- 10.0.0 -> 11.0.0

- Removed 'multipart' import name to avoid conflict with 'multipart' package.
- Actualized upstream VCS location.

- Security fixes (CVE-2024-47874, CVE-2025-54121).

- 1.6.52 (fixes: CVE-2025-66293)

- Note, that v0.3.0-alt1 fixes missing checksum data for *.ko.zst files
  by including *.ko.zst by default (Fixes: OVE-20251204-0001).

- New version
- Drop loongarch patches since it is already fixed by upstream

- 1.25.0 (Fixes: CVE-2025-12819)
- Drop pgbouncer-1.25.0-Fix-build-on-i586.patch (Fix upstream)

- Applied upstream patchset (fixes: CVE-2025-31176, CVE-2025-31178, 
  CVE-2025-31179, CVE-2025-31180, CVE-2025-31181).

- Backport latest 2.9 LTM release for p10.
- Disable Kerberos localauth an2ln plugin for AD/IPA (fixes: CVE-2025-11561).

- Added a note about CWE-489 fixed in 5.3.0.

- 1.25.5 (Fixes: CVE-2025-61727, CVE-2025-61729).

- ^ 3.1.1 -> 3.1.5

- ^ 3.3.9 -> 3.4.4

- v6.12.59 (2025-11-24).
- config: Enable CONFIG_MEMCG_V1=y, CONFIG_CPUSETS_V1=y.
- input: serio: add an alias to the sersev-serio driver.
- sound: hda: enable jack detection in polling mode on Baikal-M.
- sound: hda: add driver for HDA controller on Baikal-M.
- config-rt: CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE=y.
- config: CONFIG_DRM_MGAG200=m.

- Add BR libsqlite3-devel (ALT #56120)

- 1.24.2 (Fixes: CVE-2025-11411)

- 4.11.0 -> 4.12.0 (Fixes: CVE-2025-53644)
- built with gstreamer support (Closes: #56008)

- 1.6.51 (fixes: CVE-2025-64505, CVE-2025-64506, CVE-2025-64720, CVE-2025-65018)

- automated CPAN update

- initial build for ALT Sisyphus

- Fix build

- New version 1.6.2 (Fixes: CVE-2022-0699).

- Remove illegal political lines from readme

- New ESR version.
- Security fixes:
  + CVE-2025-13012 Race condition in the Graphics component
  + CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component
  + CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component
  + CVE-2025-13018 Mitigation bypass in the DOM: Security component
  + CVE-2025-13019 Same-origin policy bypass in the DOM: Workers component
  + CVE-2025-13013 Mitigation bypass in the DOM: Core & HTML component
  + CVE-2025-13020 Use-after-free in the WebRTC: Audio/Video component
  + CVE-2025-13014 Use-after-free in the Audio/Video component
  + CVE-2025-13015 Spoofing issue in Firefox
- provides x-www-browser (Closes: #44717).

- Version 1.5.29 (Fixes: CVE-2025-2337, CVE-2025-2338).

- New upstream microcode datafile 20251111:
  + Update functional issues for Gen12th/13th/14th Core Processors
  + Update functional issues for 4th/5th Xeon Processors
  + Update functional issues for Core Ultra (Series 2)/Ultra 200 V Processors
  + Update functional issues for Core i3 N-Series Processors
  + Update functional issues for Xeon 6500/6700/6900 Processors
  + Update functional issues for Xeon 6700P-B/6500P-B Series SoC with P-Cores
  + Updated microcodes:
    sig 0x000806f4, pf_mask 0x87, rev 0x2b000650
    sig 0x000806f4, pf_mask 0x10, rev 0x2c000410
    sig 0x000806f5, pf_mask 0x87, rev 0x2b000650
    sig 0x000806f5, pf_mask 0x10, rev 0x2c000410
    sig 0x000806f6, pf_mask 0x87, rev 0x2b000650
    sig 0x000806f6, pf_mask 0x10, rev 0x2c000410
    sig 0x000806f7, pf_mask 0x87, rev 0x2b000650
    sig 0x000806f8, pf_mask 0x87, rev 0x2b000650
    sig 0x000806f8, pf_mask 0x10, rev 0x2c000410
    sig 0x00090672, pf_mask 0x07, rev 0x003d
    sig 0x00090675, pf_mask 0x07, rev 0x003d
    sig 0x000906a3, pf_mask 0x80, rev 0x043a
    sig 0x000906a4, pf_mask 0x80, rev 0x043a
    sig 0x000906a4, pf_mask 0x40, rev 0x000b
    sig 0x000a06d1, pf_mask 0x95, rev 0x10003f0
    sig 0x000a06d1, pf_mask 0x20, rev 0xa000124
    sig 0x000a06f3, pf_mask 0x01, rev 0x3000382
    sig 0x000b0650, pf_mask 0x80, rev 0x000a
    sig 0x000b0671, pf_mask 0x32, rev 0x0132
    sig 0x000b0674, pf_mask 0x32, rev 0x0132
    sig 0x000b06a2, pf_mask 0xe0, rev 0x6133
    sig 0x000b06a3, pf_mask 0xe0, rev 0x6133
    sig 0x000b06a8, pf_mask 0xe0, rev 0x6133
    sig 0x000b06d1, pf_mask 0x80, rev 0x0125
    sig 0x000b06e0, pf_mask 0x19, rev 0x001e
    sig 0x000b06f2, pf_mask 0x07, rev 0x003d
    sig 0x000b06f5, pf_mask 0x07, rev 0x003d
    sig 0x000b06f6, pf_mask 0x07, rev 0x003d
    sig 0x000b06f7, pf_mask 0x07, rev 0x003d
    sig 0x000c0652, pf_mask 0x82, rev 0x011a
    sig 0x000c0662, pf_mask 0x82, rev 0x011a
    sig 0x000c0664, pf_mask 0x82, rev 0x011a
    sig 0x000c06a2, pf_mask 0x82, rev 0x011a
    sig 0x000c06f1, pf_mask 0x87, rev 0x210002c0
    sig 0x000c06f2, pf_mask 0x87, rev 0x210002c0
  + New microcode:
    sig 0x000a06e1, pf_mask 0x97, rev 0x1000273

- Patch from gnutls-3.8.11:
  + pkcs11: avoid stack overwrite when initializing a token
    (fixes: CVE-2025-9820).

- Rebuild to reflect fixes since the broken version v1.5-alt2.1
  (Fixes: OVE-20251121-0001).

- 3.5.15 -> 3.5.24 (as required by Kubernetes v1.31.14).
- Fixes:
  + CVE-2024-45337: Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
  + CVE-2024-45338: Non-linear parsing of case-insensitive content in golang.org/x/net/html
  + CVE-2024-51744: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt
  + CVE-2025-22869: Potential denial of service in golang.org/x/crypto
  + CVE-2025-22870: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
  + CVE-2025-22872: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
  + CVE-2025-30204: jwt-go allows excessive memory allocation during header parsing

- 3.5.16 -> 3.5.24 (as required by Kubernetes v1.32.10).

- v6.12.58 (2025-11-13).
- spec: Do not package -domU kernels.
- config: CONFIG_SND_SOC_AMD_ACP_COMMON=m.
- config: CONFIG_SOUNDWIRE_AMD=m.

- new version

- Security fix for CVE-2025-9300.

- Applied debian patchset (fixes: CVE-2024-55549, CVE-2025-24855).

- New version 1.19.0 (Fixes: CVE-2025-47910, CVE-2025-47906).

- New version (fixes: OVE-20251119-0002 Support extra fields for cetificate check dates).

- Version 2.9.12.

- 1.25.4.

- 1.31.13 -> 1.31.14.

- 1.32.9 -> 1.32.10.

- 1.33.5 -> 1.33.6.

- 1.30.12 -> 1.30.14

- 1.31.12 -> 1.31.13.

- 1.32.8 -> 1.32.10.

- 1.33.4 -> 1.33.6.

- 3.5.21 -> 3.5.24 (as required by Kubernetes v1.33.6).

- NMU: fix build with golang 1.25.2.

- New version 2.5.3.
- Disable tests, because need Internet access.

- Updated to 0.20.0.

- New version to 1.1.

- New version 2.6.23 (Fixes: CVE-2025-11230).

- Applied upstream patch (fixes: CVE-2025-54812_1, CVE-2025-54813).

- Applied upstream patch (fixes: CVE-2023-52426, CVE-2024-28757, CVE-2024-45490, CVE-2024-45492).

- Notify the users about new security updates (Fixes: OVE-20251117-0001).
- Display EOL.txt on validate if it exists.

- 2.11 released

- Updated expired GPG keys (Fixes: OVE-20251114-0001).
- Updated README.

- Applied upstream patch (fixes: CVE-2023-1729).
- Applied debian patchs (fixes: CVE-2025-43961, CVE-2025-43962, 
  CVE-2025-43963, CVE-2025-43964).

- Update version to 0.13.4 (fixes: OVE-20251027-0001)

- Added disable cifsacl policy for user
- Improved name Gnome -> GNOME in all policies
- Improved LAPS policy description
- Removed dbus.service policy
- Fix bugs (closes: 54884, 54929, 54944, 54945, 55365, 54400, 55550, 54402, 53920)

- Update to latest release 138.0-7204.158
- Translated Legacy Browser Support policy (closes: 42373)

- Update Policy templates for Firefox 140

- Update Administrative Templates (.admx) default source URL:
  Windows 10 October 2020 Update -> Windows 10 2022 Update (22H2).

- Update policy templates to release 132.0.6834.163

- Removed libgvdb-gir dependency (automatic dependency lookup works)
- Translation files moved to /usr/share/locale/
- Repackaged translations and added bash-completions to pyproject-toml

- Backport new version to c10 branch.

- spec: exclude warnings SC2329 as error

- added the is_nslcd_service_disabled test (thx Sergey Savelev)
- added the is_nscd_service_disabled test (thx Sergey Savelev)
- added the is_list_trusts_validated test (thx Sergey Savelev)
- added the is_dns_lookup_realm_disabled test (thx Sergey Savelev)

- Improve oddjob-gpupdate-dbus-timeout control.
- Initial support build for debian.

- 16.11 (Fixes CVE-2025-12817, CVE-2025-12818)

- 13.23 (Fixes CVE-2025-12817, CVE-2025-12818)

- 14.20 (Fixes CVE-2025-12817, CVE-2025-12818)

- 15.15 (Fixes CVE-2025-12817, CVE-2025-12818)

- 16.11 (Fixes CVE-2025-12817, CVE-2025-12818)
- Fix 1C patch for PG 16.11

- Packaged zone.tab file again.
- Build for p10.

- Rebuilt with the latest tzdata.

- Backport to p10 branch new version with security fixes.

- Backport tzdata translations.

- OVE-20251110-0001: denial of service for NVME adapters on kernels >= 6.12.45
  fix (RAID Intel VROC).

- Updated to version 1.10.1.

- New version.

- Applied upstream patch (fixes CVE-2025-8836, CVE-2025-8837).

- Remove user from package, trivy-java-db can not work on server side
- 20250904-alt1

- Change URL of the AKVIS repository to the russian mirror.

- New version (fixes: CVE-2025-27819, CVE-2025-27818, CVE-2025-27817).

- New version 3.0.0.

- rebuilt with shellcheck 0.11.0

- new version 1.4.0 (with rpmrb script) (ALT bug 56269)

- New version
- Fixes:
  + CVE-2025-2704: possible ASSERT() on OpenVPN servers using --tls-crypt-v2
  + Improve server-side handling of clients sending too long usernames/passwords
  + Bring back configuring of broadcast address on Linux tun/tap interface
  + Linux DCO: repair source IP selection for --multihome
  + Correctly handle case of "route installation fails" for an already-existing
    routes
- Fix format of the OpenSSL license exception in License tag

- Backport new version to c10 branch.

- New version 3.2.2
- Security fixes:
 + CVE-2025-47286 : Remote Code Execution in the backup creation functionality
 + CVE-2025-49145 : Webhooks: check that callbacks signatures meet the documented expectation

- Version 0.2.44

- ^ 2.2.19 -> 2.2.21

- Applied debian patch (fixes: CVE-2025-62168).

- new version

- Backport to c10f2 (linux 6.12, but older toolchain).

- backport to c10f2

- new version 20251009 (with rpmrb script)

- Applied upstream patch (fixes: CVE-2024-45491).

- Applied security fixes from upstream (Fixes: CVE-2025-6021).

- Initial build with fixes for 6.12

- Build for kernel-image-6.12-6.12.56-alt0.c10f.2.

- 8.0.2 (Fixed: CVE-2025-64344, CVE-2025-64333, CVE-2025-64332, CVE-2025-64331,
  CVE-2025-64330, CVE-2025-64335, CVE-2025-64334)

- New version (fixes: CVE-2025-53057, CVE-2025-53066).

- New version 18.5.0

- Tuned podsec-k8s-save-oci, podsec-save-oci scripts.
- Added 0/27/3/kube-flannel.yml manifest.
- Resolved CVE-2025-4563, CVE-2025-4563 in kubernetes version 1.33

- New version (fixes: CVE-2025-53057, CVE-2025-53066).

- Applied debian patch (fixes: CVE-2014-3539).

- Backport new version with security fix to c10 branch.

- 7.0.20 (Fixes: CVE-2025-49641)

- 7.0.20

- 7.0.20

- 7.0.20

- v6.12.56 (2025-10-29).

- Initial build for Sisyphus.

- added legacy libgd2-devel provides

- Applied upstream patch to fix memory over-read in ngx_mail_smtp_module
  during SMTP auth (Fixes: CVE-2025-53859)

- Remove PrivateDevices=true from service file (ALT #56728).

- Backport to p10 branch.

- 1.0.9 (Fixes CVE-2025-20260)
- Add vendoring for rust
- Update patches
- Change soname 9 -> 11
- Use cmake for build
- Use PrivateMirror's by default
- Set Conflicts and Obsolete to "< %version-%release" (ALT #56685)

- limit CTRL-EVENT-SIGNAL-CHANGE log messages (closes: 54973)

- upstream: plug-ins: ZDI-CAN-26752 mitigation (fixes: CVE-2025-5473)
- upstream: plug-ins: Fix ZDI-CAN-25100 for FLI plug-in (fixes: CVE-2025-2761)
- upstream: plug-ins/dds: fix #12790 for 32-bit (fixes: CVE-2025-2760)
- upstream: plug-ins: Integer Overflow or Wraparound in Despeckle (fixes: CVE-2025-6035)

- Fix url/cvs.

- New features:
  + Add machine-readable power of attorney (MRPA) support.
  + ZIP archives supports.
  + Attached and detached signature files support.

- Fix scroll and save in PDF mode (Closes: #56649, #56655)

- Applied upstream patch (fixes: CVE-2022-4132).

- cherry pick upstream fixes for CVE-2025-62229, CVE-2025-62230, CVE-2025-62231

- cherry pick upstream fixes for CVE-2025-62229, CVE-2025-62230, CVE-2025-62231

- The .NET 8.0.21 and .NET SDK 8.0.121 release
- update sources' URLs
- fixed CVEs:
 + CVE-2025-55248: .NET Information Disclosure Vulnerability
 + CVE-2025-55315: .NET Security Feature Bypass Vulnerability
 + CVE-2025-55247: .NET Denial of Service Vulnerability
 + CVE-2025-26646: .NET and Visual Studio Spoofing Vulnerability
 + CVE-2025-26682: .NET Denial of Service Vulnerability
 + CVE-2025-24070: .NET Elevation of Privilege Vulnerability

- .NET 8.0.21 release
- fixed CVEs:
  + CVE-2025-55248: .NET Information Disclosure Vulnerability

- .NET SDK 8.0.121 release
- fixed CVEs:
 + CVE-2025-26646: .NET and Visual Studio Spoofing Vulnerability
 + CVE-2025-30399: .NET Remote Code Execution Vulnerability

- ASP.NET 8.0.21 release
- fixed CVEs:
 + CVE-2025-24070: .NET Elevation of Privilege Vulnerability
 + CVE-2025-26682: .NET Denial of Service Vulnerability
 + CVE-2025-55315: .NET Security Feature Bypass Vulnerability

- 1.33.3

- added commit af2aa88ab with null pointer dereference fix (Fixes CVE-2025-2588)

- New ESR version.
- Security fixes:
  + CVE-2025-11708 Use-after-free in MediaTrackGraphImpl::GetInstance()
  + CVE-2025-11709 Out of bounds read/write in a privileged process triggered by WebGL textures
  + CVE-2025-11710 Cross-process information leaked due to malicious IPC messages
  + CVE-2025-11711 Some non-writable Object properties could be modified
  + CVE-2025-11712 An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
  + CVE-2025-11713 Potential user-assisted code execution in 'Copy as cURL' command
  + CVE-2025-11714 Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
  + CVE-2025-11715 Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144

- 4.4.10 (Fixes: CVE-2025-11626)

- Backported to c10f2.

- Updated to 3.8.6 (ALT#49734) (fixes CVE-2023-51764).
- Fixed the pluginization patch to remove (harmless) warnings related to
  loading of unimplemented mkmap_ plugins (ALT#48908).

- Applied debian patch (fixes: CVE-2025-48174,CVE-2025-48175).

- Updated to 3.7.1 (fixes CVE-2025-26625).

- Applied security fixes from upstream (Fixes: CVE-2024-56171, CVE-2025-32415, CVE-2025-24928).

- Applied upstream patch (fixes: CVE-2022-43550).

- New version.

- fix: change user home directory name in sharestatedir to trivy
- 20250904-alt1

- 2.0.5
- Add lost %install section

- 2.0.5
- Add lost %install section

- 2.0.5
- Add lost %install section

- 2.0.5
- Add lost %install section

- 1.24.1 (Fixes: CVE-2025-11411)

- Applied upstream patch (fixes: CVE-2025-59362).

- Infer vlan_raw_device from interface name of form id.VID (ALT #44032).
- Fix "VLAN aware" flag in web client not setting VIDS in etcnet options.
- Fixes:
  + OVE-20251008-0001: Failure to set vlan raw device for vlan interfaces
  + OVE-20251008-0002: Failure to set vlan ids on bridge in vlan aware mode

- Include brivlanport in the list of known interface groups
- Fixes:
  + OVE-20251010-0001: Failure to configure brivlanport interface type

- E2K: drop chrpath as unneeded

- Backported to c10f2 branch (new standalone package).

- Applied upstream patch (fixed CVE-2025-6297).

- Add lost postgresql16-1C-contrib for deploy

- No build for older unsupported and vulnerable versions PostgreSQL (Fixes: OVE-20251020-0002)
- Build for postgresql16-1C (Fixes: OVE-20251020-0003):
    * resolving dependencies on postgresql packages postgresql-1C-deploy-cert
- Fix service name (Fixes: OVE-20251020-0001):
    * Error 'Unit file does not exist' when installing/updating a package (ALT #53502)

- No build for older unsupported and vulnerable versions PostgreSQL (Fixes: OVE-20251020-0002)
- Build for postgresql16-1C (Fixes: OVE-20251020-0003):
    * resolving dependencies on postgresql packages postgresql-1C-deploy-cert
- Fix service name (Fixes: OVE-20251020-0001):
    * Error 'Unit file does not exist' when installing/updating a package (ALT #53502)

- No build for older unsupported and vulnerable versions PostgreSQL (Fixes: OVE-20251020-0002)
- Build for postgresql16-1C (Fixes: OVE-20251020-0003):
    * resolving dependencies on postgresql packages postgresql-1C-deploy-cert
- Fix service name (Fixes: OVE-20251020-0001):
    * Error 'Unit file does not exist' when installing/updating a package (ALT #53502)

- No build for older unsupported and vulnerable versions PostgreSQL (Fixes: OVE-20251020-0002)
- Build for postgresql16-1C (Fixes: OVE-20251020-0003):
    * resolving dependencies on postgresql packages postgresql-1C-deploy-cert
- Fix service name (Fixes: OVE-20251020-0001):
    * Error 'Unit file does not exist' when installing/updating a package (ALT #53502)

- No build for older unsupported and vulnerable versions PostgreSQL (Fixes: OVE-20251020-0002)
- Build for postgresql16-1C (Fixes: OVE-20251020-0003):
    * resolving dependencies on postgresql packages postgresql-1C-deploy-cert
- Fix service name (Fixes: OVE-20251020-0001):
    * Error 'Unit file does not exist' when installing/updating a package (ALT #53502)

- Add coverage support
- Fixed run regressions tests (Fixes: OVE-20251020-0004):
    * Add run test regressions (64-bit arch only)
    * Add 00002-1C-Fix-test-join.patch and 00003-1C-Fix-test-sysviews.patch
- Fixed checking checksums on a schedule and at each start (Fixes: OVE-20251020-0005):
    * Add Requires to pg_checksums
    * Add postgresql-check-db
- Setting a mandatory password during cluster initialization (Fixes: OVE-20251020-0006)

- new version

- security fix CVE-2020-13956: misinterpret malformed authority

- security fix:
  + CVE-2021-37533: FTP client trusts the host from PASV

- 3.5.16 -> 3.5.23
- Fixes:
  + CVE-2024-45337: Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto
  + CVE-2024-45338: Non-linear parsing of case-insensitive content in golang.org/x/net/html
  + CVE-2024-51744: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt
  + CVE-2025-22869: Potential denial of service in golang.org/x/crypto
  + CVE-2025-22870: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net
  + CVE-2025-22872: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
  + CVE-2025-30204: jwt-go allows excessive memory allocation during header parsing

- The .NET 9.0.10 and .NET SDK 9.0.111 release
- fixed CVEs:
 + CVE-2025-24070: .NET Elevation of Privilege Vulnerability
 + CVE-2025-26682: .NET Denial of Service Vulnerability
 + CVE-2025-26646: .NET and Visual Studio Spoofing Vulnerability
 + CVE-2025-30399: .NET Remote Code Execution Vulnerability
 + CVE-2025-55248: .NET Information Disclosure Vulnerability
 + CVE-2025-55315: .NET Security Feature Bypass Vulnerability
 + CVE-2025-55247: .NET Denial of Service Vulnerability

- .NET 9.0.10
- fixed CVEs:
 + CVE-2025-55248: .NET Information Disclosure Vulnerability

- .NET SDK 9.0.111 release
- fixed CVEs:
 + CVE-2025-26646: .NET and Visual Studio Spoofing Vulnerability
 + CVE-2025-30399: .NET Remote Code Execution Vulnerability
 + CVE-2025-55247: .NET Denial of Service Vulnerability

- ASP.NET 9.0.10 release
- fixed CVEs:
 + CVE-2025-24070: .NET Elevation of Privilege Vulnerability
 + CVE-2025-26682: .NET Denial of Service Vulnerability
 + CVE-2025-55315: .NET Security Feature Bypass Vulnerability

- new version 10.12

- vcrun2019: Install correct version of msvcp140.dll into 64bit
- ie8: removed dll that cannot be registered
- redo opensymbol download, remove w_try_ar function

- new version (10.1.0) with rpmgs script

- new version 2.47.4 (with rpmrb script)

- Added altsp keys.

- ^ 2.2.6.3 -> 2.2.19

- 5.4.5 -> 5.4.7.
- Apply patches by Lasse Collin to fix CVE-2025-31115.

- Applied upstream patch (fixed CVE-2025-9566).

- 1.24.5.

- 0.2.13
- Update url for altlinux docker images

- Fixed gopls version detection.

- v6.12.51 (2025-10-06).

- Applied security fixes from upstream (Fixes: CVE-2025-9714).

- Fixes:
  + CVE-2025-9900 Write-what-where condition

- applied patch from Debian to fix integer
  overflow in gsl_siman_solve_many (Fixes: CVE-2024-50610)

- Split package by database backends (Berkeley DB and SQLite).
- Put all utilites in the single package.
- Add alternative for utilities to be able to install them in parallel.
- Make bf_tar use tar instead of pax.
- Move contrib to _datadir.
- Move docs in to separate package.
- Fix License tag.

- initial build for ALT Sisyphus

- new version 2.89 (with rpmrb script)

- new version (0.3) with rpmgs script

- Backported upstream fixes (required by freeipa CVE-2025-7493).

- Backported upstream fixes (fixes: CVE-2025-7493).

- New version (fixes: CVE-2025-48924, CVE-2025-7962).

- Applied upstream patchs (fixes: CVE-2025-5244, CVE-2025-5245).

- Applied upstream patch (fixed CVE-2024-9287).

- Fix filetrigger (postinst) invocation.
- spec: Add filetrigger test in checkinstall.

- Applied upstream patch (fixed CVE-2024-57822, CVE-2024-57823).

- security fix:
  + CVE-2021-46877: denial of service

- 7.2.11 (Fixes: CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819).

- 2.4.13 -> 2.4.14

- Backport to c10f2.

- new version

- Return javax.enterprise.inject.spi.
- Fix license name according to SPDX.

- Required commons-compress.jar for cli.sh.
- Used CLASSPATH from common.sh in cli.sh.

- 3.5.29.
- Fix FTBFS on ix86.

- Updated to 3.6.1 (fixes CVE-2024-53263)

- bump version

- New version 10.06.0.

- New version 0.10.1 (Fixes: CVE-2025-49133).

- 7.0.19 (Fixes: CVE-2025-27233, CVE-2025-27238, CVE-2025-27240)

- 7.0.19

- 7.0.19

- 7.0.19

- Backported upstream security fix (fixes CVE-2024-28085).

- OVE-20250930-0001: Fix the inability to enable/disable the service.

- update node-ip to 2.0.1 (CVE-2023-42282)
- update node-ip to 2.0.2 from fork https://github.com/eggjs/node-ip (CVE-2024-29415)
- update brace-expansion to 1.1.12 and 2.0.2 (CVE-2025-5889)
- update tar to 6.2.1 (CVE-2024-28863)

- 13.0.5 (CVE-2025-41244)

- indexhtml.desktop: use xdg-open instead xbrowser
- os-release: add LOGO

- indexhtml.desktop: use xdg-open instead xbrowser
- os-release: add LOGO

- Applied debian patch (fixed CVE-2018-13410).

- new version (fixes: CVE-2025-8114 CVE-2025-8277)

- New LTS version 2.33.2 (Fixes: CVE-2025-4676, CVE-2025-47907).

- New LTS version 2.33.2.

- Updated key updates@

- cherry pick upstream fixes for CVE-2025-26594

- cherry pick upstream fixes for CVE-2025-26594

- Security fixes:
  + CVE-2025-5999
  + CVE-2025-6000
  + CVE-2025-6004
  + CVE-2025-6010
  + CVE-2025-6011

- Update to 0.27.3.
- Fixes:
  + CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2

- new version 0.40.3

- v6.12.48 (2025-09-19).

- 7.1.2.2 -> 7.1.2.3 (Fixes: CVE-2025-57807)

- Applied upstream patch (fixed CVE-2024-52304).

- fixed CVE-2024-47606

- Applied upstream patchs (fixes: CVE-2021-45078, CVE-2022-4285, CVE-2022-47008,
  CVE-2022-47011, CVE-2022-47695, CVE-2022-48063, CVE-2021-46174, CVE-2022-47007,
  CVE-2022-47010, CVE-2022-47673, CVE-2022-47696, CVE-2023-1972, CVE-2022-48064,
  CVE-2022-38533, CVE-2022-44840, CVE-2022-44840).

- Applied upstream patch (fixed CVE-2023-46045).

- New version (fixes: CVE-2025-58057, CVE-2025-58056).

- new version 1.7.19 (fixes CVE-2025-57052).

- Patch from Fedora:
  + ps: Fix possible buffer overflow in -C option (fixes: CVE-2023-4016).
- Fixed NEWS file.
- spec: added a knob to build without systemd (by Alexey Sheplyakov)
- Makefile.am: fixed build without systemd (by Alexey Sheplyakov)

- new version 8.0.33

- Applied upstream patch (fixed CVE-2022-38223).

- Fixes:
  + CVE-2025-8961 Improper bounds checking on memory operations

- Fixed CVE-2024-56201, CVE-2024-56326, CVE-2025-27516.

- OVE-20250919-0006: Revert "move tools and libs to /usr"

- 2.5.4

- Applied upstream patch (fixed CVE-2025-50181).

- mozilla: sync with nss-3.111.

- Initial build.

- Add ignore-missing flag

- New version.

- Backport new version to p10 branch.

- use thunderbird_arch macro for kde-email-client files

- Set maximum supported version to 200 (ALT #55745).

- Use the thunderbird_arch macro for the thunderbird requirement.

- New backported version (141.0.3) in c10f2 branch.

- delete max version from python3-module-glance_store requirement

- Update to 1.35.0 (2025-08-26) (Fixes: CVE-2025-1695).

- New version 0.9.30.

- 4.4.9 (Fixes: CVE-2025-9817)

- automated CPAN update

- New git snapshot (v1.9.0-1113-g84874a85).

- Specified closed security vulnerabilities (Fixes: CVE-2025-58058).

- Fixed EnvironmentFile variable in mimir.service.

- 3.5.0

- Fixes:
  + CVE-2025-9732 Out-of-bounds Write

- 4.5.1 -> 4.5.2 (Fixes: CVE-2025-9019)

- Applied upstream patch (fixed CVE-2024-31047).

- update by mgaimport

- new version 3.18.6

- New version (Closes: 48272)
  - fix build for perl >= 5.37.1.
  - fix SIGSEGV crash due to wrong use of perl_parse()
- Update Apache::Reload module to 1.14