openSUSE Security Announce
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
February 2024
- 2 participants
- 60 discussions
26 Feb '24
# Security update for libxml2
Announcement ID: SUSE-SU-2024:0613-1
Rating: moderate
References:
* bsc#1219576
Cross-References:
* CVE-2024-25062
CVSS scores:
* CVE-2024-25062 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25062 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
An update that solves one vulnerability can now be installed.
## Description:
This update for libxml2 fixes the following issues:
* CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-613=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-613=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-613=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-613=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-613=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-613=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-613=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-devel-32bit-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (noarch)
* libxml2-doc-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libxml2-devel-64bit-2.9.14-150400.5.28.1
* libxml2-2-64bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-64bit-2.9.14-150400.5.28.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
## References:
* https://www.suse.com/security/cve/CVE-2024-25062.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219576
1
0
SUSE-SU-2024:0607-1: important: Security update for MozillaFirefox
by OPENSUSE-SECURITY-UPDATES 23 Feb '24
by OPENSUSE-SECURITY-UPDATES 23 Feb '24
23 Feb '24
# Security update for MozillaFirefox
Announcement ID: SUSE-SU-2024:0607-1
Rating: important
References:
* bsc#1184272
* bsc#1220048
Cross-References:
* CVE-2024-1546
* CVE-2024-1547
* CVE-2024-1548
* CVE-2024-1549
* CVE-2024-1550
* CVE-2024-1551
* CVE-2024-1552
* CVE-2024-1553
CVSS scores:
Affected Products:
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves eight vulnerabilities can now be installed.
## Description:
This update for MozillaFirefox fixes the following issues:
Update to Firefox Extended Support Release 115.8.0 ESR (MFSA 2024-06)
(bsc#1220048):
* CVE-2024-1546: Out-of-bounds memory read in networking channels
* CVE-2024-1547: Alert dialog could have been spoofed on another site
* CVE-2024-1548: Fullscreen Notification could have been hidden by select
element
* CVE-2024-1549: Custom cursor could obscure the permission dialog
* CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to
unintended permission grants
* CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header
in response parts
* CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
* CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
and Thunderbird 115.8
* Recommend libfido2-udev on codestreams that exist, in order to try to get
security keys (e.g. Yubikeys) work out of the box. (bsc#1184272)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-607=1
* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-607=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-607=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-607=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-607=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-607=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-607=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-607=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-607=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-607=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-607=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-607=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-607=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-607=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-branding-upstream-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* openSUSE Leap 15.5 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* Desktop Applications Module 15-SP5 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* MozillaFirefox-115.8.0-150200.152.126.3
* MozillaFirefox-debuginfo-115.8.0-150200.152.126.3
* MozillaFirefox-translations-other-115.8.0-150200.152.126.3
* MozillaFirefox-debugsource-115.8.0-150200.152.126.3
* MozillaFirefox-translations-common-115.8.0-150200.152.126.3
* SUSE Enterprise Storage 7.1 (noarch)
* MozillaFirefox-devel-115.8.0-150200.152.126.3
## References:
* https://www.suse.com/security/cve/CVE-2024-1546.html
* https://www.suse.com/security/cve/CVE-2024-1547.html
* https://www.suse.com/security/cve/CVE-2024-1548.html
* https://www.suse.com/security/cve/CVE-2024-1549.html
* https://www.suse.com/security/cve/CVE-2024-1550.html
* https://www.suse.com/security/cve/CVE-2024-1551.html
* https://www.suse.com/security/cve/CVE-2024-1552.html
* https://www.suse.com/security/cve/CVE-2024-1553.html
* https://bugzilla.suse.com/show_bug.cgi?id=1184272
* https://bugzilla.suse.com/show_bug.cgi?id=1220048
1
0
SUSE-SU-2024:0608-1: important: Security update for MozillaThunderbird
by OPENSUSE-SECURITY-UPDATES 23 Feb '24
by OPENSUSE-SECURITY-UPDATES 23 Feb '24
23 Feb '24
# Security update for MozillaThunderbird
Announcement ID: SUSE-SU-2024:0608-1
Rating: important
References:
* bsc#1220048
Cross-References:
* CVE-2024-1546
* CVE-2024-1547
* CVE-2024-1548
* CVE-2024-1549
* CVE-2024-1550
* CVE-2024-1551
* CVE-2024-1552
* CVE-2024-1553
CVSS scores:
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Package Hub 15 15-SP5
An update that solves eight vulnerabilities can now be installed.
## Description:
This update for MozillaThunderbird fixes the following issues:
Mozilla Thunderbird 115.8 (bsc#1220048):
* CVE-2024-1546: Out-of-bounds memory read in networking channels
* CVE-2024-1547: Alert dialog could have been spoofed on another site
* CVE-2024-1548: Fullscreen Notification could have been hidden by select
element
* CVE-2024-1549: Custom cursor could obscure the permission dialog
* CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to
unintended permission grants
* CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header
in response parts
* CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
* CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
and Thunderbird 115.8
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-608=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-608=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-608=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-115.8.0-150200.8.148.1
* MozillaThunderbird-debugsource-115.8.0-150200.8.148.1
* MozillaThunderbird-debuginfo-115.8.0-150200.8.148.1
* MozillaThunderbird-translations-common-115.8.0-150200.8.148.1
* MozillaThunderbird-translations-other-115.8.0-150200.8.148.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x)
* MozillaThunderbird-115.8.0-150200.8.148.1
* MozillaThunderbird-debugsource-115.8.0-150200.8.148.1
* MozillaThunderbird-debuginfo-115.8.0-150200.8.148.1
* MozillaThunderbird-translations-common-115.8.0-150200.8.148.1
* MozillaThunderbird-translations-other-115.8.0-150200.8.148.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* MozillaThunderbird-115.8.0-150200.8.148.1
* MozillaThunderbird-debugsource-115.8.0-150200.8.148.1
* MozillaThunderbird-debuginfo-115.8.0-150200.8.148.1
* MozillaThunderbird-translations-common-115.8.0-150200.8.148.1
* MozillaThunderbird-translations-other-115.8.0-150200.8.148.1
## References:
* https://www.suse.com/security/cve/CVE-2024-1546.html
* https://www.suse.com/security/cve/CVE-2024-1547.html
* https://www.suse.com/security/cve/CVE-2024-1548.html
* https://www.suse.com/security/cve/CVE-2024-1549.html
* https://www.suse.com/security/cve/CVE-2024-1550.html
* https://www.suse.com/security/cve/CVE-2024-1551.html
* https://www.suse.com/security/cve/CVE-2024-1552.html
* https://www.suse.com/security/cve/CVE-2024-1553.html
* https://bugzilla.suse.com/show_bug.cgi?id=1220048
1
0
SUSE-SU-2024:0601-1: moderate: Security update for python-pycryptodome
by OPENSUSE-SECURITY-UPDATES 23 Feb '24
by OPENSUSE-SECURITY-UPDATES 23 Feb '24
23 Feb '24
# Security update for python-pycryptodome
Announcement ID: SUSE-SU-2024:0601-1
Rating: moderate
References:
* bsc#1218564
Cross-References:
* CVE-2023-52323
CVSS scores:
* CVE-2023-52323 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52323 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for python-pycryptodome fixes the following issues:
* CVE-2023-52323: Fixed side-channel leakage in RSA decryption by using
constant-time (faster) padding decoding for OAEP (bsc#1218564).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-601=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-601=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-pycryptodome-debuginfo-3.9.0-150200.9.1
* python3-pycryptodome-3.9.0-150200.9.1
* python3-pycryptodome-debuginfo-3.9.0-150200.9.1
* python-pycryptodome-debugsource-3.9.0-150200.9.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-pycryptodome-debuginfo-3.9.0-150200.9.1
* python3-pycryptodome-3.9.0-150200.9.1
* python3-pycryptodome-debuginfo-3.9.0-150200.9.1
* python-pycryptodome-debugsource-3.9.0-150200.9.1
## References:
* https://www.suse.com/security/cve/CVE-2023-52323.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218564
1
0
SUSE-SU-2024:0597-1: important: Security update for mozilla-nss
by OPENSUSE-SECURITY-UPDATES 22 Feb '24
by OPENSUSE-SECURITY-UPDATES 22 Feb '24
22 Feb '24
# Security update for mozilla-nss
Announcement ID: SUSE-SU-2024:0597-1
Rating: important
References:
* bsc#1216198
Cross-References:
* CVE-2023-5388
CVSS scores:
* CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for mozilla-nss fixes the following issues:
Update to NSS 3.90.2:
* CVE-2023-5388: Fixed timing attack against RSA decryption in TLS
(bsc#1216198)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-597=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-597=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-597=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-597=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-597=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-597=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-597=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-597=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-597=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-597=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-597=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-597=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-597=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-597=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-597=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-597=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-597=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-597=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* openSUSE Leap 15.4 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-32bit-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* mozilla-nss-sysinit-64bit-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-64bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-64bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-64bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-64bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-64bit-3.90.2-150400.3.39.1
* libfreebl3-64bit-3.90.2-150400.3.39.1
* libfreebl3-64bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-64bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-64bit-3.90.2-150400.3.39.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* openSUSE Leap 15.5 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-32bit-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* Basesystem Module 15-SP5 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* SUSE Manager Proxy 4.3 (x86_64)
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* mozilla-nss-sysinit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-sysinit-3.90.2-150400.3.39.1
* mozilla-nss-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-3.90.2-150400.3.39.1
* libfreebl3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-debugsource-3.90.2-150400.3.39.1
* mozilla-nss-3.90.2-150400.3.39.1
* libfreebl3-3.90.2-150400.3.39.1
* libsoftokn3-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-devel-3.90.2-150400.3.39.1
* mozilla-nss-certs-3.90.2-150400.3.39.1
* mozilla-nss-certs-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-tools-3.90.2-150400.3.39.1
* mozilla-nss-tools-debuginfo-3.90.2-150400.3.39.1
* SUSE Manager Server 4.3 (x86_64)
* mozilla-nss-32bit-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-3.90.2-150400.3.39.1
* libsoftokn3-32bit-debuginfo-3.90.2-150400.3.39.1
* libsoftokn3-32bit-3.90.2-150400.3.39.1
* libfreebl3-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-certs-32bit-debuginfo-3.90.2-150400.3.39.1
* mozilla-nss-32bit-debuginfo-3.90.2-150400.3.39.1
* libfreebl3-32bit-3.90.2-150400.3.39.1
## References:
* https://www.suse.com/security/cve/CVE-2023-5388.html
* https://bugzilla.suse.com/show_bug.cgi?id=1216198
1
0
22 Feb '24
# Security update for bind
Announcement ID: SUSE-SU-2024:0590-1
Rating: important
References:
* bsc#1219823
* bsc#1219826
* bsc#1219851
* bsc#1219852
* bsc#1219853
* bsc#1219854
Cross-References:
* CVE-2023-4408
* CVE-2023-50387
* CVE-2023-50868
* CVE-2023-5517
* CVE-2023-5679
* CVE-2023-6516
CVSS scores:
* CVE-2023-4408 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-50387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-50387 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-50868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5517 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5679 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6516 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves six vulnerabilities can now be installed.
## Description:
This update for bind fixes the following issues:
Update to release 9.16.48:
Feature Changes: * The IP addresses for B.ROOT-SERVERS.NET have been updated to
170.247.170.2 and 2801:1b8:10::b.
Security Fixes: * Validating DNS messages containing a lot of DNSSEC signatures
could cause excessive CPU load, leading to a denial-of-service condition. This
has been fixed. (CVE-2023-50387) [bsc#1219823] * Preparing an NSEC3 closest
encloser proof could cause excessive CPU load, leading to a denial-of-service
condition. This has been fixed. (CVE-2023-50868) [bsc#1219826] * Parsing DNS
messages with many different names could cause excessive CPU load. This has been
fixed. (CVE-2023-4408) [bsc#1219851] * Specific queries could cause named to
crash with an assertion failure when nxdomain-redirect was enabled. This has
been fixed. (CVE-2023-5517) [bsc#1219852] * A bad interaction between DNS64 and
serve-stale could cause named to crash with an assertion failure, when both of
these features were enabled. This has been fixed. (CVE-2023-5679) [bsc#1219853]
* Query patterns that continuously triggered cache database maintenance could
cause an excessive amount of memory to be allocated, exceeding max-cache-size
and potentially leading to all available memory on the host running named being
exhausted. This has been fixed. (CVE-2023-6516) [bsc#1219854]
Removed Features: * Support for using AES as the DNS COOKIE algorithm (cookie-
algorithm aes;) has been deprecated and will be removed in a future release.
Please use the current default, SipHash-2-4, instead.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-590=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-590=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-590=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-590=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-590=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-590=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-590=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-590=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-590=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* openSUSE Leap 15.4 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-utils-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* python3-bind-9.16.48-150400.5.40.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Manager Proxy 4.3 (x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Manager Proxy 4.3 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* bind-utils-9.16.48-150400.5.40.1
* bind-debugsource-9.16.48-150400.5.40.1
* bind-utils-debuginfo-9.16.48-150400.5.40.1
* bind-9.16.48-150400.5.40.1
* bind-debuginfo-9.16.48-150400.5.40.1
* SUSE Manager Server 4.3 (noarch)
* bind-doc-9.16.48-150400.5.40.1
* python3-bind-9.16.48-150400.5.40.1
## References:
* https://www.suse.com/security/cve/CVE-2023-4408.html
* https://www.suse.com/security/cve/CVE-2023-50387.html
* https://www.suse.com/security/cve/CVE-2023-50868.html
* https://www.suse.com/security/cve/CVE-2023-5517.html
* https://www.suse.com/security/cve/CVE-2023-5679.html
* https://www.suse.com/security/cve/CVE-2023-6516.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219823
* https://bugzilla.suse.com/show_bug.cgi?id=1219826
* https://bugzilla.suse.com/show_bug.cgi?id=1219851
* https://bugzilla.suse.com/show_bug.cgi?id=1219852
* https://bugzilla.suse.com/show_bug.cgi?id=1219853
* https://bugzilla.suse.com/show_bug.cgi?id=1219854
1
0
SUSE-SU-2024:0592-1: important: Security update for php-composer2
by OPENSUSE-SECURITY-UPDATES 22 Feb '24
by OPENSUSE-SECURITY-UPDATES 22 Feb '24
22 Feb '24
# Security update for php-composer2
Announcement ID: SUSE-SU-2024:0592-1
Rating: important
References:
* bsc#1219757
Cross-References:
* CVE-2024-24821
CVSS scores:
* CVE-2024-24821 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-24821 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Server 4.3
* Web and Scripting Module 15-SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for php-composer2 fixes the following issues:
* CVE-2024-24821: Fixed potential arbitrary code execution when Composer is
invoked within a directory with tampered files (bsc#1219757).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-592=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-592=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-592=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-592=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-592=1
* Web and Scripting Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-592=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-592=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-592=1
## Package List:
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* SUSE Manager Server 4.3 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* openSUSE Leap 15.4 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* openSUSE Leap 15.5 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* Web and Scripting Module 15-SP5 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* php-composer2-2.2.3-150400.3.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* php-composer2-2.2.3-150400.3.9.1
## References:
* https://www.suse.com/security/cve/CVE-2024-24821.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219757
1
0
21 Feb '24
# Security update for python3
Announcement ID: SUSE-SU-2024:0581-1
Rating: moderate
References:
* bsc#1210638
Cross-References:
* CVE-2023-27043
CVSS scores:
* CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for python3 fixes the following issues:
* CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a
special character (bsc#1210638).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-581=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-581=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-581=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-581=1
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-581=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-581=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-581=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-581=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-581=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-581=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-581=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-581=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-581=1
## Package List:
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-devel-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-devel-debuginfo-3.6.15-150300.10.54.1
* python3-tk-debuginfo-3.6.15-150300.10.54.1
* python3-curses-debuginfo-3.6.15-150300.10.54.1
* python3-dbm-3.6.15-150300.10.54.1
* python3-dbm-debuginfo-3.6.15-150300.10.54.1
* python3-curses-3.6.15-150300.10.54.1
* python3-tk-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-idle-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python3-tools-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* python3-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-dbm-3.6.15-150300.10.54.1
* python3-testsuite-debuginfo-3.6.15-150300.10.54.1
* python3-doc-devhelp-3.6.15-150300.10.54.1
* python3-idle-3.6.15-150300.10.54.1
* python3-doc-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-devel-3.6.15-150300.10.54.1
* python3-curses-debuginfo-3.6.15-150300.10.54.1
* python3-dbm-debuginfo-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-devel-debuginfo-3.6.15-150300.10.54.1
* python3-tk-debuginfo-3.6.15-150300.10.54.1
* python3-tools-3.6.15-150300.10.54.1
* python3-tk-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* python3-testsuite-3.6.15-150300.10.54.1
* python3-curses-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* openSUSE Leap 15.3 (x86_64)
* libpython3_6m1_0-32bit-3.6.15-150300.10.54.1
* libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.54.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-64bit-3.6.15-150300.10.54.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-dbm-3.6.15-150300.10.54.1
* python3-testsuite-debuginfo-3.6.15-150300.10.54.1
* python3-doc-devhelp-3.6.15-150300.10.54.1
* python3-idle-3.6.15-150300.10.54.1
* python3-doc-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-devel-3.6.15-150300.10.54.1
* python3-curses-debuginfo-3.6.15-150300.10.54.1
* python3-dbm-debuginfo-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-devel-debuginfo-3.6.15-150300.10.54.1
* python3-tk-debuginfo-3.6.15-150300.10.54.1
* python3-tools-3.6.15-150300.10.54.1
* python3-tk-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* python3-testsuite-3.6.15-150300.10.54.1
* python3-curses-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* openSUSE Leap 15.5 (x86_64)
* libpython3_6m1_0-32bit-3.6.15-150300.10.54.1
* libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.54.1
* python3-base-debuginfo-3.6.15-150300.10.54.1
* libpython3_6m1_0-3.6.15-150300.10.54.1
* python3-3.6.15-150300.10.54.1
* python3-debuginfo-3.6.15-150300.10.54.1
* python3-base-3.6.15-150300.10.54.1
* python3-debugsource-3.6.15-150300.10.54.1
* python3-core-debugsource-3.6.15-150300.10.54.1
## References:
* https://www.suse.com/security/cve/CVE-2023-27043.html
* https://bugzilla.suse.com/show_bug.cgi?id=1210638
1
0
SUSE-SU-2024:0573-1: moderate: Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2
by OPENSUSE-SECURITY-UPDATES 21 Feb '24
by OPENSUSE-SECURITY-UPDATES 21 Feb '24
21 Feb '24
# Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-
abseil, python-grpcio, re2
Announcement ID: SUSE-SU-2024:0573-1
Rating: moderate
References:
* bsc#1133277
* bsc#1182659
* bsc#1203378
* bsc#1208794
* bsc#1212180
* bsc#1212182
* bsc#1214148
* bsc#1215334
* jsc#PED-5014
Cross-References:
* CVE-2023-32731
* CVE-2023-32732
* CVE-2023-33953
* CVE-2023-44487
* CVE-2023-4785
CVSS scores:
* CVE-2023-32731 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-32731 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-32732 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-32732 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-33953 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-33953 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-4785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-4785 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Python 3 Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP5
An update that solves five vulnerabilities, contains one feature and has three
security fixes can now be installed.
## Description:
This update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil,
python-grpcio, re2 fixes the following issues:
abseil-cpp was updated to:
Update to 20230802.1:
* Add StdcppWaiter to the end of the list of waiter implementations
Update to 20230802.0
What's New:
* Added the nullability library for designating the expected nullability of
pointers. Currently these serve as annotations only, but it is expected that
compilers will one day be able to use these annotations for diagnostic
purposes.
* Added the prefetch library as a portable layer for moving data into caches
before it is read.
* Abseil's hash tables now detect many more programming errors in debug and
sanitizer builds.
* Abseil's synchronization objects now differentiate absolute waits (when
passed an absl::Time) from relative waits (when passed an absl::Duration)
when the underlying platform supports differentiating these cases. This only
makes a difference when system clocks are adjusted.
* Abseil's flag parsing library includes additional methods that make it
easier to use when another library also expects to be able to parse flags.
* absl::string_view is now available as a smaller target,
@com_google_absl//absl/strings:string_view, so that users may use this
library without depending on the much larger @com_google_absl//absl/strings
target.
Update to 20230125.3
Details can be found on:
https://github.com/abseil/abseil-cpp/releases/tag/20230125.3
Update to 20230125.2
What's New:
The Abseil logging library has been released. This library
provides facilities for writing short text messages about the
status of a program to stderr, disk files, or other sinks
(via an extension API). See the logging library documentation
for more information.
An extension point, AbslStringify(), allows user-defined types
to seamlessly work with Abseil's string formatting functions
like absl::StrCat() and absl::StrFormat().
A library for computing CRC32C checksums has been added.
Floating-point parsing now uses the Eisel-Lemire algorithm,
which provides a significant speed improvement.
The flags library now provides suggestions for the closest
flag(s) in the case of misspelled flags.
Using CMake to install Abseil now makes the installed artifacts
(in particular absl/base/options.h) reflect the compiled ABI.
Breaking Changes:
Abseil now requires at least C++14 and follows Google's Foundational
C++ Support Policy. See this table for a list of currently supported
versions compilers, platforms, and build tools.
The legacy spellings of the thread annotation macros/functions
(e.g. GUARDED_BY()) have been removed by default in favor of the
ABSL_ prefixed versions (e.g. ABSL_GUARDED_BY()) due to clashes with
other libraries. The compatibility macro ABSL_LEGACY_THREAD_ANNOTATIONS
can be defined on the compile command-line to temporarily restore these
spellings, but this compatibility macro will be removed in the future.
Known Issues
The Abseil logging library in this release is not a feature-complete
replacement for glog yet. VLOG and DFATAL are examples of features
that have not yet been released.
Update to version 20220623.0
What's New:
* Added absl::AnyInvocable, a move-only function type.
* Added absl::CordBuffer, a type for buffering data for eventual inclusion an
absl::Cord, which is useful for writing zero-copy code.
* Added support for command-line flags of type absl::optional<T>.
Breaking Changes:
* CMake builds now use the flag ABSL_BUILD_TESTING (default: OFF) to control
whether or not unit tests are built.
* The ABSL_DEPRECATED macro now works with the GCC compiler. GCC users that
are experiencing new warnings can use -Wno-deprecated-declatations silence
the warnings or use -Wno-error=deprecated-declarations to see warnings but
not fail the build.
* ABSL_CONST_INIT uses the C++20 keyword constinit when available. Some
compilers are more strict about where this keyword must appear compared to
the pre-C++20 implementation.
* Bazel builds now depend on the bazelbuild/bazel-skylib repository. See
Abseil's WORKSPACE file for an example of how to add this dependency.
Other:
* This will be the last release to support C++11. Future releases will require
at least C++14.
grpc was updated to 1.60:
Update to release 1.60
* Implemented dualstack IPv4 and IPv6 backend support, as per draft gRFC A61.
xDS support currently guarded by GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS
env var.
* Support for setting proxy for addresses.
* Add v1 reflection.
update to 1.59.3:
* Security - Revocation: Crl backport to 1.59. (#34926)
Update to release 1.59.2
* Fixes for CVE-2023-44487
Update to version 1.59.1:
* C++: Fix MakeCordFromSlice memory bug (gh#grpc/grpc#34552).
Update to version 1.59.0:
* xds ssa: Remove environment variable protection for stateful affinity
(gh#grpc/grpc#34435).
* c-ares: fix spin loop bug when c-ares gives up on a socket that still has
data left in its read buffer (gh#grpc/grpc#34185).
* Deps: Adding upb as a submodule (gh#grpc/grpc#34199).
* EventEngine: Update Cancel contract on closure deletion timeline
(gh#grpc/grpc#34167).
* csharp codegen: Handle empty base_namespace option value to fix
gh#grpc/grpc#34113 (gh#grpc/grpc#34137).
* Ruby:
* replace strdup with gpr_strdup (gh#grpc/grpc#34177).
* drop ruby 2.6 support (gh#grpc/grpc#34198).
Update to release 1.58.1
* Reintroduced c-ares 1.14 or later support
Update to release 1.58
* ruby extension: remove unnecessary background thread startup wait logic that
interferes with forking
Update to release 1.57 (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)
* EventEngine: Change GetDNSResolver to return
absl::StatusOr<std::unique_ptr<DNSResolver>>.
* Improve server handling of file descriptor exhaustion.
* Add a channel argument to set DSCP on streams.
Update to release 1.56.2
* Improve server handling of file descriptor exhaustion
Update to release 1.56.0 (CVE-2023-32731, bsc#1212180)
* core: Add support for vsock transport.
* EventEngine: Change TXT lookup result type to std::vector<std::string>.
* C++/Authz: support customizable audit functionality for authorization
policy.
Update to release 1.54.1
* Bring declarations and definitions to be in sync
Update to release 1.54 (CVE-2023-32732, bsc#1212182)
* XDS: enable XDS federation by default
* TlsCreds: Support revocation of intermediate in chain
Update to release 1.51.1
* Only a macOS/aarch64-related change
Update to release 1.51
* c-ares DNS resolver: fix logical race between resolution
timeout/cancellation and fd readability.
* Remove support for pthread TLS
Update to release 1.50.0
* Core
* Derive EventEngine from std::enable_shared_from_this. (#31060)
* Revert "Revert "[chttp2] fix stream leak with queued flow control update and
absence of writes (#30907)" (#30991)". (#30992)
* [chttp2] fix stream leak with queued flow control update and absence of
writes. (#30907)
* Remove gpr_codegen. (#30899)
* client_channel: allow LB policy to communicate update errors to resolver.
(#30809)
* FaultInjection: Fix random number generation. (#30623)
* C++
* OpenCensus Plugin: Add measure and views for started RPCs. (#31034)
* C#
* Grpc.Tools: Parse warnings from libprotobuf (fix #27502). (#30371)
* Grpc.Tools add support for env variable GRPC_PROTOC_PLUGIN (fix #27099).
(#30411)
* Grpc.Tools document AdditionalImportDirs. (#30405)
* Fix OutputOptions and GrpcOutputOptions (issue #25950). (#30410)
Update to release 1.49.1
* All
* Update protobuf to v21.6 on 1.49.x. (#31028)
* Ruby
* Backport "Fix ruby windows ucrt build #31051" to 1.49.x. (#31053)
Update to release 1.49.0
* Core
* Backport: "stabilize the C2P resolver URI scheme" to v1.49.x. (#30654)
* Bump core version. (#30588)
* Update OpenCensus to HEAD. (#30567)
* Update protobuf submodule to 3.21.5. (#30548)
* Update third_party/protobuf to 3.21.4. (#30377)
* [core] Remove GRPC_INITIAL_METADATA_CORKED flag. (#30443)
* HTTP2: Fix keepalive time throttling. (#30164)
* Use AnyInvocable in EventEngine APIs. (#30220)
* Python
* Add type stub generation support to grpcio-tools. (#30498)
Update to release 1.48.1
* Backport EventEngine Forkables
Update to release 1.48.0
* C++14 is now required
* xDS: Workaround to get gRPC clients working with istio
Update to release 1.46.3
* backport: xds: use federation env var to guard new-style resource name
parsing (#29725) #29727
Update to release 1.46
* Added HTTP/1.1 support in httpcli
* HTTP2: Add graceful goaway
Update to release 1.45.2
* Various fixes related to XDS
* HTTP2: Should not run cancelling logic on servers when receiving GOAWAY
Update to release 1.45.1
* Switched to epoll1 as a default polling engine for Linux
Update to version 1.45.0:
* Core:
* Backport "Include ADS stream error in XDS error updates (#29014)" to 1.45.x
[gh#grpc/grpc#29121].
* Bump core version to 23.0.0 for upcoming release [gh#grpc/grpc#29026].
* Fix memory leak in HTTP request security handshake cancellation
[gh#grpc/grpc#28971].
* CompositeChannelCredentials: Comparator implementation [gh#grpc/grpc#28902].
* Delete custom iomgr [gh#grpc/grpc#28816].
* Implement transparent retries [gh#grpc/grpc#28548].
* Uniquify channel args keys [gh#grpc/grpc#28799].
* Set trailing_metadata_available for recv_initial_metadata ops when
generating a fake status [gh#grpc/grpc#28827].
* Eliminate gRPC insecure build [gh#grpc/grpc#25586].
* Fix for a racy WorkSerializer shutdown [gh#grpc/grpc#28769].
* InsecureCredentials: singleton object [gh#grpc/grpc#28777].
* Add http cancel api [gh#grpc/grpc#28354].
* Memory leak fix on windows in grpc_tcp_create() [gh#grpc/grpc#27457].
* xDS: Rbac filter updates [gh#grpc/grpc#28568].
* C++
* Bump the minimum gcc to 5 [gh#grpc/grpc#28786].
* Add experimental API for CRL checking support to gRPC C++ TlsCredentials
[gh#grpc/grpc#28407].
Update to release 1.44.0
* Add a trace to list which filters are contained in a channel stack.
* Remove grpc_httpcli_context.
* xDS: Add support for RBAC HTTP filter.
* API to cancel grpc_resolve_address.
Update to version 1.43.2:
* Fix google-c2p-experimental issue (gh#grpc/grpc#28692).
Changes from version 1.43.0:
* Core:
* Remove redundant work serializer usage in c-ares windows code
(gh#grpc/grpc#28016).
* Support RDS updates on the server (gh#grpc/grpc#27851).
* Use WorkSerializer in XdsClient to propagate updates in a synchronized
manner (gh#grpc/grpc#27975).
* Support Custom Post-handshake Verification in TlsCredentials
(gh#grpc/grpc#25631).
* Reintroduce the EventEngine default factory (gh#grpc/grpc#27920).
* Assert Android API >= v21 (gh#grpc/grpc#27943).
* Add support for abstract unix domain sockets (gh#grpc/grpc#27906).
* C++:
* OpenCensus: Move metadata storage to arena (gh#grpc/grpc#27948).
* [C#] Add nullable type attributes to Grpc.Core.Api (gh#grpc/grpc#27887).
* Update package name libgrpc++1 to libgrpc++1_43 in keeping with updated so
number.
Update to release 1.41.0
* xDS: Remove environmental variable guard for security.
* xDS Security: Use new way to fetch certificate provider plugin instance
config.
* xDS server serving status: Use a struct to allow more fields to be added in
the future.
Update to release 1.39.1
* Fix C# protoc plugin argument parsing on 1.39.x
Update to version 1.39.0:
* Core
* Initialize tcp_posix for CFStream when needed (gh#grpc/grpc#26530).
* Update boringssl submodule (gh#grpc/grpc#26520).
* Fix backup poller races (gh#grpc/grpc#26446).
* Use default port 443 in HTTP CONNECT request (gh#grpc/grpc#26331).
* C++
* New iomgr implementation backed by the EventEngine API (gh#grpc/grpc#26026).
* async_unary_call: add a Destroy method, called by std::default_delete
(gh#grpc/grpc#26389).
* De-experimentalize C++ callback API (gh#grpc/grpc#25728).
* PHP: stop reading composer.json file just to read the version string
(gh#grpc/grpc#26156).
* Ruby: Set XDS user agent in ruby via macros (gh#grpc/grpc#26268).
Update to release 1.38.0
* Invalidate ExecCtx now before computing timeouts in all repeating timer
events using a WorkSerializer or combiner.
* Fix use-after-unref bug in fault_injection_filter
* New gRPC EventEngine Interface
* Allow the AWS_DEFAULT_REGION environment variable
* s/OnServingStatusChange/OnServingStatusUpdate/
Update to release 1.37.1
* Use URI form of address for channelz listen node
* Implementation CSDS (xDS Config Dump)
* xDS status notifier
* Remove CAS loops in global subchannel pool and simplify subchannel
refcounting
Update to release 1.36.4
* A fix for DNS SRV lookups on Windows
Update to 1.36.1:
* Core:
* Remove unnecessary internal pollset set in c-ares DNS resolver
* Support Default Root Certs in Tls Credentials
* back-port: add env var protection for google-c2p resolver
* C++:
* Move third party identity C++ api out of experimental namespace
* refactor!: change error_details functions to templates
* Support ServerContext for callback API
* PHP:
* support for PSM security
* fixed segfault on reused call object
* fixed phpunit 8 warnings
* Python:
* Implement Python Client and Server xDS Creds
Update to version 1.34.1:
* Backport "Lazily import grpc_tools when using runtime stub/message
generation" to 1.34.x (gh#grpc/grpc#25011).
* Backport "do not use <PublicSign>true</PublicSign> on non-windows" to 1.34.x
(gh#grpc/grpc#24995).
Update to version 1.34.0:
* Core:
* Protect xds security code with the environment variable
"GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT" (gh#grpc/grpc#24782).
* Add support for "unix-abstract:" URIs to support abstract unix domain
sockets (gh#grpc/grpc#24500).
* Increment Index when parsing not plumbed SAN fields (gh#grpc/grpc#24601).
* Revert "Revert "Deprecate
GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS""
(gh#grpc/grpc#24518).
* xds: Set status code to INVALID_ARGUMENT when NACKing (gh#grpc/grpc#24516).
* Include stddef.h in address_sorting.h (gh#grpc/grpc#24514).
* xds: Add support for case_sensitive option in RouteMatch
(gh#grpc/grpc#24381).
* C++:
* Fix --define=grpc_no_xds=true builds (gh#grpc/grpc#24503).
* Experimental support and tests for
CreateCustomInsecureChannelWithInterceptorsFromFd (gh#grpc/grpc#24362).
Update to release 1.33.2
* Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS.
* Expose Cronet error message to the application layer.
* Remove grpc_channel_ping from surface API.
* Do not send BDP pings if there is no receive side activity.
Update to version 1.33.1
* Core
* Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS
(gh#grpc/grpc#24063).
* Expose Cronet error message to the application layer (gh#grpc/grpc#24083).
* Remove grpc_channel_ping from surface API (gh#grpc/grpc#23894).
* Do not send BDP pings if there is no receive side activity
(gh#grpc/grpc#22997).
* C++
* Makefile: only support building deps from submodule (gh#grpc/grpc#23957).
* Add new subpackages - libupb and upb-devel. Currently, grpc sources include
also upb sources. Before this change, libupb and upb-devel used to be
included in a separate package - upb.
Update to version 1.32.0:
* Core
* Remove stream from stalled lists on remove_stream (gh#grpc/grpc#23984).
* Do not cancel RPC if send metadata size if larger than peer's limit
(gh#grpc/grpc#23806).
* Don't consider receiving non-OK status as an error for HTTP2
(gh#grpc/grpc#19545).
* Keepalive throttling (gh#grpc/grpc#23313).
* Include the target_uri in "target uri is not valid" error messages
(gh#grpc/grpc#23782).
* Fix "cannot send compressed message large than 1024B" in cronet_transport
(gh#grpc/grpc#23219).
* Receive SETTINGS frame on clients before declaring subchannel READY
(gh#grpc/grpc#23636).
* Enabled GPR_ABSEIL_SYNC (gh#grpc/grpc#23372).
* Experimental xDS v3 support (gh#grpc/grpc#23281).
* C++
* Upgrade bazel used for all tests to 2.2.0 (gh#grpc/grpc#23902).
* Remove test targets and test helper libraries from Makefile
(gh#grpc/grpc#23813).
* Fix repeated builds broken by re2's cmake (gh#grpc/grpc#23587).
* Log the peer address of grpc_cli CallMethod RPCs to stderr
(gh#grpc/grpc#23557).
opencensus-proto was updated to 0.3.0+git.20200721:
* Update to version 0.3.0+git.20200721:
* Bump version to 0.3.0
* Generate Go types using protocolbuffers/protobuf-go (#218)
* Load proto_library() rule. (#216)
* Update to version 0.2.1+git.20190826:
* Remove grpc_java dependency and java_proto rules. (#214)
* Add C++ targets, especially for gRPC services. (#212)
* Upgrade bazel and dependencies to latest. (#211)
* Bring back bazel cache to make CI faster. (#210)
* Travis: don't require sudo for bazel installation. (#209)
* Update to version 0.2.1:
* Add grpc-gateway for metrics service. (#205)
* Pin bazel version in travis builds (#207)
* Update gen-go files (#199)
* Add Web JS as a LibraryInfo.Language option (#198)
* Set up Python packaging for PyPI release. (#197)
* Add tracestate to links. (#191)
* Python proto file generator and generated proto files (#196)
* Ruby proto file generator and generated proto files (#192)
* Add py_proto_library() rules for envoy/api. (#194)
* Gradle: Upgrade dependency versions. (#193)
* Update release versions for readme. (#189)
* Start 0.3.0 development cycle
* Update gen-go files. (#187)
* Revert "Start 0.3.0 development cycle (#167)" (#183)
* Revert optimization for metric descriptor and bucket options for now. (#184)
* Constant sampler: add option to always follow the parent's decision. (#182)
* Document that all maximum values must be specified. (#181)
* Fix typo in bucket bounds. (#178)
* Restrict people who can approve reviews. This is to ensure code quality.
(#177)
* Use bazel cache to make CI faster. (#176)
* Add grpc generated files to the idea plugin. (#175)
* Add Resource to Span (#174)
* time is required (#170)
* Upgrade protobuf dependency to v3.6.1.3. (#173)
* assume Ok Status when not set (#171)
* Minor comments fixes (#160)
* Start 0.3.0 development cycle (#167)
* Update gen-go files. (#162)
* Update releasing instruction. (#163)
* Fix Travis build. (#165)
* Add OpenApi doc for trace agent grpc-gateway (#157)
* Add command to generate OpenApi/Swagger doc for grpc-gateway (#156)
* Update gen-go files (#155)
* Add trace export grpc-gateway config (#77)
* Fix bazel build after bazel upgrade (#154)
* README: Add gitter, javadoc and godoc badge. (#151)
* Update release versions for README. (#150)
* Start 0.2.0 development cycle
* Add resource and metrics_service proto to mkgogen. Re-generate gen-go files.
(#147)
* Add resource to protocol (#137)
* Fix generating the javadoc. (#144)
* Metrics/TimeSeries: start time should not be included while end time should.
(#142)
* README: Add instructions on using opencensus_proto with Bazel. (#140)
* agent/README: update package info. (#138)
* Agent: Add metrics service. (#136)
* Tracing: Add default limits to TraceConfig. (#133)
* Remove a stale TODO. (#134)
* README: Add a note about go_proto_library rules. (#135)
* add golang bazel build support (#132)
* Remove exporter protos from mkgogen. (#128)
* Update README and RELEASING. (#130)
* Change histogram buckets definition to be OpenMetrics compatible. (#121)
* Remove exporter/v1 protos. (#124)
* Clean up the README for Agent proto. (#126)
* Change Quantiles to ValuesAtPercentile. (#122)
* Extend the TraceService service to support export/config for multiple
Applications. (#119)
* Add specifications on Agent implementation details. (#112)
* Update gitignore (#118)
* Remove maven support. Not used. (#116)
* Add gauge distribution. (#117)
* Add support for Summary type and value. (#110)
* Add Maven status and instructions on adding dependencies. (#115)
* Bump version to 0.0.3-SNAPSHOT
* Bump version to 0.0.2
* Update gen-go files. (#114)
* Gradle: Add missing source and javadoc rules. (#113)
* Add support for float attributes. (#98)
* Change from mean to sum in distribution. (#109)
* Bump version to v0.0.2-SNAPSHOT
* Bump version to v0.0.1
* Add releasing instructions in RELEASING.md. (#106)
* Add Gradle build rules for generating gRPC service and releasing to Maven.
(#102)
* Re-organize proto directory structure. (#103)
* Update gen-go files. (#101)
* Add a note about interceptors of other libraries. (#94)
* agent/common/v1: use exporter_version, core_library_version in LibraryInfo
(#100)
* opencensus/proto: add default Agent port to README (#97)
* Update the message names for Config RPC. (#93)
* Add details about agent protocol in the README. (#88)
* Update gen-go files. (#92)
* agent/trace/v1: fix signature for Config and comments too (#91)
* Update gen-go files. (#86)
* Make tracestate a list instead of a map to preserve ordering. (#84)
* Allow MetricDescriptor to be sent only the first time. (#78)
* Update mkgogen.sh. (#85)
* Add agent trace service proto definitions. (#79)
* Update proto and gen-go package names. (#83)
* Add agent/common proto and BUILD. (#81)
* Add trace_config.proto. (#80)
* Build exporters with maven. (#76)
* Make clear that cumulative int/float can go only up. (#75)
* Add tracestate field to the Span proto. (#74)
* gradle wrapper --gradle-version 4.9 (#72)
* Change from multiple types of timeseries to have one. (#71)
* Move exemplars in the Bucket. (#70)
* Update gen-go files. (#69)
* Move metrics in the top level directory. (#68)
* Remove Range from Distribution. No backend supports this. (#67)
* Remove unused MetricSet message. (#66)
* Metrics: Add Exemplar to DistributionValue. (#62)
* Gauge vs Cumulative. (#65)
* Clarifying comment about bucket boundaries. (#64)
* Make MetricDescriptor.Type capture the type of the value as well. (#63)
* Regenerate the Go artifacts (#61)
* Add export service proto (#60)
* Initial version 20180523
protobuf was updated to 25.1:
update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and separates out suffix
string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and embedding version
info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating edition feature
set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their features.
* Editions: Refactor feature resolution to use an intermediate message.
* Publish extension declarations with declaration verifications.
* Editions: Stop propagating partially resolved feature sets to plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to string literals
(only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support editions. C++:
* Set `PROTOBUF_EXPORT` on `InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest possible UTF-8
character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't have more than
that
* Defines Protobuf compiler version strings as macros and separates out suffix
string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and embedding version
info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated repeated and map
field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated string field
accessors.
* Editions: Refactor feature resolution to use an intermediate message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration verifications.
* Export the constants in protobuf's any.h to support DLL builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated message field
accessors.
* Editions: Stop propagating partially resolved feature sets to plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support editions. Java:
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor tables.
* Timestamps.parse: Add error handling for invalid hours/minutes in the
timezone offset.
* Defines Protobuf compiler version strings as macros and separates out suffix
string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated oneof accessors.
* Add missing debugging version info to Protobuf Java gencode when multiple
files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due to using the
result of put() directly (which is null if it currently has no value)
* Setting up version updater to prepare for poison pills and embedding version
info into C++, Python and Java gencode.
* Fix a NPE in putBuilderIfAbsent due to using the result of put() directly
(which is null if it currently has no value)
* Update Kotlin compiler to escape package names
* Add MapFieldBuilder and change codegen to generate it and the
put{field}BuilderIfAbsent method.
* Introduce recursion limit in Java text format parsing
* Consider the protobuf.Any invalid if typeUrl.split("/") returns an empty
array.
* Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
* Fixed Python memory leak in map lookup.
* Loosen upb for json name conflict check in proto2 between json name and
field
* Defines Protobuf compiler version strings as macros and separates out suffix
string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated oneof accessors.
* Ensure Timestamp.ToDatetime(tz) has correct offset
* Do not check required field for upb python MergeFrom
* Setting up version updater to prepare for poison pills and embedding version
info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Comparing a proto message with an object of unknown returns NotImplemented
* Emit **slots** in pyi output as a tuple rather than a list for --pyi_out.
* Fix a bug that strips options from descriptor.proto in Python.
* Raise warings for message.UnknownFields() usages and navigate to the new add
* Add protobuf python keyword support in path for stub generator.
* Add tuple support to set Struct
* ### Python C-Extension (Default)
* Comparing a proto message with an object of unknown returns NotImplemented
* Check that ffi-compiler loads before using it to define tasks. UPB
(Python/PHP/Ruby C-Extension):
* Include .inc files directly instead of through a filegroup
* Loosen upb for json name conflict check in proto2 between json name and
field
* Add utf8_validation feature back to the global feature set.
* Do not check required field for upb python MergeFrom
* Merge the protobuf and upb Bazel repos
* Added malloc_trim() calls to Python allocator so RSS will decrease when
memory is freed
* Upb: fix a Python memory leak in ByteSize()
* Support ASAN detection on clang
* Upb: bugfix for importing a proto3 enum from within a proto2 file
* Expose methods needed by Ruby FFI using UPB_API
* Fix `PyUpb_Message_MergeInternal` segfault
* Build with source and target levels 8
* fixes build with JDK21
* Install the pom file with the new %%mvn_install_pom macro
* Do not install the pom-only artifacts, since the %%mvn_install_pom macro
resolves the variables at the install time
update to 23.4:
* Add dllexport_decl for generated default instance.
* Deps: Update Guava to 32.0.1
update to 23.3:
C++:
* Regenerate stale files
* Use the same ABI for static and shared libraries on non- Windows platforms
* Add a workaround for GCC constexpr bug Objective-C:
* Regenerate stale files UPB (Python/PHP/Ruby C-Extension)
* Fixed a bug in `upb_Map_Delete()` that caused crashes in map.delete(k) for
Ruby when string-keyed maps were in use.
Compiler: * Add missing header to Objective-c generator * Add a workaround for
GCC constexpr bug
Java: * Rollback of: Simplify protobuf Java message builder by removing methods
that calls the super class only.
Csharp: * [C#] Replace regex that validates descriptor names
update to 22.5:
C++: * Add missing cstdint header * Fix: missing -DPROTOBUF_USE_DLLS in pkg-
config (#12700) * Avoid using string(JOIN..., which requires cmake 3.12 *
Explicitly include GTest package in examples * Bump Abseil submodule to
20230125.3 (#12660)
update to 22.4:
C++: * Fix libprotoc: export useful symbols from .so
Python: * Fix bug in _internal_copy_files where the rule would fail in
downstream repositories.
Other: * Bump utf8_range to version with working pkg-config (#12584) * Fix
declared dependencies for pkg-config * Update abseil dependency and reorder
dependencies to ensure we use the version specified in protobuf_deps. * Turn off
clang::musttail on i386
update to v22.3
UPB (Python/PHP/Ruby C-Extension): * Remove src prefix from proto import * Fix
.gitmodules to use the correct absl branch * Remove erroneous dependency on
googletest
update to 22.2:
Java: * Add version to intra proto dependencies and add kotlin stdlib dependency
* Add $ back for osgi header * Remove $ in pom files
update to 22.1: * Add visibility of plugin.proto to python directory * Strip
"src" from file name of plugin.proto * Add OSGi headers to pom files. * Remove
errorprone dependency from kotlin protos. * Version protoc according to the
compiler version number.
* update to 22.0:
* This version includes breaking changes to: Cpp. Please refer to the
migration guide for information:
https://protobuf.dev/support/migration/#compiler-22
* [Cpp] Migrate to Abseil's logging library.
* [Cpp] `proto2::Map::value_type` changes to `std::pair`.
* [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream, and
DefaultFieldComparator classes.
* [Cpp] Add a dependency on Abseil (#10416)
* [Cpp] Remove all autotools usage (#10132)
* [Cpp] Add C++20 reserved keywords
* [Cpp] Dropped C++11 Support
* [Cpp] Delete Arena::Init
* [Cpp] Replace JSON parser with new implementation
* [Cpp] Make RepeatedField::GetArena non-const in order to support split
RepeatedFields.
* long list of bindings specific fixes see
https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
update to v21.12:
* Python:
* Fix broken enum ranges (#11171)
* Stop requiring extension fields to have a sythetic oneof (#11091)
* Python runtime 4.21.10 not works generated code can not load valid proto.
update to 21.11:
* Python:
* Add license file to pypi wheels (#10936)
* Fix round-trip bug (#10158)
update to 21.10::
* Java:
* Use bit-field int values in buildPartial to skip work on unset groups of
fields. (#10960)
* Mark nested builder as clean after clear is called (#10984)
update to 21.9: * Ruby: * Replace libc strdup usage with internal impl to
restore musl compat (#10818) * Auto capitalize enums name in Ruby (#10454)
(#10763) * Other: * Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8
paths in argumentfile) (#10721) * C++: * 21.x No longer define no_threadlocal on
OpenBSD (#10743) * Java: * Mark default instance as immutable first to avoid
race during static initialization of default instances (#10771) * Refactoring
java full runtime to reuse sub-message builders and prepare to migrate parsing
logic from parse constructor to builder. * Move proto wireformat parsing
functionality from the private "parsing constructor" to the Builder class. *
Change the Lite runtime to prefer merging from the wireformat into mutable
messages rather than building up a new immutable object before merging. This way
results in fewer allocations and copy operations. * Make message-type extensions
merge from wire-format instead of building up instances and merging afterwards.
This has much better performance. * Fix TextFormat parser to build up recurring
(but supposedly not repeated) sub-messages directly from text rather than
building a new sub-message and merging the fully formed message into the
existing field.
update to 21.6: C++: * Reduce memory consumption of MessageSet parsing
update to 21.5:
PHP: * Added getContainingOneof and getRealContainingOneof to descriptor. * fix
PHP readonly legacy files for nested messages
Python:
* Fixed comparison of maps in Python.
* update to 21.4:
* Reduce the required alignment of ArenaString from 8 to 4
* update to 21.3:
* C++:
* Add header search paths to Protobuf-C++.podspec (#10024)
* Fixed Visual Studio constinit errors (#10232)
* Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
* UPB:
* Allow empty package names (fixes behavior regression in 4.21.0)
* Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
* Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
* for x in mapping now yields keys rather than values, to match Python conventions and the behavior of the old library.
* Lookup operations now correctly reject unhashable types as map keys.
* We implement repr() to use the same format as dict.
* Fix maps to use the ScalarMapContainer class when appropriate
* Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
* PHP:
* Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
* Python:
* Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
* Bazel:
* Add back a filegroup for :well_known_protos (#10061)
Update to 21.2: \- C++: \- cmake: Call get_filename_component() with DIRECTORY
mode instead of PATH mode (#9614) \- Escape GetObject macro inside protoc-
generated code (#9739) \- Update CMake configuration to add a dependency on
Abseil (#9793) \- Fix cmake install targets (#9822) \- Use __constinit only in
GCC 12.2 and up (#9936) \- Java: \- Update protobuf_version.bzl to separate
protoc and per-language java … (#9900) \- Python: \- Increment python major
version to 4 in version.json for python upb (#9926) \- The C extension module
for Python has been rewritten to use the upb library. \- This is expected to
deliver significant performance benefits, especially when parsing large
payloads. There are some minor breaking changes, but these should not impact
most users. For more information see: https://developers.google.com/protocol-
buffers/docs/news/2022-05-06#python-updates \- PHP: \- [PHP] fix PHP build
system (#9571) \- Fix building packaged PHP extension (#9727) \- fix: reserve
"ReadOnly" keyword for PHP 8.1 and add compatibility (#9633) \- fix: phpdoc
syntax for repeatedfield parameters (#9784) \- fix: phpdoc for repeatedfield
(#9783) \- Change enum string name for reserved words (#9780) \- chore: [PHP]
fix phpdoc for MapField keys (#9536) \- Fixed PHP SEGV by not writing to shared
memory for zend_class_entry. (#9996) \- Ruby: \- Allow pre-compiled binaries for
ruby 3.1.0 (#9566) \- Implement respond_to? in RubyMessage (#9677) \- [Ruby] Fix
RepeatedField#last, #first inconsistencies (#9722) \- Do not use range based
UTF-8 validation in truffleruby (#9769) \- Improve range handling logic of
RepeatedField (#9799) \- Other: \- Fix invalid dependency manifest when using
descriptor_set_out (#9647) \- Remove duplicate java generated code (#9909)
* Update to 3.20.1:
* PHP:
* Fix building packaged PHP extension (#9727)
* Fixed composer.json to only advertise compatibility with PHP 7.0+. (#9819)
* Ruby:
* Disable the aarch64 build on macOS until it can be fixed. (#9816)
* Other:
* Fix versioning issues in 3.20.0
* Update to 3.20.1:
* Ruby:
* Dropped Ruby 2.3 and 2.4 support for CI and releases. (#9311)
* Added Ruby 3.1 support for CI and releases (#9566).
* Message.decode/encode: Add recursion_limit option (#9218/#9486)
* Allocate with xrealloc()/xfree() so message allocation is visible to the
* Ruby GC. In certain tests this leads to much lower memory usage due to more
* frequent GC runs (#9586).
* Fix conversion of singleton classes in Ruby (#9342)
* Suppress warning for intentional circular require (#9556)
* JSON will now output shorter strings for double and float fields when possible
* without losing precision.
* Encoding and decoding of binary format will now work properly on big-endian
* systems.
* UTF-8 verification was fixed to properly reject surrogate code points.
* Unknown enums for proto2 protos now properly implement proto2's behavior of
* putting such values in unknown fields.
* Java:
* Revert "Standardize on Array copyOf" (#9400)
* Resolve more java field accessor name conflicts (#8198)
* Fix parseFrom to only throw InvalidProtocolBufferException
* InvalidProtocolBufferException now allows arbitrary wrapped Exception types.
* Fix bug in FieldSet.Builder.mergeFrom
* Flush CodedOutputStream also flushes underlying OutputStream
* When oneof case is the same and the field type is Message, merge the
* subfield. (previously it was replaced.)’
* Add @CheckReturnValue to some protobuf types
* Report original exceptions when parsing JSON
* Add more info to @deprecated javadoc for set/get/has methods
* Fix initialization bug in doc comment line numbers
* Fix comments for message set wire format.
* Kotlin:
* Add test scope to kotlin-test for protobuf-kotlin-lite (#9518)
* Add orNull extensions for optional message fields.
* Add orNull extensions to all proto3 message fields.
* Python:
* Dropped support for Python < 3.7 (#9480)
* Protoc is now able to generate python stubs (.pyi) with \--pyi_out
* Pin multibuild scripts to get manylinux1 wheels back (#9216)
* Fix type annotations of some Duration and Timestamp methods.
* Repeated field containers are now generic in field types and could be used in type annotations.
* Protobuf python generated codes are simplified. Descriptors and message classes' definitions are now dynamic created in internal/builder.py.
* Insertion Points for messages classes are discarded.
* has_presence is added for FieldDescriptor in python
* Loosen indexing type requirements to allow valid index() implementations rather than only PyLongObjects.
* Fix the deepcopy bug caused by not copying message_listener.
* Added python JSON parse recursion limit (default 100)
* Path info is added for python JSON parse errors
* Pure python repeated scalar fields will not able to pickle. Convert to list first.
* Timestamp.ToDatetime() now accepts an optional tzinfo parameter. If specified, the function returns a timezone-aware datetime in the given time zone. If omitted or None, the function returns a timezone-naive UTC datetime (as previously).
* Adds client_streaming and server_streaming fields to MethodDescriptor.
* Add "ensure_ascii" parameter to json_format.MessageToJson. This allows smaller JSON serializations with UTF-8 or other non-ASCII encodings.
* Added experimental support for directly assigning numpy scalars and array.
* Improve the calculation of public_dependencies in DescriptorPool.
* [Breaking Change] Disallow setting fields to numpy singleton arrays or repeated fields to numpy multi-dimensional arrays. Numpy arrays should be indexed or flattened explicitly before assignment.
* Compiler:
* Migrate IsDefault(const std::string _) and UnsafeSetDefault(const std::string_ )
* Implement strong qualified tags for TaggedPtr
* Rework allocations to power-of-two byte sizes.
* Migrate IsDefault(const std::string _) and UnsafeSetDefault(const std::string_ )
* Implement strong qualified tags for TaggedPtr
* Make TaggedPtr Set...() calls explicitly spell out the content type.
* Check for parsing error before verifying UTF8.
* Enforce a maximum message nesting limit of 32 in the descriptor builder to
* guard against stack overflows
* Fixed bugs in operators for RepeatedPtrIterator
* Assert a maximum map alignment for allocated values
* Fix proto1 group extension protodb parsing error
* Do not log/report the same descriptor symbol multiple times if it contains
* more than one invalid character.
* Add UnknownFieldSet::SerializeToString and SerializeToCodedStream.
* Remove explicit default pointers and deprecated API from protocol compiler
* Arenas:
* Change Repeated*Field to reuse memory when using arenas.
* Implements pbarenaz for profiling proto arenas
* Introduce CreateString() and CreateArenaString() for cleaner semantics
* Fix unreferenced parameter for MSVC builds
* Add UnsafeSetAllocated to be used for one-of string fields.
* Make Arena::AllocateAligned() a public function.
* Determine if ArenaDtor related code generation is necessary in one place.
* Implement on demand register ArenaDtor for InlinedStringField
* C++:
* Enable testing via CTest (#8737)
* Add option to use external GTest in CMake (#8736)
* CMake: Set correct sonames for libprotobuf-lite.so and libprotoc.so (#8635) (#9529)
* Add cmake option protobuf_INSTALL to not install files (#7123)
* CMake: Allow custom plugin options e.g. to generate mocks (#9105)
* CMake: Use linker version scripts (#9545)
* Manually *struct Cord fields to work better with arenas.
* Manually destruct map fields.
* Generate narrower code
* Fix #9378 by removing
* shadowed cached_size field
* Remove GetPointer() and explicit nullptr defaults.
* Add proto_h flag for speeding up large builds
* Add missing overload for reference wrapped fields.
* Add MergedDescriptorDatabase::FindAllFileNames()
* RepeatedField now defines an iterator type instead of using a pointer.
* Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and GOOGLE_PROTOBUF_HAS_ARENAS.
* PHP:
* Fix: add missing reserved classnames (#9458)
* PHP 8.1 compatibility (#9370)
* C#:
* Fix trim warnings (#9182)
* Fixes NullReferenceException when accessing FieldDescriptor.IsPacked (#9430)
* Add ToProto() method to all descriptor classes (#9426)
* Add an option to preserve proto names in JsonFormatter (#6307)
* Objective-C:
* Add prefix_to_proto_package_mappings_path option. (#9498)
* Rename proto_package_to_prefix_mappings_path to package_to_prefix_mappings_path. (#9552)
* Add a generation option to control use of forward declarations in headers. (#9568)
* update to 3.19.4: Python:
* Make libprotobuf symbols local on OSX to fix issue #9395 (#9435) Ruby:
* Fixed a data loss bug that could occur when the number of optional fields in a message is an exact multiple of 32 PHP:
* Fixed a data loss bug that could occur when the number of optional fields in a message is an exact multiple of 32.
* Update to 3.19.3: C++:
* Make proto2::Message::DiscardUnknownFields() non-virtual
* Separate RepeatedPtrField into its own header file
* For default floating point values of 0, consider all bits significant
* Fix shadowing warnings
* Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment Java:
* Improve performance characteristics of UnknownFieldSet parsing
* For default floating point values of 0, consider all bits significant
* Annotate //java/com/google/protobuf/util/... with nullness annotations
* Use ArrayList copy constructor Bazel:
* Ensure that release archives contain everything needed for Bazel
* Align dependency handling with Bazel best practices Javascript:
* Fix ReferenceError: window is not defined when getting the global object Ruby:
* Fix memory leak in MessageClass.encode
* Override Map.clone to use Map's dup method
* Ruby: build extensions for arm64-darwin
* Add class method Timestamp.from_time to ruby well known types
* Adopt pure ruby DSL implementation for JRuby
* Add size to Map class
* Fix for descriptor_pb.rb: google/protobuf should be required first Python:
* Proto2 DecodeError now includes message name in error message
* Make MessageToDict convert map keys to strings
* Add python-requires in setup.py
* Add python 3.10
* Update to 3.17.3: C++
* Introduce FieldAccessListener.
* Stop emitting boilerplate {Copy/Merge}From in each ProtoBuf class
* Provide stable versions of SortAndUnique().
* Make sure to cache proto3 optional message fields when they are cleared.
* Expose UnsafeArena methods to Reflection.
* Use std::string::empty() rather than std::string::size() > 0.
* [Protoc] C++ Resolved an issue where NO_DESTROY and CONSTINIT are in
incorrect order (#8296)
* Fix PROTOBUF_CONSTINIT macro redefinition (#8323)
* Delete StringPiecePod (#8353)
* Create a CMake option to control whether or not RTTI is enabled (#8347)
* Make util::Status more similar to absl::Status (#8405)
* The ::pb namespace is no longer exposed due to conflicts.
* Allow MessageDifferencer::TreatAsSet() (and friends) to override previous
calls instead of crashing.
* Reduce the size of generated proto headers for protos with string or bytes
fields.
* Move arena() operation on uncommon path to out-of-line routine
* For iterator-pair function parameter types, take both iterators by value.
* Code-space savings and perhaps some modest performance improvements in
* RepeatedPtrField.
* Eliminate nullptr check from every tag parse.
* Remove unused _$name$cached_byte_size fields.
* Serialize extension ranges together when not broken by a proto field in the
middle.
* Do out-of-line allocation and deallocation of string object in ArenaString.
* Streamline ParseContext::ParseMessage to avoid code bloat and improve
performance.
* New member functions RepeatedField::Assign, RepeatedPtrField::{Add, Assign}.
on an error path.
* util::DefaultFieldComparator will be final in a future version of protobuf.
* Subclasses should inherit from SimpleFieldComparator instead. Kotlin
* Introduce support for Kotlin protos (#8272)
* Restrict extension setter and getter operators to non-nullable T. Java
* Fixed parser to check that we are at a proper limit when a sub-message has
finished parsing.
* updating GSON and Guava to more recent versions (#8524)
* Reduce the time spent evaluating isExtensionNumber by storing the extension
ranges in a TreeMap for faster queries. This is particularly relevant for
protos which define a large number of extension ranges, for example when
each tag is defined as an extension.
* Fix java bytecode estimation logic for optional fields.
* Optimize Descriptor.isExtensionNumber.
* deps: update JUnit and Truth (#8319)
* Detect invalid overflow of byteLimit and return
InvalidProtocolBufferException as documented.
* Exceptions thrown while reading from an InputStream in parseFrom are now
included as causes.
* Support potentially more efficient proto parsing from RopeByteStrings.
* Clarify runtime of ByteString.Output.toStringBuffer().
* Added UnsafeByteOperations to protobuf-lite (#8426) Python:
* Add MethodDescriptor.CopyToProto() (#8327)
* Remove unused python_protobuf.{cc,h} (#8513)
* Start publishing python aarch64 manylinux wheels normally (#8530)
* Fix constness issue detected by MSVC standard conforming mode (#8568)
* Make JSON parsing match C++ and Java when multiple fields from the same
oneof are present and all but one is null.
* Fix some constness / char literal issues being found by MSVC standard
conforming mode (#8344)
* Switch on "new" buffer API (#8339)
* Enable crosscompiling aarch64 python wheels under dockcross manylinux docker
image (#8280)
* Fixed a bug in text format where a trailing colon was printed for repeated
field.
* When TextFormat encounters a duplicate message map key, replace the current
one instead of merging. Ruby:
* Add support for proto3 json_name in compiler and field definitions (#8356)
* Fixed memory leak of Ruby arena objects. (#8461)
* Fix source gem compilation (#8471)
* Fix various exceptions in Ruby on 64-bit Windows (#8563)
* Fix crash when calculating Message hash values on 64-bit Windows (#8565)
General:
* Support M1 (#8557)
Update to 3.15.8: \- Fixed memory leak of Ruby arena objects (#8461)
Update to 3.15.7:
C++: * Remove the ::pb namespace (alias) (#8423) Ruby: * Fix unbounded memory
growth for Ruby <2.7 (#8429) * Fixed message equality in cases where the message
type is different (#8434)
update to 3.15.6:
Ruby: * Fixed bug in string comparison logic (#8386) * Fixed quadratic memory
use in array append (#8379) * Fixed SEGV when users pass nil messages (#8363) *
Fixed quadratic memory usage when appending to arrays (#8364) * Ruby <2.7 now
uses WeakMap too, which prevents memory leaks. (#8341) * Fix for
FieldDescriptor.get(msg) (#8330) * Bugfix for Message.[] for repeated or map
fields (#8313) PHP: * read_property() handler is not supposed to return NULL
(#8362) Protocol Compiler * Optional fields for proto3 are enabled by default,
and no longer require the --experimental_allow_proto3_optional flag. C++: * Do
not disable RTTI by default in the CMake build (#8377) * Create a CMake option
to control whether or not RTTI is enabled (#8361) * Fix PROTOBUF_CONSTINIT macro
redefinition (#8323) * MessageDifferencer: fixed bug when using custom ignore
with multiple unknown fields * Use init_seg in MSVC to push initialization to an
earlier phase. * Runtime no longer triggers -Wsign-compare warnings. * Fixed
-Wtautological-constant-out-of-range-compare warning. * DynamicCastToGenerated
works for nullptr input for even if RTTI is disabled * Arena is refactored and
optimized. * Clarified/specified that the exact value of Arena::SpaceAllocated()
is an implementation detail users must not rely on. It should not be used in
unit tests. * Change the signature of Any::PackFrom() to return false on error.
* Add fast reflection getter API for strings. * Constant initialize the global
message instances * Avoid potential for missed wakeup in UnknownFieldSet * Now
Proto3 Oneof fields have "has" methods for checking their presence in C++. *
Bugfix for NVCC * Return early in _InternalSerialize for empty maps. * Adding
functionality for outputting map key values in proto path logging output (does
not affect comparison logic) and stop printing 'value' in the path. The modified
print functionality is in the MessageDifferencer::StreamReporter. * Fixed
https://github.com/protocolbuffers/protobuf/issues/8129 * Ensure that null char
symbol, package and file names do not result in a crash. * Constant initialize
the global message instances * Pretty print 'max' instead of numeric values in
reserved ranges. * Removed remaining instances of std::is_pod, which is
deprecated in C++20. * Changes to reduce code size for unknown field handling by
making uncommon cases out of line. * Fix std::is_pod deprecated in C++20 (#7180)
* Fix some -Wunused-parameter warnings (#8053) * Fix detecting file as directory
on zOS issue #8051 (#8052) * Don't include sys/param.h for _BYTE_ORDER (#8106) *
remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS (#8154) * Fix
TextFormatMapTest.DynamicMessage issue#5136 (#8159) * Fix for compiler warning
issue#8145 (#8160) * fix: support deprecated enums for GCC < 6 (#8164) * Fix
some warning when compiling with Visual Studio 2019 on x64 target (#8125)
Python: * Provided an override for the reverse() method that will reverse the
internal collection directly instead of using the other methods of the
BaseContainer. * MessageFactory.CreateProtoype can be overridden to customize
class creation. * Fix PyUnknownFields memory leak (#7928) * Add macOS big sur
compatibility (#8126) JavaScript * Generate `getDescriptor` methods with `*` as
their `this` type. * Enforce `let/const` for generated messages. *
js/binary/utils.js: Fix jspb.utils.joinUnsignedDecimalString to work with
negative bitsLow and low but non-zero bitsHigh parameter. (#8170) PHP: * Added
support for PHP 8. (#8105) * unregister INI entries and fix invalid read on
shutdown (#8042) * Fix PhpDoc comments for message accessors to include "|null".
(#8136) * fix: convert native PHP floats to single precision (#8187) * Fixed PHP
to support field numbers >=2* _28\. (#8235) * feat: add support for deprecated
fields to PHP compiler (#8223) * Protect against stack overflow if the user
derives from Message. (#8248) * Fixed clone for Message, RepeatedField, and
MapField. (#8245) * Updated upb to allow nonzero offset minutes in JSON
timestamps. (#8258) Ruby: * Added support for Ruby 3. (#8184) * Rewrote the data
storage layer to be based on upb_msg objects from the upb library. This should
lead to much better parsing performance, particularly for large messages.
(#8184). * Fill out JRuby support (#7923) * [Ruby] Fix: (SIGSEGV) gRPC-Ruby
issue on Windows. memory alloc infinite recursion/run out of memory (#8195) *
Fix jruby support to handle messages nested more than 1 level deep (#8194) Java:
* Avoid possible UnsupportedOperationException when using CodedInputSteam with a
direct ByteBuffer. * Make Durations.comparator() and Timestamps.comparator()
Serializable. * Add more detailed error information for dynamic message field
type validation failure * Removed declarations of functions declared in
java_names.h from java_helpers.h. * Now Proto3 Oneof fields have "has" methods
for checking their presence in Java. * Annotates Java proto generated
__FIELD_NUMBER constants. * Add -assumevalues to remove JvmMemoryAccessor on
Android. C#: * Fix parsing negative Int32Value that crosses segment boundary
(#8035) * Change ByteString to use memory and support unsafe create without copy
(#7645) * Optimize MapField serialization by removing MessageAdapter (#8143) *
Allow FileDescriptors to be parsed with extension registries (#8220) * Optimize
writing small strings (#8149)
* Updated URL to https://github.com/protocolbuffers/protobuf
Update to v3.14.0
Protocol Compiler: * The proto compiler no longer requires a .proto filename
when it is not generating code. * Added flag `--deterministic_output` to `protoc
--encode=...`. * Fixed deadlock when using google.protobuf.Any embedded in
aggregate options. C++: * Arenas are now unconditionally enabled.
cc_enable_arenas no longer has any effect. * Removed inlined string support,
which is incompatible with arenas. * Fix a memory corruption bug in reflection
when mixing optional and non-optional fields. * Make SpaceUsed() calculation
more thorough for map fields. * Add stack overflow protection for text format
with unknown field values. * FieldPath::FollowAll() now returns a bool to signal
if an out-of-bounds error was encountered. * Performance improvements for Map. *
Minor formatting fix when dumping a descriptor to .proto format with
DebugString. * UBSAN fix in RepeatedField * When running under ASAN, skip a test
that makes huge allocations. * Fixed a crash that could happen when creating
more than 256 extensions in a single message. * Fix a crash in BuildFile when
passing in invalid descriptor proto. * Parser security fix when operating with
CodedInputStream. * Warn against the use of AllowUnknownExtension. * Migrated to
C++11 for-range loops instead of index-based loops where possible. This fixes a
lot of warnings when compiling with -Wsign-compare. * Fix segment fault for
proto3 optional * Adds a CMake option to build `libprotoc` separately Java *
Bugfix in mergeFrom() when a oneof has multiple message fields. * Fix
RopeByteString.RopeInputStream.read() returning -1 when told to read 0 bytes
when not at EOF. * Redefine remove(Object) on primitive repeated field Lists to
avoid autoboxing. * Support "\u" escapes in textformat string literals. *
Trailing empty spaces are no longer ignored for FieldMask. * Fix
FieldMaskUtil.subtract to recursively remove mask. * Mark enums with
`(a)java.lang.Deprecated` if the proto enum has option `deprecated = true;`. *
Adding forgotten duration.proto to the lite library Python: * Print
google.protobuf.NullValue as null instead of "NULL_VALUE" when it is used
outside WKT Value/Struct. * Fix bug occurring when attempting to deep copy an
enum type in python 3. * Add a setuptools extension for generating Python
protobufs * Remove uses of pkg_resources in non-namespace packages * [bazel/py]
Omit google/ **init**.py from the Protobuf runtime * Removed the unnecessary
setuptools package dependency for Python package * Fix PyUnknownFields memory
leak PHP: * Added support for "==" to the PHP C extension * Added `==` operators
for Map and Array * Native C well-known types * Optimized away hex2bin() call in
generated code * New version of upb, and a new hash function wyhash in
third_party * add missing hasOneof method to check presence of oneof fields Go:
* Update go_package options to reference google.golang.org/protobuf module. C#:
* annotate ByteString.CopyFrom(ReadOnlySpan<byte>) as SecuritySafeCritical * Fix
C# optional field reflection when there are regular fields too * Fix parsing
negative Int32Value that crosses segment boundary Javascript: * JS: parse
(un)packed fields conditionally
Update to version 3.13.0 PHP: * The C extension is completely rewritten. The new
C extension has significantly better parsing performance and fixes a handful of
conformance issues. It will also make it easier to add support for more features
like proto2 and proto3 presence. * The new C extension does not support PHP 5.x.
PHP 5.x users can still use pure-PHP. C++: * Removed deprecated unsafe arena
string accessors * Enabled heterogeneous lookup for std::string keys in maps. *
Removed implicit conversion from StringPiece to std::string * Fix use-after-
destroy bug when the Map is allocated in the arena. * Improved the randomness of
map ordering * Added stack overflow protection for text format with unknown
fields * Use std::hash for proto maps to help with portability. * Added more
Windows macros to proto whitelist. * Arena constructors for map entry messages
are now marked "explicit" (for regular messages they were already explicit). *
Fix subtle aliasing bug in RepeatedField::Add * Fix mismatch between MapEntry
ByteSize and Serialize with respect to unset fields. Python: * JSON format
conformance fixes: * Reject lowercase t for Timestamp json format. * Print
full_name directly for extensions (no camelCase). * Reject boolean values for
integer fields. * Reject NaN, Infinity, -Infinity that is not quoted. * Base64
fixes for bytes fields: accept URL-safe base64 and missing padding. * Bugfix for
fields/files named "async" or "await". * Improved the error message when
AttributeError is returned from **getattr** in EnumTypeWrapper. Java: * Fixed a
bug where setting optional proto3 enums with setFooValue() would not mark the
value as present. * Add Subtract function to FieldMaskUtil. C#: * Dropped
support for netstandard1.0 (replaced by support for netstandard1.1). This was
required to modernize the parsing stack to use the `Span<byte>` type
internally * Add `ParseFrom(ReadOnlySequence<byte>)` method to enable GC
friendly parsing with reduced allocations and buffer copies * Add support for
serialization directly to a `IBufferWriter<byte>` or to a
`Span<byte>` to enable GC friendly serialization. The new API is available
as extension methods on the `IMessage` type * Add
`GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make generated code
compatible with old C# compilers (pre-roslyn compilers from .NET framework and
old versions of mono) that do not support ref structs. Users that are still on a
legacy stack that does not support C# 7.2 compiler might need to use the new
define in their projects to be able to build the newly generated code * Due to
the major overhaul of parsing and serialization internals, it is recommended to
regenerate your generated code to achieve the best performance (the legacy
generated code will still work, but might incur a slight performance penalty).
Update to version 3.12.3; notable changes since 3.11.4:
Protocol Compiler: * [experimental] Singular, non-message typed fields in proto3
now support presence tracking. This is enabled by adding the "optional" field
label and passing the --experimental_allow_proto3_optional flag to protoc. * For
usage info, see docs/field_presence.md. * During this experimental phase, code
generators should update to support proto3 presence, see
docs/implementing_proto3_presence.md for instructions. * Allow duplicate symbol
names when multiple descriptor sets are passed on the command-line, to match the
behavior when multiple .proto files are passed. * Deterministic `protoc
--descriptor_set_out` (#7175) Objective-C: * Tweak the union used for Extensions
to support old generated code. #7573 * Fix for the :protobuf_objc target in the
Bazel BUILD file. (#7538) * [experimental] ObjC Proto3 optional support (#7421)
* Block subclassing of generated classes (#7124) * Use references to Obj C
classes instead of names in descriptors. (#7026) * Revisit how the WKTs are
bundled with ObjC. (#7173) C++: * Simplified the template export macros to fix
the build for mingw32. (#7539) * [experimental] Added proto3 presence support. *
New descriptor APIs to support proto3 presence. * Enable Arenas by default on
all .proto files. * Documented that users are not allowed to subclass Message or
MessageLite. * Mark generated classes as final; inheriting from protos is
strongly discouraged. * Add stack overflow protection for text format with
unknown fields. * Add accessors for map key and value FieldDescriptors. * Add
FieldMaskUtil::FromFieldNumbers(). * MessageDifferencer: use ParsePartial() on
Any fields so the diff does not fail when there are missing required fields. *
ReflectionOps::Merge(): lookup messages in the right factory, if it can. * Added
Descriptor::WellKnownTypes enum and Descriptor::well_known_type() accessor as an
easier way of determining if a message is a Well-Known Type. * Optimized
RepeatedField::Add() when it is used in a loop. * Made proto move/swap more
efficient. * De-virtualize the GetArena() method in MessageLite. * Improves
performance of json_stream_parser.cc by factor 1000 (#7230) * bug: #7076
undefine Windows OUT and OPTIONAL macros (#7087) * Fixed a bug in
FieldDescriptor::DebugString() that would erroneously print an "optional" label
for a field in a oneof. * Fix bug in parsing bool extensions that assumed they
are always 1 byte. * Fix off-by-one error in FieldOptions::ByteSize() when
extensions are present. * Clarified the comments to show an example of the
difference between Descriptor::extension and DescriptorPool::FindAllExtensions.
* Add a compiler option 'code_size' to force optimize_for=code_size on all
protos where this is possible. Ruby: * Re-add binary gems for Ruby 2.3 and 2.4.
These are EOL upstream, however many people still use them and dropping support
will require more coordination. * [experimental] Implemented proto3 presence for
Ruby. (#7406) * Stop building binary gems for ruby <2.5 (#7453) * Fix for
wrappers with a zero value (#7195) * Fix for JSON serialization of 0/empty-
valued wrapper types (#7198) * Call "Class#new" over rb_class_new_instance in
decoding (#7352) * Build extensions for Ruby 2.7 (#7027) * assigning 'nil' to
submessage should clear the field. (#7397) Java: * [experimental] Added proto3
presence support. * Mark java enum _VALUE constants as @Deprecated if the enum
field is deprecated * reduce <clinit> size for enums with allow_alias set to
true. * Sort map fields alphabetically by the field's key when printing
textproto. * Fixed a bug in map sorting that appeared in -rc1 and -rc2 (#7508).
* TextFormat.merge() handles Any as top level type. * Throw a descriptive
IllegalArgumentException when calling getValueDescriptor() on enum special value
UNRECOGNIZED instead of ArrayIndexOutOfBoundsException. * Fixed an issue with
JsonFormat.printer() where setting printingEnumsAsInts() would override the
configuration passed into includingDefaultValueFields(). * Implement overrides
of indexOf() and contains() on primitive lists returned for repeated fields to
avoid autoboxing the list contents. * Add overload to
FieldMaskUtil.fromStringList that accepts a descriptor. * [bazel] Move Java
runtime/toolchains into //java (#7190) Python: * [experimental] Added proto3
presence support. * [experimental] fast import protobuf module, only works with
cpp generated code linked in. * Truncate 'float' fields to 4 bytes of precision
in setters for pure-Python implementation (C++ extension was already doing
this). * Fixed a memory leak in C++ bindings. * Added a deprecation warning when
code tries to create Descriptor objects directly. * Fix unintended comparison
between bytes and string in descriptor.py. * Avoid printing excess digits for
float fields in TextFormat. * Remove Python 2.5 syntax compatibility from the
proto compiler generated _pb2.py module code. * Drop 3.3, 3.4 and use single
version docker images for all python tests (#7396) JavaScript: * Fix js message
pivot selection (#6813) PHP: * Persistent Descriptor Pool (#6899) * Implement
lazy loading of php class for proto messages (#6911) * Correct @return in
Any.unpack docblock (#7089) * Ignore unknown enum value when ignore_unknown
specified (#7455) C#: * [experimental] Add support for proto3 presence fields in
C# (#7382) * Mark GetOption API as obsolete and expose the "GetOptions()" method
on descriptors instead (#7491) * Remove Has/Clear members for C# message fields
in proto2 (#7429) * Enforce recursion depth checking for unknown fields (#7132)
* Fix conformance test failures for Google.Protobuf (#6910) * Cleanup various
bits of Google.Protobuf (#6674) * Fix latest ArgumentException for C# extensions
(#6938) * Remove unnecessary branch from ReadTag (#7289) Other: * Add a
proto_lang_toolchain for javalite (#6882) * [bazel] Update gtest and deprecate
//external:{gtest,gtest_main} (#7237) * Add application note for explicit
presence tracking. (#7390) * Howto doc for implementing proto3 presence in a
code generator. (#7407)
Update to version 3.11.4; notable changes since 3.9.2:
* C++: Make serialization method naming consistent
* C++: Moved ShutdownProtobufLibrary() to message_lite.h. For backward
compatibility a declaration is still available in stubs/common.h, but users
should prefer message_lite.h
* C++: Removed non-namespace macro EXPECT_OK()
* C++: Removed mathlimits.h from stubs in favor of using std::numeric_limits
from C++11
* C++: Support direct pickling of nested messages
* C++: Disable extension code gen for C#
* C++: Switch the proto parser to the faster MOMI parser
* C++: Unused imports of files defining descriptor extensions will now be
reported
* C++: Add proto2::util::RemoveSubranges to remove multiple subranges in
linear time
* C++: Support 32 bit values for ProtoStreamObjectWriter to Struct
* C++: Removed the internal-only header coded_stream_inl.h and the internal-
only methods defined there
* C++: Enforced no SWIG wrapping of descriptor_database.h (other headers
already had this restriction)
* C++: Implementation of the equivalent of the MOMI parser for serialization.
This removes one of the two serialization routines, by making the fast array
serialization routine completely general. SerializeToCodedStream can now be
implemented in terms of the much much faster array serialization. The array
serialization regresses slightly, but when array serialization is not
possible this wins big
* C++: Add move constructor for Reflection's SetString
* Java: Remove the usage of MethodHandle, so that Android users prior to API
version 26 can use protobuf-java
* Java: Publish ProGuard config for javalite
* Java: Include unknown fields when merging proto3 messages in Java lite
builders
* Java: Have oneof enums implement a separate interface (other than EnumLite)
for clarity
* Java: Opensource Android Memory Accessors
* Java: Change ProtobufArrayList to use Object[] instead of ArrayList for
5-10% faster parsing
* Java: Make a copy of JsonFormat.TypeRegistry at the protobuf top level
package. This will eventually replace JsonFormat.TypeRegistry
* Java: Add Automatic-Module-Name entries to the Manifest
* Python: Add float_precision option in json format printer
* Python: Optionally print bytes fields as messages in unknown fields, if
possible
* Python: Experimental code gen (fast import protobuf module) which only work
with cpp generated code linked in
* Python: Add descriptor methods in descriptor_pool are deprecated
* Python: Added delitem for Python extension dict
* JavaScript: Remove guard for Symbol iterator for jspb.Map
* JavaScript: Remove deprecated boolean option to getResultBase64String()
* JavaScript: Change the parameter types of binaryReaderFn in
ExtensionFieldBinaryInfo to (number, ?, ?)
* JavaScript: Create dates.ts and time_of_days.ts to mirror Java versions.
This is a near-identical conversion of c.g.type.util.{Dates,TimeOfDays}
respectively
* JavaScript: Migrate moneys to TypeScript
* PHP: Increase php7.4 compatibility
* PHP: Implement lazy loading of php class for proto messages
* Ruby: Support hashes for struct initializers
* C#: Experimental proto2 support is now officially available
* C#: Change _Extensions property to normal body rather than expression
* Objective C: Remove OSReadLittle* due to alignment requirements
* Other: Override CocoaPods module to lowercase
* further bugfixes and optimisations
* Install LICENSE
* Drop protobuf-libs as it is just workaround for rpmlint issue
* python bindings now require recent python-google-apputils
* Released memory allocated by InitializeDefaultRepeatedFields() and
GetEmptyString(). Some memory sanitizers reported them
* Updated DynamicMessage.setField() to handle repeated enum
* Fixed a bug that caused NullPointerException to be thrown when converting
manually constructed FileDescriptorProto to
* Added oneofs(unions) feature. Fields in the same oneof will
* Files, services, enums, messages, methods and enum values
* Added Support for list values, including lists of mesaages,
* Added SwapFields() in reflection API to swap a subset of
* Repeated primitive extensions are now packable. The it is possible to switch
a repeated extension field to
* writeTo() method in ByteString can now write a substring to
* java_generate_equals_and_hash can now be used with the
* A new C++-backed extension module (aka "cpp api v2") that replaces the old
("cpp api v1") one. Much faster than the pure Python code. This one resolves
many bugs and is mosh reqires it
python-abseil was udpated:
version update to 1.4.0 New: (testing) Added @flagsaver.as_parsed: this allows
saving/restoring flags using string values as if parsed from the command line
and will also reflect other flag states after command line parsing, e.g.
.present is set. Changed: (logging) If no log dir is specified
logging.find_log_dir() now falls back to tempfile.gettempdir() instead of /tmp/.
Fixed: (flags) Additional kwargs (e.g. short_name=) to DEFINE_multi_enum_class
are now correctly passed to the underlying Flag object.
version update to 1.2.0 * Fixed a crash in Python 3.11 when
`TempFileCleanup.SUCCESS` is used. * `Flag` instances now raise an error if used
in a bool context. This prevents the occasional mistake of testing an instance
for truthiness rather than testing `flag.value`. * `absl-py` no longer depends
on `six`.
Update to version 1.0.0 * absl-py no longer supports Python 2.7, 3.4, 3.5. All
versions have reached end-of-life for more than a year now. * New releases will
be tagged as vX.Y.Z instead of pypi-vX.Y.Z in the git repo going forward.
* Release notes for 0.15.0
* (testing) #128: When running bazel with its --test_filter= flag, it now
treats the filters as unittest's -k flag in Python 3.7+.
* Release notes for 0.14.1
* Top-level LICENSE file is now exported in bazel.
* Release notes for 0.14.0
* # 171: Creating argparse_flags.ArgumentParser with
argument_default= no longer raises an exception when other
absl.flags flags are defined.
* # 173: absltest now correctly sets up test filtering and fail
fast flags when an explicit argv= parameter is passed to absltest.main.
* Release notes for 0.13.0
* (app) Type annotations for public app interfaces.
* (testing) Added new decorator @absltest.skipThisClass to indicate a class
contains shared functionality to be used as a base class for other
TestCases, and therefore should be skipped.
* (app) Annotated the flag_parser paramteter of run as keyword-only. This
keyword-only constraint will be enforced at runtime in a future release.
* (app, flags) Flag validations now include all errors from disjoint flag
sets, instead of fail fast upon first error from all validators. Multiple
validators on the same flag still fails fast.
* Release notes for 0.12.0
* (flags) Made EnumClassSerializer and EnumClassListSerializer public.
* (flags) Added a required: Optional[bool] = False parameter to DEFINE_*
functions.
* (testing) flagsaver overrides can now be specified in terms of FlagHolder.
* (testing) parameterized.product: Allows testing a method over cartesian
product of parameters values, specified as a sequences of values for each
parameter or as kwargs-like dicts of parameter values.
* (testing) Added public flag holders for --test_srcdir and \--test_tmpdir.
Users should use absltest.TEST_SRCDIR.value and absltest.TEST_TMPDIR.value
instead of FLAGS.test_srcdir and FLAGS.test_tmpdir.
* (flags) Made CsvListSerializer respect its delimiter argument.
* Add Provides python-absl-py
python-grpcuio was updated:
* Update to version 1.60.0:
* No python specfic changes.
* Update to version 1.59.2:
* No python specific changes.
* Update to version 1.59.0:
* [Python 3.12] Support Python 3.12 (gh#grpc/grpc#34398).
* [Python 3.12] Deprecate distutil (gh#grpc/grpc#34186).
* Update to version 1.58.0:
* [Bazel] Enable grpcio-reflection to be used via Bazel (gh#grpc/grpc#31013).
* [packaging] Publish xds-protos as part of the standard package pipeline
(gh#grpc/grpc#33797).
* Update to version 1.57.0: (CVE-2023-4785, bsc#1215334, CVE-2023-33953,
bsc#1214148)
* [posix] Enable systemd sockets for libsystemd>=233 (gh#grpc/grpc#32671).
* [python O11Y] Initial Implementation (gh#grpc/grpc#32974).
* Build with LTO (don't set _lto_cflags to %nil).
* No need to pass '-std=c++17' to build CFLAGS.
* Update to version 1.56.2:
* [WRR] backport (gh#grpc/grpc#33694) to 1.56 (gh#grpc/grpc#33698)
* [backport][iomgr][EventEngine] Improve server handling of file descriptor
exhaustion (gh#grpc/grpc#33667)
* Switch build to pip/wheel.
* Use system abseil with '-std=c++17' to prevent undefined symbol eg. with
python-grpcio-tools ( _ZN3re23RE213GlobalReplaceEPNSt7__
cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKS0_N4absl12lts_
2023012511string_viewE)
* Upstream only supports python >= 3.7, so adjust BuildRequires accordingly.
* Add %{?sle15_python_module_pythons}
* Update to version 1.56.0: (CVE-2023-32731, bsc#1212180)
* [aio types] Fix some grpc.aio python types (gh#grpc/grpc#32475).
* Update to version 1.55.0:
* [EventEngine] Disable EventEngine polling in gRPC Python
(gh#grpc/grpc#33279) (gh#grpc/grpc#33320).
* [Bazel Python3.11] Update Bazel dependencies for Python 3.11
(gh#grpc/grpc#33318) (gh#grpc/grpc#33319).
* Drop Requires: python-six; not required any more.
* Switch Suggests to Recommends.
* Update to version 1.54.0: (CVE-2023-32732, bsc#1212182)
* Fix DeprecationWarning when calling asyncio.get_event_loop()
(gh#grpc/grpc#32533).
* Remove references to deprecated syntax field (gh#grpc/grpc#32497).
* Update to version 1.51.1:
* No Linux specific changes.
* Changes from version 1.51.0:
* Fix lack of cooldown between poll attempts (gh#grpc/grpc#31550).
* Remove enum and future (gh#grpc/grpc#31381).
* [Remove Six] Remove dependency on six (gh#grpc/grpc#31340).
* Update xds-protos package to pull in protobuf 4.X (gh#grpc/grpc#31113).
* Update to version 1.50.0:
* Support Python 3.11. [gh#grpc/grpc#30818].
* Update to version 1.49.1
* Support Python 3.11. (#30818)
* Add type stub generation support to grpcio-tools. (#30498)
* Update to version 1.48.0:
* [Aio] Ensure Core channel closes when deallocated [gh#grpc/grpc#29797].
* [Aio] Fix the wait_for_termination return value [gh#grpc/grpc#29795].
* update to 1.46.3:
* backport: xds: use federation env var to guard new-style resource name
parsing
* This release contains refinements, improvements, and bug fixes.
* Update to version 1.46.0:
* Add Python GCF Distribtest [gh#grpc/grpc#29303].
* Add Python Reflection Client [gh#grpc/grpc#29085].
* Revert "Fix prefork handler register's default behavior"
[gh#grpc/grpc#29229].
* Fix prefork handler register's default behavior [gh#grpc/grpc#29103].
* Fix fetching CXX variable in setup.py [gh#grpc/grpc#28873].
* Update to version 1.45.0:
* Reimplement Gevent Integration [gh#grpc/grpc#28276].
* Support musllinux binary wheels on x64 and x86 [gh#grpc/grpc#28092].
* Increase the Python protobuf requirement to >=3.12.0 [gh#grpc/grpc#28604].
* Build with system re2; add BuildRequires: pkgconfig(re2).
* Update to version 1.44.0:
* Add python async example for hellostreamingworld using generator
(gh#grpc/grpc#27343).
* Disable __wrap_memcpy hack for Python builds (gh#grpc/grpc#28410).
* Bump Bazel Python Cython dependency to 0.29.26 (gh#grpc/grpc#28398).
* Fix libatomic linking on Raspberry Pi OS Bullseye (gh#grpc/grpc#28041).
* Allow generated proto sources in remote repositories for py_proto_library
(gh#grpc/grpc#28103).
* Update to version 1.43.0:
* [Aio] Validate the input type for set_trailing_metadata and abort
(gh#grpc/grpc#27958).
* update to 1.41.1:
* This is release 1.41.0 (goat) of gRPC Core.
* Update to version 1.41.0:
* Add Python 3.10 support and drop 3.5 (gh#grpc/grpc#26074).
* [Aio] Remove custom IO manager support (gh#grpc/grpc#27090).
* Update to version 1.39.0:
* Python AIO: Match continuation typing on Interceptors (gh#grpc/grpc#26500).
* Workaround #26279 by publishing manylinux_2_24 wheels instead of
manylinux2014 on aarch64 (gh#grpc/grpc#26430).
* Fix zlib unistd.h import problem (gh#grpc/grpc#26374).
* Handle gevent exception in gevent poller (gh#grpc/grpc#26058).
* Update to version 1.38.1:
* Backport gh#grpc/grpc#26430 and gh#grpc/grpc#26435 to v1.38.x
(gh#grpc/grpc#26436).
* Update to version 1.38.0:
* Add grpcio-admin Python package (gh#grpc/grpc#26166).
* Add CSDS API to Python (gh#grpc/grpc#26114).
* Expose code and details from context on the server side
(gh#grpc/grpc#25457).
* Explicitly import importlib.abc; required on Python 3.10. Fixes #26062
(gh#grpc/grpc#26083).
* Fix potential deadlock on the GIL in AuthMetdataPlugin (gh#grpc/grpc#26009).
* Introduce new Python package "xds_protos" (gh#grpc/grpc#25975).
* Remove async mark for set_trailing_metadata interface (gh#grpc/grpc#25814).
* Update to version 1.37.1:
* No user visible changes.
* Changes from version 1.37.0:
* Clarify Guarantees about grpc.Future Interface (gh#grpc/grpc#25383).
* [Aio] Add time_remaining method to ServicerContext (gh#grpc/grpc#25719).
* Standardize all environment variable boolean configuration in python's
setup.py (gh#grpc/grpc#25444).
* Fix Signal Safety Issue (gh#grpc/grpc#25394).
* Update to version 1.36.1:
* Core: back-port: add env var protection for google-c2p resolver
(gh#grpc/grpc#25569).
* Update to version 1.35.0:
* Implement Python Client and Server xDS Creds. (gh#grpc/grpc#25365)
* Add %define _lto_cflags %{nil} (bsc#1182659) (rh#1893533)
* Link roots.pem to ca-bundle.pem from ca-certificates package
* Update to version 1.34.1:
* Backport "Lazily import grpc_tools when using runtime stub/message
generation" to 1.34.x (gh#grpc/grpc#25011).
* Update to version 1.34.0:
* Incur setuptools as an dependency for grpcio_tools (gh#grpc/grpc#24752).
* Stop the spamming log generated by ctrl-c for AsyncIO server
(gh#grpc/grpc#24718).
* [gRPC Easy] Make Well-Known Types Available to Runtime Protos
(gh#grpc/grpc#24478).
* Bump MACOSX_DEPLOYMENT_TARGET to 10.10 for Python (gh#grpc/grpc#24480).
* Make Python 2 an optional dependency for Bazel build (gh#grpc/grpc#24407).
* [Linux] [macOS] Support pre-compiled Python 3.9 wheels (gh#grpc/grpc#24356).
* Update to version 1.33.2:
* [Backport] Implement grpc.Future interface in SingleThreadedRendezvous
(gh#grpc/grpc#24574).
* Update to version 1.33.1:
* [Backport] Make Python 2 an optional dependency for Bazel build
(gh#grpc/grpc#24452).
* Allow asyncio API to be imported as grpc.aio. (gh#grpc/grpc#24289).
* [gRPC Easy] Fix import errors on Windows (gh#grpc/grpc#24124).
* Make version check for importlib.abc in grpcio-tools more stringent
(gh#grpc/grpc#24098).
Added re2 package in version 2024-02-01.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-573=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-573=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-573=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-573=1
* SUSE Linux Enterprise High Performance Computing 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-573=1
* SUSE Linux Enterprise Server 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-573=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-573=1 SUSE-SLE-Product-SUSE-
Manager-Server-4.3-2024-573=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-573=1 SUSE-SLE-
INSTALLER-15-SP4-2024-573=1
* SUSE Linux Enterprise Desktop 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-573=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-573=1 SUSE-SLE-Product-SUSE-
Manager-Retail-Branch-Server-4.3-2024-573=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-573=1 SUSE-SLE-
INSTALLER-15-SP4-2024-573=1
* SUSE Linux Enterprise High Performance Computing 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-573=1
* SUSE Linux Enterprise Server 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-573=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-573=1
* SUSE Linux Enterprise Desktop 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-573=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-573=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-573=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-573=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-573=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-573=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-573=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-573=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-573=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-573=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-573=1
* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-573=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-573=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-573=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-573=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-573=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-573=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python311-grpcio-debuginfo-1.60.0-150400.9.3.2
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* protobuf-java-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* python311-protobuf-4.25.1-150400.9.3.1
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* grpc-devel-1.60.0-150400.8.3.2
* python311-grpcio-1.60.0-150400.9.3.2
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* python-grpcio-debugsource-1.60.0-150400.9.3.2
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* upb-devel-1.60.0-150400.8.3.2
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* re2-devel-20240201-150400.9.3.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* grpc-devel-debuginfo-1.60.0-150400.8.3.2
* openSUSE Leap 15.4 (x86_64)
* libre2-11-32bit-debuginfo-20240201-150400.9.3.1
* libre2-11-32bit-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1
* libabsl2308_0_0-32bit-debuginfo-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-32bit-debuginfo-25.1-150400.9.3.1
* libprotobuf25_1_0-32bit-debuginfo-25.1-150400.9.3.1
* libprotoc25_1_0-32bit-25.1-150400.9.3.1
* libprotoc25_1_0-32bit-debuginfo-25.1-150400.9.3.1
* libabsl2308_0_0-32bit-20230802.1-150400.10.4.1
* libprotobuf25_1_0-32bit-25.1-150400.9.3.1
* openSUSE Leap 15.4 (noarch)
* grpc-source-1.60.0-150400.8.3.2
* python311-abseil-1.4.0-150400.9.3.1
* opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libabsl2308_0_0-64bit-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-64bit-25.1-150400.9.3.1
* libprotoc25_1_0-64bit-debuginfo-25.1-150400.9.3.1
* libprotobuf25_1_0-64bit-25.1-150400.9.3.1
* libprotobuf25_1_0-64bit-debuginfo-25.1-150400.9.3.1
* libprotoc25_1_0-64bit-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-64bit-debuginfo-25.1-150400.9.3.1
* libabsl2308_0_0-64bit-debuginfo-20230802.1-150400.10.4.1
* libre2-11-64bit-debuginfo-20240201-150400.9.3.1
* libre2-11-64bit-20240201-150400.9.3.1
* openSUSE Leap Micro 5.3 (aarch64 ppc64le s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* openSUSE Leap Micro 5.4 (aarch64 ppc64le s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python311-grpcio-debuginfo-1.60.0-150400.9.3.2
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* protobuf-java-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* python311-protobuf-4.25.1-150400.9.3.1
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* grpc-devel-1.60.0-150400.8.3.2
* python311-grpcio-1.60.0-150400.9.3.2
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* python-grpcio-debugsource-1.60.0-150400.9.3.2
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* upb-devel-1.60.0-150400.8.3.2
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* re2-devel-20240201-150400.9.3.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* grpc-devel-debuginfo-1.60.0-150400.8.3.2
* openSUSE Leap 15.5 (noarch)
* grpc-source-1.60.0-150400.8.3.2
* python311-abseil-1.4.0-150400.9.3.1
* opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1
* openSUSE Leap 15.5 (x86_64)
* libre2-11-32bit-debuginfo-20240201-150400.9.3.1
* libre2-11-32bit-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1
* libabsl2308_0_0-32bit-debuginfo-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-32bit-debuginfo-25.1-150400.9.3.1
* libprotobuf25_1_0-32bit-debuginfo-25.1-150400.9.3.1
* libprotoc25_1_0-32bit-25.1-150400.9.3.1
* libprotoc25_1_0-32bit-debuginfo-25.1-150400.9.3.1
* libabsl2308_0_0-32bit-20230802.1-150400.10.4.1
* libprotobuf25_1_0-32bit-25.1-150400.9.3.1
* SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libre2-11-debuginfo-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-25.1-150400.9.3.1
* libre2-11-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libupb37-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* libgrpc37-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libre2-11-debuginfo-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-25.1-150400.9.3.1
* libre2-11-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libupb37-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* libgrpc37-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Manager Proxy 4.3 (x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libre2-11-debuginfo-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-25.1-150400.9.3.1
* libre2-11-20240201-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libupb37-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* libgrpc37-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libprotoc25_1_0-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* abseil-cpp-devel-20230802.1-150400.10.4.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-debugsource-25.1-150400.9.3.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* protobuf-debugsource-25.1-150400.9.3.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* grpc-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* protobuf-debugsource-25.1-150400.9.3.1
* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libgrpc1_60-1.60.0-150400.8.3.2
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-25.1-150400.9.3.1
* libre2-11-20240201-150400.9.3.1
* libupb37-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* libgrpc37-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* re2-debugsource-20240201-150400.9.3.1
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-debugsource-25.1-150400.9.3.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python311-protobuf-4.25.1-150400.9.3.1
* python311-grpcio-debuginfo-1.60.0-150400.9.3.2
* python311-grpcio-1.60.0-150400.9.3.2
* python-grpcio-debugsource-1.60.0-150400.9.3.2
* Python 3 Module 15-SP5 (noarch)
* python311-abseil-1.4.0-150400.9.3.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libprotobuf-lite25_1_0-25.1-150400.9.3.1
* libprotobuf25_1_0-25.1-150400.9.3.1
* libgrpc37-debuginfo-1.60.0-150400.8.3.2
* libupb37-debuginfo-1.60.0-150400.8.3.2
* grpc-debugsource-1.60.0-150400.8.3.2
* libabsl2308_0_0-debuginfo-20230802.1-150400.10.4.1
* protobuf-debugsource-25.1-150400.9.3.1
* libabsl2308_0_0-20230802.1-150400.10.4.1
* libgrpc1_60-1.60.0-150400.8.3.2
* libupb37-1.60.0-150400.8.3.2
* libre2-11-20240201-150400.9.3.1
* protobuf-devel-debuginfo-25.1-150400.9.3.1
* re2-debugsource-20240201-150400.9.3.1
* libprotobuf25_1_0-debuginfo-25.1-150400.9.3.1
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
* libre2-11-debuginfo-20240201-150400.9.3.1
* libgrpc++1_60-debuginfo-1.60.0-150400.8.3.2
* libgrpc++1_60-1.60.0-150400.8.3.2
* grpc-debuginfo-1.60.0-150400.8.3.2
* libgrpc1_60-debuginfo-1.60.0-150400.8.3.2
* libprotoc25_1_0-debuginfo-25.1-150400.9.3.1
* protobuf-devel-25.1-150400.9.3.1
* libprotoc25_1_0-25.1-150400.9.3.1
* libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.3.1
* libgrpc37-1.60.0-150400.8.3.2
* abseil-cpp-devel-20230802.1-150400.10.4.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* abseil-cpp-debugsource-20230802.1-150400.10.4.1
## References:
* https://www.suse.com/security/cve/CVE-2023-32731.html
* https://www.suse.com/security/cve/CVE-2023-32732.html
* https://www.suse.com/security/cve/CVE-2023-33953.html
* https://www.suse.com/security/cve/CVE-2023-44487.html
* https://www.suse.com/security/cve/CVE-2023-4785.html
* https://bugzilla.suse.com/show_bug.cgi?id=1133277
* https://bugzilla.suse.com/show_bug.cgi?id=1182659
* https://bugzilla.suse.com/show_bug.cgi?id=1203378
* https://bugzilla.suse.com/show_bug.cgi?id=1208794
* https://bugzilla.suse.com/show_bug.cgi?id=1212180
* https://bugzilla.suse.com/show_bug.cgi?id=1212182
* https://bugzilla.suse.com/show_bug.cgi?id=1214148
* https://bugzilla.suse.com/show_bug.cgi?id=1215334
* https://jira.suse.com/browse/PED-5014
1
0
21 Feb '24
# Security update for bind
Announcement ID: SUSE-SU-2024:0574-1
Rating: important
References:
* bsc#1219823
* bsc#1219826
* bsc#1219851
* bsc#1219852
* bsc#1219853
* bsc#1219854
Cross-References:
* CVE-2023-4408
* CVE-2023-50387
* CVE-2023-50868
* CVE-2023-5517
* CVE-2023-5679
* CVE-2023-6516
CVSS scores:
* CVE-2023-4408 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-50387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-50387 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-50868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5517 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5679 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6516 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves six vulnerabilities can now be installed.
## Description:
This update for bind fixes the following issues:
Update to release 9.16.48:
* CVE-2023-50387: Fixed a denial-of-service caused by DNS messages containing
a lot of DNSSEC signatures (bsc#1219823).
* CVE-2023-50868: Fixed a denial-of-service caused by NSEC3 closest encloser
proof (bsc#1219826).
* CVE-2023-4408: Fixed a denial-of-service caused by DNS messages with many
different names (bsc#1219851).
* CVE-2023-5517: Fixed a possible crash when nxdomain-redirect was enabled
(bsc#1219852).
* CVE-2023-5679: Fixed a possible crash when bad interaction between DNS64 and
serve-stale, when both of these features are enabled (bsc#1219853).
* CVE-2023-6516: Fixed excessive memory consumption when continuously trigger
the cache database maintenance (bsc#1219854).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-574=1 openSUSE-SLE-15.5-2024-574=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-574=1
* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-574=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* bind-9.16.48-150500.8.16.1
* bind-debugsource-9.16.48-150500.8.16.1
* bind-utils-9.16.48-150500.8.16.1
* bind-debuginfo-9.16.48-150500.8.16.1
* bind-utils-debuginfo-9.16.48-150500.8.16.1
* openSUSE Leap 15.5 (noarch)
* python3-bind-9.16.48-150500.8.16.1
* bind-doc-9.16.48-150500.8.16.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* bind-debugsource-9.16.48-150500.8.16.1
* bind-utils-9.16.48-150500.8.16.1
* bind-debuginfo-9.16.48-150500.8.16.1
* bind-utils-debuginfo-9.16.48-150500.8.16.1
* Basesystem Module 15-SP5 (noarch)
* python3-bind-9.16.48-150500.8.16.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* bind-9.16.48-150500.8.16.1
* bind-debugsource-9.16.48-150500.8.16.1
* bind-debuginfo-9.16.48-150500.8.16.1
* Server Applications Module 15-SP5 (noarch)
* bind-doc-9.16.48-150500.8.16.1
## References:
* https://www.suse.com/security/cve/CVE-2023-4408.html
* https://www.suse.com/security/cve/CVE-2023-50387.html
* https://www.suse.com/security/cve/CVE-2023-50868.html
* https://www.suse.com/security/cve/CVE-2023-5517.html
* https://www.suse.com/security/cve/CVE-2023-5679.html
* https://www.suse.com/security/cve/CVE-2023-6516.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219823
* https://bugzilla.suse.com/show_bug.cgi?id=1219826
* https://bugzilla.suse.com/show_bug.cgi?id=1219851
* https://bugzilla.suse.com/show_bug.cgi?id=1219852
* https://bugzilla.suse.com/show_bug.cgi?id=1219853
* https://bugzilla.suse.com/show_bug.cgi?id=1219854
1
0