openSUSE-2025-181 moderate openSUSE Backports SLE-15-SP7 Update This update for ollama fixes the following issues: Introduce version 0.7.0: * Ollama now supports multimodal models via Ollama's new engine, starting with new vision multimodal models: ~ Meta Llama 4 ~ Google Gemma 3 ~ Qwen 2.5 VL ~ Qwen 2.5 VL * Ollama now supports providing WebP images as input to multimodal models * Improved performance of importing safetensors models via ollama create * Various bug fixes and performance enhancements ollama-0.7.0-bp157.2.1.src.rpm ollama-0.7.0-bp157.2.1.x86_64.rpm ollama-0.7.0-bp157.2.1.aarch64.rpm ollama-0.7.0-bp157.2.1.ppc64le.rpm ollama-0.7.0-bp157.2.1.s390x.rpm openSUSE-2025-182 moderate openSUSE Backports SLE-15-SP7 Update This update for afterburn fixes the following issues: - Update to version 5.8.2: * cargo: Afterburn release 5.8.2 * docs/release-notes: update for release 5.8.2 * cargo: update dependencies * cargo: Afterburn release 5.8.1 * cargo: Afterburn release 5.8.0 * docs/release-notes: update for release 5.8.0 * cargo: update dependencies * packit: add initial support - Update to version 5.7.0.git103.bae893c: * Sync repo templates * build(deps): bump crossbeam-channel from 0.5.13 to 0.5.15 * build(deps): bump tokio from 1.40.0 to 1.44.2 * build(deps): bump openssl from 0.10.71 to 0.10.72 fixes RUSTSEC-2025-0022 AKA CVE-2025-3416 * build(deps): bump zbus from 4.4.0 to 5.5.0 * mod.rs: Fix clippy lint errors * release-notes.md: add release notes for rust version update * Cargo.toml: bump MSRV to 1.84.1 * Fix clippy lint issues * Sync repo templates * build(deps): bump mockito from 1.6.1 to 1.7.0 * build(deps): bump serde_json from 1.0.139 to 1.0.140 * build(deps): bump tempfile from 3.17.1 to 3.19.1 * build(deps): bump clap from 4.5.31 to 4.5.35 * build(deps): bump reqwest from 0.12.12 to 0.12.15 * Update release notes. * proxmoxve: Add more context to log messages. * proxmoxve: Remove unneeded fields * proxmoxve: Add tests for static network configuration from cloud-init. * proxmoxve: Add support for static network configuration from cloud-init. * build(deps): bump mailparse from 0.15.0 to 0.16.1 * Sync repo templates * build(deps): bump ring from 0.17.8 to 0.17.13 * build(deps): bump anyhow from 1.0.95 to 1.0.96 * release notes: add notes for tempfile bump from 3.16.0 to 3.17.1 * build(deps): bump serde from 1.0.217 to 1.0.218 * build(deps): bump openssl from 0.10.70 to 0.10.71 * build(deps): bump tempfile from 3.16.0 to 3.17.1 * build(deps): bump serde_json from 1.0.138 to 1.0.139 * build(deps): bump clap from 4.5.27 to 4.5.31 * add makefile targets for fmt,lint and test * providers/openstack: ignore ec2 metadata if not present * build(deps): bump openssl from 0.10.66 to 0.10.70 * build(deps): bump serde_json from 1.0.137 to 1.0.138 * build(deps): bump tempfile from 3.14.0 to 3.16.0 * build(deps): bump openssl from 0.10.66 to 0.10.69 * build(deps): bump ipnetwork from 0.20.0 to 0.21.1 * build(deps): bump serde from 1.0.215 to 1.0.217 * build(deps): bump serde_json from 1.0.133 to 1.0.137 * build(deps): bump anyhow from 1.0.93 to 1.0.95 * build(deps): bump clap from 4.5.21 to 4.5.27 * build(deps): bump reqwest from 0.12.7 to 0.12.12 * Sync repo templates * build(deps): bump mockito from 1.5.0 to 1.6.1 * build(deps): bump serde_json from 1.0.128 to 1.0.133 * build(deps): bump clap from 4.5.17 to 4.5.21 * build(deps): bump tempfile from 3.12.0 to 3.14.0 * build(deps): bump anyhow from 1.0.89 to 1.0.93 * build(deps): bump serde from 1.0.210 to 1.0.215 * docs: add changelog entry * proxmox: use noop provider if no configdrive * add noop provider * release-notes: remove "upcoming" - Update to version 5.7.0: * cargo: Afterburn release 5.7.0 * docs/release-notes: update for release 5.7.0 * cargo: update dependencies * dhcp: replace dbus_proxy with proxy, and zbus traits * build(deps): bump zbus from 3.15.2 to 4.4.0 * build(deps): bump tempfile from 3.10.1 to 3.12.0 * build(deps): bump serde from 1.0.205 to 1.0.210 * build(deps): bump serde_json from 1.0.121 to 1.0.127 * build(deps): bump reqwest from 0.12.5 to 0.12.7 * build(deps): bump uzers from 0.12.0 to 0.12.1 * build(deps): bump clap from 4.5.13 to 4.5.16 * build(deps): bump serde from 1.0.203 to 1.0.205 * build(deps): bump serde_json from 1.0.119 to 1.0.121 * build(deps): bump mockito from 1.4.0 to 1.5.0 * build(deps): bump openssh-keys from 0.6.3 to 0.6.4 * build(deps): bump clap from 4.5.8 to 4.5.13 * build(deps): bump openssl from 0.10.64 to 0.10.66 * providers/hetzner: private ipv4 addresses in attributes * openstack: Document the two platforms * build(deps): bump zerovec-derive from 0.10.2 to 0.10.3 * build(deps): bump zerovec from 0.10.2 to 0.10.4 * build(deps): bump nix from 0.27.1 to 0.29.0 * build(deps): bump clap from 4.5.7 to 4.5.8 * build(deps): bump serde_json from 1.0.117 to 1.0.119 * microsoft/azure: allow empty certificate chain in PKCS12 file * proxmoxve: implement proxmoxve provider * providers/hetzner: fix duplicate attribute prefix * build(deps): bump pnet_base from 0.34.0 to 0.35.0 * cargo: Afterburn release 5.6.0 * docs/release-notes: update for release 5.6.0 * cargo: update dependencies * build(deps): bump libflate from 1.4.0 to 2.1.0 * build(deps): bump base64 from 0.21.7 to 0.22.1 * build(deps): bump uzers from 0.11.3 to 0.12.0 * build(deps): bump pnet_datalink from 0.34.0 to 0.35.0 * build(deps): bump nix from 0.28.0 to 0.29.0 * lint: silence deadcode warnings * lint: address latest lint's from msrv update * workflows/rust: directly update toolchain to 1.75.0 * cargo: update msrv to 1.75 * Sync repo templates * build(deps): bump reqwest from 0.12.2 to 0.12.4 * build(deps): bump serde from 1.0.197 to 1.0.200 * build(deps): bump anyhow from 1.0.81 to 1.0.82 * build(deps): bump mailparse from 0.14.1 to 0.15.0 * build(deps): bump serde_json from 1.0.115 to 1.0.116 * providers: Add "akamai" provider * build(deps): bump h2 from 0.3.24 to 0.3.26 * build(deps): bump anyhow from 1.0.79 to 1.0.81 * build(deps): bump serde_json from 1.0.113 to 1.0.115 * build(deps): bump reqwest from 0.11.24 to 0.12.2 * build(deps): bump serde_yaml from 0.9.32 to 0.9.34+deprecated * build(deps): bump mio from 0.8.10 to 0.8.11 * build(deps): bump mailparse from 0.14.0 to 0.14.1 * build(deps): bump openssl from 0.10.62 to 0.10.64 * build(deps): bump nix from 0.27.1 to 0.28.0 * build(deps): bump mockito from 1.2.0 to 1.4.0 * build(deps): bump tempfile from 3.9.0 to 3.10.1 * build(deps): bump serde_yaml from 0.9.31 to 0.9.32 * build(deps): bump serde from 1.0.195 to 1.0.197 * build(deps): bump h2 from 0.3.23 to 0.3.24 * build(deps): bump slog-term from 2.9.0 to 2.9.1 * build(deps): bump serde_yaml from 0.9.30 to 0.9.31 * build(deps): bump serde_json from 1.0.111 to 1.0.113 * build(deps): bump clap from 4.4.16 to 4.4.18 * build(deps): bump reqwest from 0.11.23 to 0.11.24 * cargo: Afterburn release 5.5.1 * docs/release-notes: update for release 5.5.1 * cargo: update dependencies * build(deps): bump anyhow from 1.0.75 to 1.0.78 * build(deps): bump serde_yaml from 0.9.27 to 0.9.29 * build(deps): bump reqwest from 0.11.22 to 0.11.23 * build(deps): bump serde_json from 1.0.108 to 1.0.109 * build(deps): bump openssl from 0.10.60 to 0.10.62 * build(deps): bump tempfile from 3.8.1 to 3.9.0 * build(deps): bump clap from 4.4.10 to 4.4.12 * build(deps): bump unsafe-libyaml from 0.2.9 to 0.2.10 * providers/vmware: add missing public functions for non-amd64 * build(deps): bump clap from 4.4.8 to 4.4.10 * cargo: Afterburn release 5.5.0 * build(deps): bump openssl from 0.10.59 to 0.10.60 * docs/release-notes: update for release 5.5.0 * cargo: update dependencies * ci: cancel previous build on PR update * build(deps): allow building with libsystemd 0.7.0 * providers/vmware: Process guestinfo.metadata netplan configuration * kubevirt: Run afterburn-hostname service * build(deps): bump reqwest from 0.11.20 to 0.11.22 * build(deps): bump tempfile from 3.8.0 to 3.8.1 * build(deps): bump clap from 4.4.6 to 4.4.7 * build(deps): bump serde_json from 1.0.107 to 1.0.108 * build(deps): bump serde_yaml from 0.9.25 to 0.9.27 * build(deps): bump rustix from 0.37.19 to 0.37.25 * build(deps): bump clap from 4.4.2 to 4.4.6 * build(deps): bump serde_json from 1.0.105 to 1.0.107 * build(deps): bump mockito from 1.1.0 to 1.2.0 * providers: add support for scaleway * Move away from deprecated `users` to `uzers` * providers/hetzner: add support for Hetzner Cloud * build(deps): bump clap from 4.4.1 to 4.4.2 * cargo: update MSRV to 1.71 * build(deps): bump clap from 4.3.19 to 4.4.1 * chore: Get rid of Clippy warnings * cargo: specify required features for nix dependency * build(deps): bump nix from 0.26.2 to 0.27.1 * build(deps): bump slog-async from 2.7.0 to 2.8.0 * build(deps): bump openssl from 0.10.56 to 0.10.57 * build(deps): bump reqwest from 0.11.18 to 0.11.20 * build(deps): bump serde from 1.0.185 to 1.0.188 * build(deps): bump tempfile from 3.7.1 to 3.8.0 * build(deps): bump serde from 1.0.183 to 1.0.185 * build(deps): bump anyhow from 1.0.72 to 1.0.75 * build(deps): bump serde_json from 1.0.104 to 1.0.105 * build(deps): bump openssl from 0.10.55 to 0.10.56 * build(deps): bump tempfile from 3.7.0 to 3.7.1 * build(deps): bump serde from 1.0.180 to 1.0.183 * Sync repo templates * build(deps): bump serde from 1.0.179 to 1.0.180 * build(deps): bump serde_json from 1.0.103 to 1.0.104 * build(deps): bump serde from 1.0.175 to 1.0.179 * build(deps): bump pnet_datalink from 0.33.0 to 0.34.0 * build(deps): bump serde from 1.0.171 to 1.0.175 * build(deps): bump clap from 4.3.14 to 4.3.19 * build(deps): bump pnet_base from 0.33.0 to 0.34.0 * build(deps): bump serde_yaml from 0.9.23 to 0.9.25 * build(deps): bump tempfile from 3.6.0 to 3.7.0 * build(deps): bump clap from 4.3.11 to 4.3.14 * build(deps): bump serde_yaml from 0.9.22 to 0.9.23 * build(deps): bump anyhow from 1.0.71 to 1.0.72 * build(deps): bump serde_json from 1.0.100 to 1.0.103 * build(deps): bump clap from 4.3.10 to 4.3.11 * build(deps): bump serde_json from 1.0.99 to 1.0.100 * build(deps): bump openssh-keys from 0.6.1 to 0.6.2 * build(deps): bump zbus from 3.13.1 to 3.14.1 * build(deps): bump clap from 4.3.8 to 4.3.10 * build(deps): bump serde from 1.0.164 to 1.0.165 * build(deps): bump serde_json from 1.0.96 to 1.0.99 * build(deps): bump clap from 4.3.3 to 4.3.8 * build(deps): bump serde_yaml from 0.9.21 to 0.9.22 * build(deps): bump openssl from 0.10.54 to 0.10.55 * build(deps): bump mockito from 1.0.2 to 1.1.0 * openstack: Add attribute OPENSTACK_INSTANCE_UUID * build(deps): bump serde from 1.0.163 to 1.0.164 * build(deps): bump clap from 4.3.2 to 4.3.3 * build(deps): bump tempfile from 3.5.0 to 3.6.0 * cargo: Afterburn release 5.4.3 * docs/release-notes: update for release 5.4.3 * cargo: update dependencies * cargo: allow openssl 0.10.46 * build(deps): bump openssl from 0.10.52 to 0.10.54 * build(deps): bump openssh-keys from 0.6.0 to 0.6.1 * build(deps): bump vmw_backdoor from 0.2.3 to 0.2.4 * ci: strip debug symbols * build-sys: Use new tier = 2 for cargo-vendor-filterer * build(deps): bump reqwest from 0.11.17 to 0.11.18 * cargo: Afterburn release 5.4.2 * docs/release-notes: update for release * docs/release-notes: note Azure SSH regression fix with new openssl * cargo: fix minimum version of openssl crate * build(deps): bump serde from 1.0.162 to 1.0.163 * build(deps): bump zbus from 3.12.0 to 3.13.1 * build(deps): bump serde from 1.0.160 to 1.0.162 * build(deps): bump anyhow from 1.0.70 to 1.0.71 * build(deps): bump openssl from 0.10.51 to 0.10.52 * build(deps): bump reqwest from 0.11.16 to 0.11.17 * build(deps): bump openssl from 0.10.50 to 0.10.51 * build(deps): bump enumflags2 from 0.7.5 to 0.7.7 * build(deps): bump openssl from 0.10.48 to 0.10.50 * build(deps): bump zbus from 3.11.1 to 3.12.0 * build(deps): bump serde_json from 1.0.95 to 1.0.96 * build(deps): bump h2 from 0.3.15 to 0.3.17 * build(deps): bump openssl from 0.10.47 to 0.10.48 * microsoft/crypto/mod: replace deprecated function `parse` with `parse2` * build(deps): bump serde from 1.0.159 to 1.0.160 * build(deps): bump serde_yaml from 0.9.19 to 0.9.21 * build(deps): bump tempfile from 3.4.0 to 3.5.0 * build(deps): bump serde from 1.0.158 to 1.0.159 * build(deps): bump mockito from 1.0.1 to 1.0.2 * Update mockito to 1.0.1 * build(deps): bump reqwest from 0.11.15 to 0.11.16 * build(deps): bump serde_json from 1.0.94 to 1.0.95 * cli: switch to clap derive * cli: add descriptive value names for option arguments in --help * build(deps): bump zbus from 3.11.0 to 3.11.1 * build(deps): bump openssl from 0.10.45 to 0.10.47 * build(deps): bump reqwest from 0.11.14 to 0.11.15 * build(deps): bump serde from 1.0.155 to 1.0.158 * build(deps): bump anyhow from 1.0.69 to 1.0.70 * cli: have clap require exactly one of --cmdline/--provider * providers/*: move endpoint mocking into retry::Client * retry/client: move URL parsing into helper function * providers/microsoft: import crate::retry * providers/microsoft: use stored client for all fetches * providers/packet: use stored client for boot checkin * build(deps): bump zbus from 3.10.0 to 3.11.0 * build(deps): bump serde from 1.0.152 to 1.0.155 * docs: Use upstream theme and update to 0.4.1 * build(deps): bump serde_json from 1.0.93 to 1.0.94 * build(deps): bump serde_yaml from 0.9.17 to 0.9.19 * build(deps): bump mockito from 0.32.3 to 0.32.4 * build(deps): bump tempfile from 3.3.0 to 3.4.0 * initrd: remember to write trailing newline to network kargs file * util: drop obsolete "OEM" terminology * Update to clap 4 * build(deps): bump mockito from 0.31.1 to 0.32.3 * workflows: update clippy to 1.67 * Fix clippy lints * Inline variables into format strings * build(deps): bump zbus from 3.9.0 to 3.10.0 * build(deps): bump serde_json from 1.0.92 to 1.0.93 afterburn-5.8.2-bp157.2.3.1.src.rpm afterburn-5.8.2-bp157.2.3.1.x86_64.rpm afterburn-dracut-5.8.2-bp157.2.3.1.noarch.rpm afterburn-5.8.2-bp157.2.3.1.i586.rpm afterburn-5.8.2-bp157.2.3.1.aarch64.rpm afterburn-5.8.2-bp157.2.3.1.ppc64le.rpm afterburn-5.8.2-bp157.2.3.1.s390x.rpm openSUSE-2025-175 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Update to version 137.0.7151.55 (stable release 2025-05-27) (boo#1243741) - CVE-2025-5063: Use after free in Compositing - CVE-2025-5280: Out of bounds write in V8 - CVE-2025-5064: Inappropriate implementation in Background Fetch API - CVE-2025-5065: Inappropriate implementation in FileSystemAccess API - CVE-2025-5066: Inappropriate implementation in Messages - CVE-2025-5281: Inappropriate implementation in BFCache - CVE-2025-5283: Use after free in libvpx - CVE-2025-5067: Inappropriate implementation in Tab Strip chromedriver-137.0.7151.55-bp157.2.3.2.x86_64.rpm chromium-137.0.7151.55-bp157.2.3.2.src.rpm chromium-137.0.7151.55-bp157.2.3.2.x86_64.rpm chromedriver-137.0.7151.55-bp157.2.3.2.aarch64.rpm chromium-137.0.7151.55-bp157.2.3.2.aarch64.rpm openSUSE-2025-180 important openSUSE Backports SLE-15-SP7 Update This update for varnish fixes the following issues: - Update to release 7.7.1 * VSV-16: Resolve request smuggling attack - Update to release 7.7.0 * The `linux` jail gained control of transparent huge pages settings. * An issue has been fixed which could cause a crash when varnishd receives an invalid Content-Range header from a backend. * Timestamping for HTTP/2 requests (when idle period begins) has been switched to be more in line with HTTP/1. * VSV-15: The client connection is now always closed when a malformed request is received. [CVE-2025-30346, boo#1239892] - Update to release 7.6.0 * The Varnish Delivery Processor (VDP) filter API has been generalized to also accommodate future use for backend request bodies. * VDPs with no vdp_bytes_f function are now supported if the vdp_init_f returns a value greater than zero to signify that the filter is not to be added to the chain. This is useful to support VDPs which only need to work on headers. * The epoll and kqueue waiters have been improved to correctly report WAITER_REMCLOSE, which increases the WAITER.*.remclose counter. * varnishtest now supports the shutdown command corresponding to the shutdown(2) standard C library call. * VSC counters for waiters have been added: * conns to count waits on idle connections * remclose to count idle connections closed by the peer * timeout to count idle connections which timed out in the waiter * action to count idle connections which resulted in a read * The port of a listen_endpoint given with the -a argument to varnishd can now also be a numerical port range like "80-89". * The warning "mlock() of VSM failed" message is now emitted when locking of shared memory segments (via mlock(2)) fails. * A bug has been fixed where string comparisons in VCL could fail with the nonsensical error message "Comparison of different types: STRING '==' STRING". * An issue has been addressed in the builtin.vcl where backend responses would fail if they contained a Content-Range header when no range was requested. * Additional SessError VSL events are now generated for various HTTP/2 protocol errors. * A new Linux jail has been added which is now the default on Linux. For now, it is almost identical to the Unix jail with one addition: * When the new Linux jail is used, the working directory not mounted on tmpfs partition. * A race condition with VCL temperature transitions has been addressed. * Internal management of probes has been reworked to address race conditions. * Backend tasks can now be instructed to queue if the backend has reached its max_connections. * The size of the buffer to hold panic messages is now tunable through the new panic_buffer parameter. * The Varnish Shared Memory (VSM) and Varnish Shared Counters (VSC) consumer implementation in libvarnishapi have been improved for stability and performance. * An issue has been fixed where Varnish Shared Log (VSL) queries (for example using ``varnishlog -q``) with numerical values would fail in unexpected ways due to truncation. * The ``ObjWaitExtend()`` Object API function gained a statep argument to optionally return the busy object state consistent with the current extension. A NULL value may be passed if the caller does not require it. * For backends using the ``.via`` attribute to connect through a proxy, the connect_timeout, ``first_byte_timeout`` and ``between_bytes_timeout`` attributes are now inherited from proxy unless explicitly given. * varnishd now creates a worker_tmpdir which can be used by VMODs for temporary files. The VMOD developer documentation has details. * The environment variable VARNISH_DEFAULT_N now provides the default "varnish name" / "workdir" as otherwise specified by the ``-n`` argument to varnishd and varnish* utilities except varnishtest. * A glitch with TTL comparisons has been fixed which could, for example, lead to unexpected behavior with purge.soft(). - Update to release 7.5.0 * Resolved CVE-2023-44487, CVE-2024-30156 [boo#1221942] * The default value of cli_limit has been increased from 48KB to 64KB. * A new ``pipe_task_deadline`` directive specifies the maximum duration of a pipe transaction. * All the timeout parameters that can be disabled accept the "never" value. * Added parameters to control the HTTP/2 Rapid Reset attach. - update to 7.4.2 (boo#1216123, CVE-2023-44487): * The ``vcl_req_reset`` feature (controllable through the ``feature`` parameter, see `varnishd(1)`) has been added and enabled by default to terminate client side VCL processing early when the client is gone. *req_reset* events trigger a VCL failure and are reported to `vsl(7)` as ``Timestamp: Reset`` and accounted to ``main.req_reset`` in `vsc` as visible through ``varnishstat(1)``. In particular, this feature is used to reduce resource consumption of HTTP/2 "rapid reset" attacks (see below). Note that *req_reset* events may lead to client tasks for which no VCL is called ever. Presumably, this is thus the first time that valid `vcl(7)` client transactions may not contain any ``VCL_call`` records. * Added mitigation options and visibility for HTTP/2 "rapid reset" attacks Global rate limit controls have been added as parameters, which can be overridden per HTTP/2 session from VCL using the new vmod ``h2``: * The ``h2_rapid_reset`` parameter and ``h2.rapid_reset()`` function define a threshold duration for an ``RST_STREAM`` to be classified as "rapid": If an ``RST_STREAM`` frame is parsed sooner than this duration after a ``HEADERS`` frame, it is accounted against the rate limit described below. * The ``h2_rapid_reset_limit`` parameter and ``h2.rapid_reset_limit()`` function define how many "rapid" resets may be received during the time span defined by the ``h2_rapid_reset_period`` parameter / ``h2.rapid_reset_period()`` function before the HTTP/2 connection is forcibly closed with a ``GOAWAY`` and all ongoing VCL client tasks of the connection are aborted. The defaults are 100 and 60 seconds, corresponding to an allowance of 100 "rapid" resets per minute. * The ``h2.rapid_reset_budget()`` function can be used to query the number of currently allowed "rapid" resets. * Sessions closed due to rapid reset rate limiting are reported as ``SessClose RAPID_RESET`` in `vsl(7)` and accounted to ``main.sc_rapid_reset`` in `vsc` as visible through ``varnishstat(1)``. * The ``cli_limit`` parameter default has been increased from 48KB to 64KB. * ``VSUB_closefrom()`` now falls back to the base implementation not only if ``close_range()`` was determined to be unusable at compile time, but also at run time. That is to say, even if ``close_range()`` is compiled in, the fallback to the naive implementation remains. libvarnishapi3-7.7.1-bp157.2.3.1.x86_64.rpm varnish-7.7.1-bp157.2.3.1.src.rpm varnish-7.7.1-bp157.2.3.1.x86_64.rpm varnish-devel-7.7.1-bp157.2.3.1.x86_64.rpm libvarnishapi3-7.7.1-bp157.2.3.1.i586.rpm varnish-7.7.1-bp157.2.3.1.i586.rpm varnish-devel-7.7.1-bp157.2.3.1.i586.rpm libvarnishapi3-7.7.1-bp157.2.3.1.aarch64.rpm varnish-7.7.1-bp157.2.3.1.aarch64.rpm varnish-devel-7.7.1-bp157.2.3.1.aarch64.rpm libvarnishapi3-7.7.1-bp157.2.3.1.ppc64le.rpm varnish-7.7.1-bp157.2.3.1.ppc64le.rpm varnish-devel-7.7.1-bp157.2.3.1.ppc64le.rpm libvarnishapi3-7.7.1-bp157.2.3.1.s390x.rpm varnish-7.7.1-bp157.2.3.1.s390x.rpm varnish-devel-7.7.1-bp157.2.3.1.s390x.rpm openSUSE-2025-191 moderate openSUSE Backports SLE-15-SP7 Update This update for micropython, micropython-lib, webrepl fixes the following issues: This update ships micropython in version 1.25.0. micropython-lib-1.25.0-bp157.2.1.noarch.rpm micropython-lib-1.25.0-bp157.2.1.src.rpm micropython-1.25.0-bp157.2.1.src.rpm micropython-1.25.0-bp157.2.1.x86_64.rpm mpremote-1.25.0-bp157.2.1.noarch.rpm mpy-tools-1.25.0-bp157.2.1.x86_64.rpm webrepl-20221108.1e09d9a-bp157.2.1.noarch.rpm webrepl-20221108.1e09d9a-bp157.2.1.src.rpm micropython-1.25.0-bp157.2.1.aarch64.rpm mpy-tools-1.25.0-bp157.2.1.aarch64.rpm micropython-1.25.0-bp157.2.1.s390x.rpm mpy-tools-1.25.0-bp157.2.1.s390x.rpm openSUSE-2025-189 moderate openSUSE Backports SLE-15-SP7 Update This update for opi fixes the following issues: Version 5.8.5: * add librewolf plugin (#205) * Install .NET 9 * Add verbose mode * Change the order of the process in the github module * Add rustdesk plugin Version 5.8.4; * Use arm64 rpm for libation on aarch64 Version 5.8.3: * Install dependencies rpm-build and squashfs at runtime if needed * Drop DNF support Version 5.8.2: * Warn about adding staging repos * Gracefully handle zypper exit code 106 (repos without cache present) Version 5.8.1: * Fix SyntaxWarning: invalid escape sequence '\s' Version 5.8.0: * Add mullvad-brower opi-5.8.5-bp157.2.3.1.noarch.rpm opi-5.8.5-bp157.2.3.1.src.rpm openSUSE-2025-194 moderate openSUSE Backports SLE-15-SP7 Update This update for virtme fixes the following issues: Update to version 1.36: * vng: Fix remote build * virtme_ng: run: --exec and positional arguments are mutually exclusive * virtme-ng: run: Fix quoting * virtme_ng: run: Fix `vng -- ''` virtme-1.36-bp157.2.3.1.noarch.rpm virtme-1.36-bp157.2.3.1.src.rpm openSUSE-2025-196 moderate openSUSE Backports SLE-15-SP7 Update This update for claws-mail fixes the following issues: - Update to 4.3.1: * The configuration option, "Don't popup error dialog on receive error" has been changed to "Show error dialog on receive error". Your previous choice will be automatically changed to the new format. * The option "Warn when pasting files as attachments" has been added to the Compose/Writing preferences page. This option was previously hidden. * chmod 0600 is now set on *history files in the configuration directory. * A new preference has been added to enable setting the chmod value of saved attachments: "Save attachments with chmod [ ]", found on the Other/Miscelleanous preferences page. The default value is 600. * The creation and updating of .mh_sequences files in MH mailbox folders is now optional and disabled by default. This is controlled by a new hidden preference, mh_compat_mode. If you were previously relying on this feature, set mh_compat_mode=1 in clawsrc before running this version. * A new hidden preference has been added, passphrase_dialog_msg_title_switch. This switches the placement of the dialogue message with the dialogue title in the passphrase dialogue. This can be useful for interacting with third-party programs such as KeePassXC. * The top-level 'Mark' menu item has been renamed to 'Marks'. If you have set custom hotkeys for any items in this menu you will need to re-set them. * New accounts now have all secure options activated by default, including TLS connections and SMTP AUTH. * The option to accept valid TLS certificates is now activated by default on new accounts. * Notification plugin: support for Ayatana indicator has been added. * PDF Viewer plugin: support for image/x-eps (encapsulated postscript) images has been added. * Libravatar plugin: the https URL, https://seccdn.libravatar.org/avatar, is now used by default. * vCalendar plugin: CREATED/LAST_MODIFIED are correctly handled, and the VTIMEZONE component is used when present * Various code cleanups. * The English, Spanish and French manuals have been updated. * Updated translations: Albanian, Brazilian Portuguese, British English, Catalan, Czech, Dutch, French, Polish, Portuguese, Romanian, Russian, Simplified Chinese, Slovak, Spanish, Swedish, Turkish. * bug fixes: * bug 3964, 'Attachment icon doesn't show in message list unless the message is clicked and then disappears later' * bug 4658, 'Headers unfolded incorrectly in message view' * bug 4817, 'Edit button in Messages view->Text settings not translatable' * bug 4818, 'Your Claws Mail configuration is from a newer...' dialog is shown more than once' * bug 4819, 'Text wrapping broken when text contains an URL' * bug 4821, 'If the Mail folder is on another partition, folder chmod settings are not applied to draft and queue' * bug 4824, 'No syntax highlighting after exiting external editor' * bug 4828, '"Mark" not translated anymore' * bug 4835, 'Disallow a forward slash in (IMAP) account names' * bug 4840, 'core dump unsubscribing from newsgroups' * CID 1491093: attrib leaked if attvalue is null * CID 1491370: unchecked return value. * archive plugin build in debug mode. * keep newsgroup subscription window on top when 'subscribe to newsgroup...' fails and newsgroup list can't be retrieved * don't silently fail to save a sent msg * IMAP: show the clip icon in the message list as soon as possible * stop needlessly checking which folders want sycnhronising every time we select a msg in an MH mailbox - Update to 4.3.0: * Compose window: when the focus is in the message text, copied files can be pasted as attachments using /Edit/paste or Ctrl+V. (The context menu's Paste will still insert the list of files into the message body.) * '/Mark/Mark all read in folder' and 'Mark/Mark all unread in folder' have been re-added to the Message List context menu. * It is now possible to use '/Tools/Remove references' when forwarding mail. * Keyboard shortcuts: The "Choose preset keyboard shortcuts" selector has been integrated into the main preferences page. When 'Current' is the selected preset, Apply/OK will keep the existing settings. * An MBOX file can now be imported from the command line using `claws-mail --import-mbox %f` where %f is the full path to the MBOX file. * OAUTH2 support for Microsoft 365 GCC High has been added. * LiteHTML Viewer plugin: Updated to LiteHTML 0.9. * The menurc file is now backed-up on startup. * Removed support for the obsolete Avant Window Navigator. * Various code cleanups. * The manual has been updated. * New translation: Albanian. * Updated translations: Catalan, Czech, French, Hungarian, Indonesian, Polish, Romanian, Slovak, Spanish, Swedish, Turkish. * bug 4668, 'Sometimes, at program start, message list takes all the vertical space' * bug 4720, 'matcher: release regex_t in matcherprop_string_match' * bug 4724, 'set proper availability status to sign/encrypt toolbar buttons' * bug 4725, 'oauth2: remove trailing zero from transmit buffer in oauth2_contact_server' * bug 4728, 'socket: handle GNUTLS_E_PREMATURE_TERMINATION in ssl_read' * bug 4730, 'oauth2: fix string handling in oauth2_contact_server' * bug 4733, 'Line breaks lost in headers' * bug 4734, 'ssl_certificate: remove unhelpful warnings from certificate check' * bug 4746, 'matcher: remove incorrect condition in matcherprop_free' * bug 4747, 'matcher: simplify matcherprop_new' * bug 4749, 'release regex_t in summary_compile_simplify_regexp' * bug 4750, 'remove regcomp wrapper and call regcomp directly' * bug 4752, 'Adjust incorrect debug_printf call in pgp plugins' * bug 4754, 'text/enriched literal less-than sign sequence handled incorrectly * bug 4757, 'remove AX_FUNC_MKDIR' * bug 4758, 'remove unused check for bind_textdomain_codeset' * bug 4759, 'remove unused function checks from AC_CHECK_FUNCS' * bug 4760, 'use correct type for move_bar_id' * bug 4762, 'oauth2: preserve an existing refresh token' * bug 4765, 'only store smtp auth if authorization method is OAUTH2' * bug 4766, 'preserve the expiry value of SMTP auth type is not OAUTH2' * bug 4768, 'Adjust logic while evaluating enable_avatars' * bug 4770, 'remove intl from list of include directories' * bug 4773, 'remove obsolescent AC_C_CONST' * bug 4780, 'use proper prototype for two archiver functions' * bug 4781, 'use correct prototype for privacy_free_signature_data' * bug 4782, 'use correct prototype for stop_archiving' * bug 4786, 'remove type confusion in getsockopt call in sock_connect_async_cb' * bug 4787, 'Use correct function for memory transfer in crypt_cfb_buf' * bug 4788, '"Change primary passphrase" disabled status handling' * bug 4790, 'widget spacing in "Changing primary passphrase" dialog' * bug 4791, 'remove obsolete glib version check' * bug 4795, 'Please remove -no-cpp-precomp flag for Apple' * bug 4796, 'URL with wide character doesn't work' * bug 4798, 'Quoting wrong when format=flowed and respect_flowed_format is set' * CIDs 1220325, 1491306 and 1491315, 'Explicit null dereferenced (FORWARD_NULL)' * CIDs 1491064, 1491074, 1491211, 1491105, 1491139, 1491164, 1491166, 1491168, 1491169, 1491178, 1491232, 1491242, 1492281 and 1591844 'Use after free (USE_AFTER_FREE)' * CID 1491137 'Out-of-bounds access (OVERRUN)' * CID 1591952 values overwritten before being used * CID 1596594 (CHECKED_RETURN) * CID 1596595 'Resource leak' * errors caused by invalid MIME viewer command-line * building on non-X11 systems * Use CFLAGS provided by nettle.pc * Fancy plugin, recognise mid and data embedded images claws-mail-4.3.1-bp157.2.3.1.src.rpm claws-mail-4.3.1-bp157.2.3.1.x86_64.rpm claws-mail-devel-4.3.1-bp157.2.3.1.x86_64.rpm claws-mail-lang-4.3.1-bp157.2.3.1.noarch.rpm claws-mail-4.3.1-bp157.2.3.1.aarch64.rpm claws-mail-devel-4.3.1-bp157.2.3.1.aarch64.rpm claws-mail-4.3.1-bp157.2.3.1.ppc64le.rpm claws-mail-devel-4.3.1-bp157.2.3.1.ppc64le.rpm claws-mail-4.3.1-bp157.2.3.1.s390x.rpm claws-mail-devel-4.3.1-bp157.2.3.1.s390x.rpm openSUSE-2025-188 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to 137.0.7151.68 (stable release 2025-06-03) (boo#1244019) * CVE-2025-5419: Out of bounds read and write in V8 * CVE-2025-5068: Use after free in Blink - Google is aware that an exploit for CVE-2025-5419 exists in the wild. chromedriver-137.0.7151.68-bp157.2.6.2.x86_64.rpm chromium-137.0.7151.68-bp157.2.6.2.src.rpm chromium-137.0.7151.68-bp157.2.6.2.x86_64.rpm chromedriver-137.0.7151.68-bp157.2.6.2.aarch64.rpm chromium-137.0.7151.68-bp157.2.6.2.aarch64.rpm openSUSE-2025-204 low openSUSE Backports SLE-15-SP7 Update This update for atop fixes the following issues: - Update to 2.11.1: * Atop will not connect to the TCP port of 'atopgpud' daemon any more by default. The flag -k can be used explicitly when 'atopgpud' is active. Also the code to parse the received strings is improved to avoid future issues with heap corruption. * The flag -K has been implemented to connect to netatop/netatop-bpf. * Fix CVE-2025-31160 (boo#1240393) - Update to 2.11.0: * Cgroups (version 2) support. Show the hierarchical structure of cgroups and the related metrics with key/option 'G', and define the cgroup depth with the keys/options 2 till 7. Key/option 8 also shows the processes per cgroup level, except the kernel processes in the root cgroup. Key/option 9 shows the related processes per cgroup level including the kernel processes in the root cgroup. With key/option 'C' the output is sorted on CPU consumption (default), with key/option 'M' on memory consumption, and with key/option 'D' (requires root privileges) on disk utilization. Note: The collection of cgroup information per process is not supported any more. * Twin mode: live measurement with review option. In twin mode atop spawns into a lower level process that gathers the counters and writes them to a temporary raw file, and an upper level process that reads the counters from the temporary raw file and presents them to the user. The reading of the upper level process keeps in pace with the written samples of the lower level process for live measurements. However, when pressing the 'r' (reset to measurement begin), the 'b' (branch to time stamp), or the 'T' (previous sample), the upper level process implicitly pauses with the possibility to review previous samples. The 'z' (explicit pause) can also be used to pause the live measurement. When pressing the 'z' again (continue after pause) viewing of the live measurement will be continued. * Various corrections related to JSON output. * Improved gathering of current CPU frequency. * Support more than 500 CPUs. * The format of the raw file is incompatible with previous versions. Raw files from previous versions can be converted to the new layout with the atopconvert command. - Update to 2.10.0: * Additional memory statistics on system level: amount of available memory, amount of memory used for Transparant Huge Pages, amount of memory used by two categories of static huge pages (usually 2MiB and 1GiB), and the number of pages transferred to/from zswap. * Additional counters for the number of idle threads on system level and process level. * Refined view of memory bar graph, including free static huge pages. * Generic way to determine the container id or pod name for containerized processes. * Support for a BPF-based alternative[1] for the netatop kernel module to gather network statistics per process/thread. * Use the -z flag followed by a regex to prepend matching environment variables to the full command line that is shown per process (with key 'c'). * Various bugfixes (like memory leak when switching to bar graph mode) and minor improvements. * Bugfix: failing malloc while starting atopsar (unprivileged) for a live measurement. * The program atophide can be used to make an extraction from an input raw log to an output raw log, optionally specifying a begin time and/or an end time. The output raw log can be anonymized, i.e. the hostname will be replaced, command names of non-standard commands will be replaced, all command arguments will be wiped, logical volume names will be replaced and NFS mounted volume names will be replaced. * The format of the raw file is incompatible with previous versions. Raw files from previous versions can be converted to the new layout with the atopconvert command. - Update to 2.9.0: * Avoid compiler warning by limiting PSI average * Install cleanup function to avoid termination of parent process * add man for PAG steal * Oomkills event should not remain orange after boot values * Clarified atop man page * Closing bracket missing in synopsis * Add highlight concerning bar graph mode * Introduce bar graph mode Besides all detailed information that is supplied by atop on system and process level, a (character-based) bar graph can be shown about the utilization of the most critical system resources * Freeing ethlink should depend of ifdef * Added reset to indicate shadow file to be closed * fix atopacctd.c: failed to start atopacct.service * acctatop: reacquire acctfd to collect nprocexit for some bad cases * Calibrate nprocexit to avoid atop coredumps unexpectedly * json.c: fix avque counters output * Resolve compiler warnings from latest versions of GCC * Added versdate.h to make clean target * Revert "Added versdate.h to make clean target" * Added versdate.h to make clean target * fix calculation for scan and steal * only call str.decode if nvml returned bytes * Add exit epoch to parseable output PRG (solves issue #242) * Minor correction in man page for NVCSW/NIVCSW * Context switches (voluntary and involuntary) on process level incorrect * Various modifications releated to (non)voluntary context switches * Add nvcsw and nivcsw for each process * ifprop.c: Fix possible memory leak * Code cleanup and prototype additions * Consistency check on number of threads (solves issue #232) * atop-rotate.service: use restart instead of try-restart * Add link to atophttpd atop-2.11.1-bp157.2.3.1.src.rpm atop-2.11.1-bp157.2.3.1.x86_64.rpm atop-daemon-2.11.1-bp157.2.3.1.x86_64.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.x86_64.rpm atop-debuginfo-2.11.1-bp157.2.3.1.x86_64.rpm atop-debugsource-2.11.1-bp157.2.3.1.x86_64.rpm atop-2.11.1-bp157.2.3.1.i586.rpm atop-daemon-2.11.1-bp157.2.3.1.i586.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.i586.rpm atop-debuginfo-2.11.1-bp157.2.3.1.i586.rpm atop-debugsource-2.11.1-bp157.2.3.1.i586.rpm atop-2.11.1-bp157.2.3.1.aarch64.rpm atop-daemon-2.11.1-bp157.2.3.1.aarch64.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.aarch64.rpm atop-debuginfo-2.11.1-bp157.2.3.1.aarch64.rpm atop-debugsource-2.11.1-bp157.2.3.1.aarch64.rpm atop-2.11.1-bp157.2.3.1.ppc64le.rpm atop-daemon-2.11.1-bp157.2.3.1.ppc64le.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.ppc64le.rpm atop-debuginfo-2.11.1-bp157.2.3.1.ppc64le.rpm atop-debugsource-2.11.1-bp157.2.3.1.ppc64le.rpm atop-2.11.1-bp157.2.3.1.s390x.rpm atop-daemon-2.11.1-bp157.2.3.1.s390x.rpm atop-daemon-debuginfo-2.11.1-bp157.2.3.1.s390x.rpm atop-debuginfo-2.11.1-bp157.2.3.1.s390x.rpm atop-debugsource-2.11.1-bp157.2.3.1.s390x.rpm openSUSE-2025-200 important openSUSE Backports SLE-15-SP7 Update This update for orafce and timescaledb rebuilds them against current postgresql. postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.src.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.x86_64.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.src.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.x86_64.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.i586.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.i586.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.aarch64.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.aarch64.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.ppc64le.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.ppc64le.rpm postgresql12-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql12-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql12-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql13-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql13-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql13-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql15-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql15-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql15-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql16-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql16-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql16-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql17-orafce-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql17-orafce-debuginfo-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql17-orafce-debugsource-4.14.1+git0.48e67e7-bp157.2.2.1.s390x.rpm postgresql14-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm postgresql15-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm postgresql16-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm postgresql17-timescaledb-2.17.1-bp157.2.2.1.s390x.rpm openSUSE-2025-201 important openSUSE Backports SLE-15-SP7 Update This update for chromium fixes the following issues: Chromium 137.0.7151.103 (stable release 2025-06-10) (boo#1244452) - CVE-2025-5958: Use after free in Media - CVE-2025-5959: Type Confusion in V8 chromedriver-137.0.7151.103-bp157.2.9.1.x86_64.rpm chromium-137.0.7151.103-bp157.2.9.1.src.rpm chromium-137.0.7151.103-bp157.2.9.1.x86_64.rpm chromedriver-137.0.7151.103-bp157.2.9.1.aarch64.rpm chromium-137.0.7151.103-bp157.2.9.1.aarch64.rpm openSUSE-2025-206 important openSUSE Backports SLE-15-SP7 Update This update for konsole fixes the following issues: - CVE-2025-49091: Fixed potential remote code execution in a certain scenario with url open (boo#1244569) konsole-23.08.5-bp157.2.3.1.src.rpm konsole-23.08.5-bp157.2.3.1.x86_64.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.x86_64.rpm konsole-debugsource-23.08.5-bp157.2.3.1.x86_64.rpm konsole-part-23.08.5-bp157.2.3.1.x86_64.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.x86_64.rpm konsole-part-lang-23.08.5-bp157.2.3.1.noarch.rpm konsole-zsh-completion-23.08.5-bp157.2.3.1.noarch.rpm konsole-23.08.5-bp157.2.3.1.aarch64.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.aarch64.rpm konsole-debugsource-23.08.5-bp157.2.3.1.aarch64.rpm konsole-part-23.08.5-bp157.2.3.1.aarch64.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.aarch64.rpm konsole-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-debugsource-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-part-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.ppc64le.rpm konsole-23.08.5-bp157.2.3.1.s390x.rpm konsole-debuginfo-23.08.5-bp157.2.3.1.s390x.rpm konsole-debugsource-23.08.5-bp157.2.3.1.s390x.rpm konsole-part-23.08.5-bp157.2.3.1.s390x.rpm konsole-part-debuginfo-23.08.5-bp157.2.3.1.s390x.rpm openSUSE-2025-212 moderate openSUSE Backports SLE-15-SP7 Update This update for kanidm fixes the following issues: kanidm was updated to version 1.6.4~git2.a4b3b0f7b: * Remove dead code * OpenSUSE build fix Update to version 1.6.4~git0.e1d26ed10: * Allow deferring spans in unixd * Dark mode improvements (#3660) * Fix SCIM filter parser for quoted values with spaces and escaped quotes (#3673) * fix: strip comments from UNIX files before parsing (#3674) * Fix healthcheck to use ENV for config path (#3656) * Investigate and reduce memory consumption of unixd (#3645) * Swap bytes mut at buffer limits (#3651) * fix: Improve unixd & unixd-tasks startup coupling (#3638) * reload schema before verify (#3643) * Defend against split_at panic (#3636) Update to version 1.6.3~git0.389493eb1: * Fix minor issue with untagged version handling (#3634) * Move shadow processing out of task event loop (#3631) * Dont specify config path in container (#3630) * Accept SSHA with different salt lengths (#3629) * Resolve flaw with ssh key parse if the key has no comment (#3628) * Indicate that this is an ip list, not a range (#3626) * Test for corrupted unicode in SSH keys, keep the key title on error/resubmit (#3618) * Reduce replication logging verbosity * cargo publish (#3613) kanidm-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.src.rpm kanidm-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-debugsource-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-docs-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-server-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-server-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-unixd-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-unixd-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.x86_64.rpm kanidm-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-debugsource-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-docs-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-server-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-server-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-unixd-clients-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm kanidm-unixd-clients-debuginfo-1.6.4~git2.a4b3b0f7b-bp157.2.3.1.aarch64.rpm openSUSE-2025-215 moderate openSUSE Backports SLE-15-SP7 Update This update for python-certbot-dns-google, python-google-api-python-client, python-google-auth-httplib2, python-uritemplate fixes the following issues: Changes in python-uritemplate, python-google-auth-httplib2, python-google-api-python-client: - shipped for use by python-certbot-dns-google. Changes in python-certbot-dns-google: Update to version 2.11.0: * sync with the main certbot package Update to 2.9.0: * Support for Python 3.12 was added. * Updates `joinpath` syntax to only use one addition per call, because the multiple inputs version was causing mypy errors on Python 3.10. * Makes the `reconfigure` verb actually use the staging server for the dry run to check the new configuration. Update to version 2.7.3: * Filter zones in certbot-dns-google to avoid usage of private DNS zones to create records Update to version 2.6.0: * Support for Python 3.11 was added to Certbot and all of its components. * All Certbot components now require pytest to run tests. * Packaged tests for all Certbot components besides josepy were moved inside the _internal/tests module. * There is now a new Other annotated challenge object to allow plugins to support entirely novel challenges. * --dns-google-project optionally allows for specifying the project that the DNS zone(s) reside in, which allows for Certbot usage in scenarios where the auth credentials reside in a different project to the zone(s) that are being managed. * certbot-dns-google now loads credentials using the standard Application Default Credentials strategy, rather than explicitly requiring the Google Compute metadata server to be present if a service account is not provided using --dns-google-credentials. * --dns-google-credentials now supports additional types of file-based credential, such as External Account Credentials created by Workload Identity Federation. All file-based credentials implemented by the Google Auth library are supported. * certbot-dns-google no longer requires deprecated oauth2client library. * Certbot no longer depends on zope. Update to 1.29.0: * --allow-subset-of-names will now additionally retry in cases where domains are rejected while creating or finalizing orders. This requires subproblem support from the ACME server * The show_account subcommand now uses the "newAccount" ACME endpoint to fetch the account data, so it doesn't rely on the locally stored account URL. This fixes situations where Certbot would use old ACMEv1 registration info with non-functional account URLs. * The generated Certificate Signing Requests are now generated as version 1 instead of version 3. This resolves situations in where strict enforcement of PKCS#10 meant that CSRs that were generated as version 3 were rejected Update to version 1.26.0: * GCP Permission list for certbot-dns-google in plugin documentation python-certbot-dns-google-2.11.0-bp157.2.3.1.src.rpm python311-certbot-dns-google-2.11.0-bp157.2.3.1.noarch.rpm python-google-api-python-client-2.170.0-bp157.2.1.src.rpm python311-google-api-python-client-2.170.0-bp157.2.1.noarch.rpm python-google-auth-httplib2-0.2.0-bp157.2.1.src.rpm python311-google-auth-httplib2-0.2.0-bp157.2.1.noarch.rpm python-uritemplate-4.1.1-bp157.2.1.src.rpm python311-uritemplate-4.1.1-bp157.2.1.noarch.rpm openSUSE-2025-213 moderate openSUSE Backports SLE-15-SP7 Update This update for ollama fixes the following issues: Update to version 0.9.0: * Ollama now has the ability to enable or disable thinking. This gives users the flexibility to choose the model’s thinking behavior for different applications and use cases. Update to version 0.8.0: * Ollama will now stream responses with tool calls * Logs will now include better memory estimate debug information when running models in Ollama's engine. Update to version 0.7.1: * Improved model memory management to allocate sufficient memory to prevent crashes when running multimodal models in certain situations * Enhanced memory estimation for models to prevent unintended memory offloading * ollama show will now show ... when data is truncated * Fixed crash that would occur with qwen2.5vl * Fixed crash on Nvidia's CUDA for llama3.2-vision * Support for Alibaba's Qwen 3 and Qwen 2 architectures in Ollama's new multimodal engine ollama-0.9.0-bp157.5.1.src.rpm ollama-0.9.0-bp157.5.1.x86_64.rpm ollama-0.9.0-bp157.5.1.aarch64.rpm ollama-0.9.0-bp157.5.1.ppc64le.rpm ollama-0.9.0-bp157.5.1.s390x.rpm openSUSE-2025-214 moderate openSUSE Backports SLE-15-SP7 Update This update for openQA fixes the following issues: - Update to version 5.1749832158.cc746ea0: * Bump @eslint/config-helpers from 0.2.2 to 0.2.3 * Docs: Convert images/openqa-in-5-minutes.gif to webm * Add test for failing save_needle with abort call * Document considerations for zero-downtime upgrades * Bump @eslint/config-array from 0.20.0 to 0.20.1 * Bump @eslint/plugin-kit from 0.3.1 to 0.3.2 * Change `do_cleanup` definition in test using `scm git` * apparmor: Allow file lock in fixed iso/hdd images * apparmor: Allow using 'git-lfs' * Disable git_auto_update by default * Re-add git_auto_commit and improved docs for the git settings * Tweak git config access in _git_clone_all * Disentangle git_auto_clone and git_auto_update * Bump brace-expansion from 1.1.11 to 1.1.12 * Update documentation with the new postgres format * Avoid showing too much probably disturbing errors on test details page * Update deprecated postgresql repository * Print one URL per line in test settings * Bump eslint-scope from 8.3.0 to 8.4.0 * Bump espree from 10.3.0 to 10.4.0 * Verify log output when cleanup fail in _save_needles * Improve error handling when loading test module results * Simplify the `createElement()` function * Restore behavior in case of empty details JSON after ca86aec6 * Verify abort job when git is disabled and do_cleanup is 'no' * Avoid job terminated unexpectedly by add signal handler * Bump datatables.net-bs5 from 2.3.1 to 2.3.2 * Bump acorn from 8.14.1 to 8.15.0 * Use regex when checking worker config for relevant sections * Allow appending values in worker config via `+=` * Streamline coding style in `t/24-worker-settings.t` * Allow using list and range specifiers in worker config file - Update to version 5.1749214996.3536da99: * Bump @types/estree from 1.0.7 to 1.0.8 * Support sass generation in all product versions * Avoid sporadic test failures due to warning about closed ws connection * Increase chart testing verbosity for better log trace * Bump ace-builds from 1.41.0 to 1.42.0 * Bump eslint from 9.27.0 to 9.28.0 * Bump @pkgr/core from 0.2.4 to 0.2.7 * Remove nested .gitignore from openQA rpm * Add permissions to avoid the warnings in openQA build - Update to version 5.1748615746.d50d8e24: * Bump synckit from 0.11.6 to 0.11.8 * Bump eslint-plugin-prettier from 5.4.0 to 5.4.1 * Support repeated query params in filter parsing * Replace deprecated ingress class annotation with ingressClassName * CI: Update python version in check-helm-chart * Avoid database error when more than one limit parameter is specified * Use signatures in all functions of `t/ui/18-tests-details.t` * Improve details of test details test * Refactor search_args construction for multi-valued query parameters * Allow comma-separated filtering of flavor * Dependency cron 2025-05-26 * t: Test if flavor options from URL are carried over to the form * t: Add more testing of comma-separated values * t: Check URL contains single flavor * Apply macro to support upcoming opensuse/sle 16 build - Update to version 5.1748004971.d2bfe8ce: * CI: Enable Leap 16.0 OBS build checks * systemd: Increase availability of openqa-webui with ordering * systemd: Remove obsolete ordering of websockets after scheduler * Update GettingStarted.asciidoc Fedora instructions * Deprecate skip-checks and add check-repos option * Switch overly verbose "Updating seen from worker" messages to trace * t: Also use default test database in full-stack+deploy * Fix quoting issue in run-tests-within-container script * Bump eslint from 9.26.0 to 9.27.0 * Bump @modelcontextprotocol/sdk from 1.11.3 to 1.11.4 * Bump synckit from 0.11.5 to 0.11.6 * Create link to the common prove_wrapper * Avoid repeated calls to $t->app->minion * Add linear backoff in hook script * Sync the subrepo external/os-autoinst-common * Bump datatables.net-bs5 from 2.3.0 to 2.3.1 * Dependency cron 2025-05-16 * Bump @modelcontextprotocol/sdk from 1.11.2 to 1.11.3 * Bump eventsource-parser from 3.0.1 to 3.0.2 * Set TESTS_FAILED_FLAG to 1 instead of touching file * Explain container execution and CONTAINER_TEST implications * Remove section which checks unused variable * Update checkstyle invocation in run-tests-within-container script - Update to version 5.1747282262.9a4e6bb5: * load-templates: with --clean, empty job group YAML templates * Fix phrasing in jobs comment carry over unit test * Bump debug from 4.4.0 to 4.4.1 * Bump synckit from 0.11.4 to 0.11.5 * Avoid workers getting stuck with old jobs * Avoid duplicate `use Mojo::JSON` * Follow consistent database DUMP_FOLDER target directory * Create new systemd service and timer for database dump and cleanup * dump-templates: dump job groups as they exist, fix group checks * t: load-templates: check harder for what gets loaded * load-templates: job groups: simplify, don't error on group exists * load-templates: fix loading of job templates openQA-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.x86_64.rpm openQA-client-test-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-test-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-worker-test-5.1749832158.cc746ea0-bp157.2.4.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.aarch64.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.ppc64le.rpm openQA-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.4.1.s390x.rpm openSUSE-2025-210 important openSUSE Backports SLE-15-SP7 Update Chromium was updated to 137.0.7151.119 (stable release 2025-06-17) (boo#1244711): * CVE-2025-6191: Integer overflow in V8 * CVE-2025-6192: Use after free in Profiler chromedriver-137.0.7151.119-bp157.2.12.1.x86_64.rpm chromium-137.0.7151.119-bp157.2.12.1.src.rpm chromium-137.0.7151.119-bp157.2.12.1.x86_64.rpm chromedriver-137.0.7151.119-bp157.2.12.1.aarch64.rpm chromium-137.0.7151.119-bp157.2.12.1.aarch64.rpm openSUSE-2025-217 moderate openSUSE Backports SLE-15-SP7 Update This update for python-libvirt-python fixes the following issues: python-libvirt-python updated to 11.0.0. python-libvirt-python-11.0.0-bp157.4.1.src.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.x86_64.rpm python311-libvirt-python-11.0.0-bp157.4.1.x86_64.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.x86_64.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.i586.rpm python311-libvirt-python-11.0.0-bp157.4.1.i586.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.i586.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.aarch64.rpm python311-libvirt-python-11.0.0-bp157.4.1.aarch64.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.aarch64.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.ppc64le.rpm python311-libvirt-python-11.0.0-bp157.4.1.ppc64le.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.ppc64le.rpm python-libvirt-python-debugsource-11.0.0-bp157.4.1.s390x.rpm python311-libvirt-python-11.0.0-bp157.4.1.s390x.rpm python311-libvirt-python-debuginfo-11.0.0-bp157.4.1.s390x.rpm openSUSE-2025-208 important openSUSE Backports SLE-15-SP7 Update This update for velociraptor fixes the following issues: - Update to version 0.7.0.4.git152.fb24dfd: * audit: fix watch rules in artifacts * audit: update go-libaudit dependency for pcc64le arch filter fix * Use execsnoop plugin in artifacts when possible * Add execsnoop plugin to capture execve system calls * github-actions: update ubuntu runners to 22.04 * Fix failing tls unit test on new go versions - Update to version 0.7.0.4.git142.862ef23: * github: fix deprecated upload artifact again * Update npm packages Includes fixes for the following vulnerabilities: CVE-2023-45133 CVE-2023-46234 CVE-2024-55565 CVE-2024-45296 CVE-2023-44270 CVE-2024-47068 CVE-2024-23331 CVE-2024-31207 CVE-2024-45812 CVE-2024-45811 * Update go dependencies Includes fixes for the following vulnerabilities: CVE-2024-45338 CVE-2024-37298 CVE-2024-24786 CVE-2023-45683 (boo#1216310) CVE-2023-1732 * Update jwt to 4.5.1 Fixes CVE-2024-51744 (boo#1232944) * Update go-retryablehttp to 0.7.7 Fixes CVE-2024-6104 (boo#1227061) * Update go-oidc and go-jose Fixes CVE-2024-28180 (boo#1235168) * Update dompurify to 3.1.3 Fixes CVE-2024-47875 (boo#1231574) * Update package-lock.json * Update micromatch to 4.0.8 Partial fix for CVE-2024-4067 (boo#1224367) Partial fix for CVE-2024-4068 (boo#1224296) * Update axios to 1.7.9 Fixes CVE-2024-39338 (boo#1229424) * Update cross-spawn to 7.0.6 Fixes CVE-2024-21538 (boo#1233845) * Update elliptic to 6.6.1 Update contains fixes for: CVE-2024-48949 (boo#1231558) CVE-2024-48948 (boo#1231685) CVE-2024-42459 (boo#1232543) CVE-2024-42460 (boo#1232543) CVE-2024-42461 (boo#1232543) * Update follow-redirects to 1.15.6 Fixes CVE-2024-28849 (boo#1221456) * fix: gui/velociraptor/package.json to reduce vulnerabilities Fixes CVE-2022-25883 (boo#1212572) - Update to version 0.7.0.4.git126.27cfbe1: * bpf: fix plugins not stopping when context cancelled * tcpsnoop: move parsing to its own function * bpf plugins: remove depreciated libbpfgo calls * bpf plugins: add context to error logs * chattrsnoop: fix files not getting closed * chattrsnoop: move hashing from plugin to artifact * RPM artifact: start checks immediately on artifact load * rpm plugin: fix ndb magic error * audit s390x: fix arch filter rules errors * github: fix deprecated upload artifact * tcpsnoop: fix ipv6 local and remote addresses order * tcpsnoop: fix missing ipv6 outbound connections * Linux.Events.ProcessExecutions: remove parent cmdline * audit: reduce FileBufferLeaseSize to ease GC overhead * audit: fix auditBuf allocation and go vet warnings * audit: fix plugin shutdown race condition * audit: fix audit client data races * audit: fix race in subscriber * audit: prevent Windows loading audit package * sdjournal: fix package causing test failures * github: run linux unit tests - Update node modules with security fixes. * Fixes CVE-2024-39338 (boo#1229424) - Update to version 0.7.0.4.git97.675e45f9: * kafka-humio-gateway: update go version and dependency list * kafka-humio-gateway: specific mTLS cert paths in config.yml * docker-compose: set kafka replication factor and min ISRs * kafka-humio-gateway: add http post retry mechanism * kafka-humio-gateway: add pprof debugging option * kafka-humio-gateway: format with gofmt * kafka-humio-gateway: fix go-staticcheck issues * kafka-humio-gateway: fix sendEvents() never exiting * Kafka.Events.Client: Update to use new artifactset type * docker-compose: add optional Kafka cluser * kafka-humio-gateway: add mTLS support * contrib/kafka-humio-gateway: add new debug option for noisy events * contrib/kafka-humio-gateway: backoff and retry for metadata * kafka-humio-gateway: add sample config file * kafka-humio-gateway: update sarama and dependencies * Add Kafka-Humio Gateway [Depends on PR#10] (#8) * vql/server/kafka: connect sarama logging to velociraptor logging * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries * vql/server/kafka: set appropriate ClientID * Add a Kafka export plugin - Update to version 0.7.0.4.git74.3426c0a: * Fix services artifact symbol pid not found error * chattrsnoop: correct read size for flags * chattrsnoop: fix wrong FS_IOC_SETFLAGS value for ppc * chattrsnoop: fix do_vfs_ioctl kprobe failure - Update to version 0.7.0.4.git68.ad1f4e5: * Fix undefined binary.NativeEndian build errors - Add llvm16-libclang13 dependency for SLE 15 SP5 and above - Update to version 0.7.0.4.git66.eea7659: * dnssnoop: fix loading protocol from ip header on s390 * dnssnoop: fix htons() so it works on s390 too * Fix systemd Services artifact missing events * chattrsnoop: replace global variables with locals * tcpsnoop: fix garbled results on s390 * chattrsnoop: fix immutable attribute set on s390 * chattrsnoop: fix bpf_probe_read for s390 * tcpsnoop: remove unused filtering code * Add artifact to collect new files without owner * bpf plugins: set a logger callback - Update to version 0.7.0.4.git47.0f8a4de1: * Rename SUSE specific artifacts to have SUSE prefix * Add SUSE.Linux.Events.NewZeroSizeLogFile artifact * Move NewFiles artifact to SUSE * Move ImmutableFile artifact to SUSE * Make ImmutableFile artifact consistent with others * Fix absolute path case in ExecutableFiles artifact * Add client monitoring artifact for RPMs * Add artifact to collect new hidden files * Add artifact to monitor ssh authorized_keys files * Fix split_records error on older clients * Add hash fields to Linux.Events.ProcessExecutions * Add artifact to collect systemd service events * Fix SystemLogins artifacts file extensions * Add SUSE.Linux.Events.Timers artifact * Fix audit filter key typo in Linux.Events.NewFiles * Add server artifact to delete old client data on server * Add SUSE.Linux.Sys.At artifact * chattrsnoop: include full error details in logs * chattrsnoop: handle os.Stat() error properly * chattrsnoop: don't log.Fatal() on hash error * Fix Linux.Events.ImmutableFile not showing hash in GUI * SUSE.Linux.Events.Crontab: Add task execution artifacts * Raise client connection log level to ERROR * sdjournal: Correctly seek to current tail - Update to version 0.7.0.4.git6.7b40b8b: * go.mod: increase go version to 1.19 velociraptor-0.7.0.4.git152.fb24dfd-bp157.2.3.1.src.rpm velociraptor-0.7.0.4.git152.fb24dfd-bp157.2.3.1.x86_64.rpm system-user-velociraptor-1.0.0-bp157.2.3.1.noarch.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.src.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.x86_64.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.aarch64.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.ppc64le.rpm velociraptor-client-0.7.0.4.git152.fb24dfd-bp157.2.3.1.s390x.rpm openSUSE-2025-235 moderate openSUSE Backports SLE-15-SP7 Update This update for openQA-devel-container fixes the following issues: - Update to version 5.1749650866.7a5a615c8: * Update to latest openQA version openQA-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.x86_64.rpm openQA-client-test-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-test-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-worker-test-5.1749832158.cc746ea0-bp157.2.6.1.src.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.aarch64.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.ppc64le.rpm openQA-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-auto-update-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-bootstrap-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-client-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-common-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-continuous-update-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-devel-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-doc-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-local-db-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-munin-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-python-scripts-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-single-instance-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-single-instance-nginx-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openQA-worker-5.1749832158.cc746ea0-bp157.2.6.1.s390x.rpm openSUSE-2025-220 moderate openSUSE Backports SLE-15-SP7 Update This update for libetebase fixes the following issues: Update to version 0.5.8: * CVE-2025-3416: Fixed rust openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242638) * Deps: run cargo update. libetebase-0.5.8-bp157.2.3.1.src.rpm libetebase-devel-0.5.8-bp157.2.3.1.x86_64.rpm libetebase0-0.5.8-bp157.2.3.1.x86_64.rpm libetebase-devel-0.5.8-bp157.2.3.1.i586.rpm libetebase0-0.5.8-bp157.2.3.1.i586.rpm libetebase-devel-0.5.8-bp157.2.3.1.aarch64.rpm libetebase0-0.5.8-bp157.2.3.1.aarch64.rpm libetebase-devel-0.5.8-bp157.2.3.1.ppc64le.rpm libetebase0-0.5.8-bp157.2.3.1.ppc64le.rpm libetebase-devel-0.5.8-bp157.2.3.1.s390x.rpm libetebase0-0.5.8-bp157.2.3.1.s390x.rpm openSUSE-2025-224 moderate openSUSE Backports SLE-15-SP7 Update This update for queue fixes the following issues: Version 1.2.0: - Ignore broken pipe error (e.g. when piping to head) Version 1.2.0: - Only use dark_grey if available Version 1.1.0: - Color scheduled and running entries differently - Enable multi column limiting - Add hint about config location Version 1.3.0: - Ignore broken pipe error (e.g. when piping to head) Version 1.2.0: - Only use dark_grey if available Version 1.1.0: - Color scheduled and running entries differently - Enable multi column limiting - Add hint about config location queue-1.3.0-bp157.2.3.1.noarch.rpm queue-1.3.0-bp157.2.3.1.src.rpm openSUSE-2025-232 important openSUSE Backports SLE-15-SP7 Update this update for chromium 138.0.7204.96 (stable released 2025-06-30) (boo#1245544) fixes the following issues: * cve-2025-6554: type confusion in v8 * CVE-2025-6555: Use after free in Animation * CVE-2025-6556: Insufficient policy enforcement in Loader * CVE-2025-6557: Insufficient data validation in DevTools chromedriver-138.0.7204.96-bp157.2.19.1.x86_64.rpm chromedriver-debuginfo-138.0.7204.96-bp157.2.19.1.x86_64.rpm chromium-138.0.7204.96-bp157.2.19.1.src.rpm chromium-138.0.7204.96-bp157.2.19.1.x86_64.rpm chromium-debuginfo-138.0.7204.96-bp157.2.19.1.x86_64.rpm gh-2.74.2-bp157.2.3.1.src.rpm gh-2.74.2-bp157.2.3.1.x86_64.rpm gh-bash-completion-2.74.2-bp157.2.3.1.noarch.rpm gh-debuginfo-2.74.2-bp157.2.3.1.x86_64.rpm gh-fish-completion-2.74.2-bp157.2.3.1.noarch.rpm gh-zsh-completion-2.74.2-bp157.2.3.1.noarch.rpm gn-0.20250520-bp157.2.3.1.src.rpm gn-0.20250520-bp157.2.3.1.x86_64.rpm gn-debuginfo-0.20250520-bp157.2.3.1.x86_64.rpm gn-debugsource-0.20250520-bp157.2.3.1.x86_64.rpm gh-2.74.2-bp157.2.3.1.i586.rpm gh-debuginfo-2.74.2-bp157.2.3.1.i586.rpm gn-0.20250520-bp157.2.3.1.i586.rpm gn-debuginfo-0.20250520-bp157.2.3.1.i586.rpm gn-debugsource-0.20250520-bp157.2.3.1.i586.rpm chromedriver-138.0.7204.96-bp157.2.19.1.aarch64.rpm chromedriver-debuginfo-138.0.7204.96-bp157.2.19.1.aarch64.rpm chromium-138.0.7204.96-bp157.2.19.1.aarch64.rpm chromium-debuginfo-138.0.7204.96-bp157.2.19.1.aarch64.rpm gh-2.74.2-bp157.2.3.1.aarch64.rpm gh-debuginfo-2.74.2-bp157.2.3.1.aarch64.rpm gn-0.20250520-bp157.2.3.1.aarch64.rpm gn-debuginfo-0.20250520-bp157.2.3.1.aarch64.rpm gn-debugsource-0.20250520-bp157.2.3.1.aarch64.rpm gh-2.74.2-bp157.2.3.1.ppc64le.rpm gh-debuginfo-2.74.2-bp157.2.3.1.ppc64le.rpm gn-0.20250520-bp157.2.3.1.ppc64le.rpm gn-debuginfo-0.20250520-bp157.2.3.1.ppc64le.rpm gn-debugsource-0.20250520-bp157.2.3.1.ppc64le.rpm gh-2.74.2-bp157.2.3.1.s390x.rpm gh-debuginfo-2.74.2-bp157.2.3.1.s390x.rpm gn-0.20250520-bp157.2.3.1.s390x.rpm gn-debuginfo-0.20250520-bp157.2.3.1.s390x.rpm gn-debugsource-0.20250520-bp157.2.3.1.s390x.rpm openSUSE-2025-228 moderate openSUSE Backports SLE-15-SP7 Update This update for gitea-tea fixes the following issues: - update to 0.10.1: * Update release ci * chore(deps): update crazy-max/ghaction-import-gpg action to v6 * fix(deps): update module github.com/urfave/cli/v3 to v3.3.8 - update to 0.10.0: * fix: support SSH remotes with non-standard ports * minor helper fixes * Bump Table Dep * Login via oauth2 flow * Feat: interactive issue edit command * Use flakes vs devbox * Fix helper panic * Add --note-file flag to read release notes from a file * Fix/Login Edit Use Editor Env * Gitea Actions support * Expose --labels option * Add git helper * Support auto detecting branch for PRs * context: move human readable note to stderr * Add repos rm/delete command * Release Asset Management * tea branches list/protect/unprotect * Add OTP and scopes to login * Initial CLI docs * Fix for go tools called from make * fix interactive login add * issues list can show filtered by owner/org instead of repo too * fix: non-standard ssh port URL's repo can't be recognized * updated dependencies gitea-tea-0.10.1-bp157.2.3.1.src.rpm gitea-tea-0.10.1-bp157.2.3.1.x86_64.rpm gitea-tea-bash-completion-0.10.1-bp157.2.3.1.noarch.rpm gitea-tea-zsh-completion-0.10.1-bp157.2.3.1.noarch.rpm gitea-tea-0.10.1-bp157.2.3.1.i586.rpm gitea-tea-0.10.1-bp157.2.3.1.aarch64.rpm gitea-tea-0.10.1-bp157.2.3.1.ppc64le.rpm gitea-tea-0.10.1-bp157.2.3.1.s390x.rpm openSUSE-2025-230 important openSUSE Backports SLE-15-SP7 Update This update for roundcubemail fixes the following issues: Update to 1.6.11: This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: * Fix Post-Auth RCE via PHP Object Deserialization reported by firs0v. - CHANGELOG * Managesieve: Fix match-type selector (remove unsupported options) in delete header action (#9610) * Improve installer to fix confusion about disabling SMTP authentication (#9801) * Fix PHP warning in index.php (#9813) * OAuth: Fix/improve token refresh * Fix dark mode bug where wrong colors were used for blockquotes in HTML mail preview (#9820) * Fix HTML message preview if it contains floating tables (#9804) * Fix removing/expiring redis/memcache records when using a key prefix * Fix bug where a wrong SPECIAL-USE folder could have been detected, if there were more than one per-type (#9781) * Fix a default value and documentation of password_ldap_encodage option (#9658) * Remove mobile/floating Create button from the list in Settings > Folders (#9661) * Fix Delete and Empty buttons state while creating a folder (#9047) * Fix connecting to LDAP using ldapi:// URI (#8990) * Fix cursor position on "below the quote" reply in HTML mode (#8700) * Fix bug where attachments with content type of application/vnd.ms-tnef were not parsed (#7119) roundcubemail-1.6.11-bp157.2.3.1.noarch.rpm roundcubemail-1.6.11-bp157.2.3.1.src.rpm openSUSE-2025-231 important openSUSE Backports SLE-15-SP7 Update This update for sslh fixes the following issues: sslh was updated to 2.2.4: * Fix CVE-2025-46806 (boo#1243120) for "Misaligned Memory Accesses in `is_openvpn_protocol()`" * Fix CVE-2025-46807 (boo#1243122) for "File Descriptor Exhaustion in sslh-select and sslh-ev" * Fix potential parsing of undefined data in syslog probe (no CVE assigned) Update to 2.2.3: * Reverse older commit: version.h cannot be included without breaking the build (everything recompiles every time) and the release archive creation (which relies on git tags). Update to 2.2.2: * Fix potential vulnerability similar to CVE-2020-28935 Update to 2.2.1: * Fix compilation when libproxyprotocol is not present Update to 2.2.0: * Add a boolean setting "is_unix" for listen and protocol entries. This will use the 'host' setting as a path name to a socket file, and connections (listening or connecting) will be performed on Unix socket instead of Internet sockets. * Support HAProxy's proxyprotocol on the backend server side. * Lots of documentation about a new, simpler way to perform transparent proxying. * New "verbose" option that overrides all other verbose settings. Update to 2.1.3: * Landlock access fix Update to 2.1.2: * Fix inetd Update to 2.1.1: * Fix MacOS build error Update to 2.1.0: * Support for the Landlock LSM. After initial setup, sslh gives up all local file access rights. * Reintroduced --ssl as an alias to --tls. * Introduce autoconf to adapt to landlock presence. * Close connexion without error message if remote client forcefully closes connexion, for Windows. Update to 2.0.1: * New semver-compatible version number * New sslh-ev: this is functionaly equivalent to sslh-select (mono-process, only forks for specified protocols), but based on libev, which should make it scalable to large numbers of connections. * New log system: instead of –verbose with arbitrary levels, there are now several message classes. Each message class can be set to go to stderr, syslog, or both. Classes are documented in example.cfg. * UDP connections are now managed in a hash to avoid linear searches. The downside is that the number of UDP connections is a hard limit, configurable with the ‘udp_max_connections’, which defaults to 1024. Timeouts are managed with lists. * inetd merges stderr output to what is sent to the client, which is a security issue as it might give information to an attacker. When inetd is activated, stderr is forcibly closed. * New protocol-level option resolve_on_forward, requests that target names are resolved at each connection instead of at startup. Useful for dynamic DNS situations. sslh-2.2.4-bp157.2.3.1.src.rpm sslh-2.2.4-bp157.2.3.1.x86_64.rpm sslh-2.2.4-bp157.2.3.1.i586.rpm sslh-2.2.4-bp157.2.3.1.aarch64.rpm sslh-2.2.4-bp157.2.3.1.ppc64le.rpm sslh-2.2.4-bp157.2.3.1.s390x.rpm openSUSE-2025-237 moderate openSUSE Backports SLE-15-SP7 Update This update for mosquitto fixes the following issues: mosquitto was update to version 2.0.21: * Broker * Fix clients sending a RESERVED packet not being quickly disconnected. * Fix bind_interface producing an error when used with an interface that has an IPv6 link-local address and no other IPv6 addresses. * Fix mismatched wrapped/unwrapped memory alloc/free in properties. * Fix allow_anonymous false not being applied in local only mode. * Add retain_expiry_interval option to fix expired retained message not being removed from memory if they are not subscribed to. * Produce an error if invalid combinations of cafile/capath/certfile/keyfile are used. * Backport keepalive checking from develop to fix problems in current implementation. * Client library * Fix potential deadlock in mosquitto_sub if -W is used. * Apps * mosquitto_ctrl dynsec now also allows -i to specify a clientid as well as -c. This matches the documentation which states -i. - systemd service: Wait till the network got setup to avoid startup failure. - Update to version 2.0.19 (CVE-2024-3935 boo#1232635, CVE-2024-10525 boo#1232636): libmosquitto1-2.0.21-bp157.2.3.1.x86_64.rpm libmosquittopp1-2.0.21-bp157.2.3.1.x86_64.rpm mosquitto-2.0.21-bp157.2.3.1.src.rpm mosquitto-2.0.21-bp157.2.3.1.x86_64.rpm mosquitto-clients-2.0.21-bp157.2.3.1.x86_64.rpm mosquitto-devel-2.0.21-bp157.2.3.1.x86_64.rpm libmosquitto1-2.0.21-bp157.2.3.1.aarch64.rpm libmosquittopp1-2.0.21-bp157.2.3.1.aarch64.rpm mosquitto-2.0.21-bp157.2.3.1.aarch64.rpm mosquitto-clients-2.0.21-bp157.2.3.1.aarch64.rpm mosquitto-devel-2.0.21-bp157.2.3.1.aarch64.rpm libmosquitto1-2.0.21-bp157.2.3.1.ppc64le.rpm libmosquittopp1-2.0.21-bp157.2.3.1.ppc64le.rpm mosquitto-2.0.21-bp157.2.3.1.ppc64le.rpm mosquitto-clients-2.0.21-bp157.2.3.1.ppc64le.rpm mosquitto-devel-2.0.21-bp157.2.3.1.ppc64le.rpm libmosquitto1-2.0.21-bp157.2.3.1.s390x.rpm libmosquittopp1-2.0.21-bp157.2.3.1.s390x.rpm mosquitto-2.0.21-bp157.2.3.1.s390x.rpm mosquitto-clients-2.0.21-bp157.2.3.1.s390x.rpm mosquitto-devel-2.0.21-bp157.2.3.1.s390x.rpm