SUSE 5149 Published by

The following security updates are available for openSUSE and SUSE Linux Enterprise:

SUSE-SU-2024:2332-1: low: Security update for poppler
SUSE-SU-2024:2333-1: low: Security update for poppler
SUSE-SU-2024:2322-1: important: Security update for krb5
SUSE-SU-2024:1937-2: moderate: Security update for python-docker
SUSE-SU-2024:2320-1: moderate: Security update for python-urllib3
SUSE-SU-2024:2308-1: important: Security update for go1.21
SUSE-SU-2024:2313-1: important: Security update for netty3
SUSE-SU-2024:2307-1: important: Security update for krb5
SUSE-SU-2024:2302-1: important: Security update for krb5
SUSE-SU-2024:2303-1: important: Security update for krb5
SUSE-SU-2024:2299-1: important: Security update for apache2-mod_auth_openidc
SUSE-SU-2024:2275-2: important: Security update for openssh
SUSE-SU-2024:2292-1: important: Security update for ghostscript
SUSE-SU-2024:2283-1: important: Security update for libndp
SUSE-SU-2024:2290-1: low: Security update for libxml2
SUSE-SU-2024:2286-1: moderate: Security update for podman
SUSE-SU-2024:2280-1: moderate: Security update for python39
SUSE-SU-2024:2279-1: low: Security update for libxml2
SUSE-SU-2024:2281-1: low: Security update for podofo
SUSE-SU-2024:2275-1: important: Security update for openssh
SUSE-SU-2024:2277-1: important: Security update for git
SUSE-SU-2024:2265-1: moderate: Security update for wireshark
SUSE-SU-2024:2269-1: moderate: Security update for squid
SUSE-SU-2024:2273-1: moderate: Security update for podman
SUSE-SU-2024:2260-1: important: Security update for pgadmin4
SUSE-SU-2024:2261-1: moderate: Security update for postgresql15
SUSE-SU-2024:2266-1: moderate: Security update for postgresql16
SUSE-SU-2024:2267-1: low: Security update for libxml2
SUSE-SU-2024:2268-1: moderate: Security update for squid
SUSE-SU-2024:2272-1: critical: Security update for python-Js2Py
SUSE-SU-2024:2254-1: low: Security update for python310
SUSE-SU-2024:1639-2: important: Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-d ...




SUSE-SU-2024:2332-1: low: Security update for poppler


# Security update for poppler

Announcement ID: SUSE-SU-2024:2332-1
Rating: low
References:

* bsc#1226916

Cross-References:

* CVE-2024-6239

CVSS scores:

* CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Package Hub 15 15-SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for poppler fixes the following issues:

* CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on
malformed input files (bsc#1226916).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2332=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2332=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-2332=1 openSUSE-SLE-15.5-2024-2332=1

## Package List:

* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* poppler-tools-debuginfo-23.01.0-150500.3.11.1
* libpoppler-cpp0-23.01.0-150500.3.11.1
* libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1
* libpoppler-devel-23.01.0-150500.3.11.1
* libpoppler-glib8-debuginfo-23.01.0-150500.3.11.1
* typelib-1_0-Poppler-0_18-23.01.0-150500.3.11.1
* poppler-debugsource-23.01.0-150500.3.11.1
* poppler-tools-23.01.0-150500.3.11.1
* libpoppler126-debuginfo-23.01.0-150500.3.11.1
* libpoppler126-23.01.0-150500.3.11.1
* libpoppler-glib8-23.01.0-150500.3.11.1
* libpoppler-glib-devel-23.01.0-150500.3.11.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* libpoppler-qt5-1-23.01.0-150500.3.11.1
* libpoppler-qt5-1-debuginfo-23.01.0-150500.3.11.1
* libpoppler-cpp0-23.01.0-150500.3.11.1
* libpoppler-qt5-devel-23.01.0-150500.3.11.1
* libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1
* libpoppler-devel-23.01.0-150500.3.11.1
* poppler-qt5-debugsource-23.01.0-150500.3.11.1
* poppler-debugsource-23.01.0-150500.3.11.1
* SUSE Package Hub 15 15-SP5 (x86_64)
* libpoppler-glib8-32bit-23.01.0-150500.3.11.1
* libpoppler126-32bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler126-32bit-23.01.0-150500.3.11.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* poppler-tools-debuginfo-23.01.0-150500.3.11.1
* poppler-qt6-debugsource-23.01.0-150500.3.11.1
* libpoppler-qt5-1-23.01.0-150500.3.11.1
* libpoppler-qt5-1-debuginfo-23.01.0-150500.3.11.1
* libpoppler-cpp0-23.01.0-150500.3.11.1
* libpoppler-qt5-devel-23.01.0-150500.3.11.1
* libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1
* libpoppler-devel-23.01.0-150500.3.11.1
* libpoppler-qt6-3-23.01.0-150500.3.11.1
* libpoppler-glib8-debuginfo-23.01.0-150500.3.11.1
* poppler-qt5-debugsource-23.01.0-150500.3.11.1
* typelib-1_0-Poppler-0_18-23.01.0-150500.3.11.1
* libpoppler-qt6-3-debuginfo-23.01.0-150500.3.11.1
* libpoppler-qt6-devel-23.01.0-150500.3.11.1
* poppler-debugsource-23.01.0-150500.3.11.1
* poppler-tools-23.01.0-150500.3.11.1
* libpoppler126-debuginfo-23.01.0-150500.3.11.1
* libpoppler126-23.01.0-150500.3.11.1
* libpoppler-glib8-23.01.0-150500.3.11.1
* libpoppler-glib-devel-23.01.0-150500.3.11.1
* openSUSE Leap 15.5 (x86_64)
* libpoppler-glib8-32bit-23.01.0-150500.3.11.1
* libpoppler-cpp0-32bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler126-32bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler-cpp0-32bit-23.01.0-150500.3.11.1
* libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler-qt5-1-32bit-23.01.0-150500.3.11.1
* libpoppler-qt5-1-32bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler126-32bit-23.01.0-150500.3.11.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libpoppler-qt5-1-64bit-23.01.0-150500.3.11.1
* libpoppler126-64bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler-qt5-1-64bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler126-64bit-23.01.0-150500.3.11.1
* libpoppler-cpp0-64bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler-cpp0-64bit-23.01.0-150500.3.11.1
* libpoppler-glib8-64bit-debuginfo-23.01.0-150500.3.11.1
* libpoppler-glib8-64bit-23.01.0-150500.3.11.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6239.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226916



SUSE-SU-2024:2333-1: low: Security update for poppler


# Security update for poppler

Announcement ID: SUSE-SU-2024:2333-1
Rating: low
References:

* bsc#1226916

Cross-References:

* CVE-2024-6239

CVSS scores:

* CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for poppler fixes the following issues:

* CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on
malformed input files (bsc#12269160).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2333=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2333=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* poppler-tools-debuginfo-22.01.0-150400.3.22.1
* typelib-1_0-Poppler-0_18-22.01.0-150400.3.22.1
* libpoppler-devel-22.01.0-150400.3.22.1
* poppler-qt5-debugsource-22.01.0-150400.3.22.1
* libpoppler-cpp0-22.01.0-150400.3.22.1
* libpoppler-glib-devel-22.01.0-150400.3.22.1
* poppler-qt6-debugsource-22.01.0-150400.3.22.1
* libpoppler-qt5-1-debuginfo-22.01.0-150400.3.22.1
* libpoppler117-debuginfo-22.01.0-150400.3.22.1
* libpoppler-qt5-devel-22.01.0-150400.3.22.1
* poppler-debugsource-22.01.0-150400.3.22.1
* poppler-tools-22.01.0-150400.3.22.1
* libpoppler-qt5-1-22.01.0-150400.3.22.1
* libpoppler-qt6-3-22.01.0-150400.3.22.1
* libpoppler-qt6-3-debuginfo-22.01.0-150400.3.22.1
* libpoppler-qt6-devel-22.01.0-150400.3.22.1
* libpoppler-glib8-22.01.0-150400.3.22.1
* libpoppler117-22.01.0-150400.3.22.1
* libpoppler-cpp0-debuginfo-22.01.0-150400.3.22.1
* libpoppler-glib8-debuginfo-22.01.0-150400.3.22.1
* openSUSE Leap 15.4 (x86_64)
* libpoppler117-32bit-22.01.0-150400.3.22.1
* libpoppler-glib8-32bit-22.01.0-150400.3.22.1
* libpoppler117-32bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler-qt5-1-32bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler-qt5-1-32bit-22.01.0-150400.3.22.1
* libpoppler-cpp0-32bit-22.01.0-150400.3.22.1
* libpoppler-glib8-32bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler-cpp0-32bit-debuginfo-22.01.0-150400.3.22.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libpoppler-cpp0-64bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler-glib8-64bit-22.01.0-150400.3.22.1
* libpoppler-glib8-64bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler117-64bit-22.01.0-150400.3.22.1
* libpoppler117-64bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler-qt5-1-64bit-debuginfo-22.01.0-150400.3.22.1
* libpoppler-qt5-1-64bit-22.01.0-150400.3.22.1
* libpoppler-cpp0-64bit-22.01.0-150400.3.22.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* libpoppler117-22.01.0-150400.3.22.1
* libpoppler117-debuginfo-22.01.0-150400.3.22.1
* poppler-debugsource-22.01.0-150400.3.22.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6239.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226916



SUSE-SU-2024:2322-1: important: Security update for krb5


# Security update for krb5

Announcement ID: SUSE-SU-2024:2322-1
Rating: important
References:

* bsc#1227186
* bsc#1227187

Cross-References:

* CVE-2024-37370
* CVE-2024-37371

CVSS scores:

* CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for krb5 fixes the following issues:

* CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields
were errouneously accepted (bsc#1227186).
* CVE-2024-37371: Fixed invalid memory read when processing message tokens
with invalid length fields (bsc#1227187).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2322=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2322=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2322=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2322=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2322=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2322=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2322=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2322=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2322=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2322=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2322=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-2322=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2322=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-mini-1.19.2-150400.3.12.1
* krb5-mini-debugsource-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-mini-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-spake-1.19.2-150400.3.12.1
* krb5-mini-devel-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* openSUSE Leap 15.4 (x86_64)
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* krb5-devel-32bit-1.19.2-150400.3.12.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* krb5-devel-64bit-1.19.2-150400.3.12.1
* krb5-64bit-debuginfo-1.19.2-150400.3.12.1
* krb5-64bit-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* SUSE Manager Proxy 4.3 (x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1
* krb5-1.19.2-150400.3.12.1
* krb5-client-debuginfo-1.19.2-150400.3.12.1
* krb5-debugsource-1.19.2-150400.3.12.1
* krb5-devel-1.19.2-150400.3.12.1
* krb5-debuginfo-1.19.2-150400.3.12.1
* krb5-client-1.19.2-150400.3.12.1
* krb5-server-1.19.2-150400.3.12.1
* krb5-server-debuginfo-1.19.2-150400.3.12.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.12.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1
* SUSE Manager Server 4.3 (x86_64)
* krb5-32bit-1.19.2-150400.3.12.1
* krb5-32bit-debuginfo-1.19.2-150400.3.12.1

## References:

* https://www.suse.com/security/cve/CVE-2024-37370.html
* https://www.suse.com/security/cve/CVE-2024-37371.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227186
* https://bugzilla.suse.com/show_bug.cgi?id=1227187



SUSE-SU-2024:1937-2: moderate: Security update for python-docker


# Security update for python-docker

Announcement ID: SUSE-SU-2024:1937-2
Rating: moderate
References:

* bsc#1224788

Cross-References:

* CVE-2024-35195

CVSS scores:

* CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-docker fixes the following issues:

* CVE-2024-35195: Fixed missing certificate verification (bsc#1224788).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1937=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1937=1

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1937=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* python311-docker-7.0.0-150400.8.7.1
* openSUSE Leap 15.6 (noarch)
* python311-docker-7.0.0-150400.8.7.1
* Public Cloud Module 15-SP6 (noarch)
* python311-docker-7.0.0-150400.8.7.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35195.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224788



SUSE-SU-2024:2320-1: moderate: Security update for python-urllib3


# Security update for python-urllib3

Announcement ID: SUSE-SU-2024:2320-1
Rating: moderate
References:

* bsc#1226469

Cross-References:

* CVE-2024-37891

CVSS scores:

* CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-urllib3 fixes the following issues:

* CVE-2024-37891: Fixed proxy-authorization request header not stripped during
cross-origin redirects (bsc#1226469).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2320=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2320=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2320=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-2320=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2320=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2320=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* python311-urllib3-2.0.7-150400.7.18.1
* openSUSE Leap 15.5 (noarch)
* python311-urllib3-2.0.7-150400.7.18.1
* openSUSE Leap 15.6 (noarch)
* python311-urllib3-2.0.7-150400.7.18.1
* Public Cloud Module 15-SP4 (noarch)
* python311-urllib3-2.0.7-150400.7.18.1
* Python 3 Module 15-SP5 (noarch)
* python311-urllib3-2.0.7-150400.7.18.1
* Python 3 Module 15-SP6 (noarch)
* python311-urllib3-2.0.7-150400.7.18.1

## References:

* https://www.suse.com/security/cve/CVE-2024-37891.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226469



SUSE-SU-2024:2308-1: important: Security update for go1.21


# Security update for go1.21

Announcement ID: SUSE-SU-2024:2308-1
Rating: important
References:

* bsc#1212475
* bsc#1227314

Cross-References:

* CVE-2024-24791

CVSS scores:

* CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.21 fixes the following issues:

Updated to version 1.21.12 (bsc#1212475):

* CVE-2024-24791: Fixed a potential denial of service due to improper handling
of HTTP 100-continue headers (bsc#1227314).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2308=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2308=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2308=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2308=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2308=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2308=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2308=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2308=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2308=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-race-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64)
* go1.21-race-1.21.12-150000.1.39.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* go1.21-1.21.12-150000.1.39.1
* go1.21-doc-1.21.12-150000.1.39.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* go1.21-race-1.21.12-150000.1.39.1

## References:

* https://www.suse.com/security/cve/CVE-2024-24791.html
* https://bugzilla.suse.com/show_bug.cgi?id=1212475
* https://bugzilla.suse.com/show_bug.cgi?id=1227314



SUSE-SU-2024:2313-1: important: Security update for netty3


# Security update for netty3

Announcement ID: SUSE-SU-2024:2313-1
Rating: important
References:

* bsc#1222045

Cross-References:

* CVE-2024-29025

CVSS scores:

* CVE-2024-29025 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for netty3 fixes the following issues:

* CVE-2024-29025: Fixed HttpPostRequestDecoder can out of memory due to large
number of form fields (bsc#1222045).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2313=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2313=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2313=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2313=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2313=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2313=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2313=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2313=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2313=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2313=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2313=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2313=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2313=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2313=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2313=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2313=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* netty3-3.10.6-150200.3.10.1
* netty3-javadoc-3.10.6-150200.3.10.1
* openSUSE Leap 15.6 (noarch)
* netty3-3.10.6-150200.3.10.1
* netty3-javadoc-3.10.6-150200.3.10.1
* Development Tools Module 15-SP5 (noarch)
* netty3-3.10.6-150200.3.10.1
* Development Tools Module 15-SP6 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* netty3-3.10.6-150200.3.10.1
* SUSE Enterprise Storage 7.1 (noarch)
* netty3-3.10.6-150200.3.10.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29025.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222045



SUSE-SU-2024:2307-1: important: Security update for krb5


# Security update for krb5

Announcement ID: SUSE-SU-2024:2307-1
Rating: important
References:

* bsc#1227186
* bsc#1227187

Cross-References:

* CVE-2024-37370
* CVE-2024-37371

CVSS scores:

* CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for krb5 fixes the following issues:

* CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields
were errouneously accepted (bsc#1227186).
* CVE-2024-37371: Fixed invalid memory read when processing message tokens
with invalid length fields (bsc#1227187).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2307=1 openSUSE-SLE-15.6-2024-2307=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2307=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2307=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.3.1
* krb5-mini-1.20.1-150600.11.3.1
* krb5-mini-debugsource-1.20.1-150600.11.3.1
* krb5-plugin-preauth-pkinit-1.20.1-150600.11.3.1
* krb5-client-debuginfo-1.20.1-150600.11.3.1
* krb5-debugsource-1.20.1-150600.11.3.1
* krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.3.1
* krb5-1.20.1-150600.11.3.1
* krb5-server-1.20.1-150600.11.3.1
* krb5-server-debuginfo-1.20.1-150600.11.3.1
* krb5-devel-1.20.1-150600.11.3.1
* krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.3.1
* krb5-mini-debuginfo-1.20.1-150600.11.3.1
* krb5-debuginfo-1.20.1-150600.11.3.1
* krb5-plugin-preauth-spake-1.20.1-150600.11.3.1
* krb5-plugin-kdb-ldap-1.20.1-150600.11.3.1
* krb5-client-1.20.1-150600.11.3.1
* krb5-plugin-preauth-otp-1.20.1-150600.11.3.1
* krb5-mini-devel-1.20.1-150600.11.3.1
* krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.3.1
* openSUSE Leap 15.6 (x86_64)
* krb5-32bit-debuginfo-1.20.1-150600.11.3.1
* krb5-devel-32bit-1.20.1-150600.11.3.1
* krb5-32bit-1.20.1-150600.11.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* krb5-64bit-debuginfo-1.20.1-150600.11.3.1
* krb5-64bit-1.20.1-150600.11.3.1
* krb5-devel-64bit-1.20.1-150600.11.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.3.1
* krb5-plugin-preauth-pkinit-1.20.1-150600.11.3.1
* krb5-client-debuginfo-1.20.1-150600.11.3.1
* krb5-debugsource-1.20.1-150600.11.3.1
* krb5-1.20.1-150600.11.3.1
* krb5-devel-1.20.1-150600.11.3.1
* krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.3.1
* krb5-client-1.20.1-150600.11.3.1
* krb5-plugin-preauth-otp-1.20.1-150600.11.3.1
* krb5-debuginfo-1.20.1-150600.11.3.1
* Basesystem Module 15-SP6 (x86_64)
* krb5-32bit-debuginfo-1.20.1-150600.11.3.1
* krb5-32bit-1.20.1-150600.11.3.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* krb5-debugsource-1.20.1-150600.11.3.1
* krb5-server-debuginfo-1.20.1-150600.11.3.1
* krb5-server-1.20.1-150600.11.3.1
* krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.3.1
* krb5-plugin-kdb-ldap-1.20.1-150600.11.3.1
* krb5-debuginfo-1.20.1-150600.11.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-37370.html
* https://www.suse.com/security/cve/CVE-2024-37371.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227186
* https://bugzilla.suse.com/show_bug.cgi?id=1227187



SUSE-SU-2024:2302-1: important: Security update for krb5


# Security update for krb5

Announcement ID: SUSE-SU-2024:2302-1
Rating: important
References:

* bsc#1227186
* bsc#1227187

Cross-References:

* CVE-2024-37370
* CVE-2024-37371

CVSS scores:

* CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for krb5 fixes the following issues:

* CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields
were errouneously accepted (bsc#1227186).
* CVE-2024-37371: Fixed invalid memory read when processing message tokens
with invalid length fields (bsc#1227187).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2302=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2302=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2302=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-2302=1 openSUSE-SLE-15.5-2024-2302=1

## Package List:

* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* krb5-debugsource-1.20.1-150500.3.9.1
* krb5-debuginfo-1.20.1-150500.3.9.1
* krb5-1.20.1-150500.3.9.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* krb5-plugin-preauth-otp-1.20.1-150500.3.9.1
* krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.9.1
* krb5-1.20.1-150500.3.9.1
* krb5-debuginfo-1.20.1-150500.3.9.1
* krb5-plugin-preauth-pkinit-1.20.1-150500.3.9.1
* krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.9.1
* krb5-client-1.20.1-150500.3.9.1
* krb5-devel-1.20.1-150500.3.9.1
* krb5-client-debuginfo-1.20.1-150500.3.9.1
* krb5-debugsource-1.20.1-150500.3.9.1
* Basesystem Module 15-SP5 (x86_64)
* krb5-32bit-debuginfo-1.20.1-150500.3.9.1
* krb5-32bit-1.20.1-150500.3.9.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* krb5-server-debuginfo-1.20.1-150500.3.9.1
* krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.9.1
* krb5-debuginfo-1.20.1-150500.3.9.1
* krb5-plugin-kdb-ldap-1.20.1-150500.3.9.1
* krb5-server-1.20.1-150500.3.9.1
* krb5-debugsource-1.20.1-150500.3.9.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* krb5-plugin-preauth-otp-1.20.1-150500.3.9.1
* krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.9.1
* krb5-mini-debuginfo-1.20.1-150500.3.9.1
* krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.9.1
* krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.9.1
* krb5-server-debuginfo-1.20.1-150500.3.9.1
* krb5-mini-devel-1.20.1-150500.3.9.1
* krb5-1.20.1-150500.3.9.1
* krb5-debuginfo-1.20.1-150500.3.9.1
* krb5-plugin-preauth-pkinit-1.20.1-150500.3.9.1
* krb5-mini-debugsource-1.20.1-150500.3.9.1
* krb5-plugin-kdb-ldap-1.20.1-150500.3.9.1
* krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.9.1
* krb5-client-1.20.1-150500.3.9.1
* krb5-mini-1.20.1-150500.3.9.1
* krb5-devel-1.20.1-150500.3.9.1
* krb5-client-debuginfo-1.20.1-150500.3.9.1
* krb5-debugsource-1.20.1-150500.3.9.1
* krb5-plugin-preauth-spake-1.20.1-150500.3.9.1
* krb5-server-1.20.1-150500.3.9.1
* openSUSE Leap 15.5 (x86_64)
* krb5-32bit-debuginfo-1.20.1-150500.3.9.1
* krb5-devel-32bit-1.20.1-150500.3.9.1
* krb5-32bit-1.20.1-150500.3.9.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* krb5-devel-64bit-1.20.1-150500.3.9.1
* krb5-64bit-debuginfo-1.20.1-150500.3.9.1
* krb5-64bit-1.20.1-150500.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2024-37370.html
* https://www.suse.com/security/cve/CVE-2024-37371.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227186
* https://bugzilla.suse.com/show_bug.cgi?id=1227187



SUSE-SU-2024:2303-1: important: Security update for krb5


# Security update for krb5

Announcement ID: SUSE-SU-2024:2303-1
Rating: important
References:

* bsc#1227186
* bsc#1227187

Cross-References:

* CVE-2024-37370
* CVE-2024-37371

CVSS scores:

* CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for krb5 fixes the following issues:

* CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields
were errouneously accepted (bsc#1227186).
* CVE-2024-37371: Fixed invalid memory read when processing message tokens
with invalid length fields (bsc#1227187).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-2303=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2303=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2303=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2303=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2303=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2303=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-debugsource-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1
* krb5-plugin-kdb-ldap-1.19.2-150300.19.1
* krb5-server-1.19.2-150300.19.1
* krb5-client-1.19.2-150300.19.1
* krb5-server-debuginfo-1.19.2-150300.19.1
* krb5-mini-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1
* krb5-mini-debugsource-1.19.2-150300.19.1
* krb5-mini-devel-1.19.2-150300.19.1
* krb5-devel-1.19.2-150300.19.1
* krb5-mini-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-1.19.2-150300.19.1
* krb5-client-debuginfo-1.19.2-150300.19.1
* openSUSE Leap 15.3 (x86_64)
* krb5-devel-32bit-1.19.2-150300.19.1
* krb5-32bit-1.19.2-150300.19.1
* krb5-32bit-debuginfo-1.19.2-150300.19.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* krb5-64bit-debuginfo-1.19.2-150300.19.1
* krb5-devel-64bit-1.19.2-150300.19.1
* krb5-64bit-1.19.2-150300.19.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-1.19.2-150300.19.1
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1
* krb5-plugin-kdb-ldap-1.19.2-150300.19.1
* krb5-server-1.19.2-150300.19.1
* krb5-client-1.19.2-150300.19.1
* krb5-server-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* krb5-devel-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-1.19.2-150300.19.1
* krb5-client-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* krb5-32bit-1.19.2-150300.19.1
* krb5-32bit-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-1.19.2-150300.19.1
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1
* krb5-plugin-kdb-ldap-1.19.2-150300.19.1
* krb5-server-1.19.2-150300.19.1
* krb5-client-1.19.2-150300.19.1
* krb5-server-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* krb5-devel-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-1.19.2-150300.19.1
* krb5-client-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* krb5-32bit-1.19.2-150300.19.1
* krb5-32bit-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-1.19.2-150300.19.1
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1
* krb5-plugin-kdb-ldap-1.19.2-150300.19.1
* krb5-server-1.19.2-150300.19.1
* krb5-client-1.19.2-150300.19.1
* krb5-server-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* krb5-devel-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-1.19.2-150300.19.1
* krb5-client-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* krb5-32bit-1.19.2-150300.19.1
* krb5-32bit-debuginfo-1.19.2-150300.19.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-1.19.2-150300.19.1
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1
* krb5-plugin-kdb-ldap-1.19.2-150300.19.1
* krb5-server-1.19.2-150300.19.1
* krb5-client-1.19.2-150300.19.1
* krb5-server-debuginfo-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-1.19.2-150300.19.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* krb5-devel-1.19.2-150300.19.1
* krb5-plugin-preauth-pkinit-1.19.2-150300.19.1
* krb5-client-debuginfo-1.19.2-150300.19.1
* SUSE Enterprise Storage 7.1 (x86_64)
* krb5-32bit-1.19.2-150300.19.1
* krb5-32bit-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150300.19.1
* krb5-1.19.2-150300.19.1
* krb5-debuginfo-1.19.2-150300.19.1

## References:

* https://www.suse.com/security/cve/CVE-2024-37370.html
* https://www.suse.com/security/cve/CVE-2024-37371.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227186
* https://bugzilla.suse.com/show_bug.cgi?id=1227187



SUSE-SU-2024:2299-1: important: Security update for apache2-mod_auth_openidc


# Security update for apache2-mod_auth_openidc

Announcement ID: SUSE-SU-2024:2299-1
Rating: important
References:

* bsc#1219911
* bsc#1227261

Cross-References:

* CVE-2024-24814

CVSS scores:

* CVE-2024-24814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for apache2-mod_auth_openidc fixes the following issues:

* CVE-2024-24814: Fixed a bug that can led to DoS when `OIDCSessionType
client-cookie` is set and a crafted Cookie header is supplied. (bsc#1219911)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2299=1 SUSE-2024-2299=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2299=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* apache2-mod_auth_openidc-2.3.8-150600.16.5.1
* apache2-mod_auth_openidc-debugsource-2.3.8-150600.16.5.1
* apache2-mod_auth_openidc-debuginfo-2.3.8-150600.16.5.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* apache2-mod_auth_openidc-2.3.8-150600.16.5.1
* apache2-mod_auth_openidc-debugsource-2.3.8-150600.16.5.1
* apache2-mod_auth_openidc-debuginfo-2.3.8-150600.16.5.1

## References:

* https://www.suse.com/security/cve/CVE-2024-24814.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219911
* https://bugzilla.suse.com/show_bug.cgi?id=1227261



SUSE-SU-2024:2275-2: important: Security update for openssh


# Security update for openssh

Announcement ID: SUSE-SU-2024:2275-2
Rating: important
References:

* bsc#1226642

Cross-References:

* CVE-2024-6387

CVSS scores:

* CVE-2024-6387 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for openssh fixes the following issues:

* CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2275=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* openssh-clients-debuginfo-9.6p1-150600.6.3.1
* openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1
* openssh-askpass-gnome-9.6p1-150600.6.3.1
* openssh-helpers-debuginfo-9.6p1-150600.6.3.1
* openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1
* openssh-clients-9.6p1-150600.6.3.1
* openssh-helpers-9.6p1-150600.6.3.1
* openssh-9.6p1-150600.6.3.1
* openssh-debuginfo-9.6p1-150600.6.3.1
* openssh-fips-9.6p1-150600.6.3.1
* openssh-debugsource-9.6p1-150600.6.3.1
* openssh-server-9.6p1-150600.6.3.1
* openssh-common-debuginfo-9.6p1-150600.6.3.1
* openssh-cavs-debuginfo-9.6p1-150600.6.3.1
* openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1
* openssh-server-debuginfo-9.6p1-150600.6.3.1
* openssh-common-9.6p1-150600.6.3.1
* openssh-cavs-9.6p1-150600.6.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6387.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226642



SUSE-SU-2024:2292-1: important: Security update for ghostscript


# Security update for ghostscript

Announcement ID: SUSE-SU-2024:2292-1
Rating: important
References:

* bsc#1226944
* bsc#1226945
* bsc#1226946

Cross-References:

* CVE-2024-29510
* CVE-2024-33869
* CVE-2024-33870

CVSS scores:

* CVE-2024-29510 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2024-33869 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2024-33870 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves three vulnerabilities can now be installed.

## Description:

This update for ghostscript fixes the following issues:

* CVE-2024-29510: Fixed an arbitrary path traversal when running in a
permitted path (bsc#1226945).
* CVE-2024-33870: Fixed a format string injection that could lead to command
execution (bsc#1226944).
* CVE-2024-33869: Fixed a path validation bypass that could lead to path
traversal (bsc#1226946).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2292=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2292=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2292=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2292=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2292=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2292=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2292=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2292=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2292=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2292=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2292=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2292=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2292=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2292=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2292=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2292=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-2292=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2292=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2292=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Manager Proxy 4.3 (x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* ghostscript-x11-debuginfo-9.52-150000.194.1
* ghostscript-x11-9.52-150000.194.1
* ghostscript-devel-9.52-150000.194.1
* ghostscript-debugsource-9.52-150000.194.1
* ghostscript-9.52-150000.194.1
* ghostscript-debuginfo-9.52-150000.194.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29510.html
* https://www.suse.com/security/cve/CVE-2024-33869.html
* https://www.suse.com/security/cve/CVE-2024-33870.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226944
* https://bugzilla.suse.com/show_bug.cgi?id=1226945
* https://bugzilla.suse.com/show_bug.cgi?id=1226946



SUSE-SU-2024:2283-1: important: Security update for libndp


# Security update for libndp

Announcement ID: SUSE-SU-2024:2283-1
Rating: important
References:

* bsc#1225771

Cross-References:

* CVE-2024-5564

CVSS scores:

* CVE-2024-5564 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Desktop Applications Module 15-SP5
* Desktop Applications Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for libndp fixes the following issues:

* CVE-2024-5564: Add a check on the route information option length field.
(bsc#1225771)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2283=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2283=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2283=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2283=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2283=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2283=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2283=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2283=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2283=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2283=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2283=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2283=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2283=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2283=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2283=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2283=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2283=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2283=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2283=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2283=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2283=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libndp-devel-1.6-150000.3.3.1
* libndp-debugsource-1.6-150000.3.3.1
* libndp0-debuginfo-1.6-150000.3.3.1
* libndp-debuginfo-1.6-150000.3.3.1
* libndp0-1.6-150000.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-5564.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225771



SUSE-SU-2024:2290-1: low: Security update for libxml2


# Security update for libxml2

Announcement ID: SUSE-SU-2024:2290-1
Rating: low
References:

* bsc#1224282

Cross-References:

* CVE-2024-34459

CVSS scores:

* CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

* CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in
xmllint.c (bsc#1224282).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2290=1 SUSE-2024-2290=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2290=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2290=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2290=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2290=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2290=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2290=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libxml2-2-debuginfo-2.10.3-150500.5.17.1
* libxml2-tools-2.10.3-150500.5.17.1
* python3-libxml2-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-2.10.3-150500.5.17.1
* python3-libxml2-2.10.3-150500.5.17.1
* libxml2-python-debugsource-2.10.3-150500.5.17.1
* python311-libxml2-2.10.3-150500.5.17.1
* libxml2-devel-2.10.3-150500.5.17.1
* libxml2-tools-debuginfo-2.10.3-150500.5.17.1
* libxml2-debugsource-2.10.3-150500.5.17.1
* python311-libxml2-debuginfo-2.10.3-150500.5.17.1
* openSUSE Leap 15.5 (x86_64)
* libxml2-devel-32bit-2.10.3-150500.5.17.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-32bit-2.10.3-150500.5.17.1
* openSUSE Leap 15.5 (noarch)
* libxml2-doc-2.10.3-150500.5.17.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libxml2-2-64bit-2.10.3-150500.5.17.1
* libxml2-devel-64bit-2.10.3-150500.5.17.1
* libxml2-2-64bit-debuginfo-2.10.3-150500.5.17.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libxml2-2-debuginfo-2.10.3-150500.5.17.1
* libxml2-tools-2.10.3-150500.5.17.1
* python3-libxml2-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-2.10.3-150500.5.17.1
* python3-libxml2-2.10.3-150500.5.17.1
* libxml2-python-debugsource-2.10.3-150500.5.17.1
* python311-libxml2-2.10.3-150500.5.17.1
* libxml2-devel-2.10.3-150500.5.17.1
* libxml2-tools-debuginfo-2.10.3-150500.5.17.1
* libxml2-debugsource-2.10.3-150500.5.17.1
* python311-libxml2-debuginfo-2.10.3-150500.5.17.1
* openSUSE Leap 15.6 (x86_64)
* libxml2-devel-32bit-2.10.3-150500.5.17.1
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-32bit-2.10.3-150500.5.17.1
* openSUSE Leap 15.6 (noarch)
* libxml2-doc-2.10.3-150500.5.17.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libxml2-2-debuginfo-2.10.3-150500.5.17.1
* libxml2-tools-2.10.3-150500.5.17.1
* python3-libxml2-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-2.10.3-150500.5.17.1
* python3-libxml2-2.10.3-150500.5.17.1
* libxml2-python-debugsource-2.10.3-150500.5.17.1
* libxml2-tools-debuginfo-2.10.3-150500.5.17.1
* libxml2-debugsource-2.10.3-150500.5.17.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libxml2-2-debuginfo-2.10.3-150500.5.17.1
* libxml2-tools-2.10.3-150500.5.17.1
* python3-libxml2-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-2.10.3-150500.5.17.1
* python3-libxml2-2.10.3-150500.5.17.1
* libxml2-python-debugsource-2.10.3-150500.5.17.1
* libxml2-devel-2.10.3-150500.5.17.1
* libxml2-tools-debuginfo-2.10.3-150500.5.17.1
* libxml2-debugsource-2.10.3-150500.5.17.1
* Basesystem Module 15-SP5 (x86_64)
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-32bit-2.10.3-150500.5.17.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libxml2-2-debuginfo-2.10.3-150500.5.17.1
* libxml2-tools-2.10.3-150500.5.17.1
* python3-libxml2-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-2.10.3-150500.5.17.1
* python3-libxml2-2.10.3-150500.5.17.1
* libxml2-python-debugsource-2.10.3-150500.5.17.1
* libxml2-devel-2.10.3-150500.5.17.1
* libxml2-tools-debuginfo-2.10.3-150500.5.17.1
* libxml2-debugsource-2.10.3-150500.5.17.1
* Basesystem Module 15-SP6 (x86_64)
* libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1
* libxml2-2-32bit-2.10.3-150500.5.17.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python311-libxml2-debuginfo-2.10.3-150500.5.17.1
* python311-libxml2-2.10.3-150500.5.17.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libxml2-python-debugsource-2.10.3-150500.5.17.1
* python311-libxml2-debuginfo-2.10.3-150500.5.17.1
* python311-libxml2-2.10.3-150500.5.17.1

## References:

* https://www.suse.com/security/cve/CVE-2024-34459.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224282



SUSE-SU-2024:2286-1: moderate: Security update for podman


# Security update for podman

Announcement ID: SUSE-SU-2024:2286-1
Rating: moderate
References:

* bsc#1227052

Cross-References:

* CVE-2024-6104

CVSS scores:

* CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Containers Module 15-SP5
* Containers Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

* CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log
file (bsc#1227052).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-2286=1 openSUSE-SLE-15.5-2024-2286=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2286=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2286=1

* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2286=1

* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2286=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* podmansh-4.9.5-150500.3.15.1
* podman-4.9.5-150500.3.15.1
* podman-debuginfo-4.9.5-150500.3.15.1
* podman-remote-4.9.5-150500.3.15.1
* podman-remote-debuginfo-4.9.5-150500.3.15.1
* openSUSE Leap 15.5 (noarch)
* podman-docker-4.9.5-150500.3.15.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* podmansh-4.9.5-150500.3.15.1
* podman-4.9.5-150500.3.15.1
* podman-debuginfo-4.9.5-150500.3.15.1
* podman-remote-4.9.5-150500.3.15.1
* podman-remote-debuginfo-4.9.5-150500.3.15.1
* openSUSE Leap 15.6 (noarch)
* podman-docker-4.9.5-150500.3.15.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* podmansh-4.9.5-150500.3.15.1
* podman-4.9.5-150500.3.15.1
* podman-debuginfo-4.9.5-150500.3.15.1
* podman-remote-4.9.5-150500.3.15.1
* podman-remote-debuginfo-4.9.5-150500.3.15.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* podman-docker-4.9.5-150500.3.15.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* podmansh-4.9.5-150500.3.15.1
* podman-4.9.5-150500.3.15.1
* podman-debuginfo-4.9.5-150500.3.15.1
* podman-remote-4.9.5-150500.3.15.1
* podman-remote-debuginfo-4.9.5-150500.3.15.1
* Containers Module 15-SP5 (noarch)
* podman-docker-4.9.5-150500.3.15.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* podmansh-4.9.5-150500.3.15.1
* podman-4.9.5-150500.3.15.1
* podman-debuginfo-4.9.5-150500.3.15.1
* podman-remote-4.9.5-150500.3.15.1
* podman-remote-debuginfo-4.9.5-150500.3.15.1
* Containers Module 15-SP6 (noarch)
* podman-docker-4.9.5-150500.3.15.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6104.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227052



SUSE-SU-2024:2280-1: moderate: Security update for python39


# Security update for python39

Announcement ID: SUSE-SU-2024:2280-1
Rating: moderate
References:

* bsc#1226447
* bsc#1226448

Cross-References:

* CVE-2024-0397
* CVE-2024-4032

CVSS scores:

* CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Legacy Module 15-SP5
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for python39 fixes the following issues:

* CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448)
* CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate
store methods. (bsc#1226447)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-2280=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2280=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2280=1

* Legacy Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-2280=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* python39-3.9.19-150300.4.46.1
* python39-core-debugsource-3.9.19-150300.4.46.1
* python39-idle-3.9.19-150300.4.46.1
* python39-base-3.9.19-150300.4.46.1
* libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1
* python39-devel-3.9.19-150300.4.46.1
* python39-doc-devhelp-3.9.19-150300.4.46.1
* libpython3_9-1_0-3.9.19-150300.4.46.1
* python39-testsuite-3.9.19-150300.4.46.1
* python39-tools-3.9.19-150300.4.46.1
* python39-dbm-3.9.19-150300.4.46.1
* python39-testsuite-debuginfo-3.9.19-150300.4.46.1
* python39-curses-debuginfo-3.9.19-150300.4.46.1
* python39-base-debuginfo-3.9.19-150300.4.46.1
* python39-debuginfo-3.9.19-150300.4.46.1
* python39-tk-3.9.19-150300.4.46.1
* python39-tk-debuginfo-3.9.19-150300.4.46.1
* python39-debugsource-3.9.19-150300.4.46.1
* python39-dbm-debuginfo-3.9.19-150300.4.46.1
* python39-curses-3.9.19-150300.4.46.1
* python39-doc-3.9.19-150300.4.46.1
* openSUSE Leap 15.3 (x86_64)
* python39-32bit-3.9.19-150300.4.46.1
* python39-base-32bit-3.9.19-150300.4.46.1
* python39-32bit-debuginfo-3.9.19-150300.4.46.1
* python39-base-32bit-debuginfo-3.9.19-150300.4.46.1
* libpython3_9-1_0-32bit-3.9.19-150300.4.46.1
* libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* python39-base-64bit-3.9.19-150300.4.46.1
* python39-base-64bit-debuginfo-3.9.19-150300.4.46.1
* python39-64bit-3.9.19-150300.4.46.1
* libpython3_9-1_0-64bit-3.9.19-150300.4.46.1
* libpython3_9-1_0-64bit-debuginfo-3.9.19-150300.4.46.1
* python39-64bit-debuginfo-3.9.19-150300.4.46.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python39-3.9.19-150300.4.46.1
* python39-core-debugsource-3.9.19-150300.4.46.1
* python39-idle-3.9.19-150300.4.46.1
* python39-base-3.9.19-150300.4.46.1
* libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1
* python39-doc-devhelp-3.9.19-150300.4.46.1
* python39-devel-3.9.19-150300.4.46.1
* libpython3_9-1_0-3.9.19-150300.4.46.1
* python39-testsuite-3.9.19-150300.4.46.1
* python39-tools-3.9.19-150300.4.46.1
* python39-dbm-3.9.19-150300.4.46.1
* python39-testsuite-debuginfo-3.9.19-150300.4.46.1
* python39-base-debuginfo-3.9.19-150300.4.46.1
* python39-curses-debuginfo-3.9.19-150300.4.46.1
* python39-debuginfo-3.9.19-150300.4.46.1
* python39-tk-3.9.19-150300.4.46.1
* python39-tk-debuginfo-3.9.19-150300.4.46.1
* python39-debugsource-3.9.19-150300.4.46.1
* python39-dbm-debuginfo-3.9.19-150300.4.46.1
* python39-curses-3.9.19-150300.4.46.1
* python39-doc-3.9.19-150300.4.46.1
* openSUSE Leap 15.5 (x86_64)
* libpython3_9-1_0-32bit-3.9.19-150300.4.46.1
* python39-base-32bit-3.9.19-150300.4.46.1
* python39-32bit-debuginfo-3.9.19-150300.4.46.1
* python39-base-32bit-debuginfo-3.9.19-150300.4.46.1
* python39-32bit-3.9.19-150300.4.46.1
* libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python39-3.9.19-150300.4.46.1
* python39-core-debugsource-3.9.19-150300.4.46.1
* python39-idle-3.9.19-150300.4.46.1
* python39-base-3.9.19-150300.4.46.1
* libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1
* python39-doc-devhelp-3.9.19-150300.4.46.1
* python39-devel-3.9.19-150300.4.46.1
* libpython3_9-1_0-3.9.19-150300.4.46.1
* python39-testsuite-3.9.19-150300.4.46.1
* python39-tools-3.9.19-150300.4.46.1
* python39-dbm-3.9.19-150300.4.46.1
* python39-testsuite-debuginfo-3.9.19-150300.4.46.1
* python39-base-debuginfo-3.9.19-150300.4.46.1
* python39-curses-debuginfo-3.9.19-150300.4.46.1
* python39-debuginfo-3.9.19-150300.4.46.1
* python39-tk-3.9.19-150300.4.46.1
* python39-tk-debuginfo-3.9.19-150300.4.46.1
* python39-debugsource-3.9.19-150300.4.46.1
* python39-dbm-debuginfo-3.9.19-150300.4.46.1
* python39-curses-3.9.19-150300.4.46.1
* python39-doc-3.9.19-150300.4.46.1
* openSUSE Leap 15.6 (x86_64)
* libpython3_9-1_0-32bit-3.9.19-150300.4.46.1
* python39-base-32bit-3.9.19-150300.4.46.1
* python39-32bit-debuginfo-3.9.19-150300.4.46.1
* python39-base-32bit-debuginfo-3.9.19-150300.4.46.1
* python39-32bit-3.9.19-150300.4.46.1
* libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1
* Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python39-3.9.19-150300.4.46.1
* libpython3_9-1_0-3.9.19-150300.4.46.1
* python39-base-3.9.19-150300.4.46.1
* python39-curses-3.9.19-150300.4.46.1
* python39-dbm-3.9.19-150300.4.46.1

## References:

* https://www.suse.com/security/cve/CVE-2024-0397.html
* https://www.suse.com/security/cve/CVE-2024-4032.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226447
* https://bugzilla.suse.com/show_bug.cgi?id=1226448



SUSE-SU-2024:2279-1: low: Security update for libxml2


# Security update for libxml2

Announcement ID: SUSE-SU-2024:2279-1
Rating: low
References:

* bsc#1224282

Cross-References:

* CVE-2024-34459

CVSS scores:

* CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

* CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in
xmllint.c (bsc#1224282).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2279=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2279=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2279=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2279=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2279=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libxml2-2-2.9.14-150400.5.32.1
* python311-libxml2-2.9.14-150400.5.32.1
* libxml2-devel-2.9.14-150400.5.32.1
* libxml2-tools-2.9.14-150400.5.32.1
* libxml2-tools-debuginfo-2.9.14-150400.5.32.1
* libxml2-2-debuginfo-2.9.14-150400.5.32.1
* libxml2-python-debugsource-2.9.14-150400.5.32.1
* libxml2-debugsource-2.9.14-150400.5.32.1
* python3-libxml2-debuginfo-2.9.14-150400.5.32.1
* python3-libxml2-2.9.14-150400.5.32.1
* python311-libxml2-debuginfo-2.9.14-150400.5.32.1
* openSUSE Leap 15.4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.32.1
* libxml2-2-32bit-2.9.14-150400.5.32.1
* libxml2-devel-32bit-2.9.14-150400.5.32.1
* openSUSE Leap 15.4 (noarch)
* libxml2-doc-2.9.14-150400.5.32.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libxml2-2-64bit-2.9.14-150400.5.32.1
* libxml2-2-64bit-debuginfo-2.9.14-150400.5.32.1
* libxml2-devel-64bit-2.9.14-150400.5.32.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.32.1
* libxml2-tools-2.9.14-150400.5.32.1
* libxml2-tools-debuginfo-2.9.14-150400.5.32.1
* libxml2-2-debuginfo-2.9.14-150400.5.32.1
* libxml2-python-debugsource-2.9.14-150400.5.32.1
* libxml2-debugsource-2.9.14-150400.5.32.1
* python3-libxml2-debuginfo-2.9.14-150400.5.32.1
* python3-libxml2-2.9.14-150400.5.32.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.32.1
* libxml2-tools-2.9.14-150400.5.32.1
* libxml2-tools-debuginfo-2.9.14-150400.5.32.1
* libxml2-2-debuginfo-2.9.14-150400.5.32.1
* libxml2-python-debugsource-2.9.14-150400.5.32.1
* libxml2-debugsource-2.9.14-150400.5.32.1
* python3-libxml2-debuginfo-2.9.14-150400.5.32.1
* python3-libxml2-2.9.14-150400.5.32.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.32.1
* libxml2-tools-2.9.14-150400.5.32.1
* libxml2-tools-debuginfo-2.9.14-150400.5.32.1
* libxml2-2-debuginfo-2.9.14-150400.5.32.1
* libxml2-python-debugsource-2.9.14-150400.5.32.1
* libxml2-debugsource-2.9.14-150400.5.32.1
* python3-libxml2-debuginfo-2.9.14-150400.5.32.1
* python3-libxml2-2.9.14-150400.5.32.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libxml2-2-2.9.14-150400.5.32.1
* libxml2-tools-2.9.14-150400.5.32.1
* libxml2-tools-debuginfo-2.9.14-150400.5.32.1
* libxml2-2-debuginfo-2.9.14-150400.5.32.1
* libxml2-python-debugsource-2.9.14-150400.5.32.1
* libxml2-debugsource-2.9.14-150400.5.32.1
* python3-libxml2-debuginfo-2.9.14-150400.5.32.1
* python3-libxml2-2.9.14-150400.5.32.1

## References:

* https://www.suse.com/security/cve/CVE-2024-34459.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224282



SUSE-SU-2024:2281-1: low: Security update for podofo


# Security update for podofo

Announcement ID: SUSE-SU-2024:2281-1
Rating: low
References:

* bsc#1213720

Affected Products:

* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that has one security fix can now be installed.

## Description:

This update for podofo fixes the following issues:

* PdfEncrypt: Validate more encrypt dictionary parameters (bsc#1213720)
* PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries
(bsc#1213720)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-2281=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2281=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2281=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2281=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2281=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* podofo-debugsource-0.9.6-150300.3.12.1
* libpodofo0_9_6-0.9.6-150300.3.12.1
* podofo-debuginfo-0.9.6-150300.3.12.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1
* libpodofo-devel-0.9.6-150300.3.12.1
* podofo-0.9.6-150300.3.12.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.12.1
* libpodofo0_9_6-0.9.6-150300.3.12.1
* podofo-debuginfo-0.9.6-150300.3.12.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1
* libpodofo-devel-0.9.6-150300.3.12.1
* podofo-0.9.6-150300.3.12.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.12.1
* libpodofo0_9_6-0.9.6-150300.3.12.1
* podofo-debuginfo-0.9.6-150300.3.12.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1
* libpodofo-devel-0.9.6-150300.3.12.1
* podofo-0.9.6-150300.3.12.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.12.1
* libpodofo0_9_6-0.9.6-150300.3.12.1
* podofo-debuginfo-0.9.6-150300.3.12.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1
* libpodofo-devel-0.9.6-150300.3.12.1
* podofo-0.9.6-150300.3.12.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.12.1
* libpodofo0_9_6-0.9.6-150300.3.12.1
* podofo-debuginfo-0.9.6-150300.3.12.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1
* libpodofo-devel-0.9.6-150300.3.12.1
* podofo-0.9.6-150300.3.12.1

## References:

* https://bugzilla.suse.com/show_bug.cgi?id=1213720



SUSE-SU-2024:2275-1: important: Security update for openssh


# Security update for openssh

Announcement ID: SUSE-SU-2024:2275-1
Rating: important
References:

* bsc#1226642

Cross-References:

* CVE-2024-6387

CVSS scores:

* CVE-2024-6387 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for openssh fixes the following issues:

* CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2275=1 openSUSE-SLE-15.6-2024-2275=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2275=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2275=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* openssh-clients-debuginfo-9.6p1-150600.6.3.1
* openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1
* openssh-askpass-gnome-9.6p1-150600.6.3.1
* openssh-helpers-debuginfo-9.6p1-150600.6.3.1
* openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1
* openssh-clients-9.6p1-150600.6.3.1
* openssh-helpers-9.6p1-150600.6.3.1
* openssh-9.6p1-150600.6.3.1
* openssh-debuginfo-9.6p1-150600.6.3.1
* openssh-fips-9.6p1-150600.6.3.1
* openssh-debugsource-9.6p1-150600.6.3.1
* openssh-server-9.6p1-150600.6.3.1
* openssh-common-debuginfo-9.6p1-150600.6.3.1
* openssh-cavs-debuginfo-9.6p1-150600.6.3.1
* openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1
* openssh-server-debuginfo-9.6p1-150600.6.3.1
* openssh-common-9.6p1-150600.6.3.1
* openssh-cavs-9.6p1-150600.6.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* openssh-clients-debuginfo-9.6p1-150600.6.3.1
* openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1
* openssh-clients-9.6p1-150600.6.3.1
* openssh-helpers-9.6p1-150600.6.3.1
* openssh-9.6p1-150600.6.3.1
* openssh-debuginfo-9.6p1-150600.6.3.1
* openssh-fips-9.6p1-150600.6.3.1
* openssh-debugsource-9.6p1-150600.6.3.1
* openssh-server-9.6p1-150600.6.3.1
* openssh-common-debuginfo-9.6p1-150600.6.3.1
* openssh-helpers-debuginfo-9.6p1-150600.6.3.1
* openssh-server-debuginfo-9.6p1-150600.6.3.1
* openssh-common-9.6p1-150600.6.3.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* openssh-askpass-gnome-9.6p1-150600.6.3.1
* openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1
* openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6387.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226642



SUSE-SU-2024:2277-1: important: Security update for git


# Security update for git

Announcement ID: SUSE-SU-2024:2277-1
Rating: important
References:

* bsc#1224168
* bsc#1224170
* bsc#1224171
* bsc#1224172
* bsc#1224173

Cross-References:

* CVE-2024-32002
* CVE-2024-32004
* CVE-2024-32020
* CVE-2024-32021
* CVE-2024-32465

CVSS scores:

* CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
* CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
* CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves five vulnerabilities can now be installed.

## Description:

This update for git fixes the following issues:

* CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that
support symbolic links are susceptible to case confusion. (bsc#1224168)
* CVE-2024-32004: Fixed arbitrary code execution during local clones.
(bsc#1224170)
* CVE-2024-32020: Fix file overwriting vulnerability during local clones.
(bsc#1224171)
* CVE-2024-32021: Git may create hardlinks to arbitrary user-readable files.
(bsc#1224172)
* CVE-2024-32465: Fixed arbitrary code execution during clone operations.
(bsc#1224173)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2277=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2277=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2277=1 openSUSE-SLE-15.6-2024-2277=1

## Package List:

* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* git-core-debuginfo-2.43.0-150600.3.3.1
* git-debugsource-2.43.0-150600.3.3.1
* git-debuginfo-2.43.0-150600.3.3.1
* git-core-2.43.0-150600.3.3.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* gitk-2.43.0-150600.3.3.1
* git-email-2.43.0-150600.3.3.1
* git-web-2.43.0-150600.3.3.1
* git-svn-2.43.0-150600.3.3.1
* git-arch-2.43.0-150600.3.3.1
* git-cvs-2.43.0-150600.3.3.1
* git-daemon-debuginfo-2.43.0-150600.3.3.1
* git-daemon-2.43.0-150600.3.3.1
* git-debuginfo-2.43.0-150600.3.3.1
* git-debugsource-2.43.0-150600.3.3.1
* perl-Git-2.43.0-150600.3.3.1
* git-gui-2.43.0-150600.3.3.1
* git-2.43.0-150600.3.3.1
* Development Tools Module 15-SP6 (noarch)
* git-doc-2.43.0-150600.3.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* gitk-2.43.0-150600.3.3.1
* git-email-2.43.0-150600.3.3.1
* git-web-2.43.0-150600.3.3.1
* git-core-2.43.0-150600.3.3.1
* git-svn-2.43.0-150600.3.3.1
* git-arch-2.43.0-150600.3.3.1
* git-cvs-2.43.0-150600.3.3.1
* git-gui-2.43.0-150600.3.3.1
* git-daemon-debuginfo-2.43.0-150600.3.3.1
* git-debugsource-2.43.0-150600.3.3.1
* git-p4-2.43.0-150600.3.3.1
* git-daemon-2.43.0-150600.3.3.1
* git-debuginfo-2.43.0-150600.3.3.1
* git-core-debuginfo-2.43.0-150600.3.3.1
* perl-Git-2.43.0-150600.3.3.1
* git-credential-libsecret-debuginfo-2.43.0-150600.3.3.1
* git-credential-libsecret-2.43.0-150600.3.3.1
* git-2.43.0-150600.3.3.1
* openSUSE Leap 15.6 (noarch)
* git-doc-2.43.0-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-32002.html
* https://www.suse.com/security/cve/CVE-2024-32004.html
* https://www.suse.com/security/cve/CVE-2024-32020.html
* https://www.suse.com/security/cve/CVE-2024-32021.html
* https://www.suse.com/security/cve/CVE-2024-32465.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224168
* https://bugzilla.suse.com/show_bug.cgi?id=1224170
* https://bugzilla.suse.com/show_bug.cgi?id=1224171
* https://bugzilla.suse.com/show_bug.cgi?id=1224172
* https://bugzilla.suse.com/show_bug.cgi?id=1224173



SUSE-SU-2024:2265-1: moderate: Security update for wireshark


# Security update for wireshark

Announcement ID: SUSE-SU-2024:2265-1
Rating: moderate
References:

* bsc#1224259
* bsc#1224274
* bsc#1224276

Cross-References:

* CVE-2024-4853
* CVE-2024-4854
* CVE-2024-4855

CVSS scores:

* CVE-2024-4853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-4854 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-4855 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for wireshark fixes the following issues:

Update to version 3.6.22:

* CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops (bsc#1224274)
* CVE-2024-4853: The editcap command line utility could crash when chopping
bytes from the beginning of a packet (bsc#1224259)
* CVE-2024-4855: The editcap command line utility could crash when injecting
secrets while writing multiple files (bsc#1224276)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2265=1 openSUSE-SLE-15.6-2024-2265=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2265=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2265=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libwireshark15-3.6.23-150600.18.3.1
* wireshark-devel-3.6.23-150600.18.3.1
* libwsutil13-debuginfo-3.6.23-150600.18.3.1
* wireshark-debuginfo-3.6.23-150600.18.3.1
* libwsutil13-3.6.23-150600.18.3.1
* libwiretap12-3.6.23-150600.18.3.1
* libwireshark15-debuginfo-3.6.23-150600.18.3.1
* wireshark-3.6.23-150600.18.3.1
* wireshark-ui-qt-3.6.23-150600.18.3.1
* wireshark-ui-qt-debuginfo-3.6.23-150600.18.3.1
* libwiretap12-debuginfo-3.6.23-150600.18.3.1
* wireshark-debugsource-3.6.23-150600.18.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libwireshark15-3.6.23-150600.18.3.1
* libwsutil13-debuginfo-3.6.23-150600.18.3.1
* wireshark-debuginfo-3.6.23-150600.18.3.1
* libwsutil13-3.6.23-150600.18.3.1
* libwiretap12-3.6.23-150600.18.3.1
* libwireshark15-debuginfo-3.6.23-150600.18.3.1
* wireshark-3.6.23-150600.18.3.1
* libwiretap12-debuginfo-3.6.23-150600.18.3.1
* wireshark-debugsource-3.6.23-150600.18.3.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-devel-3.6.23-150600.18.3.1
* wireshark-debuginfo-3.6.23-150600.18.3.1
* wireshark-ui-qt-3.6.23-150600.18.3.1
* wireshark-ui-qt-debuginfo-3.6.23-150600.18.3.1
* wireshark-debugsource-3.6.23-150600.18.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4853.html
* https://www.suse.com/security/cve/CVE-2024-4854.html
* https://www.suse.com/security/cve/CVE-2024-4855.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224259
* https://bugzilla.suse.com/show_bug.cgi?id=1224274
* https://bugzilla.suse.com/show_bug.cgi?id=1224276



SUSE-SU-2024:2269-1: moderate: Security update for squid


# Security update for squid

Announcement ID: SUSE-SU-2024:2269-1
Rating: moderate
References:

* bsc#1227086

Cross-References:

* CVE-2024-37894

CVSS scores:

* CVE-2024-37894 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for squid fixes the following issues:

* CVE-2024-37894: Fixed a denial of Service issue in ESI processing
(bsc#1227086)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2269=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2269=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2269=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* squid-debuginfo-5.7-150400.3.32.1
* squid-debugsource-5.7-150400.3.32.1
* squid-5.7-150400.3.32.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* squid-debuginfo-5.7-150400.3.32.1
* squid-debugsource-5.7-150400.3.32.1
* squid-5.7-150400.3.32.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* squid-debuginfo-5.7-150400.3.32.1
* squid-debugsource-5.7-150400.3.32.1
* squid-5.7-150400.3.32.1

## References:

* https://www.suse.com/security/cve/CVE-2024-37894.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227086



SUSE-SU-2024:2273-1: moderate: Security update for podman


# Security update for podman

Announcement ID: SUSE-SU-2024:2273-1
Rating: moderate
References:

* bsc#1227052

Cross-References:

* CVE-2024-6104

CVSS scores:

* CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

* CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log
file (bsc#1227052).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2273=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2273=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2273=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2273=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2273=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* podman-remote-debuginfo-4.9.5-150400.4.30.1
* podman-debuginfo-4.9.5-150400.4.30.1
* podman-remote-4.9.5-150400.4.30.1
* podman-4.9.5-150400.4.30.1
* podmansh-4.9.5-150400.4.30.1
* openSUSE Leap 15.4 (noarch)
* podman-docker-4.9.5-150400.4.30.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* podman-4.9.5-150400.4.30.1
* podman-debuginfo-4.9.5-150400.4.30.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* podman-4.9.5-150400.4.30.1
* podman-debuginfo-4.9.5-150400.4.30.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* podman-4.9.5-150400.4.30.1
* podman-debuginfo-4.9.5-150400.4.30.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* podman-4.9.5-150400.4.30.1
* podman-debuginfo-4.9.5-150400.4.30.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6104.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227052



SUSE-SU-2024:2260-1: important: Security update for pgadmin4


# Security update for pgadmin4

Announcement ID: SUSE-SU-2024:2260-1
Rating: important
References:

* bsc#1223867
* bsc#1223868

Cross-References:

* CVE-2024-4215
* CVE-2024-4216

CVSS scores:

* CVE-2024-4215 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-4216 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L

Affected Products:

* openSUSE Leap 15.6
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for pgadmin4 fixes the following issues:

* CVE-2024-4216: Fixed XSS in /settings/store endpoint (bsc#1223868).
* CVE-2024-4215: Fixed multi-factor authentication bypass (bsc#1223867).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2260=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2260=1 openSUSE-SLE-15.6-2024-2260=1

## Package List:

* Python 3 Module 15-SP6 (noarch)
* pgadmin4-8.5-150600.3.3.1
* system-user-pgadmin-8.5-150600.3.3.1
* pgadmin4-doc-8.5-150600.3.3.1
* openSUSE Leap 15.6 (noarch)
* pgadmin4-desktop-8.5-150600.3.3.1
* pgadmin4-cloud-8.5-150600.3.3.1
* system-user-pgadmin-8.5-150600.3.3.1
* pgadmin4-doc-8.5-150600.3.3.1
* pgadmin4-web-uwsgi-8.5-150600.3.3.1
* pgadmin4-8.5-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4215.html
* https://www.suse.com/security/cve/CVE-2024-4216.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223867
* https://bugzilla.suse.com/show_bug.cgi?id=1223868



SUSE-SU-2024:2261-1: moderate: Security update for postgresql15


# Security update for postgresql15

Announcement ID: SUSE-SU-2024:2261-1
Rating: moderate
References:

* bsc#1224038
* bsc#1224051

Cross-References:

* CVE-2024-4317

CVSS scores:

* CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Legacy Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for postgresql15 fixes the following issues:

* Upgrade to 15.7. (bsc#1224051)
* CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs
entries to the table owner. See release notes for the steps that have to be
taken to fix existing PostgreSQL instances. (bsc#1224038)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2261=1 openSUSE-SLE-15.6-2024-2261=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2261=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* postgresql15-debuginfo-15.7-150600.16.3.1
* postgresql15-plperl-debuginfo-15.7-150600.16.3.1
* postgresql15-debugsource-15.7-150600.16.3.1
* postgresql15-llvmjit-devel-15.7-150600.16.3.1
* postgresql15-plpython-debuginfo-15.7-150600.16.3.1
* postgresql15-plpython-15.7-150600.16.3.1
* postgresql15-contrib-debuginfo-15.7-150600.16.3.1
* postgresql15-15.7-150600.16.3.1
* postgresql15-server-devel-15.7-150600.16.3.1
* postgresql15-server-15.7-150600.16.3.1
* postgresql15-devel-15.7-150600.16.3.1
* postgresql15-llvmjit-15.7-150600.16.3.1
* postgresql15-plperl-15.7-150600.16.3.1
* postgresql15-server-debuginfo-15.7-150600.16.3.1
* postgresql15-pltcl-15.7-150600.16.3.1
* postgresql15-pltcl-debuginfo-15.7-150600.16.3.1
* postgresql15-server-devel-debuginfo-15.7-150600.16.3.1
* postgresql15-devel-debuginfo-15.7-150600.16.3.1
* postgresql15-test-15.7-150600.16.3.1
* postgresql15-contrib-15.7-150600.16.3.1
* postgresql15-llvmjit-debuginfo-15.7-150600.16.3.1
* openSUSE Leap 15.6 (noarch)
* postgresql15-docs-15.7-150600.16.3.1
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* postgresql15-15.7-150600.16.3.1
* postgresql15-debuginfo-15.7-150600.16.3.1
* postgresql15-server-15.7-150600.16.3.1
* postgresql15-debugsource-15.7-150600.16.3.1
* postgresql15-server-debuginfo-15.7-150600.16.3.1
* postgresql15-contrib-15.7-150600.16.3.1
* postgresql15-contrib-debuginfo-15.7-150600.16.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4317.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224038
* https://bugzilla.suse.com/show_bug.cgi?id=1224051



SUSE-SU-2024:2266-1: moderate: Security update for postgresql16


# Security update for postgresql16

Announcement ID: SUSE-SU-2024:2266-1
Rating: moderate
References:

* bsc#1224038
* bsc#1224051

Cross-References:

* CVE-2024-4317

CVSS scores:

* CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for postgresql16 fixes the following issues:

PostgreSQL upgrade to version 16.3 (bsc#1224051):

* CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and
pg_stats_ext_exprs entries to the table owner (bsc#1224038).

Bug fixes:

* Fix incompatibility with LLVM 18.
* Prepare for PostgreSQL 17.
* Make sure all compilation and doc generation happens in %build.
* Require LLVM "int8"
* Flutter/Dart web support
* Allow Antlr Javascript runtime to be loaded into Kindle Touch
* Fix Go test suite
* Weird error Improvements, features
* [C++] Use faster alternative to dynamic_cast when not testing inherit
* Stackoverflow after upgrading from 4.6 to 4.7
* from version 4.9.2 Issues fixed
* CSharp and Java produce different results for identical input, identical
tokens Improvements, features
* Moved away from travis-ci.com
* Source upstream tarball from Github since PyPi tarball no longer ships
testsuite

* Update to version 4.9.1.

* Improve python3 performance by adding slots
* Fix incorrect python token string templates
* Add testing.
* Skip python2 because this is for python3.
* Use python_alternative Changes in python-avro:
* Switch package to modern Python Stack on SLE-15
* Add %{?sle15_python_module_pythons}
* Drop %define skip_python2 1
* Update to version 1.11.3:
* See jira board for all the fixes addressed in this release:
https://issues.apache.org/jira/browse/AVRO-3855?jql=project%3DAVRO%20AND%20fixVersion%3D1.11.3
* Drop py311.patch: fixed upstream.

* Add py311.patch to make tests compatible with python 3.11
gh#apache/avro#1961

* Update to 1.11.1 (from GitHub release notes):

* Avro specification
* Clarify which names are allowed to be qualified with namespaces
* Inconsistent behaviour on types as invalid names
* Clarify how fullnames are created, with example
* IDL: add syntax to create optional fields
* Improve docs for logical type annotation
* Python
* Scale assignment optimization
* "Scale" property from decimal object
* Byte reading in avro.io does not assert bytes read
* validate the default value of an enum field
* Pass LogicalType to BytesDecimalSchema
* Website
* Website refactor
* Document IDL support in IDEs Changes in python-chardet:
* update to 5.2.0:
* Adds support for running chardet CLI via `python -m chardet`

Changes in python-distro: \- Switch to autosetup macro.

* update to 1.9.0:
* Refactor distro.info() method to return an InfoDict [#360]
* Ignore the file '/etc/board-release' [#353]
* Ignore the file '/etc/ec2_version' [#359]
* Test on modern versions of CPython and PyPy and macOS [#362]
* Add support for ALT Linux Server 10.1 distribution [#354]
* Add Debian Testing to the tests [#356]
* Update archlinux resource for tests [#352]

* Remove duplicate files calling %fdupes

* add sle15_python_module_pythons

* update to 1.8.0:

* Lowered `LinuxDistribution._distro_release_info` method complexity [#327]
* Added official support for Buildroot distribution [#329]
* Added official support for Guix distribution [#330]
* Added support for `/etc/debian_version` [#333] & [#349]
* Fixed a typography in CONTRIBUTING.md [#340]
* Improved README.md "Usage" code block [#343]
* Bumped black to v22.3.0 in pre-commit.ci configuration [#331]
* Enabled GitHub Dependabot to keep GitHub Actions up to date [#335]

* remove shebang from distro.py

* update to version 1.7.0:
* BACKWARD COMPATIBILITY:
* Dropped support for EOL Pythons 2.7, 3.4 and 3.5 [#281]
* Dropped support for LSB and `uname` back-ends when `--root-dir` is specified
[#311]
* Moved `distro.py` to `src/distro/distro.py` [#315]
* ENHANCEMENTS:
* Documented that `distro.version()` can return an empty string on rolling
releases [#312]
* Documented support for Python 3.10 [#316]
* Added official support for Rocky Linux distribution [#318]
* Added a shebang to `distro.py` to allow standalone execution [#313]
* Added support for AIX platforms [#311]
* Added compliance for PEP-561 [#315]
* BUG FIXES:
* Fixed `include_uname` parameter oversight [#305]
* Fixed crash when `uname -rs` output is empty [#304]
* Fixed Amazon Linux identifier in `distro.id()` documentation [#318]
* Fixed OpenSuse >= 15 support [#319]
* Fixed encoding issues when opening distro release files [#324]
* Fixed `linux_distribution` regression introduced in [#230] [#325]

* Tests: Set locale to UTF-8 to fix tests on Leap 15.3.

* Expliciting setting of locale is not necessary anymore (gh#python-
distro/distro#223).

* Update to version 1.6.0

* Deprecated the distro.linux_distribution() function. Use distro.id(),
distro.version() and distro.name() instead [#296]
* Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will only
support Python 3.6+
* Added type hints to distro module [#269]
* Added **version** for checking distro version [#292]
* Added support for arbitrary rootfs via the root_dir parameter [#247]
* Added the --root-dir option to CLI [#161]
* Added fallback to /usr/lib/os-release when /etc/os-release isn't available
[#262]
* Fixed subprocess.CalledProcessError when running lsb_release [#261]
* Ignore /etc/iredmail-release file while parsing distribution [#268]
* Use a binary file for /dev/null to avoid TextIOWrapper overhead [#271]

* use %pytest macro

* Enable tests properly (this is pytest, not unittest), Changes in python-
docker:

* update to 7.0.0:
* Removed SSL version (`ssl_version`) and explicit hostname check
(`assert_hostname`) options (#3185)
* Python 3.7+ supports TLSv1.3 by default
* Websocket support is no longer included by default (#3123)
* Use `pip install docker[websockets]` to include `websocket- client`
dependency
* By default, `docker-py` hijacks the TCP connection and does not use
Websockets
* Websocket client is only required to use `attach_socket(container, ws=True)`
* Python 3.7 no longer supported (reached end-of-life June 2023) (#3187)
* Python 3.12 support (#3185)
* Full `networking_config` support for `containers.create()`
* Replaces `network_driver_opt` (added in 6.1.0)
* Add `health()` property to container that returns status (e.g. `unhealthy`)
* Add `pause` option to `container.commit()` (#3159)
* Add support for bind mount propagation (e.g. `rshared`, `private`)
* Add support for `filters`, `keep_storage`, and `all` in `prune_builds()` on
API v1.39+ (#3192)
* Consistently return `docker.errors.NotFound` on 404 responses
* Validate tag format before push (#3191)

* update to 6.1.3:

* Bugfixes
* Fix eventlet compatibility (#3132)
* update to 6.1.2:
* Bugfixes
* Fix for socket timeouts on long docker exec calls (#3125)
* Respect timeout param on Windows (#3112)
* update to 6.1.1:
* Upgrade Notes (6.1.x)
* Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used.
* Bugfixes
* Fix containers.stats() hanging with stream=True
* Correct return type in docs for containers.diff() method
* update to 6.1.0:
* Upgrade Notes
* Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used.
* Features
* Python 3.11 support
* Use poll() instead of select() on non-Windows platforms
* New API fields
* network_driver_opt on container run / create
* one-shot on container stats
* status on services list
* Bugfixes
* Support for requests 2.29.0+ and urllib3 2.x
* Do not strip characters from volume names
* Fix connection leak on container.exec_* operations
* Fix errors closing named pipes on Windows
* update to 6.0.1:
* Notice This version is not compatible with requests 2.29+ or urllib3 2.x.
Either add requests < 2.29 and urllib3 < 2 to your requirements or upgrade
to to the latest docker-py release.
* Bugfixes
* Fix for The pipe has been ended errors on Windows (#3056)
* Support floats for timestamps in Docker logs (since / until) (#3031)
* update to 6.0.0:
* Upgrade Notes
* Minimum supported Python version is 3.7+
* When installing with pip, the docker[tls] extra is deprecated and a no-op, use docker for same functionality (TLS support is always available now)
* Native Python SSH client (used by default / use_ssh_client=False) will now
* reject unknown host keys with paramiko.ssh_exception.SSHException
* Short IDs are now 12 characters instead of 10 characters (same as Docker CLI)
* Version metadata is now exposed as **version**
* Features
* Python 3.10 support
* Automatically negotiate most secure TLS version
* Add platform (e.g. linux/amd64, darwin/arm64) to container create & run
* Add support for GlobalJob and ReplicatedJobs for Swarm
* Add remove() method on Image
* Add force param to disable() on Plugin
* Bugfixes
* Fix install issues on Windows related to pywin32
* Do not accept unknown SSH host keys in native Python SSH mode
* Use 12 character short IDs for consistency with Docker CLI
* Ignore trailing whitespace in .dockerignore files
* Fix IPv6 host parsing when explicit port specified
* Fix ProxyCommand option for SSH connections
* Do not spawn extra subshell when launching external SSH client
* Improve exception semantics to preserve context
* Documentation improvements (formatting, examples, typos, missing params)
* Miscellaneous

* Upgrade dependencies in requirements.txt to latest versions
* Remove extraneous transitive dependencies
* Eliminate usages of deprecated functions/methods
* Test suite reliability improvements
* GitHub Actions workflows for linting, unit tests, integration tests, and publishing releases
* add sle15_python_module_pythons

* python-six is not required as well

* python-mock actually not required for build

* update to 5.0.3:

* Add cap_add and cap_drop parameters to service create and ContainerSpec
* Add templating parameter to config create
* Bump urllib3 to 1.26.5
* Bump requests to 2.26.0
* Remove support for Python 2.7
* Make Python 3.6 the minimum version supported

* Update to 4.4.4 From project changelog: 4.4.4 Bugfixes Remove
LD_LIBRARY_PATH and SSL_CERT_FILE environment variables when shelling out to
the ssh client 4.4.3 Features Add support for
docker.types.Placement.MaxReplicas Bugfixes Fix SSH port parsing when
shelling out to the ssh client 4.4.2 Bugfixes Fix SSH connection bug where
the hostname was incorrectly trimmed and the error was hidden Fix docs
example Miscellaneous Add Python3.8 and 3.9 in setup.py classifier list
4.4.1 Bugfixes Avoid setting unsuported parameter for subprocess.Popen on
Windows Replace use of deprecated "filter" argument on ""docker/api/image"

* update to 4.4.0:

* Add an alternative SSH connection to the paramiko one, based on shelling out
to the SSh client. Similar to the behaviour of Docker cli
* Default image tag to `latest` on `pull`
* Fix plugin model upgrade
* Fix examples URL in ulimits
* Improve exception messages for server and client errors
* Bump cryptography from 2.3 to 3.2
* Set default API version to `auto`
* Fix conversion to bytes for `float`
* Support OpenSSH `identityfile` option
* Add `DeviceRequest` type to expose host resources such as GPUs
* Add support for `DriverOpts` in EndpointConfig
* Disable compression by default when using container.get_archive method
* Update default API version to v1.39
* Update test engine version to 19.03.12

* update to 4.2.2:

* Fix context load for non-docker endpoints

* update to 4.2.1:

* Add option on when to use `tls` on Context constructor
* Make context orchestrator field optional

* Bump required version of pycreds to 0.4.0 (sync with requirements.txt)

* update to 3.7.0 (mandatory for latest docker-compose)
* add python-dockerpycreds dependency in the spec file rebase
hide_py_pckgmgmt.patch Changes in python-fakeredis:

* update to 2.21.0:

* Implement all TOP-K commands (`TOPK.INFO`, `TOPK.LIST`, `TOPK.RESERVE`,
* `TOPK.ADD`, `TOPK.COUNT`, `TOPK.QUERY`, `TOPK.INCRBY`) #278
* Implement all cuckoo filter commands #276
* Implement all Count-Min Sketch commands #277
* Fix XREAD blocking bug #274 #275
* EXAT option does not work #279

* update to 2.20.1:

* Fix `XREAD` bug #256
* Testing for python 3.12

* update to 2.20.0:

* Implement `BITFIELD` command #247
* Implement `COMMAND`, `COMMAND INFO`, `COMMAND COUNT` #248

* Remove unnecessary BR on python-lupa

* update to 2.19.0:

* Implement Bloom filters commands #239
* Fix error on blocking XREADGROUP #237

* update to 2.18.1:

* Fix stream type issue #233

* update to 2.18.0:

* Implement `PUBSUB NUMPAT` #195, `SSUBSCRIBE` #199, `SPUBLISH` #198,
`SUNSUBSCRIBE` #200, `PUBSUB SHARDCHANNELS` #196, `PUBSUB SHARDNUMSUB` #197
* Fix All aio.FakeRedis instances share the same server #218

* update to 2.17.0:

* Implement `LPOS` #207, `LMPOP` #184, and `BLMPOP` #183
* Implement `ZMPOP` #191, `BZMPOP` #186
* Fix incorrect error msg for group not found #210
* fix: use same server_key within pipeline when issued watch issue with ZRANGE
and ZRANGESTORE with BYLEX #214
* Implemented support for `JSON.MSET` #174, `JSON.MERGE` #181
* Add support for version for async FakeRedis #205
* Updated how to test django_rq #204

* update to 2.15.0:

* Implemented support for various stream groups commands:
* `XGROUP CREATE` #161, `XGROUP DESTROY` #164, `XGROUP SETID` #165, `XGROUP
DELCONSUMER` #162,
* `XGROUP CREATECONSUMER` #163, `XINFO GROUPS` #168, `XINFO CONSUMERS` #168,
`XINFO STREAM` #169, `XREADGROUP` #171,
* `XACK` #157, `XPENDING` #170, `XCLAIM` #159, `XAUTOCLAIM`
* Implemented sorted set commands:
* `ZRANDMEMBER` #192, `ZDIFF` #187, `ZINTER` #189, `ZUNION` #194, `ZDIFFSTORE`
#188,
* `ZINTERCARD` #190, `ZRANGESTORE` #193
* Implemented list commands:
* `BLMOVE` #182,
* Improved documentation.
* Fix documentation link
* Fix requirement for packaging.Version #177
* Implement `HRANDFIELD` #156
* Implement `JSON.MSET`
* Improve streams code

* update to 2.13.0:

* Fixed xadd timestamp (fixes #151) (#152)
* Implement XDEL #153
* Improve test code
* Fix reported security issue
* Add support for `Connection.read_response` arguments used in redis-py 4.5.5
and 5.0.0
* Adding state for scan commands (#99)
* Improved documentation (added async sample, etc.)

* update to 2.12.0:

* Implement `XREAD` #147
* Unique FakeServer when no connection params are provided
* Minor fixes supporting multiple connections
* Update documentation
* connection parameters awareness:
* Creating multiple clients with the same connection parameters will result in
the same server data structure.
* Fix creating fakeredis.aioredis using url with user/password

* add sle15_python_module_pythons

* Update to 2.10.3:

* Support for redis-py 5.0.0b1
* Include tests in sdist (#133)
* Fix import used in GenericCommandsMixin.randomkey (#135)
* Fix async_timeout usage on py3.11 (#132)
* Enable testing django-cache using FakeConnection.
* All geo commands implemented
* Fix bug for xrange
* Fix bug for xrevrange
* Implement XTRIM
* Add support for MAXLEN, MAXID, LIMIT arguments for XADD command
* Add support for ZRANGE arguments for ZRANGE command #127
* Relax python version requirement #128
* Support for redis-py 4.5.0 #125

* update to 2.7.1:

* Fix import error for NoneType (#120)
* Implement
* JSON.ARRINDEX
* JSON.OBJLEN
* JSON.OBJKEYS
* JSON.ARRPOP
* JSON.ARRTRIM
* JSON.NUMINCRBY
* JSON.NUMMULTBY
* XADD
* XLEN
* XRANGE
* XREVRANGE
* Implement `JSON.TYPE`, `JSON.ARRLEN` and `JSON.ARRAPPEND`
* Fix encoding of None (#118)

* update to v2.5.0:

* Implement support for BITPOS (bitmap command) (#112)
* Fix json mget when dict is returned (#114)
* fix: properly export (#116)
* Extract param handling (#113)

* update to v2.4.0:

* Implement LCS (#111), BITOP (#110)
* Fix bug checking type in scan_iter (#109)
* Implement GETEX (#102)
* Implement support for JSON.STRAPPEND (json command) (#98)
* Implement JSON.STRLEN, JSON.TOGGLE and fix bugs with JSON.DEL (#96)
* Implement PUBSUB CHANNELS, PUBSUB NUMSUB
* Implement JSON.CLEAR (#87)
* Support for redis-py v4.4.0
* Implement json.mget (#85)
* Initial json module support - JSON.GET, JSON.SET and JSON.DEL (#80)
* fix: add nowait for asyncio disconnect (#76)
* Refactor how commands are registered (#79)
* Refactor tests from redispy4_plus (#77)
* Remove support for aioredis separate from redis-py (redis-py versions 4.1.2
and below). (#65)
* Add support for redis-py v4.4rc4 (#73)
* Add mypy support (#74)
* Implement support for zmscore by @the-wondersmith in #67
* What's Changed
* implement GETDEL and SINTERCARD support by @cunla in #57
* Test get float-type behavior by @cunla in #59
* Implement BZPOPMIN/BZPOPMAX support by @cunla in #60
* drop fakeredis-pr54-fix-ensure_str.patch (upstream)

* Update to 1.9.3

* Removed python-six dependency
* zadd support for GT/LT by @cunla in #49
* Remove six dependency by @cunla in #51
* Add host to conn_pool_args by @cunla in #51
* Drop python-fakeredis-no-six.patch which was incomplete
* all commits, including the missing ones in release now
* Add fakeredis-pr54-fix-ensure_str.patch

* use upstream https://github.com/cunla/fakeredis-py/pull/51/

* modified patches % python-fakeredis-no-six.patch (refreshed)

* version update to 1.9.1

* Zrange byscore by @cunla in #44
* Expire options by @cunla in #46
* Enable redis7 support by @cunla in #42
* added patches fix https://github.com/cunla/fakeredis-py/issues/50
* python-fakeredis-no-six.patch

* Update to 1.8.1

* fix: allow redis 4.3.* by @terencehonles in #30
* Release 1.8
* Fix handling url with username and password by @cunla in #27
* Refactor tests by @cunla in #28
* Release 1.7.6
* add IMOVE operation by @BGroever in #11
* Add SMISMEMBER command by @OlegZv in #20
* fix: work with redis.asyncio by @zhongkechen in #10
* Migrate to poetry by @cunla in #12
* Create annotation for redis4+ tests by @cunla in #14
* Make aioredis and lupa optional dependencies by @cunla in #16
* Remove aioredis requirement if redis-py 4.2+ by @ikornaselur in #19

* update to 1.7.0

* Change a number of corner-case behaviours to match Redis 6.2.6.
* Fix DeprecationWarning for sampling from a set
* Improved support for constructor arguments
* Support redis-py 4
* Add support for GET option to SET
* PERSIST and EXPIRE should invalidate watches

* Update to 1.6.1

* # 305 Some packaging modernisation

* # 306 Fix FakeRedisMixin.from_url for unix sockets

* # 308 Remove use of async_generator from tests

* Release 1.6.0
* # 304 Support aioredis 2

* # 302 Switch CI from Travis CI to Github Actions

* update to 1.5.2

* support python 3.9
* support aioredis

* Disable py2 as upstream actually disabled python2 support competely

* The syntax simply is not compatible

* Update to 1.3.0:

* No upstream changelog
* python2 tests are dysfunctional, test with python3 only

* Update to 1.0.5:

* No upstream changelog

* Update to 1.0.4:

* various bugfixes all around

* Update to v1.0.3

* Support for redis 3.2 (no effective changes in v1.0.2)

* Initial spec for v1.0.1 Changes in python-fixedint:

* Switch build system from setuptools to pyproject.toml

* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Fix capitalization in Summary
* Limit Python files matched in %files section

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}
* Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}

* Initial build

* Version 0.2.0 Changes in python-httplib2:
* require setuptools

* Clean up SPEC file.

* Add %{?sle15_python_module_pythons}

* update to 0.22.0:

* https: disable_ssl_certificate_validation caused ValueError: Cannot set
verify_mode to CERT_NONE when check_hostname is enabled

* Update to 0.21.0:

* http: `Content-Encoding: deflate` must accept zlib encapsulation
* https://github.com/httplib2/httplib2/pull/230
* Begin support and CI against CPython 3.10 and 3.11.

* update to 0.20.4: proxy: support proxy urls with ipv6 address Tests
compatible with Python3.10 and recent pytest.

* add pyparsing dependency

* update to 0.20.2: auth: support pyparsing v3 proxy: correct extraction of
errno from pysocks ProxyConnectionError IMPORTANT cacerts: remove expired
DST Root CA X3, add ISRG Root X1, X2

* update to 0.19.1:

* auth header parsing performance optimizations; Thanks to Paul McGuire
* Use mock from the standard library on Python>=3.3

set first, othewise a "ValueError: Cannot set verify_mode to CERT_NONE when
check_hostname instead (bnc#761162) item not in cache \- initial version of
python-httplib2 (0.2.0) Changes in python-httpretty: \- Add patch 0001-Fix-
test_417_openssl.py-if-pyOpenSSL-not-available.patch: * Fix tests without
pyOpenSSL support in urllib3

* Allow building with python-urllib3 >= 2.x

* Do not use python-boto3 when building in SLE where it's currently not
available for python311

* Add %{?sle15_python_module_pythons}

* skip failing testsuite tests after requests update

* Add patch relax-test-callback-response.patch:

* Relax timeout for test_callback_response (bsc#1209571)

* Add patch 460-miliseconds_tests.patch (gh#gabrielfalcao/HTTPretty#460):

* Correct tests for s390x and aarch64 because of timeout failures after 2
miliseconds

* Fix test suite:

* Remove nose idioms
* Remove outdated test skips

* Add patch double-slash-paths.patch:

* http.request may replace // with /, handle that in the testcase.

* Add 453-fix-tests-pytest.patch (gh#gabrielfalcao/HTTPretty#449) to make
tests compatible with pytest.

* Add patch remove-mock.patch:

* Use unittest.mock in the functional tests.

* specfile:

* update copyright year
* update to version 1.1.4:
* Bugfix: #435 Fallback to WARNING when logging.getLogger().level is None.
* changes from version 1.1.3:
* Bugfix: #430 Respect socket timeout.
* changes from version 1.1.2:
* Bugfix: #426 Segmentation fault when running against a large amount of tests
with pytest --mypy.
* changes from version 1.1.1:
* Bugfix: httpretty.disable() injects pyopenssl into :py:mod:`urllib3` even if
it originally wasn't #417
* Bugfix: "Incompatibility with boto3 S3 put_object" #416
* Bugfix: "Regular expression for URL -> TypeError: wrap_socket() missing 1
required" #413
* Bugfix: "Making requests to non-stadard port throws TimeoutError "#387
* changes from version 1.1.0:
* Feature: Display mismatched URL within UnmockedError whenever possible. #388
* Feature: Display mismatched URL via logging. #419
* Add new properties to :py:class:`httpretty.core.HTTPrettyRequest` (protocol,
host, url, path, method).

* Updater to 1.0.5

* Bugfix: Support socket.socketpair() . #402
* Bugfix: Prevent exceptions from re-applying monkey patches. #406
* Release 1.0.4
* Python 3.8 and 3.9 support. #407

* Update to 1.0.3

* Fix compatibility with urllib3>=1.26. #410

* Replace nose with nose2

* avoid reading DNS resolver settings gh#gabrielfalcao/HTTPretty#405

* remove unnecessary test packages

* Update to 1.0.2

* Drop Python 2 support.
* Fix usage with redis and improve overall real-socket passthrough.
* Fix TypeError: wrap_socket() missing 1 required positional argument: 'sock'.
* Fix simple typo: neighter -> neither.
* Updated documentation for register_uri concerning using ports.
* Clarify relation between `enabled` and `httprettized` in API docs.
* Align signature with builtin socket.

* Version update to 0.9.6:

* Many fixes all around
* Support for python 3.7
* Make sure we really run the tests

* Remove superfluous devel dependency for noarch package

Changes in python-javaproperties: \- Switch package to modern Python Stack on
SLE-15 \+ Add %{?sle15_python_module_pythons}

* version update to 0.8.1 v0.8.1 (2021-10-05)

* * *

* Fix a typing issue in Python 3.9
* Support Python 3.10

v0.8.0 (2020-11-28)

* * *

* Drop support for Python 2.7, 3.4, and 3.5
* Support Python 3.9
* `ensure_ascii` parameter added to `PropertiesFile.dump()` and
`PropertiesFile.dumps()`
* **Bugfix** : When parsing XML input, empty `<entry>` tags now produce
an empty string as a value, not `None`
* Added type annotations
* `Properties` and `PropertiesFile` no longer raise `TypeError` when given a
non-string key or value, as type correctness is now expected to be enforced
through static type checking
* The `PropertiesElement` classes returned by `parse()` are no longer
subclasses of `namedtuple`, but they can still be iterated over to retrieve
their fields like a tuple
* python-six is not required Changes in python-jsondiff:
* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Limit Python files matched in %files section

* Add %{?sle15_python_module_pythons}

* Update to version 2.0.0

* Removed deprecated function
* Remove deprecated jsondiff entry point
* from version 1.3.1
* Optionally allow different escape_str than '$'
* Clarified the readme, closes #23
* Fixed readme
* Remove jsondiff command from %install, %post, %postun and %files sections
Changes in python-knack:
* Switch package to modern Python Stack on SLE-15
* Add %{?sle15_python_module_pythons}
* Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}
* Drop %define skip_python2 1

* Update to version 0.11.0

* Declare support for Python 3.11 and drop support for Python 3.7 (#275)
* Stop converting argument's `bool` default value to `DefaultInt` (#273)

* Update to version 0.10.1

* Support bytearray serialization (#268)

* Update to version 0.10.0

* Enable Virtual Terminal mode on legacy Windows terminal to support ANSI
escape sequences (#265)
* Drop Python 3.6 support (#259)

* python-mock is not required for build Changes in python-marshmallow:

* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Limit Python files matched in %files section

* update to 3.20.2:

* Bug fixes: - Fix Nested field type hint for lambda Schema types
(:pr:`2164`).
* Other changes: - Officially support Python 3.12 (:pr:`2188`).

* update to 3.20.1:

* Fix call to `get_declared_fields`: pass `dict_cls` again
* Add `absolute` parameter to `URL` validator and `Url`
* Use Abstract Base Classes to define `FieldABC` and `SchemaABC`
* Use `OrderedSet` as default `set_class`. Schemas are now ordered by default.
* Handle `OSError` and `OverflowError` in `utils.from_timestamp` (:pr:`2102`).
* Fix the default inheritance of nested partial schemas
* Officially support Python 3.11 (:pr:`2067`).
* Drop support for Python 3.7 (:pr:`2135`).

* Switch documentation to be within the main package on SLE15

* rename docs subpackage to the more common doc name
* Update to 3.19.0
* Add timestamp and timestamp_ms formats to fields.DateTime (#612). Thanks
@vgavro for the suggestion and thanks @vanHoi for the PR.

Changes in python-opencensus: \- Add Obsoletes for old python3 package on SLE-15
\- Switch build system from setuptools to pyproject.toml \+ Add python-pip and
python-wheel to BuildRequires \+ Replace %python_build with %pyproject_wheel \+
Replace %python_install with %pyproject_install \- Update to 0.11.4 * Changed
bit-mapping for `httpx` and `fastapi` integrations \- Refresh patches for new
version * opencensus-pr1002-remove-mock.patch \- Switch package to modern Python
Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop
%{?!python_module:%define python_module() python-%{ **} python3-%{** }}

* update to 0.11.3
* Updated azure modules
* sorry, six is still needed :(

* update to 0.11.2:

* Updated `azure`, `fastapi`,`flask` modules
* Updated `azure`, `httpx` modules

* Update to 0.11.0

* Updated `azure`, `context`, `flask`, `requests` modules
* from version 0.10.0
* Add kwargs to derived gauge (#1135)
* from version 0.9.0
* Make sure handler.flush() doesn't deadlock (#1112)
* Refresh patches for new version
* opencensus-pr1002-remove-mock.patch
* Update Requires from setup.py

Changes in python-opencensus-context: \- Clean up the SPEC file \- Switch
package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons}
\+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}
\- Update to 0.1.3 * Move `version.py` file into `runtime_context` folder
(#1143) Changes in python-opencensus-ext-threading: \- Switch package to modern
Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop
%{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop
build support for Python 2.x Changes in python-opentelemetry-api: \- update to
1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix
flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix
OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set
observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP
exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter
string representation for target_info labels (#3659) * Logs: ObservedTimestamp
field is missing in console exporter output (#3564) * Fix explicit bucket
histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath
to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support
for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade
markupsafe, Flask and related dependencies to dev and test environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve
Resource Detector timeout messaging (#3645) * Add Proxy classes for logging
(#3575) * Remove dependency on 'backoff' library (#3679)

* update to 1.22.0:
* Prometheus exporter sanitize info metric (#3572)
* Remove Jaeger exporters (#3554)
* Log stacktrace on `UNKNOWN` status OTLP export error (#3536)
* Fix OTLPExporterMixin shutdown timeout period (#3524)
* Handle `taskName` `logrecord` attribute (#3557)

* update to 1.21.0:

* Fix `SumAggregation`(#3390)
* Fix handling of empty metric collection cycles (#3335)
* Fix error when no LoggerProvider configured for LoggingHandler (#3423)
* Make `opentelemetry_metrics_exporter` entrypoint support pull exporters
(#3428)
* Allow instrument names to have '/' and up to 255 characters (#3442)
* Do not load Resource on sdk import (#3447)
* Update semantic conventions to version 1.21.0 (#3251)
* Add missing schema_url in global api for logging and metrics (#3251)
* Prometheus exporter support for auto instrumentation (#3413)
* Modify Prometheus exporter to translate non-monotonic Sums into Gauges
(#3306)
* Update the body type in the log ($3343)
* Add max_scale option to Exponential Bucket Histogram Aggregation (#3323)
* Use BoundedAttributes instead of raw dict to extract attributes from
LogRecord (#3310)
* Support dropped_attributes_count in LogRecord and exporters (#3351)
* Add unit to view instrument selection criteria (#3341)
* Upgrade opentelemetry-proto to 0.20 and regen #3355)
* Include endpoint in Grpc transient error warning #3362)
* Fixed bug where logging export is tracked as trace #3375)
* Select histogram aggregation with an environment variable
* Move Protobuf encoding to its own package (#3169)
* Add experimental feature to detect resource detectors in auto
instrumentation (#3181)
* Fix exporting of ExponentialBucketHistogramAggregation from
opentelemetry.sdk.metrics.view (#3240)
* Fix headers types mismatch for OTLP Exporters (#3226)
* Fix suppress instrumentation for log batch processor (#3223)
* Add speced out environment variables and arguments for
BatchLogRecordProcessor (#3237)

* Fix `ParentBased` sampler for implicit parent spans. Fix also `trace_state` erasure for dropped spans or spans sampled by the `TraceIdRatioBased` sampler. Changes in python-opentelemetry-sdk:
* Add missing python-wheel build dependency to BuildRequires

* update to 1.23.0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* update to 1.23.0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}

* Initial package (1.22.0) Changes in python-opentelemetry-semantic-
conventions:

* update to 0.44b0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* update to 0.43b0:

* Prometheus exporter sanitize info metric
* Remove Jaeger exporters
* Log stacktrace on `UNKNOWN` status OTLP export error
* Fix OTLPExporterMixin shutdown timeout period
* Handle `taskName` `logrecord` attribute
* Fix `SumAggregation`
* Fix handling of empty metric collection cycles
* Fix error when no LoggerProvider configured for LoggingHandler
* Make `opentelemetry_metrics_exporter` entrypoint support pull exporters
* Allow instrument names to have '/' and up to 255 characters
* Do not load Resource on sdk import
* Update semantic conventions to version 1.21.0
* Add missing schema_url in global api for logging and metrics
* Prometheus exporter support for auto instrumentation
* Drop `setuptools` runtime requirement.
* Update the body type in the log ($3343)
* Add max_scale option to Exponential Bucket Histogram Aggregation
* Use BoundedAttributes instead of raw dict to extract attributes from
LogRecord
* Support dropped_attributes_count in LogRecord and exporters
* Add unit to view instrument selection criteria
* Upgrade opentelemetry-proto to 0.20 and regen #3355)
* Include endpoint in Grpc transient error warning #3362)
* Fixed bug where logging export is tracked as trace #3375)
* Select histogram aggregation with an environment variable
* Move Protobuf encoding to its own package
* Add experimental feature to detect resource detectors in auto
instrumentation
* Fix exporting of ExponentialBucketHistogramAggregation from
opentelemetry.sdk.metrics.view
* Fix headers types mismatch for OTLP Exporters
* Fix suppress instrumentation for log batch processor
* Add speced out environment variables and arguments for
BatchLogRecordProcessor

* Initial build

* Version 0.25b2 Changes in python-opentelemetry-test-utils:

* update to 0.44b0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* Initial package (0.43b0) Changes in python-pycomposefile:

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}

* Initial build

* Version 0.0.30 Changes in python-pydash:

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}
* Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}

* Update to version 6.0.2

* Only prevent access to object paths containing `__globals__` or
`__builtins__` instead of all dunder-methods for non-dict/list objects.
* from version 6.0.1
* Fix exception raised due to mishandling of non-string keys in functions like
`get()` for non-dict/list objects that used integer index references like
`"[0]"`.
* from version 6.0.0
* Prevent access to object paths containing dunder-methods in functions like
`get()` for non-dict/list objects. Attempting to access dunder-methods using
get-path keys will raise a `KeyError` (e.g. `get(SomeClass(),
'__init__'` will raise). Access to dict keys are unaffected (e.g.
`get({"__init__": True}, "__init__")` will return
`True`). ( **breaking change** )
* Add support for Python 3.11.
* Drop support for Python 3.6 ( **breaking change** )
* from version 5.1.2
* Remove unnecessary type check and conversion for `exceptions` argument in
`pydash.retry`.
* from version 5.1.1
* Add support for Python 3.10.
* Fix timing assertion issue in test for `pydash.delay` where it could fail on
certain environments.
* Switch build system from setuptools to pyproject.toml
* Update BuildRequires from pyproject.toml

* version update to 5.1.0 v5.1.0 (2021-10-02)

* * *

* Support matches-style callbacks on non-dictionary objects that are
compatible with `pydash.get` in functions like `pydash.find`. v5.0.2
(2021-07-15)

* * *

* Fix compatibility issue between `pydash.py_` / `pydash._` and
`typing.Protocol` \+ `typing.runtime_checkable` that caused an exception to
be raised for `isinstance(py_, SomeRuntimeCheckableProtocol)`. v5.0.1
(2021-06-27)

* * *

* Fix bug in `merge_with` that prevented custom iteratee from being used when
recursively merging. Thanks weineel_! v5.0.0 (2021-03-29)

* * *

* Drop support for Python 2.7. ( **breaking change** )
* Improve Unicode word splitting in string functions to be inline with Lodash.
Thanks mervynlee94_! ( **breaking change** )
* `camel_case`
* `human_case`
* `kebab_case`
* `lower_case`
* `pascal_case`
* `separator_case`
* `slugify`
* `snake_case`
* `start_case`
* `upper_case`
* Optimize regular expression constants used in `pydash.strings` by pre-
compiling them to regular expression pattern objects. v4.9.3 (2021-03-03)

* * *

* Fix regression introduced in `v4.8.0` that caused `merge` and `merge_with`
to raise an exception when passing `None` as the first argument. v4.9.2
(2020-12-24)

* * *

* Fix regression introduced in `v4.9.1` that broke `pydash.get` for
dictionaries and dot-delimited keys that reference integer dict-keys. v4.9.1
(2020-12-14)

* * *

* Fix bug in `get/has` that caused `defaultdict` objects to get populated on
key access. v4.9.0 (2020-10-27)

* * *

* Add `default_to_any`. Thanks gonzalonaveira_!
* Fix mishandling of key names containing `\.` in `set_`, `set_with`, and
`update_with` where the `.` was not treated as a literal value within the
key name. Thanks zhaowb_!
* python-mock is not required for build

* Activate test suite

* Update to v4.8.0

* Initial spec for v4.7.6 Changes in python-redis:

* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install

* add https://github.com/redis/redis-py/pull/3005 as Close-various-objects-
created-during-asyncio-tests.patch to fix tests for python 3.12

* Add patch to increase timeouts in s390x where tests take longer to run:

* increase-test-timeout.patch

* Disable broken tests for ppc64le, bsc#1216606

* Add pytest.ini source needed to run tests

* Remove/disable broken tests because of suse environment

* drop tox.ini. seems it does no longer exist in 5.0.1

* add support to easily disable the testsuite at build time

* update to 5.0.1

* New Features
* Provide aclose() / close() for classes requiring lifetime management (#2898)
* Add support for ModuleCommands in cluster (#2951)
* Add support for multiple values in RPUSHX (#2949)
* Add Redis.from_pool() class method, for explicitly owning and closing a ConnectionPool (#2913)
* Bug Fixes
* Fixing monitor parsing for messages containing specific substrings (#2950)
* Cluster determine slot command name need to be upper (#2919)
* Support timeout = 0 in search query (#2934)
* Fix async sentinel: add push_request keyword argument to read_response (#2922)
* Fix protocol checking for search commands (#2923)
* Fix: SentinelManagedConnection.read_response() got an unexpected keyword argument 'push_request' (#2894)
* Fix: automatically close connection pool for async Sentinel (#2900)
* Save a reference to created async tasks, to avoid tasks potentially disappearing (#2816)
* Avoid reference cycling by the garbage collector during response reading (#2932)
* Maintenance
* Type hint improvements (#2952)
* Replace clear_connect_callbacks with _deregister_connect_callback (#2955)
* Async fixes, remove del and other things (#2870)
* Add pagination, sorting and grouping examples to search json example (#2890)
* Remove process-id checks from asyncio. Asyncio and fork() does not mix. (#2911)
* Fix resource usage and cleanup Mocks in the unit tests (#2936)
* Remove mentions of tox (#2929)
* Add 7.2 to supported Redis versions (#2896)
* Fix resource warnings in unit tests (#2899)
* Fix typo in redis-stream-example.ipynb (#2918)
* Deprecate RedisGraph (#2927)
* Fix redis 7.2.0 tests (#2902)
* Fix test_scorer (search) (#2920)
* changes from 5.0.0
* What's new?
* Triggers and Functions support Triggers and Functions allow you to execute server-side functions triggered when key values are modified or created in Redis, a stream entry arrival, or explicitly calling them. Simply put, you can replace Lua scripts with easy-to-develop JavaScript or TypeScript code. Move your business logic closer to the data to ensure a lower latency, and forget about updating dependent key values manually in your code. Try it for yourself with Quick start
* Full Redis 7.2 and RESP3 support
* Python 3.7 End-of-Life
* Python 3.7 has reached its end-of-life (EOL) as of June
1. This means that starting from this date, Python 3.7 will no longer receive any updates, including security patches, bug fixes, or improvements. If you continue to use Python 3.7 post-EOL, you may expose your projects and systems to potential security vulnerabilities. We ended its support in this version and strongly recommend migrating to Python 3.10.
* Bug Fixes
* Fix timeout retrying on pipeline execution (#2812)
* Fix socket garbage collection (#2859)
* Maintenance
* Updating client license to clear, MIT (#2884)
* Add py.typed in accordance with PEP-561 (#2738)
* Dependabot label change (#2880)
* Fix type hints in SearchCommands (#2817)
* Add sync modules (except search) tests to cluster CI (#2850)
* Fix a duplicate word in CONTRIBUTING.md (#2848)
* Fixing doc builds (#2869)
* Change cluster docker to edge and enable debug command (#2853)
* changes from 4.6.0
* Experimental Features
* Support JSON.MERGE command (#2761)
* Support JSON.MSET command (#2766)
* New Features
* Extract abstract async connection class (#2734)
* Add support for WAITAOF (#2760)
* Introduce OutOfMemoryError exception for Redis write command rejections due to OOM errors (#2778)
* Add WITHSCORE argument to ZRANK (#2758)
* Bug Fixes
* Fix dead weakref in sentinel connection causing ReferenceError (#2767) (#2771)
* Fix Key Error in parse_xinfo_stream (#2788)
* Remove unnecessary **del** handlers (#2755)
* Added support for missing argument to SentinelManagedConnection.read_response() (#2756)
* Maintenance

* Fix type hint for retry_on_error in async cluster (#2804)
* Clean up documents and fix some redirects (#2801)
* Add unit tests for the connect method of all Redis connection classes (#2631)
* Docstring formatting fix (#2796)
* update to 4.5.5:

* Add support for CLIENT NO-TOUCH
* Add support for CLUSTER MYSHARDID
* Add "address_remap" feature to RedisCluster
* Add WITHSCORES argument to ZREVRANK command
* Improve error output for master discovery
* Fix XADD: allow non negative maxlen
* Fix create single connection client from url
* Optionally disable disconnects in read_response
* Fix SLOWLOG GET return value
* Fix potential race condition during disconnection
* Return response in case of KeyError
* Fix incorrect usage of once flag in async Sentinel
* Fix memory leak caused by hiredis in asyncio case
* Really do not use asyncio's timeout lib before 3.11.2

* add sle15_python_module_pythons

* Update to 4.5.4:

* Security
* Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28858, bsc#1209811)
* Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28859, bsc#1209812)
* New Features
* Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588)
* Added queue_class to REDIS_ALLOWED_KEYS (#2577)
* Made search document subscriptable (#2615)
* Sped up the protocol parsing (#2596)
* Use hiredis::pack_command to serialized the commands. (#2570)
* Add support for unlink in cluster pipeline (#2562)
* Bug Fixes
* Fixing cancelled async futures (#2666)
* Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
* Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630)
* CWE-404 AsyncIO Race Condition Fix (#2624, #2579)
* Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582)
* Replace async_timeout by asyncio.timeout (#2602)
* Update json().arrindex() default values (#2611)
* Fix #2581 UnixDomainSocketConnection object has no attribute _command_packer (#2583)
* Fix issue with pack_commands returning an empty byte sequence (#2416)
* Async HiredisParser should finish parsing after a Connection.disconnect() (#2557)
* Check for none, prior to raising exception (#2569)
* Tuple function cannot be passed more than one argument (#2573)
* Synchronise concurrent command calls to single-client to single-client mode (#2568)
* Async: added 'blocking' argument to call lock method (#2454)
* Added a replacement for the default cluster node in the event of failure. (#2463)
* Fixed geosearch: Wrong number of arguments for geosearch command (#2464)
* Clean up BuildRequires and Requires.

* Disable broken test test_xautoclaim gh#redis/redis-py#2554

* udpate to 4.3.5:
* Add support for TIMESERIES 1.8 (#2296)
* Graph - add counters for removed labels and properties (#2292)
* Add support for TDIGEST.QUANTILE extensions (#2317)
* Add TDIGEST.TRIMMED_MEAN (#2300)
* Add support for async GRAPH module (#2273)
* Support TDIGEST.MERGESTORE and make compression optional on TDIGEST.CREATE
(#2319)
* Adding reserve as an alias for create, so that we have BF.RESERVE and
CF.RESERVE accuratenly supported (#2331)
* Fix async connection.is_connected to return a boolean value (#2278)
* Fix: workaround asyncio bug on connection reset by peer (#2259)
* Fix crash: key expire while search (#2270)
* Async cluster: fix concurrent pipeline (#2280)
* Fix async SEARCH pipeline (#2316)
* Fix KeyError in async cluster - initialize before execute multi key commands
(#2439)
* Supply chain risk reduction: remove dependency on library named deprecated
(#2386)
* Search test - Ignore order of the items in the response (#2322)
* Fix GRAPH.LIST & TDIGEST.QUANTILE tests (#2335)
* Fix TimeSeries range aggregation (twa) tests (#2358)
* Mark TOPK.COUNT as deprecated (#2363)

* update to 4.3.4:

* Fix backward compatibility from 4.3.2 in Lock.acquire()
* Fix XAUTOCLAIM to return the full response, instead of only keys 2+
* Added dynamic_startup_nodes configuration to RedisCluster.
* Fix retries in async mode
* Async cluster: fix simultaneous initialize
* Uppercased commands in CommandsParser.get_keys
* Late eval of the skip condition in async tests
* Reuse the old nodes' connections when a cluster topology refresh is being
done
* Docs: add pipeline examples
* Correct retention_msecs value
* Cluster: use pipeline to execute split commands
* Docs: Add a note about client_setname and client_name difference

* Delete unused redismod.conf, remove duplicate Source entry for tox.ini

* Add redismod.conf and tox.ini as Sources to SPEC file.

* Update to version 4.3.3

* Fix Lock crash, and versioning 4.3.3 (#2210)
* Async cluster: improve docs (#2208)
* Release 4.3.2
* SHUTDOWN - add support for the new NOW, FORCE and ABORT modifiers (#2150)
* Adding pipeline support for async cluster (#2199)
* Support CF.MEXISTS + Clean bf/commands.py (#2184)
* Extending query_params for FT.PROFILE (#2198)
* Implementing ClusterPipeline Lock (#2190)
* Set default response_callbacks to redis.asyncio.cluster.ClusterNode (#2201)
* Add default None for maxlen at xtrim command (#2188)
* Async cluster: add/update typing (#2195)
* Changed list type to single element type (#2203)
* Made sync lock consistent and added types to it (#2137)
* Async cluster: optimisations (#2205)
* Fix typos in README (#2206)
* Fix modules links to https://redis.io/commands/ (#2185)

* Update to version 4.3.1

* Allow negative `retries` for `Retry` class to retry forever
* Add `items` parameter to `hset` signature
* Create codeql-analysis.yml (#1988). Thanks @chayim
* Add limited support for Lua scripting with RedisCluster
* Implement `.lock()` method on RedisCluster
* Fix cursor returned by SCAN for RedisCluster & change default target to PRIMARIES
* Fix scan_iter for RedisCluster
* Remove verbose logging when initializing ClusterPubSub, ClusterPipeline or RedisCluster
* Fix broken connection writer lock-up for asyncio (#2065)
* Fix auth bug when provided with no username (#2086)
* Release 4.1.3
* Fix flushdb and flushall (#1926)
* Add redis5 and redis4 dockers (#1871)
* Change json.clear test multi to be up to date with redisjson (#1922)
* Fixing volume for unstable_cluster docker (#1914)
* Update changes file with changes since 4.0.0-beta2 (#1915)
* Release 4.1.2
* Invalid OCSP certificates should raise ConnectionError on failed validation (#1907)
* Added retry mechanism on socket timeouts when connecting to the server (#1895)
* LMOVE, BLMOVE return incorrect responses (#1906)
* Fixing AttributeError in UnixDomainSocketConnection (#1903)
* Fixing TypeError in GraphCommands.explain (#1901)
* For tests, increasing wait time for the cluster (#1908)
* Increased pubsub's wait_for_messages timeout to prevent flaky tests (#1893)
* README code snippets formatted to highlight properly (#1888)
* Fix link in the main page (#1897)
* Documentation fixes: JSON Example, SSL Connection Examples, RTD version (#1887)
* Direct link to readthedocs (#1885)
* Release 4.1.1
* Add retries to connections in Sentinel Pools (#1879)
* OCSP Stapling Support (#1873)
* Define incr/decr as aliases of incrby/decrby (#1874)
* FT.CREATE - support MAXTEXTFIELDS, TEMPORARY, NOHL, NOFREQS, SKIPINITIALSCAN (#1847)
* Timeseries docs fix (#1877)
* get_connection: catch OSError too (#1832)
* Set keys var otherwise variable not created (#1853)
* Clusters should optionally require full slot coverage (#1845)
* Triple quote docstrings in client.py PEP 257 (#1876)
* syncing requirements (#1870)
* Typo and typing in GraphCommands documentation (#1855)
* Allowing poetry and redis-py to install together (#1854)
* setup.py: Add project_urls for PyPI (#1867)
* Support test with redis unstable docker (#1850)
* Connection examples (#1835)
* Documentation cleanup (#1841)
* Release 4.1.0
* OCSP stapling support (#1820)
* Support for SELECT (#1825)
* Support for specifying error types with retry (#1817)
* Support for RESET command since Redis 6.2.0 (#1824)
* Support CLIENT TRACKING (#1612)
* Support WRITE in CLIENT PAUSE (#1549)
* JSON set_file and set_path support (#1818)
* Allow ssl_ca_path with rediss:// urls (#1814)
* Support for password-encrypted SSL private keys (#1782)
* Support SYNC and PSYNC (#1741)
* Retry on error exception and timeout fixes (#1821)
* Fixing read race condition during pubsub (#1737)
* Fixing exception in listen (#1823)
* Fixed MovedError, and stopped iterating through startup nodes when slots are fully covered (#1819)
* Socket not closing after server disconnect (#1797)
* Single sourcing the package version (#1791)
* Ensure redis_connect_func is set on uds connection (#1794)
* SRTALGO - Skip for redis versions greater than 7.0.0 (#1831)
* Documentation updates (#1822)
* Add CI action to install package from repository commit hash (#1781) (#1790)
* Fix link in lmove docstring (#1793)
* Disabling JSON.DEBUG tests (#1787)
* Migrated targeted nodes to kwargs in Cluster Mode (#1762)
* Added support for MONITOR in clusters (#1756)
* Adding ROLE Command (#1610)
* Integrate RedisBloom support (#1683)
* Adding RedisGraph support (#1556)
* Allow overriding connection class via keyword arguments (#1752)
* Aggregation LOAD * support for RediSearch (#1735)
* Adding cluster, bloom, and graph docs (#1779)
* Add packaging to setup_requires, and use >= to play nice to setup.py (fixes #1625) (#1780)
* Fixing the license link in the readme (#1778)
* Removing distutils from tests (#1773)
* Fix cluster ACL tests (#1774)
* Improved RedisCluster's reinitialize_steps and documentation (#1765)
* Added black and isort (#1734)
* Link Documents for all module commands (#1711)
* Pyupgrade + flynt + f-strings (#1759)
* Remove unused aggregation subclasses in RediSearch (#1754)
* Adding RedisCluster client to support Redis Cluster Mode (#1660)
* Support RediSearch FT.PROFILE command (#1727)
* Adding support for non-decodable commands (#1731)
* COMMAND GETKEYS support (#1738)
* RedisJSON 2.0.4 behaviour support (#1747)
* Removing deprecating distutils (PEP 632) (#1730)
* Updating PR template (#1745)
* Removing duplication of Script class (#1751)
* Splitting documentation for read the docs (#1743)
* Improve code coverage for aggregation tests (#1713)
* Fixing COMMAND GETKEYS tests (#1750)
* GitHub release improvements (#1684)
* Release 4.0.2
* Restoring Sentinel commands to redis client (#1723)
* Better removal of hiredis warning (#1726)
* Adding links to redis documents in function calls (#1719)
* Release 4.0.1
* Removing command on initial connections (#1722)
* Removing hiredis warning when not installed (#1721)
* Release 4.0.0
* FT.EXPLAINCLI intentionally raising NotImplementedError
* Restoring ZRANGE desc for Redis < 6.2.0 (#1697)
* Response parsing occasionally fails to parse floats (#1692)
* Re-enabling read-the-docs (#1707)
* Call HSET after FT.CREATE to avoid keyspace scan (#1706)
* Unit tests fixes for compatibility (#1703)
* Improve documentation about Locks (#1701)
* Fixes to allow --redis-url to pass through all tests (#1700)
* Fix unit tests running against Redis 4.0.0 (#1699)
* Search alias test fix (#1695)
* Adding RediSearch/RedisJSON tests (#1691)
* Updating codecov rules (#1689)
* Tests to validate custom JSON decoders (#1681)
* Added breaking icon to release drafter (#1702)
* Removing dependency on six (#1676)
* Re-enable pipeline support for JSON and TimeSeries (#1674)
* Export Sentinel, and SSL like other classes (#1671)
* Restore zrange functionality for older versions of Redis (#1670)
* Fixed garbage collection deadlock (#1578)
* Tests to validate built python packages (#1678)
* Sleep for flaky search test (#1680)
* Test function renames, to match standards (#1679)
* Docstring improvements for Redis class (#1675)
* Fix georadius tests (#1672)
* Improvements to JSON coverage (#1666)
* Add python_requires setuptools check for python > 3.6 (#1656)
* SMISMEMBER support (#1667)
* Exposing the module version in loaded_modules (#1648)
* RedisTimeSeries support (#1652)
* Support for json multipath ($) (#1663)
* Added boolean parsing to PEXPIRE and PEXPIREAT (#1665)
* Add python_requires setuptools check for python > 3.6 (#1656)
* Adding vulture for static analysis (#1655)
* Starting to clean the docs (#1657)
* Update README.md (#1654)
* Adding description format for package (#1651)
* Publish to pypi as releases are generated with the release drafter (#1647)
* Restore actions to prs (#1653)
* Fixing the package to include commands (#1649)
* Re-enabling codecov as part of CI process (#1646)
* Adding support for redisearch (#1640) Thanks @chayim
* redisjson support (#1636) Thanks @chayim
* Sentinel: Add SentinelManagedSSLConnection (#1419) Thanks @AbdealiJK
* Enable floating parameters in SET (ex and px) (#1635) Thanks @AvitalFineRedis
* Add warning when hiredis not installed. Recommend installation. (#1621) Thanks @adiamzn
* Raising NotImplementedError for SCRIPT DEBUG and DEBUG SEGFAULT (#1624) Thanks @chayim
* CLIENT REDIR command support (#1623) Thanks @chayim
* REPLICAOF command implementation (#1622) Thanks @chayim
* Add support to NX XX and CH to GEOADD (#1605) Thanks @AvitalFineRedis
* Add support to ZRANGE and ZRANGESTORE parameters (#1603) Thanks @AvitalFineRedis
* Pre 6.2 redis should default to None for script flush (#1641) Thanks @chayim
* Add FULL option to XINFO SUMMARY (#1638) Thanks @agusdmb
* Geosearch test should use any=True (#1594) Thanks @Andrew-Chen-Wang
* Removing packaging dependency (#1626) Thanks @chayim
* Fix client_kill_filter docs for skimpy (#1596) Thanks @Andrew-Chen-Wang
* Normalize minid and maxlen docs (#1593) Thanks @Andrew-Chen-Wang
* Update docs for multiple usernames for ACL DELUSER (#1595) Thanks @Andrew-Chen-Wang
* Fix grammar of get param in set command (#1588) Thanks @Andrew-Chen-Wang
* Fix docs for client_kill_filter (#1584) Thanks @Andrew-Chen-Wang
* Convert README & CONTRIBUTING from rst to md (#1633) Thanks @davidylee
* Test BYLEX param in zrangestore (#1634) Thanks @AvitalFineRedis
* Tox integrations with invoke and docker (#1632) Thanks @chayim
* Adding the release drafter to help simplify release notes (#1618). Thanks @chayim
* BACKWARDS INCOMPATIBLE: Removed support for end of life Python 2.7. #1318
* BACKWARDS INCOMPATIBLE: All values within Redis URLs are unquoted via urllib.parse.unquote. Prior versions of redis-py supported this by specifying the `decode_components` flag to the `from_url` functions. This is now done by default and cannot be disabled. #589
* POTENTIALLY INCOMPATIBLE: Redis commands were moved into a mixin (see commands.py). Anyone importing `redis.client` to access commands directly should import `redis.commands`. #1534, #1550
* Removed technical debt on REDIS_6_VERSION placeholder. Thanks @chayim #1582.
* Various docus fixes. Thanks @Andrew-Chen-Wang #1585, #1586.
* Support for LOLWUT command, available since Redis 5.0.0. Thanks @brainix #1568.
* Added support for CLIENT REPLY, available in Redis 3.2.0. Thanks @chayim #1581.
* Support for Auto-reconnect PubSub on get_message. Thanks @luhn #1574.
* Fix RST syntax error in README/ Thanks @JanCBrammer #1451.
* IDLETIME and FREQ support for RESTORE. Thanks @chayim #1580.
* Supporting args with MODULE LOAD. Thanks @chayim #1579.
* Updating RedisLabs with Redis. Thanks @gkorland #1575.
* Added support for ASYNC to SCRIPT FLUSH available in Redis 6.2.0. Thanks @chayim. #1567
* Added CLIENT LIST fix to support multiple client ids available in Redis 2.8.12. Thanks @chayim #1563.
* Added DISCARD support for pipelines available in Redis 2.0.0. Thanks @chayim #1565.
* Added ACL DELUSER support for deleting lists of users available in Redis 6.2.0. Thanks @chayim. #1562
* Added CLIENT TRACKINFO support available in Redis 6.2.0. Thanks @chayim. #1560
* Added GEOSEARCH and GEOSEARCHSTORE support available in Redis 6.2.0. Thanks @AvitalFine Redis. #1526
* Added LPUSHX support for lists available in Redis 4.0.0. Thanks @chayim. #1559
* Added support for QUIT available in Redis 1.0.0. Thanks @chayim. #1558
* Added support for COMMAND COUNT available in Redis 2.8.13. Thanks @chayim. #1554.
* Added CREATECONSUMER support for XGROUP available in Redis 6.2.0. Thanks @AvitalFineRedis. #1553
* Including slowly complexity in INFO if available. Thanks @ian28223 #1489.
* Added support for STRALGO available in Redis 6.0.0. Thanks @AvitalFineRedis. #1528
* Addes support for ZMSCORE available in Redis 6.2.0. Thanks @2014BDuck and @jiekun.zhu. #1437
* Support MINID and LIMIT on XADD available in Redis 6.2.0. Thanks @AvitalFineRedis. #1548
* Added sentinel commands FLUSHCONFIG, CKQUORUM, FAILOVER, and RESET available in Redis 2.8.12. Thanks @otherpirate. #834
* Migrated Version instead of StrictVersion for Python 3.10. Thanks @tirkarthi. #1552
* Added retry mechanism with backoff. Thanks @nbraun-amazon. #1494
* Migrated commands to a mixin. Thanks @chayim. #1534
* Added support for ZUNION, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1522
* Added support for CLIENT LIST with ID, available in Redis 6.2.0. Thanks @chayim. #1505
* Added support for MINID and LIMIT with xtrim, available in Reds 6.2.0. Thanks @chayim. #1508
* Implemented LMOVE and BLMOVE commands, available in Redis 6.2.0. Thanks @chayim. #1504
* Added GET argument to SET command, available in Redis 6.2.0. Thanks @2014BDuck. #1412
* Documentation fixes. Thanks @enjoy-binbin @jonher937. #1496 #1532
* Added support for XAUTOCLAIM, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1529
* Added IDLE support for XPENDING, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1523
* Add a count parameter to lpop/rpop, available in Redis 6.2.0. Thanks @wavenator. #1487
* Added a (pypy) trove classifier for Python 3.9. Thanks @D3X. #1535
* Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520
* Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520
* Added ZDIFF and ZDIFFSTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1518
* Added ZRANGESTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1521
* Added LT and GT support for ZADD, available in Redis 6.2.0. Thanks @chayim. #1509
* Added ZRANDMEMBER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1519
* Added GETDEL support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1514
* Added CLIENT KILL laddr filter, available in Redis 6.2.0. Thanks @chayim. #1506
* Added CLIENT UNPAUSE, available in Redis 6.2.0. Thanks @chayim. #1512
* Added NOMKSTREAM support for XADD, available in Redis 6.2.0. Thanks @chayim. #1507
* Added HRANDFIELD support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1513
* Added CLIENT INFO support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1517
* Added GETEX support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1515
* Added support for COPY command, available in Redis 6.2.0. Thanks @malinaa96. #1492
* Provide a development and testing environment via docker. Thanks @abrookins. #1365
* Added support for the LPOS command available in Redis 6.0.6. Thanks @aparcar #1353/#1354
* Added support for the ACL LOG command available in Redis 6. Thanks @2014BDuck. #1307
* Added support for ABSTTL option of the RESTORE command available in Redis 5.0. Thanks @charettes. #1423
* Drop account-defaults-redis.patch merged upstream

* Add account-defaults-redis.patch which fixes failing tests by taking into
consideration redis defaults, not overwriting them (gh#andymccurdy/redis-
py#1499).

* Skipp two tests because of gh#andymccurdy/redis-py#1459.

* update to 3.5.3

* Restore try/except clauses to **del** methods. These will be removed in 4.0
when more explicit resource management if enforced. #1339
* Update the master_address when Sentinels promote a new master. #847
* Update SentinelConnectionPool to not forcefully disconnect other in-use
connections which can negatively affect threaded applications. #1345 3.5.2
* Tune the locking in ConnectionPool.get_connection so that the lock is not
held while waiting for the socket to establish and validate the TCP
connection. 3.5.1
* Fix for HSET argument validation to allow any non-None key. Thanks
@AleksMat, #1337, #1341 3.5.0
* Removed exception trapping from **del** methods. redis-py objects that hold
various resources implement **del** cleanup methods to release those
resources when the object goes out of scope. This provides a fallback for
when these objects aren't explicitly closed by user code. Prior to this
change any errors encountered in closing these resources would be hidden
from the user. Thanks @jdufresne. #1281
* Expanded support for connection strings specifying a username connecting to
pre-v6 servers. #1274
* Optimized Lock's blocking_timeout and sleep. If the lock cannot be acquired
and the sleep value would cause the loop to sleep beyond blocking_timeout,
fail immediately. Thanks @clslgrnc. #1263
* Added support for passing Python memoryviews to Redis command args that
expect strings or bytes. The memoryview instance is sent directly to the
socket such that there are zero copies made of the underlying data during
command packing. Thanks @Cody-G. #1265, #1285
* HSET command now can accept multiple pairs. HMSET has been marked as
deprecated now. Thanks to @laixintao #1271
* Don't manually DISCARD when encountering an ExecAbortError. Thanks
@nickgaya, #1300/#1301
* Reset the watched state of pipelines after calling exec. This saves a
roundtrip to the server by not having to call UNWATCH within
Pipeline.reset(). Thanks @nickgaya, #1299/#1302
* Added the KEEPTTL option for the SET command. Thanks @laixintao #1304/#1280
* Added the MEMORY STATS command. #1268
* Lock.extend() now has a new option, `replace_ttl`. When False (the default),
Lock.extend() adds the `additional_time` to the lock's existing TTL. When
replace_ttl=True, the lock's existing TTL is replaced with the value of
`additional_time`.
* Add testing and support for PyPy.

* downgrade requires for redis to recommends

* Better error handling Changes in python-retrying:

* Switch package to modern Python Stack on SLE-15
* Add %{?sle15_python_module_pythons}

* require setuptools

* Switch to pyproject macros.

* Stop using greedy globs in %files.

* Update to version 1.3.4

* Added Greg Roodt as maintainer
* Formatted code with black
* Updated repository references

* Improve summary.

* Remove superfluous devel dependency for noarch package

* Initial package Changes in python-semver:

* update to 3.0.2:
* :pr:`418`: Replace :class:`~collection.OrderedDict` with :class:`dict`.
* The dict datatype is ordered since Python 3.7. As we do not support Python
3.6 anymore, it can be considered safe to avoid
:class:`~collection.OrderedDict`.
* :pr:`431`: Clarify version policy for the different semver versions (v2, v3,
>v3) and the supported Python versions.
* :gh:`432`: Improve external doc links to Python and Pydantic.
* :pr:`417`: Amend GitHub Actions to check against MacOS.

* remove obsolete setup-remove-asterisk.patch

* update to version 3.0.1:
* Remove incorrect dependencies from build-system section of pyproject.toml by
@mgorny in #405
* correct typo in function description of next_version by @treee111 in #406
* Improve GitHub Action by @tomschr in #408
* Add CITATION.cff for citation by @tomschr in #409
* Add Version class to **all** export. Fix #410 by @Soneji in #411
* Configure docformatter by @tomschr in #412
* Prepare version 3.0.1 by @tomschr in #413

* update to version 3.0.0:

* Bugfixes
* :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`,
`minor`, and `patch`.
* :gh:`310`: Rework API documentation. Follow a more "semi-manual" attempt and
add auto directives into :file:`docs/api.rst`.
* :gh:`344`: Allow empty string, a string with a prefix, or `None` as token in
:meth:`~semver.version.Version.bump_build` and
:meth:`~semver.version.Version.bump_prerelease`.
* :pr:`384`: General cleanup, reformat files:
* Reformat source code with black again as some config options did accidentely exclude the semver source code. Mostly remove some includes/excludes in the black config.
* Integrate concurrency in GH Action
* Ignore Python files on project dirs in .gitignore
* Remove unused patterns in MANIFEST.in
* Use `extend-exclude` for flake in :file:`setup.cfg`` and adapt list.
* Use `skip_install=True` in :file:`tox.ini` for black
* :pr:`393`: Fix command :command:`python -m semver` to avoid the error
"invalid choice"
* :pr:`396`: Calling :meth:`~semver.version.Version.parse` on a derived class
will show correct type of derived class.
* Deprecations
* :gh:`169`: Deprecate CLI functions not imported from `semver.cli`.
* :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean`
classes
* :gh:`284`: Deprecate the use of :meth:`~Version.isvalid`. Rename
:meth:`~semver.version.Version.isvalid` to
:meth:`~semver.version.Version.is_valid` for consistency reasons with
:meth:`~semver.version.Version.is_compatible`.
* :pr:`402`: Keep :func:`semver.compare <semver._deprecated.compare>`.
Although it breaks consistency with module level functions, it seems it's a
much needed/used function. It's still unclear if we should deprecate this
function or not (that's why we use :py:exc:`PendingDeprecationWarning`). As
we don't have a uniform initializer yet, this function stays in the
:file:`_deprecated.py` file for the time being until we find a better
solution. See :gh:`258` for details.
* Features
* Remove :file:`semver.py`
* Create :file:`src/semver/__init__.py`
* Create :file:`src/semver/cli.py` for all CLI methods
* Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and
other deprecated functions
* Create :file:`src/semver/__main__.py` to allow calling the CLI using
:command:`python -m semver`
* Create :file:`src/semver/_types.py` to hold type aliases
* Create :file:`src/semver/version.py` to hold the :class:`Version` class (old
name :class:`VersionInfo`) and its utility functions
* Create :file:`src/semver/__about__.py` for all the metadata variables
* :gh:`213`: Add typing information
* :gh:`284`: Implement :meth:`~semver.version.Version.is_compatible` to make
"is self compatible with X".
* :gh:`305`: Rename :class:`~semver.version.VersionInfo` to
:class:`~semver.version.Version` but keep an alias for compatibility

* add setup-remove-asterisk.patch to fix build error

* update to version 3.0.0-dev.4:
* Bug Fixes:
* :gh:`374`: Correct Towncrier's config entries in the :file:`pyproject.toml`
file. The old entries `[[tool.towncrier.type]]` are deprecated and need to
be replaced by `[tool.towncrier.fragment.<TYPE>]`.
* Deprecations:
* :gh:`372`: Deprecate support for Python 3.6. Python 3.6 reached its end of
life and isn't supported anymore. At the time of writing (Dec 2022), the
lowest version is 3.7. Although the `poll < https://github.com/python-
semver/python-semver/discussions/371>`_ didn't cast many votes, the
majority agree to remove support for Python 3.6.
* Improved Documentation:
* :gh:`335`: Add new section "Converting versions between PyPI and semver" the
limitations and possible use cases to convert from one into the other
versioning scheme.
* :gh:`340`: Describe how to get version from a file
* :gh:`343`: Describe combining Pydantic with semver in the "Advanced topic"
section.
* :gh:`350`: Restructure usage section. Create subdirectory "usage/" and
splitted all section into different files.
* :gh:`351`: Introduce new topics for:
* "Migration to semver3"
* "Advanced topics"
* Features:
* :pr:`359`: Add optional parameter `optional_minor_and_patch` in
:meth:`.Version.parse` to allow optional minor and patch parts.
* :pr:`362`: Make :meth:`.Version.match` accept a bare version string as match
expression, defaulting to equality testing.
* :gh:`364`: Enhance :file:`pyproject.toml` to make it possible to use the
:command:`pyproject-build` command from the build module. For more
information, see :ref:`build-semver`.
* :gh:`365`: Improve :file:`pyproject.toml`.
* Use setuptools, add metadata. Taken approach from `A Practical Guide to
Setuptools and Pyproject.toml < https://godatadriven.com/blog/a-practical-
guide-to-setuptools-and-pyproject-toml/>`_.
* Doc: Describe building of semver
* Remove :file:`.travis.yml` in :file:`MANIFEST.in` (not needed anymore)
* Distinguish between Python 3.6 and others in :file:`tox.ini`
* Add skip_missing_interpreters option for :file:`tox.ini`
* GH Action: Upgrade setuptools and setuptools-scm and test against
3.11.0-rc.2
* Trivial/Internal Changes:
* :gh:`378`: Fix some typos in Towncrier configuration

* switch to the tagged version rather than a gh branch tarball

* fix support for Python 3.10 with update to development version:

* update to revision g4d2df08:
* Changes for the upcoming release can be found in:
* the `"changelog.d" directory < https://github.com/python-
semver/python-semver/tree/master/changelog.d>`_:
* in our repository.:
* update to version 3.0.0-dev.2:
* Deprecations:
* :gh:`169`: Deprecate CLI functions not imported from `semver.cli`.
* Features:
* :gh:`169`: Create semver package and split code among different modules in
the packages.
* Remove :file:`semver.py`
* Create :file:`src/semver/__init__.py`
* Create :file:`src/semver/cli.py` for all CLI methods
* Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and
other deprecated functions
* Create :file:`src/semver/__main__.py` to allow calling the CLI using
:command:`python -m semver`
* Create :file:`src/semver/_types.py` to hold type aliases
* Create :file:`src/semver/version.py` to hold the :class:`Version` class (old
name :class:`VersionInfo`) and its utility functions
* Create :file:`src/semver/__about__.py` for all the metadata variables
* :gh:`305`: Rename :class:`VersionInfo` to :class:`Version` but keep an alias
for compatibility
* Improved Documentation:
* :gh:`304`: Several improvements in documentation:
* Reorganize API documentation.
* Add migration chapter from semver2 to semver3.
* Distinguish between changlog for version 2 and 3
* :gh:`305`: Add note about :class:`Version` rename.
* Trivial/Internal Changes:
* :gh:`169`: Adapted infrastructure code to the new project layout.
* Replace :file:`setup.py` with :file:`setup.cfg` because the
:file:`setup.cfg` is easier to use
* Adapt documentation code snippets where needed
* Adapt tests
* Changed the `deprecated` to hardcode the `semver` package name in the
warning. Increase coverage to 100% for all non-deprecated APIs
* :gh:`304`: Support PEP-561 :file:`py.typed`. According to the mentioned PEP:
"Package maintainers who wish to support type checking of their code MUST
add a marker file named :file:`py.typed` to their package supporting
typing." Add package_data to :file:`setup.cfg` to include this marker in
dist and whl file.
* update to version 3.0.0-dev.1:
* Deprecations:
* :pr:`290`: For semver 3.0.0-alpha0:
* Remove anything related to Python2
* In :file:`tox.ini` and :file:`.travis.yml` Remove targets py27, py34, py35,
and pypy. Add py38, py39, and nightly (allow to fail)
* In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes
* Remove old Python versions (2.7, 3.4, 3.5, and pypy) from Travis
* :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean`
classes
* Features:
* :pr:`290`: Create semver 3.0.0-alpha0
* Update :file:`README.rst`, mention maintenance branch `maint/v2`.
* Remove old code mainly used for Python2 compatibility, adjusted code to
support Python3 features.
* Split test suite into separate files under :file:`tests/` directory
* Adjust and update :file:`setup.py`. Requires Python >=3.6.* Extract metadata
directly from source (affects all the `__version__`, `__author__` etc.
variables)
* :gh:`270`: Configure Towncrier (:pr:`273`:)
* Add :file:`changelog.d/.gitignore` to keep this directory
* Create :file:`changelog.d/README.rst` with some descriptions
* Add :file:`changelog.d/_template.rst` as Towncrier template
* Add `[tool.towncrier]` section in :file:`pyproject.toml`
* Add "changelog" target into :file:`tox.ini`. Use it like :command:`tox -e
changelog -- CMD` whereas `CMD` is a Towncrier command. The default
:command:`tox -e changelog` calls Towncrier to create a draft of the
changelog file and output it to stdout.
* Update documentation and add include a new section "Changelog" included from
:file:`changelog.d/README.rst`.
* :gh:`276`: Document how to create a sublass from :class:`VersionInfo` class
* :gh:`213`: Add typing information
* Bug Fixes:
* :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`,
`minor`, and `patch`.
* Improved Documentation:
* :pr:`290`: Several improvements in the documentation:
* New layout to distinguish from the semver2 development line.
* Create new logo.
* Remove any occurances of Python2.
* Describe changelog process with Towncrier.
* Update the release process.
* Trivial/Internal Changes:
* :pr:`290`: Add supported Python versions to :command:`black`.
* PR #62. Support custom default names for pre and build Changes in python-
sshtunnel:
* Require update-alternatives for the scriptlets.

* Switch build system from setuptools to pyproject.toml

* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Limit Python files matched in %files section

* Use %sle15_python_module_pythons

* do not require python-mock for build

* update to 0.4.0:

* Change the daemon mod flag for all tunnel threads (is not fully backward compatible) to prevent unexpected hangs (`#219`_) + Add docker based end to end functinal tests for Mongo/Postgres/MySQL
* Add docker based end to end hangs tests
* Fix host key directory detection
* Unify default ssh config folder to `~/.ssh`
* Increase open connection timeout to 10 secods
* Change default with context behavior to use `.stop(force=True)` on exit
* Remove useless `daemon_forward_servers = True` hack for hangs prevention
* Set transport keepalive to 5 second by default
* Set default transport timeout to 0.1
* Deprecate and remove `block_on_close` option
* Fix "deadlocks" / "tunneling hangs"
* Add `.stop(force=True)` for force close active connections
* Fixes bug with orphan thread for a tunnel that is DOWN
* Support IPv6 without proxy command. Use built-in paramiko create socket logic. The logic tries to use ipv6 socket family first, then ipv4 socket family.

Changes in python-strictyaml:

* require setuptools

* update to 1.7.3:

* REFACTOR : Fix pipeline.
* TOOLING : Improvements to pyenv multi-environment tester.
* FEATURE : Upgraded package to use pyproject.toml files
* REFACTOR : Fixed linter errors.
* TOOLING : Build wheel and sdist that both work.

* Add %{?sle15_python_module_pythons}

* Update to 1.6.2 No relevant code changes. see details changelog:
https://hitchdev.com/strictyaml/changelog/#latest

* update to 1.6.1 too many changes to be listed here see detailed changelog:
https://hitchdev.com/strictyaml/changelog/

* update to 1.4.4

* Add support for NaN and infinity representations
* Optional keys in mappings and set value to None
* Support underscores in int and decimal
* NullNone - parse 'null' as None like YAML 1.2 does.
* Bundle last propertly working ruamel.yaml version in with strictyaml.

* version update to 1.0.6

* BUGFIX : Fix accidental python 2 breakage.
* BUGFIX : Accidental misrecognition of boolean values as numbers - cause of
#85.
* BUGFIX : Fix for #86 - handle changing multiline strings.
* BUGFIX: handle deprecated collections import in the parser (#82)

* Update to 1.0.5:

* BUGFIX : Fixed python 2 bug introduced when fixing #72.
* FEATURE : Include tests / stories in package.
* BUG: issue #72. Now setitem uses schema.

* Expand %description.

* Initial spec for v1.0.3 Changes in python-sure:

* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install

* update to 2.0.1:

* Fixes CI build (Github Actions)
* Fixes broken tests
* Housekeeping: Licensing
* Disable nosetests for testing leaving only pytest as supported test-runner
for now

* Add %{?sle15_python_module_pythons}

* Remove mock from BuildRequires.

* Rebase python-sure-no-mock.patch to remove one missed import.

* do not require mock for build nor runtime

* added patches fix https://github.com/gabrielfalcao/sure/pull/161
* python-sure-no-mock.patch

* Update to 2.0.0

* No longer patch the builtin dir() function, which fixes pytest in some cases
such as projects using gevent.

* switch to pytest

* Version update to 1.4.11:

* Reading the version dynamically was causing import errors that caused error
when installing package. Refs #144

Changes in python-vcrpy: \- Update to 6.0.1 * BREAKING: Fix issue with httpx
support (thanks @parkerhancock) in #784. * BREAKING: Drop support for `boto`
(vcrpy still supports boto3, but is dropping the deprecated `boto` support in
this release. (thanks @jairhenrique) * Fix compatibility issue with Python 3.12
(thanks @hartwork) * Drop simplejson (fixes some compatibility issues) (thanks
@jairhenrique) * Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @mgorny) *
Various linting and docs improvements (thanks @jairhenrique) * Tornado fixes
(thanks @graingert)

* version update to 5.1.0
* Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks
@jairhenrique
* Enable rule B (flake8-bugbear) on ruff - thanks @jairhenrique
* Configure read the docs V2 - thanks @jairhenrique
* Fix typo in docs - thanks @quasimik
* Make json.loads of Python >=3.6 decode bytes by itself - thanks @hartwork
* Fix body matcher for chunked requests (fixes #734) - thanks @hartwork
* Fix query param filter for aiohttp (fixes #517) - thanks @hartwork and
@salomvary
* Remove unnecessary dependency on six. - thanks @charettes
* build(deps): update sphinx requirement from