gdcm-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-applications-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-devel-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-examples-3.0.24-bp156.2.4.1.x86_64.rpm libgdcm3_0-3.0.24-bp156.2.4.1.x86_64.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.x86_64.rpm python3-gdcm-3.0.24-bp156.2.4.1.x86_64.rpm gdcm-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-applications-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-devel-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-examples-3.0.24-bp156.2.4.1.aarch64.rpm libgdcm3_0-3.0.24-bp156.2.4.1.aarch64.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.aarch64.rpm python3-gdcm-3.0.24-bp156.2.4.1.aarch64.rpm gdcm-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-applications-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-devel-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-examples-3.0.24-bp156.2.4.1.ppc64le.rpm libgdcm3_0-3.0.24-bp156.2.4.1.ppc64le.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.ppc64le.rpm python3-gdcm-3.0.24-bp156.2.4.1.ppc64le.rpm gdcm-3.0.24-bp156.2.4.1.s390x.rpm gdcm-applications-3.0.24-bp156.2.4.1.s390x.rpm gdcm-devel-3.0.24-bp156.2.4.1.s390x.rpm gdcm-examples-3.0.24-bp156.2.4.1.s390x.rpm libgdcm3_0-3.0.24-bp156.2.4.1.s390x.rpm libsocketxx1_2-3.0.24-bp156.2.4.1.s390x.rpm python3-gdcm-3.0.24-bp156.2.4.1.s390x.rpm openSUSE-2024-173 moderate openSUSE Backports SLE-15-SP6 Update This update for shadowsocks-v2ray-plugin fixes the following issues: Update version to 5.15.1 * Fixed crash (boo#1226385) golang-github-teddysun-v2ray-plugin-5.15.1-bp156.2.3.1.noarch.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.src.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.x86_64.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.i586.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.aarch64.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.ppc64le.rpm shadowsocks-v2ray-plugin-5.15.1-bp156.2.3.1.s390x.rpm openSUSE-2024-166 moderate openSUSE Backports SLE-15-SP6 Update This update for gh fixes the following issues: Update to version 2.51.0: * Gracefully degrade when fetching annotations fails due to 403 (#9113) * replaced deprecated --json-result flag with --format=json in the gh at docstring. * Specify rpm repository to avoid conflicts with community repositories * Add `signer-repo` and `signer-workflow` flags to `gh attestation verify` (#9137) * Ensure signed RPMs have attestations Update to version 2.50.0: * Build completions during release on macos * Add build provenance for gh CLI releases (#9087) * Add integration tests for `gh attestation verify` shared workflow use case (#9107) * Update readme about MacOS pkg * Remove `v` prefix when `pkgmacos` is called * Integrate argument array to remove duplicate code * Added native min os version blocking * Fix distribution.xml + min macos version requirements * Fix directory already exists * Add a `gh variable get FOO` command (#9106) * Add comment to pr diff regex * Update regex in changedFilesNames to handle quoted paths * fix: rename the `Attempts` field to `Attempt`; expose in `gh run view` and `gh run ls` (#8905) * Change minimum build script macOS version * Cleanup pkgmacos build script * Removed redundant specifications * feat: add support for stateReason in `gh pr view` (#9080) * Update choice title * Update pkg title * update generated content for man pages and website * williammartin simplifications * remove no-op if clause that returns 'No Aliases' * Conditionalize references, remove redundant alias * list the various alias permutations for the command and subcommands * Remove TODO and add comment on LoginFlow tests * Comment the purpose of the helper config contract * Test git credentials are configured in LoginFlow * Add HelperConfig contract test and FakeHelperConfig * Inject GitCredentialFlow to LoginFlow as test seam * Removed unused param flagDryRun from upgradeFunc * Added summary TTY message to tests * Added TTY message to summarize checking extension upgrades * Add Helper test for Windows * Add tests for gitcredentials Updater * Fix mistaken git installation error check * Move gitcredentials HelperConfig and add tests * Comment the new gitcredentials package * Comment the git credential flow * Remove unnecessary credential setup private method * Use tighter interface in setup-git * Rename gitcredentials Configure to ConfigureOurs * Make gitcredential helper smarter * Move fetching configured helper into gitcredentials * Extract units for configuring and updating git credential helpers * Implement ExportData to filter json fields * fix: rename fields list * feat: add json output for PR checks * Fix doc bug for gh run watch gh-2.51.0-bp156.2.3.1.src.rpm gh-2.51.0-bp156.2.3.1.x86_64.rpm gh-bash-completion-2.51.0-bp156.2.3.1.noarch.rpm gh-fish-completion-2.51.0-bp156.2.3.1.noarch.rpm gh-zsh-completion-2.51.0-bp156.2.3.1.noarch.rpm gh-2.51.0-bp156.2.3.1.i586.rpm gh-2.51.0-bp156.2.3.1.aarch64.rpm gh-2.51.0-bp156.2.3.1.ppc64le.rpm gh-2.51.0-bp156.2.3.1.s390x.rpm openSUSE-2024-170 moderate openSUSE Backports SLE-15-SP6 Update This update for rubygem-bcrypt_pbkdf fixes the following issues: Updated to version 1.1.1 - see installed CHANGELOG.md ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.x86_64.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.x86_64.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.x86_64.rpm rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.src.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.i586.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.i586.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.i586.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.aarch64.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.aarch64.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.aarch64.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.ppc64le.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.ppc64le.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.ppc64le.rpm ruby2.5-rubygem-bcrypt_pbkdf-1.1.1-bp156.4.3.1.s390x.rpm ruby2.5-rubygem-bcrypt_pbkdf-doc-1.1.1-bp156.4.3.1.s390x.rpm ruby2.5-rubygem-bcrypt_pbkdf-testsuite-1.1.1-bp156.4.3.1.s390x.rpm openSUSE-2024-174 moderate openSUSE Backports SLE-15-SP6 Update This update for sngrep fixes the following issues: - CVE-2024-35434: heap buffer overflow in rtp_check_packet sngrep-1.8.1-bp156.2.3.1.src.rpm sngrep-1.8.1-bp156.2.3.1.x86_64.rpm sngrep-1.8.1-bp156.2.3.1.i586.rpm sngrep-1.8.1-bp156.2.3.1.aarch64.rpm sngrep-1.8.1-bp156.2.3.1.ppc64le.rpm sngrep-1.8.1-bp156.2.3.1.s390x.rpm openSUSE-2024-193 moderate openSUSE Backports SLE-15-SP6 Update This update for keepassxc fixes the following issues: Update to 2.7.9: - Changes: - Passkeys: Ability to easily remove a passkey from an entry [#10777] - Snap: Use new desktop portal for native messaging integration [#10906] - Fixes: - Improve entry placeholder/reference feature [#10846] - Improve CSV importing when title field isn't specified [#10843] - Improve encrypted Bitwarden importing [#10800] - Improve database settings UX [#10821] - Improve handling of clipboard actions from entry preview [#10810] - Improve group/entry view resize behavior and set sensible defaults [#10641] - Passkeys: Fix incorrect username fill [#10874] - Passkeys: Return additional data to the extension [#10857] - Fix password clear timer inconsistency on unlock view [#10708] - Fix portability check [#10760] - Fix page overflow on HTML exports [#10735] - Fix broken builds when using system provided zxcvbn [#10717] - Fix copy password button when text is selected [#10853] - Fix tab ordering on application settings pages [#10907] - SSH Agent: Fix broken decrypt button [#10638] - Flatpak: Fix configuration settings off-by-one error [#10688] keepassxc-2.7.9-bp156.2.3.1.src.rpm keepassxc-2.7.9-bp156.2.3.1.x86_64.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.x86_64.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.x86_64.rpm keepassxc-lang-2.7.9-bp156.2.3.1.noarch.rpm keepassxc-2.7.9-bp156.2.3.1.aarch64.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.aarch64.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.aarch64.rpm keepassxc-2.7.9-bp156.2.3.1.ppc64le.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.ppc64le.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.ppc64le.rpm keepassxc-2.7.9-bp156.2.3.1.s390x.rpm keepassxc-debuginfo-2.7.9-bp156.2.3.1.s390x.rpm keepassxc-debugsource-2.7.9-bp156.2.3.1.s390x.rpm openSUSE-2024-194 moderate openSUSE Backports SLE-15-SP6 Update This update for keybase-client fixes the following issues: Update to version 6.2.8 * Update client CA * Fix incomplete locking in config file handling. - Update the Image dependency to address CVE-2023-29408 / boo#1213928. This is done via the new update-image-tiff.patch. - Limit parallel test execution as that seems to cause failing builds on OBS that don't occur locally. - Integrate KBFS packages previously build via own source package * Upstream integrated these into the same source. * Also includes adding kbfs-related patches ensure-mount-dir-exists.patch and ensure-service-stop-unmounts-filesystem.patch. - Upgrade Go version used for compilation to 1.19. - Use Systemd unit file from upstream source. kbfs-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-git-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-tool-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm keybase-client-6.2.8-bp156.2.3.1.src.rpm keybase-client-6.2.8-bp156.2.3.1.x86_64.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.x86_64.rpm kbfs-6.2.8-bp156.2.3.1.i586.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.i586.rpm kbfs-git-6.2.8-bp156.2.3.1.i586.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.i586.rpm kbfs-tool-6.2.8-bp156.2.3.1.i586.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.i586.rpm keybase-client-6.2.8-bp156.2.3.1.i586.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.i586.rpm kbfs-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-git-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-tool-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm keybase-client-6.2.8-bp156.2.3.1.aarch64.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.aarch64.rpm kbfs-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-git-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-tool-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm keybase-client-6.2.8-bp156.2.3.1.ppc64le.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.ppc64le.rpm kbfs-6.2.8-bp156.2.3.1.s390x.rpm kbfs-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm kbfs-git-6.2.8-bp156.2.3.1.s390x.rpm kbfs-git-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm kbfs-tool-6.2.8-bp156.2.3.1.s390x.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm keybase-client-6.2.8-bp156.2.3.1.s390x.rpm keybase-client-debuginfo-6.2.8-bp156.2.3.1.s390x.rpm openSUSE-2024-180 moderate openSUSE Backports SLE-15-SP6 Update This update for perl-Test-MockModule fixes the following issues: Update to version 0.178.0: - 6724a30 - Simplify CI workflow - Nicolas R - 1801372 - Multiple improvements - Nicolas R - e97e316 - Add protection to _replace_sub - Nicolas R perl-Test-MockModule-0.178.0-bp156.2.3.1.noarch.rpm perl-Test-MockModule-0.178.0-bp156.2.3.1.src.rpm openSUSE-2024-181 moderate openSUSE Backports SLE-15-SP6 Update This update for perl-Minion fixes the following issues: - updated to 10.29 see /usr/share/doc/packages/perl-Minion/Changes - updated to 10.28 see /usr/share/doc/packages/perl-Minion/Changes 10.28 2023-11-217 - Improved repair and history performance in most cases. 10.27 2023-11-20 - Improved repair performance in cases where there are a lot of finished jobs with dependencies. - updated to 10.26 see /usr/share/doc/packages/perl-Minion/Changes 10.26 2023-11-10 - Added type information to worker status. - Improved workers by calling srand() after starting a new job process. perl-Minion-10.290.0-bp156.3.3.1.noarch.rpm perl-Minion-10.290.0-bp156.3.3.1.src.rpm openSUSE-2024-182 moderate openSUSE Backports SLE-15-SP6 Update This update for perl-Perl-Tidy fixes the following issues: - updated to 20240511 ## 2024 05 11 - The option --valign-signed-numbers, or -vsn is now the default. It was introduced in the previous release has been found to significantly improve the overall appearance of columns of signed and unsigned numbers. See the previous Change Log entry for an example. This will change the formatting in scripts with columns of vertically aligned signed and unsigned numbers. Use -nvsn to turn this option off and avoid this change. - Previously, a line break was made before a short concatenated terminal quoted string, such as "\n", if the previous line had a greater starting indentation. The break is now placed after the short quote. This keeps code a little more compact. For example: # old rule: break before "\n" here because '$name' has more indentation: my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var", $name, "remove", "UNCHECKED" ) . "\n"; # new rule: break after a short terminal quote like "\n" for compactness; my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var", $name, "remove", "UNCHECKED" ) . "\n"; - The option --delete-repeated-commas is now the default. It makes the following checks and changes: - Repeated commas like ',,' are removed with a warning - Repeated fat commas like '=> =>' are removed with a warning - The combination '=>,' produces a warning but is not changed These warnings are only output if --warning-output, or -w, is set. Use --nodelete-repeated-commas, or -ndrc, to retain repeated commas. - The operator ``**=`` now has spaces on both sides by default. Previously, there was no space on the left. This change makes its spacing the same as all other assignment operators. The previous behavior can be obtained with the parameter setting -nwls='**='. - The option --file-size-order, or -fso is now the default. When perltidy is given a list of multiple filenames to process, they are sorted by size and processed in order of increasing size. This can significantly reduce memory usage by Perl. This option has always been used in testing, where typically several jobs each operating on thousands of filenames are running at the same time and competing for system resources. If this option is not wanted for some reason, it can be deactivated with -nfso. - In the option --dump-block-summary, the number of sub arguments indicated for each sub now includes any leading object variable passed with an arrow-operator call. Previously the count would have been decreased by one in this case. This change is needed for compatibility with future updates. - Fix issue git #138 involving -xlp (--extended-line-up-parentheses). When multiple-line quotes and regexes have long secondary lines, these line lengths could influencing some spacing and indentation, but they should not have since perltidy has no control over their indentation. This has been fixed. This will mainly influence code which uses -xlp and has long multi-line quotes. - Add option --minimize-continuation-indentation, -mci (see git #137). This flag allows perltidy to remove continuation indentation in some special cases where it is not really unnecessary. For a simple example, the default formatting for the following snippet is: # perltidy -nmci $self->blurt( "Error: No INPUT definition for type '$type', typekind '" . $type->xstype . "' found" ); The second and third lines are one level deep in a container, and are also statement continuations, so they get indented by the sum of the -i value and the -ci value. If this flag is set, the indentation is reduced by -ci spaces, giving # perltidy -mci $self->blurt( "Error: No INPUT definition for type '$type', typekind '" . $type->xstype . "' found" ); This situation is relatively rare except in code which has long quoted strings and the -nolq flag is also set. This flag is currently off by default, but it could become the default in a future version. - Add options --dump-mismatched-args (or -dma) and --warn-mismatched-arg (or -wma). These options look for and report instances where the number of args expected by a sub appear to differ from the number passed to the sub. The -dump version writes the results for a single file to standard output and exits: perltidy -dma somefile.pl >results.txt The -warn version formats as normal but reports any issues as warnings in the error file: perltidy -wma somefile.pl The -warn version may be customized with the following additional parameters if necessary to avoid needless warnings: --warn-mismatched-arg-types=s (or -wmat=s), --warn-mismatched-arg-exclusion-list=s (or -wmaxl=s), and --warn-mismatched-arg-undercount-cutoff=n (or -wmauc=n). --warn-mismatched-arg-overcount-cutoff=n (or -wmaoc=n). These are explained in the manual. - Add option --valign-wide-equals, or -vwe, for issue git #135. Setting this parameter causes the following assignment operators = **= += *= &= <<= &&= -= /= |= >>= ||= //= .= %= ^= x= to be aligned vertically with the ending = all aligned. For example, here is the default formatting of a snippet of code: $str .= SPACE x $total_pad_count; $str_len += $total_pad_count; $total_pad_count = 0; $str .= $rfields->[$j]; $str_len += $rfield_lengths->[$j]; And here is the same code formatted with -vwe: # perltidy -vwe $str .= SPACE x $total_pad_count; $str_len += $total_pad_count; $total_pad_count = 0; $str .= $rfields->[$j]; $str_len += $rfield_lengths->[$j]; This option currently is off by default to avoid changing existing formatting. - Added control --delete-interbracket-arrows, or -dia, to delete optional hash ref and array ref arrows between brackets as in the following expression (see git #131) return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'}; # perltidy -dia gives: return $self->{'commandline'}{'arg_list'}[0][0]{'hostgroups'}; Added the opposite control --aia-interbracket-arrows, or -aia, to add arrows. So applied to the previous line the arrows are restored: # perltidy -aia return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'}; The manual describes additional controls for adding and deleting just selected interbracket arrows. - updated to 20240202 see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md ## 2024 02 02 - Added --valign-signed-numbers, or -vsn. This improves the appearance of columns of numbers by aligning leading algebraic signs. For example: # perltidy -vsn my $xyz_shield = [ [ -0.060, -0.060, 0. ], [ 0.060, -0.060, 0. ], [ 0.060, 0.060, 0. ], [ -0.060, 0.060, 0. ], [ -0.0925, -0.0925, 0.092 ], [ 0.0925, -0.0925, 0.092 ], [ 0.0925, 0.0925, 0.092 ], [ -0.0925, 0.0925, 0.092 ], ]; # perltidy -nvsn (current DEFAULT) my $xyz_shield = [ [ -0.060, -0.060, 0. ], [ 0.060, -0.060, 0. ], [ 0.060, 0.060, 0. ], [ -0.060, 0.060, 0. ], [ -0.0925, -0.0925, 0.092 ], [ 0.0925, -0.0925, 0.092 ], [ 0.0925, 0.0925, 0.092 ], [ -0.0925, 0.0925, 0.092 ], ]; This new option works well but is currently OFF to allow more testing and fine-tuning. It is expected to be activated in a future release. - Added --dump-mixed-call-parens (-dmcp ) which will dump a list of operators which are sometimes followed by parens and sometimes not. This can be useful for developing a uniform style for selected operators. Issue git #128. For example perltidy -dmcp somefile.pl >out.txt produces lines like this, where the first number is the count of uses with parens, and the second number is the count without parens. k:caller:2:1 k:chomp:3:4 k:close:7:4 - Added --want-call-parens=s (-wcp=s) and --nowant-call-parens=s (-nwcp=s) options which will warn of paren uses which do not match a selected style. The manual has details. But for example, perltidy -wcp='&' somefile.pl will format as normal but warn if any user subs are called without parens. - Added --dump-unusual-variables (-duv) option to dump a list of variables with certain properties of interest. For example perltidy -duv somefile.pl >vars.txt produces a file with lines which look something like 1778:u: my $input_file 6089:r: my $j: reused - see line 6076 The values on the line which are separated by colons are: line number - the number of the line of the input file issue - a single letter indicating the issue, see below variable name - the name of the variable, preceded by a keyword note - an optional note referring to another line The issue is indicated by a letter which may be one of: r: reused variable name s: sigil change but reused bareword p: lexical variable with scope in multiple packages u: unused variable This is very useful for locating problem areas and bugs in code. - Added a related flag --warn-variable-types=string (-wvt=string) option to warn if certain types of variables are found in a script. The types are a space-separated string which may include 'r', 's', and 'p' but not 'u'. For example perltidy -wvt='r s' somefile.pl will check for and warn if any variabls of type 'r', or 's' are seen, but not 'p'. All possible checks may be indicated with a '*' or '1': perltidy -wvt='*' somefile.pl The manual has further details. - All parameters taking integer values are now checked for out-of-range values before processing starts. When a maximum or maximum range is exceeded, the new default behavior is to write a warning message, reset the value to its default setting, and continue. This default behavior can be changed with the new parameter --integer-range-check=n, or -irc=n, as follows: n=0 skip check completely (for stress-testing perltidy only) n=1 reset bad values to defaults but do not issue a warning n=2 reset bad values to defaults and issue a warning [DEFAULT] n=3 stop immediately if any values are out of bounds The settings n=0 and n=1 are mainly useful for testing purposes. - The --dump-block-summary (-dbs) option now includes the number of sub args in the 'type' column. For example, 'sub(9)' indicates a sub with 9 args. Subs whose arg count cannot easily be determined are indicated as 'sub(*)'. The count does not include a leading '$self' or '$class' arg. - Added flag --space-signature-paren=n, or -ssp=n (issue git #125). This flag works the same as the existing flag --space-prototype-paren=n except that it applies to the space before the opening paren of a sub signature instead of a sub prototype. Previously, there was no control over this (a space always occurred). For example, given the following line: sub circle( $xc, $yc, $rad ); The following results can now be obtained, according to the value of n: sub circle( $xc, $yc, $rad ); # n=0 [no space] sub circle( $xc, $yc, $rad ); # n=1 [default; same as input] sub circle ( $xc, $yc, $rad ); # n=2 [space] The spacing in previous versions of perltidy corresponded to n=2 (always a space). The new default value, n=1, will produce a space if and only if there was a space in the input text. - The --dump-block-summary option can report an if-elsif-elsif-.. chain as a single line item with the notation -dbt='elsif3', for example, where the '3' is an integer which specifies the minimum number of elsif blocks required for a chain to be reported. The manual has details. - Fix problem c269, in which the new -ame parameter could incorrectly emit an else block when two elsif blocks were separated by a hanging side comment (a very rare situation). - When braces are detected to be unbalanced, an attempt is made to localize the error by comparing the indentation at closing braces with their actual nesting levels. This can be useful for files which have previously been formatted by perltidy. To illustrate, a test was made in which the closing brace at line 30644 was commented out in a file with a total of over 62000 lines. The new error message is Final nesting depth of '{'s is 1 The most recent un-matched '{' is on line 6858 ... Table of nesting level differences at closing braces. This might help localize brace errors if the file was previously formatted. line: (brace level) - (level expected from old indentation) 30643: 0 30645: 1 Previously, the error file only indicated that the error in this case was somewhere after line 6858, so the new table is very helpful. Closing brace indentation is checked because it is unambiguous and can be done very efficiently. - The -DEBUG option no longer automatically also writes a .LOG file. Use --show-options if the .LOG file is needed. - The run time of this version with all new options in use is no greater than that of the previous version thanks to optimization work. perl-Perl-Tidy-20240511.0.0-bp156.2.3.1.noarch.rpm perl-Perl-Tidy-20240511.0.0-bp156.2.3.1.src.rpm openSUSE-2024-175 moderate openSUSE Backports SLE-15-SP6 Update This update for cockpit fixes the following issues: - disable selinux on leap versions without selinux - set libexec dir to %_libexecdir (boo#1223533) - new version 316: * cockpit.js API: Fix format_bytes() units - new version 315: * Networking: Show additional ports for each firewall zone * Networking: List Firewall active zones when unprivileged * Inline documentation * Support for transient virtual machines * UEFI for virtual machines * Unattended virtual machines installation * Localize times * Better support for various TLS certificate formats * Overview: Add CPU utilization to usage card * Dashboard: Support SSH identity unlocking when adding new machines * SElinux: Introduce an Ansible automation script * Machines: Support 'bridge' type network interfaces * Machines: Support 'bus' type disk configuration cockpit-316-bp156.2.3.1.src.rpm cockpit-316-bp156.2.3.1.x86_64.rpm cockpit-bridge-316-bp156.2.3.1.x86_64.rpm cockpit-devel-316-bp156.2.3.1.x86_64.rpm cockpit-doc-316-bp156.2.3.1.noarch.rpm cockpit-kdump-316-bp156.2.3.1.noarch.rpm cockpit-networkmanager-316-bp156.2.3.1.noarch.rpm cockpit-packagekit-316-bp156.2.3.1.noarch.rpm cockpit-pcp-316-bp156.2.3.1.x86_64.rpm cockpit-selinux-316-bp156.2.3.1.noarch.rpm cockpit-storaged-316-bp156.2.3.1.noarch.rpm cockpit-system-316-bp156.2.3.1.noarch.rpm cockpit-ws-316-bp156.2.3.1.x86_64.rpm cockpit-316-bp156.2.3.1.aarch64.rpm cockpit-bridge-316-bp156.2.3.1.aarch64.rpm cockpit-devel-316-bp156.2.3.1.aarch64.rpm cockpit-pcp-316-bp156.2.3.1.aarch64.rpm cockpit-ws-316-bp156.2.3.1.aarch64.rpm cockpit-316-bp156.2.3.1.ppc64le.rpm cockpit-bridge-316-bp156.2.3.1.ppc64le.rpm cockpit-devel-316-bp156.2.3.1.ppc64le.rpm cockpit-pcp-316-bp156.2.3.1.ppc64le.rpm cockpit-ws-316-bp156.2.3.1.ppc64le.rpm cockpit-316-bp156.2.3.1.s390x.rpm cockpit-bridge-316-bp156.2.3.1.s390x.rpm cockpit-devel-316-bp156.2.3.1.s390x.rpm cockpit-pcp-316-bp156.2.3.1.s390x.rpm cockpit-ws-316-bp156.2.3.1.s390x.rpm openSUSE-2024-176 moderate openSUSE Backports SLE-15-SP6 Update This update for opi fixes the following issues: - Version 5.2.1 * Update freeoffice.py opi-5.2.1-bp156.2.6.1.noarch.rpm opi-5.2.1-bp156.2.6.1.src.rpm openSUSE-2024-177 moderate openSUSE Backports SLE-15-SP6 Update This update for mygnuhealth fixes the following issues: - version 2.2.0 * Support for Kivy 2.3.0 * Localization. MyGNUHealth now has support for different languages. English, Spanish and Chinese are available to use, and French, German, Italian are ready to be translated. There will be a translation component for MyGNUHealth at Codeberg's Weblate instance. * Bluetooth functionality: Starting with MyGH series 2.2 we provide bluetooth integration for open compatible devices and health trackers. We include the link with the Pinetime Smartwatch (experimental) and the possibility to link to any open hardware device (glucometer, scales, blood pressure monitors, .. ). We need to get a list of available medical devices that respect our privacy and freedom, so let us know of any! * Charts now allow to select date ranges with calendar widgets The Book of Life have a revised format for the pages. The charts have been improved in the format and include x axis labels. mygnuhealth-2.2.0-bp156.2.3.1.src.rpm mygnuhealth-2.2.0-bp156.2.3.1.x86_64.rpm mygnuhealth-2.2.0-bp156.2.3.1.aarch64.rpm mygnuhealth-2.2.0-bp156.2.3.1.ppc64le.rpm mygnuhealth-2.2.0-bp156.2.3.1.s390x.rpm openSUSE-2024-178 moderate openSUSE Backports SLE-15-SP6 Update This update for python-Routes fixes the following issues: - update to 2.5.1: * Add compatibility for Python 3.7+. * Add graceful fallback for invalid character encoding from request object. * Enhanced performance for matching routes that share the same static prefix. * Fixed issue with child routes not passing route conditions to the Mapper.connect call. * Fixed documentation to reflect default value for minimization. * Allow backslash to escape special characters in route paths. * Resolve invalid escape sequences. * Remove support for Python 2.6, 3.3, and 3.4. * Remove obsolete Python 2.3 compat code. - update to 2.4.1: * Release as a universal wheel. PR #75. * Convert readthedocs links for their .org -> .io migration for hosted projects. - update to 2.3.1: * Backwards compatability fix - connect should work with mandatory routename and optional path. Patch by Davanum Srinivas (PR #65). * Fix sub_domain equivalence check. Patch by Nikita Uvarov * Add support for protocol-relative URLs generation (i.e. starting with double slash ``//``). PR #60. Patch by Sviatoslav Sydorenko. * Add support for the ``middleware`` extra requirement, making possible to depend on ``webob`` optionally. PR #59. Patch by Sviatoslav Sydorenko. * Fix matching of an empty string route, which led to exception in earlier versions. PR #58. Patch by Sviatoslav Sydorenko. * Add support for the ``requirements`` option when using mapper.resource to create routes. PR #57. Patch by Sean Dague. * Concatenation fix when using submappers with path prefixes. Multiple submappers combined the path prefix inside the controller argument in non-obvious ways. The controller argument will now be properly carried through when using submappers. PR #28. - update to 2.2: * Fix Python 3 support. Patch by Victor Stinner. - update to 2.1: * Fix 3 other route matching groups in route.py to use anonymous groups for optional sections to avoid exceeding regex limits. Fixes #15. * Printing a mapper now includes the Controller/action parameters from the route. Fixes #11. * Fix regression that didn't allow passing in params 'host', 'protocol', or 'anchor'. They can now be passed in with a trailing '_' as was possible before commit d1d1742903fa5ca24ef848a6ae895303f2661b2a. Fixes #7. * URL generation with/without SCRIPT_NAME was resulting in the URL cache failing to return the appropriate cached URL generation. The URL cache should always include the SCRIPT_NAME, even if its empty, in the cache to avoid this, and now does. Fixes #6. * Extract Route creation into separate method in Mapper. Subclasses of Route can be created by Mappers now. * Use the first X_FORWARDED_FOR value if there are multiple proxies in the path. Fixes #5. * Python 3.2/3.3 Support. Fixes Issue #2. Thanks to Alejandro Sánchez for the pull request! - Update to version 1.13: * Fix bug with dots forcing extension by default. The portion with the dot can now be recognized. Patch by Michael Basnight. python-Routes-2.5.1-bp156.2.1.src.rpm python3-Routes-2.5.1-bp156.2.1.noarch.rpm openSUSE-2024-184 moderate openSUSE Backports SLE-15-SP6 Update This update for python-guessit, python-rebulk fixes the following issues: python-guessit: - Raise version requirement for python-rebulk (fixes boo#1226826) python-rebulk: - Update to version 3.2.0 Features: * dependencies: Add python 3.11 support and drop python 3.6 support. Fixes: * Remove pytest-runner from setup_requires. python-guessit-3.8.0-bp156.2.3.1.src.rpm python3-guessit-3.8.0-bp156.2.3.1.noarch.rpm python-rebulk-3.2.0-bp156.4.3.1.src.rpm python3-rebulk-3.2.0-bp156.4.3.1.noarch.rpm openSUSE-2024-191 moderate openSUSE Backports SLE-15-SP6 Update This update for wg-info fixes the following issues: * Fix regex escaping wg-info-20240702.9b5c479-bp156.2.3.1.noarch.rpm wg-info-20240702.9b5c479-bp156.2.3.1.src.rpm openSUSE-2024-188 moderate openSUSE Backports SLE-15-SP6 Update This update for tryton, trytond, trytond_account, trytond_account_invoice, trytond_currency, trytond_purchase fixes the following issues: Changes in trytond_purchase: - Version 6.0.16 - Bugfix Release Changes in trytond_currency: - Version 6.0.6 - Bugfix Release Changes in trytond_account_invoice: - Version 6.0.18 - Bugfix Release Changes in trytond_account: - Version 6.0.26 - Bugfix Release Changes in trytond: - Version 6.0.48 - Bugfix Release Changes in tryton: - Version 6.0.40 - Bugfix Release tryton-6.0.40-bp156.2.3.1.noarch.rpm tryton-6.0.40-bp156.2.3.1.src.rpm trytond-6.0.48-bp156.2.3.1.noarch.rpm trytond-6.0.48-bp156.2.3.1.src.rpm trytond_account-6.0.26-bp156.2.3.1.noarch.rpm trytond_account-6.0.26-bp156.2.3.1.src.rpm trytond_account_invoice-6.0.18-bp156.2.3.1.noarch.rpm trytond_account_invoice-6.0.18-bp156.2.3.1.src.rpm trytond_currency-6.0.6-bp156.4.3.1.noarch.rpm trytond_currency-6.0.6-bp156.4.3.1.src.rpm trytond_purchase-6.0.16-bp156.2.3.1.noarch.rpm trytond_purchase-6.0.16-bp156.2.3.1.src.rpm openSUSE-2024-189 moderate openSUSE Backports SLE-15-SP6 Update This update for mtail fixes the following issues: - Adjust system call filter for Leap 15.6 mtail-3.0.0rc51-bp156.4.3.1.src.rpm mtail-3.0.0rc51-bp156.4.3.1.x86_64.rpm mtail-3.0.0rc51-bp156.4.3.1.i586.rpm mtail-3.0.0rc51-bp156.4.3.1.aarch64.rpm mtail-3.0.0rc51-bp156.4.3.1.ppc64le.rpm mtail-3.0.0rc51-bp156.4.3.1.s390x.rpm openSUSE-2024-195 moderate openSUSE Backports SLE-15-SP6 Update This update for afl fixes the following issues: Updated to 4.21c: * afl-fuzz - fixed a regression in afl-fuzz that resulted in a 5-10% performace loss do a switch from gettimeofday() to clock_gettime() which should be rather three times faster. The reason for this is unknown. - new queue selection algorithm based on 2 core years of queue data analysis. gives a noticable improvement on coverage although the results seem counterintuitive :-) - added AFL_DISABLE_REDUNDANT for huge queues - added `AFL_NO_SYNC` environment variable that does what you think it does - fix AFL_PERSISTENT_RECORD - run custom_post_process after standard trimming - prevent filenames in the queue that have spaces - minor fix for FAST schedules - more frequent stats update when syncing (todo: check performance impact) - now timing of calibration, trimming and syncing is measured seperately, thanks to @eqv! - -V timing is now accurately the fuzz time (without syncing), before long calibration times and syncing could result in now fuzzing being made when the time was already run out until then, thanks to @eqv! - fix -n uninstrumented mode when ending fuzzing - enhanced the ASAN configuration - make afl-fuzz use less memory with cmplog and fix a memleak * afl-cc: - re-enable i386 support that was accidently disabled - fixes for LTO and outdated afl-gcc mode for i386 - fix COMPCOV split compare for old LLVMs - disable xml/curl/g_ string transform functions because we do not check for null pointers ... TODO - ensure shared memory variables are visible in weird build setups - compatability to new LLVM 19 changes * afl-cmin - work with input files that have a space * afl-showmap - fix memory leak on shmem testcase usage (thanks to @ndrewh) - minor fix to collect coverage -C (thanks to @bet4it) * Fixed a shmem mmap bug (that rarely came up on MacOS) * libtokencap: script generate_libtoken_dict.sh added by @a-shvedov Updated to 4.20c: + A new forkserver communication model is now introduced. afl-fuzz is backward compatible to old compiled targets if they are not built for CMPLOG/Redqueen, but new compiled targets will not work with old afl-fuzz versions! + Recompile all targets that are instrumented for CMPLOG/Redqueen! - AFL++ now supports up to 4 billion coverage edges, up from 6 million. - New compile option: `make PERFORMANCE=1` - this will enable special CPU dependent optimizations that make everything more performant - but the binaries will likely won't work on different platforms. Also enables a faster hasher if the CPU requirements are met. - The persistent record feature (see config.h) was expanded to also support replay, thanks to @quarta-qti ! - afl-fuzz: - the new deterministic fuzzing feature is now activated by default, deactivate with -z. Parameters -d and -D are ignored. - small improvements to CMPLOG/redqueen - workround for a bug with MOpt -L when used with -M - in the future we will either remove or rewrite MOpt. - fix for `-t xxx+` feature - -e extension option now saves the queue items, crashes, etc. with the extension too - fixes for trimmming, correct -V time and reading stats on resume by eqv thanks a lot! - afl-cc: - added collision free caller instrumentation to LTO mode. activate with `AFL_LLVM_LTO_CALLER=1`. You can set a max depth to go through single block functions with `AFL_LLVM_LTO_CALLER_DEPTH` (default 0) - fixes for COMPCOV/LAF and most other modules - fix for GCC_PLUGIN cmplog that broke on std::strings - afl-whatsup: - now also displays current average speed - small bugfixes - Fixes for aflpp custom mutator and standalone tool - Minor edits to afl-persistent-config - Prevent temporary files being left behind on aborted afl-whatsup - More CPU benchmarks added to benchmark/ Updated to 4.10c: - afl-fuzz: - default power schedule is now EXPLORE, due a fix in fast schedules explore is slightly better now. - fixed minor issues in the mutation engine, thanks to @futhewo for reporting! - better deterministic fuzzing is now available, benchmarks have shown to improve fuzzing. Enable with -D. Thanks to @kdsjZh for the PR! - afl-cc: - large rewrite by @SonicStark which fixes a few corner cases, thanks! - LTO mode now requires llvm 12+ - workaround for ASAN with gcc_plugin mode - instrumentation: - LLVM 18 support, thanks to @devnexen! - Injection (SQL, LDAP, XSS) fuzzing feature now available, see `instrumentation/README.injections.md` how to activate/use/expand. - compcov/LAF-intel: - floating point splitting bug fix by @hexcoder - due a bug in LLVM 17 integer splitting is disabled there! - when splitting floats was selected, integers were always split as well, fixed to require AFL_LLVM_LAF_SPLIT_COMPARES or _ALL as it should - dynamic instrumentation filtering for LLVM NATIVE, thanks @Mozilla! see utils/dynamic_covfilter/README.md - qemu_mode: - plugins are now activated by default and a new module is included that produces drcov compatible traces for lighthouse/lightkeeper/... thanks to @JRomainG to submitting! - updated Nyx checkout (fixes a bug) and some QOL - updated the custom grammar mutator - document afl-cmin does not work on macOS (but afl-cmin.bash does) afl-4.21c-bp156.2.3.1.src.rpm afl-4.21c-bp156.2.3.1.x86_64.rpm afl-4.21c-bp156.2.3.1.i586.rpm afl-4.21c-bp156.2.3.1.aarch64.rpm afl-4.21c-bp156.2.3.1.ppc64le.rpm afl-4.21c-bp156.2.3.1.s390x.rpm openSUSE-2024-196 moderate openSUSE Backports SLE-15-SP6 Update This update for tpm-fido fixes the following issues: - Require system-user-tss for tss group - Ensure uhid module is loaded on boot so udev will set permissions tpm-fido-20230621.5f8828b-bp156.2.3.1.src.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.x86_64.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.i586.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.aarch64.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.ppc64le.rpm tpm-fido-20230621.5f8828b-bp156.2.3.1.s390x.rpm openSUSE-2024-206 moderate openSUSE Backports SLE-15-SP6 Update This update for cockpit fixes the following issues: - new version 320: * pam-ssh-add: Fix insecure killing of session ssh-agent (boo#1226040, CVE-2024-6126) - changes in older versions: * Storage: Btrfs snapshots * Podman: Add image pull action * Files: Bookmark support * webserver: System user changes * Metrics: Grafana setup now prefers Valkey - Invalid json against the storaged manifest boo#1227299 cockpit-320-bp156.2.6.3.src.rpm cockpit-320-bp156.2.6.3.x86_64.rpm cockpit-bridge-320-bp156.2.6.3.x86_64.rpm cockpit-devel-320-bp156.2.6.3.x86_64.rpm cockpit-doc-320-bp156.2.6.3.noarch.rpm cockpit-kdump-320-bp156.2.6.3.noarch.rpm cockpit-networkmanager-320-bp156.2.6.3.noarch.rpm cockpit-packagekit-320-bp156.2.6.3.noarch.rpm cockpit-pcp-320-bp156.2.6.3.x86_64.rpm cockpit-selinux-320-bp156.2.6.3.noarch.rpm cockpit-storaged-320-bp156.2.6.3.noarch.rpm cockpit-system-320-bp156.2.6.3.noarch.rpm cockpit-ws-320-bp156.2.6.3.x86_64.rpm cockpit-320-bp156.2.6.3.aarch64.rpm cockpit-bridge-320-bp156.2.6.3.aarch64.rpm cockpit-devel-320-bp156.2.6.3.aarch64.rpm cockpit-pcp-320-bp156.2.6.3.aarch64.rpm cockpit-ws-320-bp156.2.6.3.aarch64.rpm cockpit-320-bp156.2.6.3.ppc64le.rpm cockpit-bridge-320-bp156.2.6.3.ppc64le.rpm cockpit-devel-320-bp156.2.6.3.ppc64le.rpm cockpit-pcp-320-bp156.2.6.3.ppc64le.rpm cockpit-ws-320-bp156.2.6.3.ppc64le.rpm cockpit-320-bp156.2.6.3.s390x.rpm cockpit-bridge-320-bp156.2.6.3.s390x.rpm cockpit-devel-320-bp156.2.6.3.s390x.rpm cockpit-pcp-320-bp156.2.6.3.s390x.rpm cockpit-ws-320-bp156.2.6.3.s390x.rpm openSUSE-2024-200 moderate openSUSE Backports SLE-15-SP6 Update This update for obs-service-download_url fixes the following issues: Update to version 0.2.1: * CVE-2024-22033: fixed argument parsing option injection (boo#1227203) obs-service-download_url-0.2.1-bp156.2.3.1.noarch.rpm obs-service-download_url-0.2.1-bp156.2.3.1.src.rpm openSUSE-2024-202 moderate openSUSE Backports SLE-15-SP6 Update This update for Botan fixes the following issues: Update to 2.19.5: * Fix multiple Denial of service attacks due to X.509 cert processing: * CVE-2024-34702 - boo#1227238 * CVE-2024-34703 - boo#1227607 * CVE-2024-39312 - boo#1227608 * Fix a crash in OCB * Fix a test failure in compression with certain versions of zlib * Fix some iterator debugging errors in TLS CBC decryption. * Avoid a miscompilation in ARIA when using XCode 14 Botan-2.19.5-bp156.3.3.1.src.rpm Botan-2.19.5-bp156.3.3.1.x86_64.rpm Botan-doc-2.19.5-bp156.3.3.1.noarch.rpm libbotan-2-19-2.19.5-bp156.3.3.1.x86_64.rpm libbotan-devel-2.19.5-bp156.3.3.1.x86_64.rpm python3-botan-2.19.5-bp156.3.3.1.x86_64.rpm Botan-2.19.5-bp156.3.3.1.i586.rpm libbotan-2-19-2.19.5-bp156.3.3.1.i586.rpm libbotan-2-19-32bit-2.19.5-bp156.3.3.1.x86_64.rpm libbotan-devel-2.19.5-bp156.3.3.1.i586.rpm libbotan-devel-32bit-2.19.5-bp156.3.3.1.x86_64.rpm python3-botan-2.19.5-bp156.3.3.1.i586.rpm Botan-2.19.5-bp156.3.3.1.aarch64.rpm libbotan-2-19-2.19.5-bp156.3.3.1.aarch64.rpm libbotan-2-19-64bit-2.19.5-bp156.3.3.1.aarch64_ilp32.rpm libbotan-devel-2.19.5-bp156.3.3.1.aarch64.rpm libbotan-devel-64bit-2.19.5-bp156.3.3.1.aarch64_ilp32.rpm python3-botan-2.19.5-bp156.3.3.1.aarch64.rpm Botan-2.19.5-bp156.3.3.1.ppc64le.rpm libbotan-2-19-2.19.5-bp156.3.3.1.ppc64le.rpm libbotan-devel-2.19.5-bp156.3.3.1.ppc64le.rpm python3-botan-2.19.5-bp156.3.3.1.ppc64le.rpm Botan-2.19.5-bp156.3.3.1.s390x.rpm libbotan-2-19-2.19.5-bp156.3.3.1.s390x.rpm libbotan-devel-2.19.5-bp156.3.3.1.s390x.rpm python3-botan-2.19.5-bp156.3.3.1.s390x.rpm openSUSE-2024-207 moderate openSUSE Backports SLE-15-SP6 Update This update for orthanc-ohif fixes the following issues: Version 1.3: * Updated OHIF to 3.8.3 * Enabled support for segmentation and microscopy modes Note that the microscopy mode is not stable yet in OHIF! * Fixed wrong MIME type for app-config.js that prevents the OHIF viewer from loading with Orthanc 1.12.2 orthanc-ohif-1.3-bp156.2.3.1.src.rpm orthanc-ohif-1.3-bp156.2.3.1.x86_64.rpm orthanc-ohif-1.3-bp156.2.3.1.aarch64.rpm orthanc-ohif-1.3-bp156.2.3.1.ppc64le.rpm orthanc-ohif-1.3-bp156.2.3.1.s390x.rpm openSUSE-2024-204 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933) * CVE-2024-6290: Use after free in Dawn * CVE-2024-6291: Use after free in Swiftshader * CVE-2024-6292: Use after free in Dawn * CVE-2024-6293: Use after free in Dawn * CVE-2024-6100: Type Confusion in V8 * CVE-2024-6101: Inappropriate implementation in WebAssembly * CVE-2024-6102: Out of bounds memory access in Dawn * CVE-2024-6103: Use after free in Dawn * CVE-2024-5830: Type Confusion in V8 * CVE-2024-5831: Use after free in Dawn * CVE-2024-5832: Use after free in Dawn * CVE-2024-5833: Type Confusion in V8 * CVE-2024-5834: Inappropriate implementation in Dawn * CVE-2024-5835: Heap buffer overflow in Tab Groups * CVE-2024-5836: Inappropriate Implementation in DevTools * CVE-2024-5837: Type Confusion in V8 * CVE-2024-5838: Type Confusion in V8 * CVE-2024-5839: Inappropriate Implementation in Memory Allocator * CVE-2024-5840: Policy Bypass in CORS * CVE-2024-5841: Use after free in V8 * CVE-2024-5842: Use after free in Browser UI * CVE-2024-5843: Inappropriate implementation in Downloads * CVE-2024-5844: Heap buffer overflow in Tab Strip * CVE-2024-5845: Use after free in Audio * CVE-2024-5846: Use after free in PDFium * CVE-2024-5847: Use after free in PDFium - Amend fix_building_widevinecdm_with_chromium.patch to allow Widevine on ARM64 (boo#1226170) chromedriver-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromedriver-debuginfo-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromium-126.0.6478.126-bp156.2.6.1.src.rpm chromium-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromium-debuginfo-126.0.6478.126-bp156.2.6.1.x86_64.rpm chromedriver-126.0.6478.126-bp156.2.6.1.aarch64.rpm chromedriver-debuginfo-126.0.6478.126-bp156.2.6.1.aarch64.rpm chromium-126.0.6478.126-bp156.2.6.1.aarch64.rpm chromium-debuginfo-126.0.6478.126-bp156.2.6.1.aarch64.rpm openSUSE-2024-203 critical openSUSE Backports SLE-15-SP6 Update This update for znc fixes the following issues: Update to 1.9.1 (boo#1227393, CVE-2024-39844) * This is a security release to fix CVE-2024-39844: remote code execution vulnerability in modtcl. To mitigate this for existing installations, simply unload the modtcl module for every user, if it's loaded. Note that only users with admin rights can load modtcl at all. * Improve tooltips in webadmin. znc-1.9.1-bp156.2.3.1.src.rpm znc-1.9.1-bp156.2.3.1.x86_64.rpm znc-devel-1.9.1-bp156.2.3.1.x86_64.rpm znc-lang-1.9.1-bp156.2.3.1.noarch.rpm znc-perl-1.9.1-bp156.2.3.1.x86_64.rpm znc-python3-1.9.1-bp156.2.3.1.x86_64.rpm znc-tcl-1.9.1-bp156.2.3.1.x86_64.rpm znc-1.9.1-bp156.2.3.1.i586.rpm znc-devel-1.9.1-bp156.2.3.1.i586.rpm znc-perl-1.9.1-bp156.2.3.1.i586.rpm znc-python3-1.9.1-bp156.2.3.1.i586.rpm znc-tcl-1.9.1-bp156.2.3.1.i586.rpm znc-1.9.1-bp156.2.3.1.aarch64.rpm znc-devel-1.9.1-bp156.2.3.1.aarch64.rpm znc-perl-1.9.1-bp156.2.3.1.aarch64.rpm znc-python3-1.9.1-bp156.2.3.1.aarch64.rpm znc-tcl-1.9.1-bp156.2.3.1.aarch64.rpm znc-1.9.1-bp156.2.3.1.ppc64le.rpm znc-devel-1.9.1-bp156.2.3.1.ppc64le.rpm znc-perl-1.9.1-bp156.2.3.1.ppc64le.rpm znc-python3-1.9.1-bp156.2.3.1.ppc64le.rpm znc-tcl-1.9.1-bp156.2.3.1.ppc64le.rpm znc-1.9.1-bp156.2.3.1.s390x.rpm znc-devel-1.9.1-bp156.2.3.1.s390x.rpm znc-perl-1.9.1-bp156.2.3.1.s390x.rpm znc-python3-1.9.1-bp156.2.3.1.s390x.rpm znc-tcl-1.9.1-bp156.2.3.1.s390x.rpm openSUSE-2024-212 important openSUSE Backports SLE-15-SP6 Update This update for chromium fixes the following issues: Chromium 126.0.6478.182 (boo#1227979): - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Use after free in Screen Capture - CVE-2024-6775: Use after free in Media Stream - CVE-2024-6776: Use after free in Audio - CVE-2024-6777: Use after free in Navigation - CVE-2024-6778: Race in DevTools - CVE-2024-6779: Out of bounds memory access in V8 chromedriver-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromedriver-debuginfo-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromium-126.0.6478.182-bp156.2.11.1.src.rpm chromium-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromium-debuginfo-126.0.6478.182-bp156.2.11.1.x86_64.rpm chromedriver-126.0.6478.182-bp156.2.11.1.aarch64.rpm chromedriver-debuginfo-126.0.6478.182-bp156.2.11.1.aarch64.rpm chromium-126.0.6478.182-bp156.2.11.1.aarch64.rpm chromium-debuginfo-126.0.6478.182-bp156.2.11.1.aarch64.rpm openSUSE-2024-209 moderate openSUSE Backports SLE-15-SP6 Update This update for cobbler fixes the following issues: - Update to 3.3.6 * Upstream all openSUSE specific patches that were maintained in Git * Fix rename of items that had uppercase letters * Skip inconsistent collections instead of crashing the daemon - Update to 3.3.5 * Added collection indicies for UUID's, MAC's, IP addresses and hostnames (boo#1219933) * Re-added to_dict() caching * Added lazy loading for the daemon (off by default) - Update to 3.3.4 * Added cobbler-tests-containers subpackage * Updated the distro_signatures.json database * The default name for grub2-efi changed to grubx64.efi to match the DHCP template cobbler-3.3.6-bp156.2.3.1.noarch.rpm cobbler-3.3.6-bp156.2.3.1.src.rpm cobbler-tests-3.3.6-bp156.2.3.1.noarch.rpm cobbler-tests-containers-3.3.6-bp156.2.3.1.noarch.rpm openSUSE-2024-210 important openSUSE Backports SLE-15-SP6 Update This update for global fixes the following issues: - CVE-2024-38448: htags may allow code execution via untrusted dbpath (boo#1226420) global-6.6.9-bp156.3.3.1.src.rpm global-6.6.9-bp156.3.3.1.x86_64.rpm global-debuginfo-6.6.9-bp156.3.3.1.x86_64.rpm global-debugsource-6.6.9-bp156.3.3.1.x86_64.rpm global-6.6.9-bp156.3.3.1.i586.rpm global-debuginfo-6.6.9-bp156.3.3.1.i586.rpm global-debugsource-6.6.9-bp156.3.3.1.i586.rpm global-6.6.9-bp156.3.3.1.aarch64.rpm global-debuginfo-6.6.9-bp156.3.3.1.aarch64.rpm global-debugsource-6.6.9-bp156.3.3.1.aarch64.rpm global-6.6.9-bp156.3.3.1.ppc64le.rpm global-debuginfo-6.6.9-bp156.3.3.1.ppc64le.rpm global-debugsource-6.6.9-bp156.3.3.1.ppc64le.rpm global-6.6.9-bp156.3.3.1.s390x.rpm global-debuginfo-6.6.9-bp156.3.3.1.s390x.rpm global-debugsource-6.6.9-bp156.3.3.1.s390x.rpm openSUSE-2024-213 moderate openSUSE Backports SLE-15-SP6 Update This update for robin-map fixes the following issues: Update to version 1.3.0: * Add erase_fast(iterator pos) method which in contrast to erase(iterator pos) doesn't return an iterator, avoiding the cost of looking for the next element after erasure of the element at iterator pos. Changes of version 1.2.2: * Specify library version & versioning rules in headers * Mark error_message in numeric_cast as unused to avoid compiler warning in some cases * Remove support for CMake < 3.3 robin-map-1.3.0-bp156.2.3.1.src.rpm robin-map-devel-1.3.0-bp156.2.3.1.noarch.rpm openSUSE-2024-215 moderate openSUSE Backports SLE-15-SP6 Update This update for python-sentry-sdk fixes the following issues: - CVE-2024-40647: Do not leak environment variables to child processes. (bsc#1228128) python-sentry-sdk-0.14.4-bp156.4.3.1.src.rpm python3-sentry-sdk-0.14.4-bp156.4.3.1.noarch.rpm openSUSE-2024-216 moderate openSUSE Backports SLE-15-SP6 Update This update for deepin-branding-openSUSE fixes the following issues: - Update default wallpaper (boo#1228113) deepin-branding-openSUSE-15.4-bp156.5.3.1.src.rpm deepin-desktop-schemas-branding-openSUSE-15.4-bp156.5.3.1.noarch.rpm deepin-launcher-branding-openSUSE-15.4-bp156.5.3.1.noarch.rpm openSUSE-2024-225 moderate openSUSE Backports SLE-15-SP6 Update This update for assimp fixes the following issues: - CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class (boo#1228142), assimp-5.3.1-bp156.3.3.1.src.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.x86_64.rpm assimp-debugsource-5.3.1-bp156.3.3.1.x86_64.rpm assimp-devel-5.3.1-bp156.3.3.1.x86_64.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.x86_64.rpm libassimp5-5.3.1-bp156.3.3.1.x86_64.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.x86_64.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.aarch64.rpm assimp-debugsource-5.3.1-bp156.3.3.1.aarch64.rpm assimp-devel-5.3.1-bp156.3.3.1.aarch64.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.aarch64.rpm libassimp5-5.3.1-bp156.3.3.1.aarch64.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.aarch64.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-debugsource-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-devel-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.ppc64le.rpm libassimp5-5.3.1-bp156.3.3.1.ppc64le.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.ppc64le.rpm assimp-debuginfo-5.3.1-bp156.3.3.1.s390x.rpm assimp-debugsource-5.3.1-bp156.3.3.1.s390x.rpm assimp-devel-5.3.1-bp156.3.3.1.s390x.rpm assimp-devel-debuginfo-5.3.1-bp156.3.3.1.s390x.rpm libassimp5-5.3.1-bp156.3.3.1.s390x.rpm libassimp5-debuginfo-5.3.1-bp156.3.3.1.s390x.rpm openSUSE-2024-226 moderate openSUSE Backports SLE-15-SP6 Update This update for gh fixes the following issues: Update to version 2.53.0: * CVE-2024-6104: gh: hashicorp/go-retryablehttp: url might write sensitive information to log file (boo#1227035) * Disable `TestGetTrustedRoot/successfully_verifies_TUF_root` test due to https://github.com/cli/cli/issues/8928 * Rename package directory and files * Rename package name to `update_branch` * Rename `gh pr update` to `gh pr update-branch` * Add test case for merge conflict error * Handle merge conflict error * Return error if PR is not mergeable * Replace literals with consts for `Mergeable` field values * Add separate type for `PullRequest.Mergeable` field * Remove unused flag * Print message on stdout instead of stderr * Raise error if editor is used in non-tty mode * Add tests for JSON field support on issue and pr view commands * docs: Update documentation for `gh repo create` to clarify owner * Ensure PR does not panic when stateReason is requested * Enable to use --web even though editor is enabled by config * Add editor hint message * Use prefer_editor_prompt config by `issue create` * Add prefer_editor_prompt config * Add `issue create --editor` * Update create.go * gh attestation trusted-root subcommand (#9206) * Fetch variable selected repo relationship when required * Add `createdAt` field to tests * Add `createdAt` field to `Variable` type * Add test for exporting as JSON * Add test for JSON output * Only populate selected repo information for JSON output * Add test to verify JSON exporter gets set * Add `--json` option support * Use `Variable` type defined in `shared` package * Add tests for JSON output * Move `Variable` type and `PopulateSelectedRepositoryInformation` func to shared * Fix query parameter name * Update tests to account for ref comparison step * Improve query variable names * Check if PR branch is already up-to-date * Add `ComparePullRequestBaseBranchWith` function * Run `go mod tidy` * Add test to verify `--repo` requires non-empty selector * Require non-empty selector when `--repo` override is used * Run `go mod tidy` * Register `update` command * Add tests for `pr update` command * Add `pr update` command * Add `UpdatePullRequestBranch` method * Upgrade `shurcooL/githubv4` Update to version 2.52.0: * Attestation Verification - Buffer Fix * Remove beta note from attestation top level command * Removed beta note from `gh at download`. * Removed beta note from `gh at verify`, clarified reusable workflows use case. * add `-a` flag to `gh run list` gh-2.53.0-bp156.2.6.1.src.rpm gh-2.53.0-bp156.2.6.1.x86_64.rpm gh-bash-completion-2.53.0-bp156.2.6.1.noarch.rpm gh-fish-completion-2.53.0-bp156.2.6.1.noarch.rpm gh-zsh-completion-2.53.0-bp156.2.6.1.noarch.rpm gh-2.53.0-bp156.2.6.1.i586.rpm gh-2.53.0-bp156.2.6.1.aarch64.rpm gh-2.53.0-bp156.2.6.1.ppc64le.rpm gh-2.53.0-bp156.2.6.1.s390x.rpm openSUSE-2024-220 moderate openSUSE Backports SLE-15-SP6 Update This update for caddy fixes the following issues: - Update to version 2.8.4: * cmd: fix regression in auto-detect of Caddyfile (#6362) * Tag v2.8.3 was mistakenly made on the v2.8.2 commit and is skipped - Update to version 2.8.2: * cmd: fix auto-detetction of .caddyfile extension (#6356) * caddyhttp: properly sanitize requests for root path (#6360) * caddytls: Implement certmagic.RenewalInfoGetter * build(deps): bump golangci/golangci-lint-action from 5 to 6 (#6361) - Update to version 2.8.1: * caddyhttp: Fix merging consecutive `client_ip` or `remote_ip` matchers (#6350) * core: MkdirAll appDataDir in InstanceID with 0o700 (#6340) - Update to version 2.8.0: * acmeserver: Add `sign_with_root` for Caddyfile (#6345) * caddyfile: Reject global request matchers earlier (#6339) * core: Fix bug in AppIfConfigured (fix #6336) * fix a typo (#6333) * autohttps: Move log WARN to INFO, reduce confusion (#6185) * reverseproxy: Support HTTP/3 transport to backend (#6312) * context: AppIfConfigured returns error; consider not-yet-provisioned modules (#6292) * Fix lint error about deprecated method in smallstep/certificates/authority * go.mod: Upgrade dependencies * caddytls: fix permission requirement with AutomationPolicy (#6328) * caddytls: remove ClientHelloSNICtxKey (#6326) * caddyhttp: Trace individual middleware handlers (#6313) * templates: Add `pathEscape` template function and use it in file browser (#6278) * caddytls: set server name in context (#6324) * chore: downgrade minimum Go version in go.mod (#6318) * caddytest: normalize the JSON config (#6316) * caddyhttp: New experimental handler for intercepting responses (#6232) * httpcaddyfile: Set challenge ports when http_port or https_port are used * logging: Add support for additional logger filters other than hostname (#6082) * caddyhttp: Log 4xx as INFO; 5xx as ERROR (close #6106) * Second half of 6dce493 * caddyhttp: Alter log message when request is unhandled (close #5182) * chore: Bump Go version in CI (#6310) * go.mod: go 1.22.3 * Fix typos (#6311) * reverseproxy: Pointer to struct when loading modules; remove LazyCertPool (#6307) * tracing: add trace_id var (`http.vars.trace_id` placeholder) (#6308) * go.mod: CertMagic v0.21.0 * reverseproxy: Implement health_follow_redirects (#6302) * caddypki: Allow use of root CA without a key. Fixes #6290 (#6298) * go.mod: Upgrade to quic-go v0.43.1 * reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301) * caddytls: Ability to drop connections (close #6294) * build(deps): bump golangci/golangci-lint-action from 4 to 5 (#6289) * httpcaddyfile: Fix expression matcher shortcut in snippets (#6288) * caddytls: Evict internal certs from cache based on issuer (#6266) * chore: add warn logs when using deprecated fields (#6276) * caddyhttp: Fix linter warning about deprecation * go.mod: Upgrade to quic-go v0.43.0 * fileserver: Set "Vary: Accept-Encoding" header (see #5849) * events: Add debug log * reverseproxy: handle buffered data during hijack (#6274) * ci: remove `android` and `plan9` from cross-build workflow (#6268) * run `golangci-lint run --fix --fast` (#6270) * caddytls: Option to configure certificate lifetime (#6253) * replacer: Implement `file.*` global replacements (#5463) * caddyhttp: Address some Go 1.20 features (#6252) * Quell linter (false positive) * reverse_proxy: Add grace_period for SRV upstreams to Caddyfile (#6264) * doc: add `verifier` in `ClientAuthentication` caddyfile marshaler doc (#6263) * caddytls: Add Caddyfile support for on-demand permission module (close #6260) * reverseproxy: Remove long-deprecated buffering properties * reverseproxy: Reuse buffered request body even if partially drained * reverseproxy: Accept EOF when buffering * logging: Fix default access logger (#6251) * fileserver: Improve Vary handling (#5849) * cmd: Only validate config is proper JSON if config slice has data (#6250) * staticresp: Use the evaluated response body for sniffing JSON content-type (#6249) * encode: Slight fix for the previous commit * encode: Improve Etag handling (fix #5849) * httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148) * caddyfile: Populate regexp matcher names by default (#6145) * caddyhttp: record num. bytes read when response writer is hijacked (#6173) * caddyhttp: Support multiple logger names per host (#6088) * chore: fix some typos in comments (#6243) * encode: Configurable compression level for zstd (#6140) * caddytls: Remove shim code supporting deprecated lego-dns (#6231) * connection policy: add `local_ip` matcher (#6074) * reverseproxy: Wait for both ends of websocket to close (#6175) * caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229) * caddytls: Still provision permission module if ask is specified * fileserver: read etags from precomputed files (#6222) * fileserver: Escape # and ? in img src (fix #6237) * reverseproxy: Implement modular CA provider for TLS transport (#6065) * caddyhttp: Apply auto HTTPS redir to all interfaces (fix #6226) * cmd: Fix panic related to config filename (fix #5919) * cmd: Assume Caddyfile based on filename prefix and suffix (#5919) * admin: Make `Etag` a header, not a trailer (#6208) * caddyhttp: remove duplicate strings.Count in path matcher (fixes #6233) (#6234) * caddyconfig: Use empty struct instead of bool in map (close #6224) (#6227) * gitignore: Add rule for caddyfile.go (#6225) * chore: Fix broken links in README.md (#6223) * chore: Upgrade some dependencies (#6221) * caddyhttp: Add plaintext response to `file_server browse` (#6093) * admin: Use xxhash for etag (#6207) * modules: fix some typo in conments (#6206) * caddyhttp: Replace sensitive headers with REDACTED (close #5669) * caddyhttp: close quic connections when server closes (#6202) * reverseproxy: Use xxhash instead of fnv32 for LB (#6203) * caddyhttp: add http.request.local{,.host,.port} placeholder (#6182) * chore: upgrade deps (#6198) * chore: remove repetitive word (#6193) * Added a null check to avoid segfault on rewrite query ops (#6191) * rewrite: `uri query` replace operation (#6165) * logging: support `ms` duration format and add docs (#6187) * replacer: use RWMutex to protect static provider (#6184) * caddyhttp: Allow `header` replacement with empty string (#6163) * vars: Make nil values act as empty string instead of `"<nil>"` (#6174) * chore: Update quic-go to v0.42.0 (#6176) * caddyhttp: Accept XFF header values with ports, when parsing client IP (#6183) * reverseproxy: configurable active health_passes and health_fails (#6154) * reverseproxy: Configurable forward proxy URL (#6114) * caddyhttp: upgrade to cel v0.20.0 (#6161) * chore: Bump Chroma to v2.13.0, includes new Caddyfile lexer (#6169) * caddyhttp: suppress flushing if the response is being buffered (#6150) * chore: encode: use FlushError instead of Flush (#6168) * encode: write status immediately when status code is informational (#6164) * httpcaddyfile: Keep deprecated `skip_log` in directive order (#6153) * httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors (#5865) * rewrite: Implement `uri query` operations (#6120) * fix struct names (#6151) * fileserver: Preserve query during canonicalization redirect (#6109) * logging: Implement `log_append` handler (#6066) * httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113) * logging: Implement `append` encoder, allow flatter filters config (#6069) * ci: fix the integration test `TestLeafCertLoaders` (#6149) * vars: Allow overriding `http.auth.user.id` in replacer as a special case (#6108) * caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) * cmd: Adjust config load logs/errors (#6032) * reverseproxy: SRV dynamic upstream failover (#5832) * ci: bump golangci/golangci-lint-action from 3 to 4 (#6141) * core: OnExit hooks (#6128) * cmd: fix the output of the `Usage` section (#6138) * caddytls: verifier: caddyfile: re-add Caddyfile support (#6127) * acmeserver: add policy field to define allow/deny rules (#5796) * reverseproxy: cookie should be Secure and SameSite=None when TLS (#6115) * caddytest: Rename adapt tests to `*.caddyfiletest` extension (#6119) * tests: uses testing.TB interface for helper to be able to use test server in benchmarks. (#6103) * caddyfile: Assert having a space after heredoc marker to simply check (#6117) * chore: Update Chroma to get the new Caddyfile lexer (#6118) * reverseproxy: use context.WithoutCancel (#6116) * caddyfile: Reject directives in the place of site addresses (#6104) * caddyhttp: Register post-shutdown callbacks (#5948) * caddyhttp: Only attempt to enable full duplex for HTTP/1.x (#6102) * caddyauth: Drop support for `scrypt` (#6091) * Revert "caddyfile: Reject long heredoc markers (#6098)" (#6100) * caddyauth: Rename `basicauth` to `basic_auth` (#6092) * logging: Inline Caddyfile syntax for `ip_mask` filter (#6094) * caddyfile: Reject long heredoc markers (#6098) * chore: Rename CI jobs, run on M1 mac (#6089) * update comment * improved list * fix: add back text/* * fix: add more media types to the compressed by default list * acmeserver: support specifying the allowed challenge types (#5794) * matchers: Drop `forwarded` option from `remote_ip` matcher (#6085) * caddyhttp: Test cases for `%2F` and `%252F` (#6084) * bump to golang 1.22 (#6083) * fileserver: Browse can show symlink target if enabled (#5973) * core: Support NO_COLOR env var to disable log coloring (#6078) * build(deps): bump peter-evans/repository-dispatch from 2 to 3 (#6080) * Update comment in setcap helper script * caddytls: Make on-demand 'ask' permission modular (#6055) * core: Add `ctx.Slogger()` which returns an `slog` logger (#5945) * chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 (#6043) * chore: enabling a few more linters (#5961) * caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) * caddyfile: Switch to slices.Equal for better performance (#6061) * tls: modularize trusted CA providers (#5784) * logging: Automatic `wrap` default for `filter` encoder (#5980) * caddyhttp: Fix panic when request missing ClientIPVarKey (#6040) * caddyfile: Normalize & flatten all unmarshalers (#6037) * cmd: reverseproxy: log: use caddy logger (#6042) * matchers: `query` now ANDs multiple keys (#6054) * caddyfile: Add heredoc support to `fmt` command (#6056) * refactor: move automaxprocs init in caddycmd.Main() * caddyfile: Allow heredoc blank lines (#6051) * httpcaddyfile: Add optional status code argument to `handle_errors` directive (#5965) * httpcaddyfile: Rewrite `root` and `rewrite` parsing to allow omitting matcher (#5844) * fileserver: Implement caddyfile.Unmarshaler interface (#5850) * reverseproxy: Add `tls_curves` option to HTTP transport (#5851) * caddyhttp: Security enhancements for client IP parsing (#5805) * replacer: Fix escaped closing braces (#5995) * filesystem: Globally declared filesystems, `fs` directive (#5833) * ci/cd: use the build tag `nobadger` to exclude badgerdb (#6031) * httpcaddyfile: Fix redir <to> html (#6001) * httpcaddyfile: Support client auth verifiers (#6022) * tls: add reuse_private_keys (#6025) * reverseproxy: Only change Content-Length when full request is buffered (#5830) * Switch Solaris-derivatives away from listen_unix (#6021) * build(deps): bump actions/upload-artifact from 3 to 4 (#6013) * build(deps): bump actions/setup-go from 4 to 5 (#6012) * chore: check against errors of `io/fs` instead of `os` (#6011) * caddyhttp: support unix sockets in `caddy respond` command (#6010) * fileserver: Add total file size to directory listing (#6003) * httpcaddyfile: Fix cert file decoding to load multiple PEM in one file (#5997) * build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#5994) * cmd: use automaxprocs for better perf in containers (#5711) * logging: Add `zap.Option` support (#5944) * httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990) * metrics: Record request metrics on HTTP errors (#5979) * go.mod: Updated quic-go to v0.40.1 (#5983) * fileserver: Enable compression for command by default (#5855) * fileserver: New --precompressed flag (#5880) * caddyhttp: Add `uuid` to access logs when used (#5859) * proxyprotocol: use github.com/pires/go-proxyproto (#5915) * cmd: Preserve LastModified date when exporting storage (#5968) * core: Always make AppDataDir for InstanceID (#5976) * chore: cross-build for AIX (#5971) * caddytls: Sync distributed storage cleaning (#5940) * caddytls: Context to DecisionFunc (#5923) * tls: accept placeholders in string values of certificate loaders (#5963) * templates: Offically make templates extensible (#5939) * http2 uses new round-robin scheduler (#5946) * panic when reading from backend failed to propagate stream error (#5952) * chore: Bump otel to v1.21.0. (#5949) * httpredirectlistener: Only set read limit for when request is HTTP (#5917) * fileserver: Add .m4v for browse template icon * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924) * go.mod: update quic-go version to v0.40.0 (#5922) * update quic-go to v0.39.3 (#5918) * chore: Fix usage pool comment (#5916) * test: acmeserver: add smoke test for the ACME server directory (#5914) * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913) * caddyhttp: Adjust `scheme` placeholder docs (#5910) * go.mod: Upgrade quic-go to v0.39.1 * go.mod: CVE-2023-45142 Update opentelemetry (#5908) * templates: Delete headers on `httpError` to reset to clean slate (#5905) * httpcaddyfile: Remove port from logger names (#5881) * core: Apply SO_REUSEPORT to UDP sockets (#5725) * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848) * cmd: Add newline character to version string in CLI output (#5895) * core: quic listener will manage the underlying socket by itself (#5749) * templates: Clarify `include` args docs, add `.ClientIP` (#5898) * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) * cmd: upgrade: resolve symlink of the executable (#5891) * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883) - CVEs: * CVE-2024-22189 (boo#1222468) * CVE-2023-45142 - Update to version 2.7.6: * caddytls: Sync distributed storage cleaning (#5940) * caddytls: Context to DecisionFunc (#5923) * tls: accept placeholders in string values of certificate loaders (#5963) * templates: Offically make templates extensible (#5939) * http2 uses new round-robin scheduler (#5946) * panic when reading from backend failed to propagate stream error (#5952) * chore: Bump otel to v1.21.0. (#5949) * httpredirectlistener: Only set read limit for when request is HTTP (#5917) * fileserver: Add .m4v for browse template icon * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924) * go.mod: update quic-go version to v0.40.0 (#5922) * update quic-go to v0.39.3 (#5918) * chore: Fix usage pool comment (#5916) * test: acmeserver: add smoke test for the ACME server directory (#5914) * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913) * caddyhttp: Adjust `scheme` placeholder docs (#5910) * go.mod: Upgrade quic-go to v0.39.1 * go.mod: CVE-2023-45142 Update opentelemetry (#5908) * templates: Delete headers on `httpError` to reset to clean slate (#5905) * httpcaddyfile: Remove port from logger names (#5881) * core: Apply SO_REUSEPORT to UDP sockets (#5725) * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848) * cmd: Add newline character to version string in CLI output (#5895) * core: quic listener will manage the underlying socket by itself (#5749) * templates: Clarify `include` args docs, add `.ClientIP` (#5898) * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) * cmd: upgrade: resolve symlink of the executable (#5891) * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883) - Update to version 2.7.5: * admin: Respond with 4xx on non-existing config path (#5870) * ci: Force the Go version for govulncheck (#5879) * fileserver: Set canonical URL on browse template (#5867) * tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag (#5852) * reverseproxy: Add more debug logs (#5793) * reverseproxy: Fix `least_conn` policy regression (#5862) * reverseproxy: Add logging for dynamic A upstreams (#5857) * reverseproxy: Replace health header placeholders (#5861) * httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output (#5860) * cmd: Fix exiting with custom status code, add `caddy -v` (#5874) * reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers (#5828) * reverseproxy: Fix retries on "upstreams unavailable" error (#5841) * httpcaddyfile: Enable TLS for catch-all site if `tls` directive is specified (#5808) * encode: Add `application/wasm*` to the default content types (#5869) * fileserver: Add command shortcuts `-l` and `-a` (#5854) * go.mod: Upgrade dependencies incl. x/net/http * templates: Add dummy `RemoteAddr` to `httpInclude` request, proxy compatibility (#5845) * reverseproxy: Allow fallthrough for response handlers without routes (#5780) * fix: caddytest.AssertResponseCode error message (#5853) * build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#5847) * build(deps): bump actions/checkout from 3 to 4 (#5846) * caddyhttp: Use LimitedReader for HTTPRedirectListener * fileserver: browse template SVG icons and UI tweaks (#5812) * reverseproxy: fix nil pointer dereference in AUpstreams.GetUpstreams (#5811) * httpcaddyfile: fix placeholder shorthands in named routes (#5791) * cmd: Prevent overwriting existing env vars with `--envfile` (#5803) * ci: Run govulncheck (#5790) * logging: query filter for array of strings (#5779) * logging: Clone array on log filters, prevent side-effects (#5786) * fileserver: Export BrowseTemplate * ci: ensure short-sha is exported correctly on all platforms (#5781) * caddyfile: Fix case where heredoc marker is empty after newline (#5769) * go.mod: Update quic-go to v0.38.0 (#5772) * chore: Appease gosec linter (#5777) * replacer: change timezone to UTC for "time.now.http" placeholders (#5774) * caddyfile: Adjust error formatting (#5765) * update quic-go to v0.37.6 (#5767) * httpcaddyfile: Stricter errors for site and upstream address schemes (#5757) * caddyfile: Loosen heredoc parsing (#5761) * fileserver: docs: clarify the ability to produce JSON array with `browse` (#5751) * fix package typo (#5764) caddy-2.8.4-bp156.3.3.1.src.rpm caddy-2.8.4-bp156.3.3.1.x86_64.rpm caddy-bash-completion-2.8.4-bp156.3.3.1.noarch.rpm caddy-fish-completion-2.8.4-bp156.3.3.1.noarch.rpm caddy-zsh-completion-2.8.4-bp156.3.3.1.noarch.rpm caddy-2.8.4-bp156.3.3.1.i586.rpm caddy-2.8.4-bp156.3.3.1.aarch64.rpm caddy-2.8.4-bp156.3.3.1.ppc64le.rpm caddy-2.8.4-bp156.3.3.1.s390x.rpm openSUSE-2024-229 moderate openSUSE Backports SLE-15-SP6 Update This update for python-csvkit fixes the following issues: - Add missing Requires. (boo#1227705) python-csvkit-1.0.5-bp156.4.3.1.src.rpm python3-csvkit-1.0.5-bp156.4.3.1.noarch.rpm openSUSE-2024-224 moderate openSUSE Backports SLE-15-SP6 Update This update for keybase-client fixes the following issues: - Update the Image dependency to address CVE-2024-24792 (boo#1227167). kbfs-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-git-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-tool-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm keybase-client-6.2.8-bp156.2.6.1.src.rpm keybase-client-6.2.8-bp156.2.6.1.x86_64.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.x86_64.rpm kbfs-6.2.8-bp156.2.6.1.i586.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.i586.rpm kbfs-git-6.2.8-bp156.2.6.1.i586.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.i586.rpm kbfs-tool-6.2.8-bp156.2.6.1.i586.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.i586.rpm keybase-client-6.2.8-bp156.2.6.1.i586.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.i586.rpm kbfs-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-git-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-tool-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm keybase-client-6.2.8-bp156.2.6.1.aarch64.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.aarch64.rpm kbfs-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-git-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-tool-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm keybase-client-6.2.8-bp156.2.6.1.ppc64le.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.ppc64le.rpm kbfs-6.2.8-bp156.2.6.1.s390x.rpm kbfs-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm kbfs-git-6.2.8-bp156.2.6.1.s390x.rpm kbfs-git-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm kbfs-tool-6.2.8-bp156.2.6.1.s390x.rpm kbfs-tool-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm keybase-client-6.2.8-bp156.2.6.1.s390x.rpm keybase-client-debuginfo-6.2.8-bp156.2.6.1.s390x.rpm openSUSE-2024-221 important openSUSE Backports SLE-15-SP6 Update This update for python-nltk fixes the following issues: - CVE-2024-39705: Fixed remote code execution through unsafe pickle usage (boo#1227174). python-nltk-3.7-bp156.4.3.1.src.rpm python3-nltk-3.7-bp156.4.3.1.noarch.rpm openSUSE-2024-233 moderate openSUSE Backports SLE-15-SP6 Update This update for virtme fixes the following issues: Update to 1.26: * Proper integration with Arch * Inclusion of a vng manpage * The host's /tmp is now also visible from the guest * A new --configitem option that allows to quickly change specific kernel config options (with --build) * Bug fixes virtme-1.26-bp156.2.6.1.noarch.rpm virtme-1.26-bp156.2.6.1.src.rpm openSUSE-2024-235 moderate openSUSE Backports SLE-15-SP6 Update This update for mpv fixes the following issues: Update to version 0.38.0+git20240618.bc5ab97d: - Fixed jerky playing, including desync (boo#1228348) libmpv2-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.x86_64.rpm mpv-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.src.rpm mpv-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.x86_64.rpm mpv-bash-completion-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.noarch.rpm mpv-devel-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.x86_64.rpm mpv-zsh-completion-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.noarch.rpm libmpv2-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.aarch64.rpm mpv-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.aarch64.rpm mpv-devel-0.38.0+git20240618.bc5ab97d-bp156.2.3.1.aarch64.rpm openSUSE-2024-231 moderate openSUSE Backports SLE-15-SP6 Update This update for python-notebook fixes the following issues: - Update to 5.7.11 * sanitizer fix CVE-2021-32798 (boo#1227583) - Update to 5.7.10 * no upstream changelog - Update to 5.7.9 * Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) * Update from preact to React jupyter-notebook-5.7.11-bp156.4.3.1.noarch.rpm jupyter-notebook-doc-5.7.11-bp156.4.3.1.noarch.rpm jupyter-notebook-lang-5.7.11-bp156.4.3.1.noarch.rpm jupyter-notebook-latex-5.7.11-bp156.4.3.1.noarch.rpm python-notebook-5.7.11-bp156.4.3.1.src.rpm python3-notebook-5.7.11-bp156.4.3.1.noarch.rpm python3-notebook-lang-5.7.11-bp156.4.3.1.noarch.rpm openSUSE-2024-237 moderate openSUSE Backports SLE-15-SP6 Update This update for gnuhealth fixes the following issues: - version 4.4.1 * Issue #15: readfp on setup.py no longer supported since python 3.12 * Issue #33: health orthanc: Errors on imaging request when worklist template set on imaging test type gnuhealth-4.4.1-bp156.2.3.1.noarch.rpm gnuhealth-4.4.1-bp156.2.3.1.src.rpm gnuhealth-orthanc-4.4.1-bp156.2.3.1.noarch.rpm openSUSE-2024-236 moderate openSUSE Backports SLE-15-SP6 Update This update for python-schema fixes the following issues: - build for both Python 3.6 and 3.11 (boo#1228797) python-schema-0.6.7-bp156.4.3.1.src.rpm python3-schema-0.6.7-bp156.4.3.1.noarch.rpm python311-schema-0.6.7-bp156.4.3.1.noarch.rpm openSUSE-2024-238 moderate openSUSE Backports SLE-15-SP6 Update This update for yt-dlp fixes the following issues: - Update to release 2024.08.01 * youtube: * Change default player clients to ios,tv * Fix n function name extraction for player 20dfca59 * Fix age-verification workaround - Update to release 2024.07.25 * youtube: Fix n function name extraction for player 3400486c - Update to release 2024.07.16 * Support auto-tty and no_color-tty for --color * youtube: Avoid poToken experiment player responses - Update to release 2024.07.09 * youtube: Remove broken n function extraction fallback - Update to release 2024.07.01: * Properly sanitize file-extension to prevent file system modification and RCE. Unsafe extensions are now blocked from being downloaded. [CVE-2024-38519 boo#1227305] python311-yt-dlp-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-2024.08.01-bp156.2.3.1.src.rpm yt-dlp-bash-completion-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-fish-completion-2024.08.01-bp156.2.3.1.noarch.rpm yt-dlp-zsh-completion-2024.08.01-bp156.2.3.1.noarch.rpm openSUSE-2024-239 moderate openSUSE Backports SLE-15-SP6 Update This update for ksh fixes the following issues: - fix segfault in variable substitution [boo#1129288] - fix untrusted environment execution [boo#1160796] [CVE-2019-14868] ksh-93vu-bp156.6.3.1.src.rpm ksh-93vu-bp156.6.3.1.x86_64.rpm ksh-devel-93vu-bp156.6.3.1.x86_64.rpm ksh-93vu-bp156.6.3.1.i586.rpm ksh-devel-93vu-bp156.6.3.1.i586.rpm ksh-93vu-bp156.6.3.1.aarch64.rpm ksh-devel-93vu-bp156.6.3.1.aarch64.rpm ksh-93vu-bp156.6.3.1.ppc64le.rpm ksh-devel-93vu-bp156.6.3.1.ppc64le.rpm ksh-93vu-bp156.6.3.1.s390x.rpm ksh-devel-93vu-bp156.6.3.1.s390x.rpm openSUSE-2024-240 moderate openSUSE Backports SLE-15-SP6 Update This update for tryton, trytond, trytond_account_invoice, trytond_purchase fixes the following issues: Changes in tryton: - Version 6.0.41 - Bugfix Release Changes in trytond: - Version 6.0.50 - Bugfix Release Changes in trytond_purchase: - Version 6.0.17 - Bugfix Release Changes in trytond_account_invoice: - Version 6.0.19 - Bugfix Release tryton-6.0.41-bp156.2.6.1.noarch.rpm tryton-6.0.41-bp156.2.6.1.src.rpm trytond-6.0.50-bp156.2.6.1.noarch.rpm trytond-6.0.50-bp156.2.6.1.src.rpm trytond_account_invoice-6.0.19-bp156.2.6.1.noarch.rpm trytond_account_invoice-6.0.19-bp156.2.6.1.src.rpm trytond_purchase-6.0.17-bp156.2.6.1.noarch.rpm trytond_purchase-6.0.17-bp156.2.6.1.src.rpm openSUSE-2024-241 moderate openSUSE Backports SLE-15-SP6 Update This update for mygnuhealth, python-bleak fixes the following issues: Changes in mygnuhealth: - version 2.2.1 * Fix issue #34 - MyGH crashes when clicking 'Network' * translation update - added dependency on bleak Changes in python-bleak: - Introduce version 0.22.2: mygnuhealth-2.2.1-bp156.2.6.1.src.rpm mygnuhealth-2.2.1-bp156.2.6.1.x86_64.rpm python-bleak-0.22.2-bp156.2.1.src.rpm python311-bleak-0.22.2-bp156.2.1.noarch.rpm python-bleak-test-0.22.2-bp156.2.1.src.rpm python-dbus_fast-2.22.1-bp156.2.1.src.rpm python311-dbus_fast-2.22.1-bp156.2.1.x86_64.rpm python-dbus_fast-test-2.22.1-bp156.2.1.src.rpm python311-dbus_fast-2.22.1-bp156.2.1.i586.rpm mygnuhealth-2.2.1-bp156.2.6.1.aarch64.rpm python311-dbus_fast-2.22.1-bp156.2.1.aarch64.rpm mygnuhealth-2.2.1-bp156.2.6.1.ppc64le.rpm python311-dbus_fast-2.22.1-bp156.2.1.ppc64le.rpm mygnuhealth-2.2.1-bp156.2.6.1.s390x.rpm python311-dbus_fast-2.22.1-bp156.2.1.s390x.rpm openSUSE-2024-246 moderate openSUSE Backports SLE-15-SP6 Update This update for thunar fixes the following issues: - Update to 4.18.11: * Use parent windows for undo/redo dialog (#1393) * Fix for misc_open_new_windows_in_split_view (#889) * Dont add directories to recent:/// (#1372) * build: clang: Fix -Wmissing-noreturn * build: clang: Fix -Wsingle-bit-bitfield-constant-conversion * Focus split view pane on DnD events (#1243) * Dont reload folder when "draw_frames" is set (#1337) * Allow submenu UCAs in toolbar (#780) * Fix shortcuts for ucas in subfolders (#1043) * Dont show 'open location' on recent icon(#1297) * Fix for image preview visibility (#1285) * Prevent focus stealing of file transfer dialog (#643) * Dont update "last-view" when searching (#1278) * Translation Updates - Update to 4.18.10: * Prevent infinite reload loop for symlinks (#1270) - Update to 4.18.9: * g_file_get_basename over realpath (#1030) * Fix and simplify symlink resolver (#1260) * Fix thumbnailer symlink support (#1260) * Prevent GLib GIO CRITICAL (#1204) * Translation Updates libthunarx-3-0-4.18.11-bp156.2.3.1.x86_64.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.x86_64.rpm thunar-4.18.11-bp156.2.3.1.src.rpm thunar-4.18.11-bp156.2.3.1.x86_64.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.x86_64.rpm thunar-debugsource-4.18.11-bp156.2.3.1.x86_64.rpm thunar-devel-4.18.11-bp156.2.3.1.x86_64.rpm thunar-lang-4.18.11-bp156.2.3.1.noarch.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.x86_64.rpm libthunarx-3-0-4.18.11-bp156.2.3.1.aarch64.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.aarch64.rpm thunar-4.18.11-bp156.2.3.1.aarch64.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.aarch64.rpm thunar-debugsource-4.18.11-bp156.2.3.1.aarch64.rpm thunar-devel-4.18.11-bp156.2.3.1.aarch64.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.aarch64.rpm libthunarx-3-0-4.18.11-bp156.2.3.1.ppc64le.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-debugsource-4.18.11-bp156.2.3.1.ppc64le.rpm thunar-devel-4.18.11-bp156.2.3.1.ppc64le.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.ppc64le.rpm libthunarx-3-0-4.18.11-bp156.2.3.1.s390x.rpm libthunarx-3-0-debuginfo-4.18.11-bp156.2.3.1.s390x.rpm thunar-4.18.11-bp156.2.3.1.s390x.rpm thunar-debuginfo-4.18.11-bp156.2.3.1.s390x.rpm thunar-debugsource-4.18.11-bp156.2.3.1.s390x.rpm thunar-devel-4.18.11-bp156.2.3.1.s390x.rpm typelib-1_0-Thunarx-3_0-4.18.11-bp156.2.3.1.s390x.rpm openSUSE-2024-248 moderate openSUSE Backports SLE-15-SP6 Update This update for iodine fixes the following issues: - Comment out PrivateDevices in hardening, (boo#1216238 and boo#1228788). Modified: * iodine.service. * iodined.service. - Comment out ProtectClock in hardening, (boo#1206835). Modified: * iodine.service. * iodined.service. iodine-0.7.0-bp156.6.3.1.src.rpm iodine-0.7.0-bp156.6.3.1.x86_64.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.x86_64.rpm iodine-debugsource-0.7.0-bp156.6.3.1.x86_64.rpm iodine-0.7.0-bp156.6.3.1.i586.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.i586.rpm iodine-debugsource-0.7.0-bp156.6.3.1.i586.rpm iodine-0.7.0-bp156.6.3.1.aarch64.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.aarch64.rpm iodine-debugsource-0.7.0-bp156.6.3.1.aarch64.rpm iodine-0.7.0-bp156.6.3.1.ppc64le.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.ppc64le.rpm iodine-debugsource-0.7.0-bp156.6.3.1.ppc64le.rpm iodine-0.7.0-bp156.6.3.1.s390x.rpm iodine-debuginfo-0.7.0-bp156.6.3.1.s390x.rpm iodine-debugsource-0.7.0-bp156.6.3.1.s390x.rpm openSUSE-2024-249 low openSUSE Backports SLE-15-SP6 Update This update for debhelper fixes the following issues: - fix perl compatibility for Leap (boo#1228955) debhelper-13.11.5-bp156.2.3.1.noarch.rpm debhelper-13.11.5-bp156.2.3.1.src.rpm