LibXSLT, AWS-CLI, Kernel, and more updates for SUSE

SUSE 5476 Published 2025-10-24 07:10 by Philipp Esselbach

News

SUSE-SU-2025:3743-1: important: Security update for libxslt

# Security update for libxslt

Announcement ID: SUSE-SU-2025:3743-1
Release Date: 2025-10-23T06:20:46Z
Rating: important
References:

* bsc#1251979

Cross-References:

* CVE-2025-11731

CVSS scores:

* CVE-2025-11731 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11731 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-11731 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves one vulnerability can now be installed.

## Description:

This update for libxslt fixes the following issues:

* CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function that
could cause a denial of service (bsc#1251979)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2025-3743=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3743=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3743=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3743=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2025-3743=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-3743=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3743=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3743=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libxslt-python-debugsource-1.1.32-150000.3.28.1
* libxslt-python-1.1.32-150000.3.28.1
* libxslt-python-debuginfo-1.1.32-150000.3.28.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libxslt-tools-debuginfo-1.1.32-150000.3.28.1
* libxslt-tools-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt1-1.1.32-150000.3.28.1
* libxslt-devel-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* libxslt-tools-debuginfo-1.1.32-150000.3.28.1
* libxslt-tools-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt1-1.1.32-150000.3.28.1
* libxslt-devel-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libxslt-tools-debuginfo-1.1.32-150000.3.28.1
* libxslt-tools-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt1-1.1.32-150000.3.28.1
* libxslt-devel-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libxslt-tools-debuginfo-1.1.32-150000.3.28.1
* libxslt-tools-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt1-1.1.32-150000.3.28.1
* libxslt-devel-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* libxslt1-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* libxslt1-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* libxslt1-1.1.32-150000.3.28.1
* libxslt1-debuginfo-1.1.32-150000.3.28.1
* libxslt-debugsource-1.1.32-150000.3.28.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11731.html
* https://bugzilla.suse.com/show_bug.cgi?id=1251979

SUSE-SU-2025:3744-1: important: Security update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest ...

# Security update for aws-cli, local-npm-registry, python-boto3, python-
botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-
pytest-cov, python-pytest-html, python-pytest-metada

Announcement ID: SUSE-SU-2025:3744-1
Release Date: 2025-10-23T06:23:52Z
Rating: important
References:

* bsc#1231562
* bsc#1231688
* bsc#1233852
* bsc#1244343
* bsc#1245288
* bsc#1245289

Cross-References:

* CVE-2024-21538
* CVE-2024-48948
* CVE-2024-48949
* CVE-2025-5889
* CVE-2025-6545
* CVE-2025-6547

CVSS scores:

* CVE-2024-21538 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-21538 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-21538 ( NVD ): 7.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2024-21538 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-48948 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-48948 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-48948 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-48949 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-48949 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
* CVE-2024-48949 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2024-48949 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-5889 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-5889 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2025-5889 ( NVD ): 1.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-5889 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-6545 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-6545 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-6545 ( NVD ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-6547 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-6547 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-6547 ( NVD ): 9.1
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* Public Cloud Module 15-SP7
* Python 3 Module 15-SP6
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP6

An update that solves six vulnerabilities can now be installed.

## Description:

This update for aws-cli, local-npm-registry, python-boto3, python-botocore,
python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov,
python-pytest-html, python-pytest-metadata, python-pytest-mock contains the
following fixes:

Changes in aws-cli: \- Update to 1.33.26 * api-change:`acm-pca`: Minor
refactoring of C2J model for AWS Private CA * api-change:`arc-zonal-shift`: Adds
the option to subscribe to get notifications when a zonal autoshift occurs in a
region. * api-change:`globalaccelerator`: This feature adds exceptions to the
Customer API to avoid throwing Internal Service errors * api-change:`pinpoint`:
Add v2 smoke tests and smithy smokeTests trait for SDK testing. * api-
change:`quicksight`: Vega ally control options and Support for Reviewed Answers
in Topics \- from version 1.33.25 * api-change:`batch`: This feature allows AWS
Batch Jobs with EKS container orchestration type to be run as Multi-Node
Parallel Jobs. * api-change:`bedrock`: Add support for contextual grounding
check for Guardrails for Amazon Bedrock. * api-change:`bedrock-agent`:
Introduces new data sources and chunking strategies for Knowledge bases,
advanced parsing logic using FMs, session summary generation, and code
interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces
Prompt Flows (preview) to link prompts, foundational models, and resources. *
api-change:`bedrock-agent-runtime`: Introduces query decomposition, enhanced
Agents integration with Knowledge bases, session summary generation, and code
interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces
Prompt Flows (preview) to link prompts, foundational models, and resources for
end-to-end solutions. * api-change:`bedrock-runtime`: Add support for contextual
grounding check and ApplyGuardrail API for Guardrails for Amazon Bedrock. * api-
change:`ec2`: Add parameters to enable provisioning IPAM BYOIPv4 space at a
Local Zone Network Border Group level * api-change:`glue`: Add recipe step
support for recipe node * api-change:`groundstation`: Documentation update
specifying OEM ephemeris units of measurement * api-change:`license-manager-
linux-subscriptions`: Add support for third party subscription providers,
starting with RHEL subscriptions through Red Hat Subscription Manager (RHSM).
Additionally, add support for tagging subscription provider resources, and
detect when an instance has more than one Linux subscription and notify the
customer. * api-change:`mediaconnect`: AWS Elemental MediaConnect introduces the
ability to disable outputs. Disabling an output allows you to keep the output
attached to the flow, but stop streaming to the output destination. A disabled
output does not incur data transfer costs. \- from version 1.33.24 * api-
change:`datazone`: This release deprecates dataProductItem field from
SearchInventoryResultItem, along with some unused DataProduct shapes * api-
change:`fsx`: Adds support for FSx for NetApp ONTAP 2nd Generation file systems,
and FSx for OpenZFS Single AZ HA file systems. * api-change:`opensearch`: This
release adds support for enabling or disabling Natural Language Query Processing
feature for Amazon OpenSearch Service domains, and provides visibility into the
current state of the setup or tear-down. * api-change:`sagemaker`: This release
1/ enables optimization jobs that allows customers to perform Ahead-of-time
compilation and quantization. 2/ allows customers to control access to Amazon Q
integration in SageMaker Studio. 3/ enables AdditionalModelDataSources for
CreateModel action. \- from version 1.33.23 * api-change:`codedeploy`: Add v2
smoke tests and smithy smokeTests trait for SDK testing. * api-
change:`devicefarm`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing. * api-change:`dms`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing. * api-change:`elasticbeanstalk`: Add v2 smoke tests and smithy
smokeTests trait for SDK testing. * api-change:`es`: Add v2 smoke tests and
smithy smokeTests trait for SDK testing. * api-change:`firehose`: Add v2 smoke
tests and smithy smokeTests trait for SDK testing. * api-change:`gamelift`: Add
v2 smoke tests and smithy smokeTests trait for SDK testing. * api-
change:`qapps`: This is a general availability (GA) release of Amazon Q Apps, a
capability of Amazon Q Business. Q Apps leverages data sources your company has
provided to enable users to build, share, and customize apps within your
organization. * api-change:`route53resolver`: Add v2 smoke tests and smithy
smokeTests trait for SDK testing. * api-change:`ses`: Add v2 smoke tests and
smithy smokeTests trait for SDK testing. \- from version 1.33.22 * api-
change:`acm`: Documentation updates, including fixes for xml formatting, broken
links, and ListCertificates description. * api-change:`ecr`: This release for
Amazon ECR makes change to bring the SDK into sync with the API. * api-
change:`payment-cryptography-data`: Added further restrictions on logging of
potentially sensitive inputs and outputs. * api-change:`qbusiness`: Add
personalization to Q Applications. Customers can enable or disable
personalization when creating or updating a Q application with the
personalization configuration. \- from version 1.33.21 * api-
change:`application-autoscaling`: Doc only update for Application Auto Scaling
that fixes resource name. * api-change:`directconnect`: This update includes
documentation for support of new native 400 GBps ports for Direct Connect. *
api-change:`organizations`: Added a new reason under
ConstraintViolationException in RegisterDelegatedAdministrator API to prevent
registering suspended accounts as delegated administrator of a service. * api-
change:`rekognition`: This release adds support for tagging projects and
datasets with the CreateProject and CreateDataset APIs. * api-
change:`workspaces`: Fix create workspace bundle RootStorage/UserStorage to
accept non null values \- Refresh patches for new version \- Update Requires
from setup.py

* Update to 1.33.20
* api-change:`ec2`: Documentation updates for Elastic Compute Cloud (EC2).
* api-change:`fms`: Increases Customer API's ManagedServiceData length
* api-change:`s3`: Added response overrides to Head Object requests.
* from version 1.33.19
* api-change:`apigateway`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:`cognito-identity`: Add v2 smoke tests and smithy smokeTests
trait for SDK testing.
* api-change:`connect`: Authentication profiles are Amazon Connect resources
(in gated preview) that allow you to configure authentication settings for
users in your contact center. This release adds support for new
ListAuthenticationProfiles, DescribeAuthenticationProfile and
UpdateAuthenticationProfile APIs.
* api-change:`docdb`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`eks`: Updates EKS managed node groups to support EC2 Capacity
Blocks for ML
* api-change:`payment-cryptography`: Added further restrictions on logging of
potentially sensitive inputs and outputs.
* api-change:`payment-cryptography-data`: Adding support for dynamic keys for
encrypt, decrypt, re-encrypt and translate pin functions. With this change,
customers can use one-time TR-31 keys directly in dataplane operations
without the need to first import them into the service.
* api-change:`stepfunctions`: Add v2 smoke tests and smithy smokeTests trait
for SDK testing.
* api-change:`swf`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`wafv2`: JSON body inspection: Update documentation to clarify
that JSON parsing doesn't include full validation.
* from version 1.33.18
* api-change:`acm-pca`: Added CCPC_LEVEL_1_OR_HIGHER
KeyStorageSecurityStandard and SM2 KeyAlgorithm and SM3WITHSM2
SigningAlgorithm for China regions.
* api-change:`cloudhsmv2`: Added 3 new APIs to support backup sharing:
GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added
BackupArn to the output of the DescribeBackups API. Added support for
BackupArn in the CreateCluster API.
* api-change:`connect`: This release supports showing PreferredAgentRouting
step via DescribeContact API.
* api-change:`emr`: This release provides the support for new allocation
strategies i.e. CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for
On-Demand by taking input of priority value for each instance type for
instance fleet clusters.
* api-change:`glue`: Added AttributesToGet parameter to Glue GetDatabases,
allowing caller to limit output to include only the database name.
* api-change:`kinesisanalyticsv2`: Support for Flink 1.19 in Managed Service
for Apache Flink
* api-change:`opensearch`: This release removes support for enabling or
disabling Natural Language Query Processing feature for Amazon OpenSearch
Service domains.
* api-change:`pi`: Noting that the filter db.sql.db_id isn't available for RDS
for SQL Server DB instances.
* api-change:`workspaces`: Added support for Red Hat Enterprise Linux 8 on
Amazon WorkSpaces Personal.
* from version 1.33.17
* api-change:`application-autoscaling`: Amazon WorkSpaces customers can now
use Application Auto Scaling to automatically scale the number of virtual
desktops in a WorkSpaces pool.
* api-change:`chime-sdk-media-pipelines`: Added Amazon Transcribe multi
language identification to Chime SDK call analytics. Enabling customers
sending single stream audio to generate call recordings using Chime SDK call
analytics
* api-change:`cloudfront`: Doc only update for CloudFront that fixes customer-
reported issue
* api-change:`datazone`: This release supports the data lineage feature of
business data catalog in Amazon DataZone.
* api-change:`elasticache`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:`mq`: This release makes the EngineVersion field optional for
both broker and configuration and uses the latest available version by
default. The AutoMinorVersionUpgrade field is also now optional for broker
creation and defaults to 'true'.
* api-change:`qconnect`: Adds CreateContentAssociation,
ListContentAssociations, GetContentAssociation, and DeleteContentAssociation
APIs.
* api-change:`quicksight`: Adding support for Repeating Sections, Nested
Filters
* api-change:`rds`: Updates Amazon RDS documentation for TAZ export to S3.
* api-change:`sagemaker`: Add capability for Admins to customize Studio
experience for the user by showing or hiding Apps and MLTools.
* api-change:`workspaces`: Added support for WorkSpaces Pools.
* from version 1.33.16
* api-change:`controltower`: Added ListLandingZoneOperations API.
* api-change:`eks`: Added support for disabling unmanaged addons during
cluster creation.
* api-change:`ivs-realtime`: IVS Real-Time now offers customers the ability to
upload public keys for customer vended participant tokens.
* api-change:`kinesisanalyticsv2`: This release adds support for new
ListApplicationOperations and DescribeApplicationOperation APIs. It adds a
new configuration to enable system rollbacks, adds field
ApplicationVersionCreateTimestamp for clarity and improves support for
pagination for APIs.
* api-change:`opensearch`: This release adds support for enabling or disabling
Natural Language Query Processing feature for Amazon OpenSearch Service
domains, and provides visibility into the current state of the setup or
tear-down.
* from version 1.33.15
* api-change:`autoscaling`: Doc only update for Auto Scaling's
TargetTrackingMetricDataQuery
* api-change:`ec2`: This release is for the launch of the new
u7ib-12tb.224xlarge, R8g, c7gn.metal and mac2-m1ultra.metal instance types
* api-change:`networkmanager`: This is model changes & documentation update
for the Asynchronous Error Reporting feature for AWS Cloud WAN. This feature
allows customers to view errors that occur while their resources are being
provisioned, enabling customers to fix their resources without needing
external support.
* api-change:`workspaces-thin-client`: This release adds the
deviceCreationTags field to CreateEnvironment API input, UpdateEnvironment
API input and GetEnvironment API output.
* from version 1.33.14
* api-change:`bedrock-runtime`: Increases Converse API's document name length
* api-change:`customer-profiles`: This release includes changes to
ProfileObjectType APIs, adds functionality top set and get capacity for
profile object types.
* api-change:`ec2`: Fix EC2 multi-protocol info in models.
* api-change:`qbusiness`: Allow enable/disable Q Apps when creating/updating a
Q application; Return the Q Apps enablement information when getting a Q
application.
* api-change:`ssm`: Add sensitive trait to SSM IPAddress property for
CloudTrail redaction
* api-change:`workspaces-web`: Added ability to enable DeepLinking
functionality on a Portal via UserSettings as well as added support for
IdentityProvider resource tagging.
* from version 1.33.13
* api-change:`bedrock-runtime`: This release adds document support to Converse
and ConverseStream APIs
* api-change:`codeartifact`: Add support for the Cargo package format.
* api-change:`compute-optimizer`: This release enables AWS Compute Optimizer
to analyze and generate optimization recommendations for Amazon RDS MySQL
and RDS PostgreSQL.
* api-change:`cost-optimization-hub`: This release enables AWS Cost
Optimization Hub to show cost optimization recommendations for Amazon RDS
MySQL and RDS PostgreSQL.
* api-change:`dynamodb`: Doc-only update for DynamoDB. Fixed Important note in
6 Global table APIs - CreateGlobalTable, DescribeGlobalTable,
DescribeGlobalTableSettings, ListGlobalTables, UpdateGlobalTable, and
UpdateGlobalTableSettings.
* api-change:`glue`: Fix Glue paginators for Jobs, JobRuns, Triggers,
Blueprints and Workflows.
* api-change:`ivs-realtime`: IVS Real-Time now offers customers the ability to
record individual stage participants to S3.
* api-change:`sagemaker`: Adds support for model references in Hub service,
and adds support for cross-account access of Hubs
* api-change:`securityhub`: Documentation updates for Security Hub
* from version 1.33.12
* api-change:`artifact`: This release adds an acceptanceType field to the
ReportSummary structure (used in the ListReports API response).
* api-change:`athena`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`cur`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`directconnect`: Add v2 smoke tests and smithy smokeTests trait
for SDK testing.
* api-change:`elastictranscoder`: Add v2 smoke tests and smithy smokeTests
trait for SDK testing.
* api-change:`opensearch`: This release enables customers to use JSON Web
Tokens (JWT) for authentication on their Amazon OpenSearch Service domains.
* from version 1.33.11
* api-change:`bedrock-runtime`: This release adds support for using Guardrails
with the Converse and ConverseStream APIs.
* api-change:`cloudtrail`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:`config`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`eks`: This release adds support to surface async fargate
customer errors from async path to customer through describe-fargate-profile
API response.
* api-change:`lightsail`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:`polly`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`rekognition`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:`sagemaker`: Launched a new feature in SageMaker to provide
managed MLflow Tracking Servers for customers to track ML experiments. This
release also adds a new capability of attaching additional storage to
SageMaker HyperPod cluster instances.
* api-change:`shield`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`snowball`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* from version 1.33.10
* api-change:`acm-pca`: Doc-only update that adds name constraints as an
allowed extension for ImportCertificateAuthorityCertificate.
* api-change:`batch`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`codebuild`: AWS CodeBuild now supports global and organization
GitHub webhooks
* api-change:`cognito-idp`: Add v2 smoke tests and smithy smokeTests trait for
SDK testing.
* api-change:`ds`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`efs`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`glue`: This release introduces a new feature, Usage profiles.
Usage profiles allow the AWS Glue admin to create different profiles for
various classes of users within the account, enforcing limits and defaults
for jobs and sessions.
* api-change:`mediaconvert`: This release includes support for creating
I-frame only video segments for DASH trick play.
* api-change:`secretsmanager`: Doc only update for Secrets Manager
* api-change:`waf`: Add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* from version 1.33.9
* api-change:`datazone`: This release introduces a new default service
blueprint for custom environment creation.
* api-change:`ec2`: Documentation updates for Amazon EC2.
* api-change:`macie2`: This release adds support for managing the status of
automated sensitive data discovery for individual accounts in an
organization, and determining whether individual S3 buckets are included in
the scope of the analyses.
* api-change:`mediaconvert`: This release adds the ability to search for
historical job records within the management console using a search box
and/or via the SDK/CLI with partial string matching search on input file
name.
* api-change:`route53domains`: Add v2 smoke tests and smithy smokeTests trait
for SDK testing.
* from version 1.33.8
* api-change:`cloudhsmv2`: Added support for hsm type hsm2m.medium. Added
supported for creating a cluster in FIPS or NON_FIPS mode.
* api-change:`glue`: This release adds support for configuration of evaluation
method for composite rules in Glue Data Quality rulesets.
* api-change:`iotwireless`: Add RoamingDeviceSNR and RoamingDeviceRSSI to
Customer Metrics.
* api-change:`kms`: This feature allows customers to use their keys stored in
KMS to derive a shared secret which can then be used to establish a secured
channel for communication, provide proof of possession, or establish trust
with other parties.
* api-change:`mediapackagev2`: This release adds support for CMAF ingest
(DASH-IF live media ingest protocol interface 1)
* from version 1.33.7
* api-change:`apptest`: AWS Mainframe Modernization Application Testing is an
AWS Mainframe Modernization service feature that automates functional
equivalence testing for mainframe application modernization and migration to
AWS, and regression testing.
* api-change:`ec2`: Tagging support for Traffic Mirroring FilterRule resource
* api-change:`osis`: SDK changes for self-managed vpc endpoint to OpenSearch
ingestion pipelines.
* api-change:`redshift`: Updates to remove DC1 and DS2 node types.
* api-change:`secretsmanager`: Introducing RotationToken parameter for
PutSecretValue API
* api-change:`securitylake`: This release updates request validation regex to
account for non-commercial aws partitions.
* api-change:`sesv2`: This release adds support for Amazon EventBridge as an
email sending events destination.
* from version 1.33.6
* api-change:`accessanalyzer`: IAM Access Analyzer now provides policy
recommendations to help resolve unused permissions for IAM roles and users.
Additionally, IAM Access Analyzer now extends its custom policy checks to
detect when IAM policies grant public access or access to critical resources
ahead of deployments.
* api-change:`guardduty`: Added API support for GuardDuty Malware Protection
for S3.
* api-change:`networkmanager`: This is model changes & documentation update
for Service Insertion feature for AWS Cloud WAN. This feature allows
insertion of AWS/3rd party security services on Cloud WAN. This allows to
steer inter/intra segment traffic via security appliances and provide
visibility to the route updates.
* api-change:`pca-connector-scep`: Connector for SCEP allows you to use a
managed, cloud CA to enroll mobile devices and networking gear. SCEP is a
widely-adopted protocol used by mobile device management (MDM) solutions for
enrolling mobile devices. With the connector, you can use AWS Private CA
with popular MDM solutions.
* api-change:`sagemaker`: Introduced Scope and
AuthenticationRequestExtraParams to SageMaker Workforce OIDC configuration;
this allows customers to modify these options for their private Workforce
IdP integration. Model Registry Cross-account model package groups are
discoverable.
* from version 1.33.5
* api-change:`application-signals`: This is the initial SDK release for Amazon
CloudWatch Application Signals. Amazon CloudWatch Application Signals
provides curated application performance monitoring for developers to
monitor and troubleshoot application health using pre-built dashboards and
Service Level Objectives.
* api-change:`ecs`: This release introduces a new cluster configuration to
support the customer-managed keys for ECS managed storage encryption.
* api-change:`imagebuilder`: This release updates the regex pattern for Image
Builder ARNs.
* Refresh patches for new version
* Update Requires from setup.py

* Update to 1.33.4

* api-change:`auditmanager`: New feature: common controls. When creating
custom controls, you can now use pre-grouped AWS data sources based on
common compliance themes. Also, the awsServices parameter is deprecated
because we now manage services in scope for you. If used, the input is
ignored and an empty list is returned.
* api-change:`b2bi`: Added exceptions to B2Bi List operations and
ConflictException to B2Bi StartTransformerJob operation. Also made
capabilities field explicitly required when creating a Partnership.
* api-change:`codepipeline`: CodePipeline now supports overriding S3 Source
Object Key during StartPipelineExecution, as part of Source Overrides.
* api-change:`sagemaker`: This release introduces a new optional parameter:
InferenceAmiVersion, in ProductionVariant.
* api-change:`verifiedpermissions`: This release adds OpenIdConnect (OIDC)
configuration support for IdentitySources, allowing for external IDPs to be
used in authorization requests.
* from version 1.33.3
* api-change:`account`: This release adds 3 new APIs
(AcceptPrimaryEmailUpdate, GetPrimaryEmail, and StartPrimaryEmailUpdate)
used to centrally manage the root user email address of member accounts
within an AWS organization.
* api-change:`firehose`: Adds integration with Secrets Manager for Redshift,
Splunk, HttpEndpoint, and Snowflake destinations
* api-change:`fsx`: This release adds support to increase metadata performance
on FSx for Lustre file systems beyond the default level provisioned when a
file system is created. This can be done by specifying MetadataConfiguration
during the creation of Persistent_2 file systems or by updating it on
demand.
* api-change:`glue`: This release adds support for creating and updating Glue
Data Catalog Views.
* api-change:`iotwireless`: Adds support for wireless device to be in Conflict
FUOTA Device Status due to a FUOTA Task, so it couldn't be attached to a new
one.
* api-change:`location`: Added two new APIs, VerifyDevicePosition and
ForecastGeofenceEvents. Added support for putting larger geofences up to
100,000 vertices with Geobuf fields.
* api-change:`sns`: Doc-only update for SNS. These changes include customer-
reported issues and TXC3 updates.
* api-change:`sqs`: Doc only updates for SQS. These updates include customer-
reported issues and TCX3 modifications.
* api-change:`storagegateway`: Adds SoftwareUpdatePreferences to
DescribeMaintenanceStartTime and UpdateMaintenanceStartTime, a structure
which contains AutomaticUpdatePolicy.
* from version 1.33.2
* api-change:`globalaccelerator`: This release contains a new optional ip-
addresses input field for the update accelerator and update custom routing
accelerator apis. This input enables consumers to replace IPv4 addresses on
existing accelerators with addresses provided in the input.
* api-change:`glue`: AWS Glue now supports native SaaS connectivity:
Salesforce connector available now
* api-change:`s3`: Added new params copySource and key to copyObject API for
supporting S3 Access Grants plugin. These changes will not change any of the
existing S3 API functionality.
* bugfix:emr customization: Update the EC2 service principal when creating the
trust policy for EMR default roles to always be ec2.amazonaws.com.
* from version 1.33.1
* api-change:`ec2`: U7i instances with up to 32 TiB of DDR5 memory and 896
vCPUs are now available. C7i-flex instances are launched and are lower-
priced variants of the Amazon EC2 C7i instances that offer a baseline level
of CPU performance with the ability to scale up to the full compute
performance 95% of the time.
* api-change:`pipes`: This release adds Timestream for LiveAnalytics as a
supported target in EventBridge Pipes
* api-change:`sagemaker`: Extend DescribeClusterNode response with private DNS
hostname and IP address, and placement information about availability zone
and availability zone ID.
* api-change:`taxsettings`: Initial release of AWS Tax Settings API
* from version 1.33.0
* api-change:`amplify`: This doc-only update identifies fields that are
specific to Gen 1 and Gen 2 applications.
* api-change:`batch`: This release adds support for the AWS Batch
GetJobQueueSnapshot API operation.
* api-change:`eks`: Adds support for EKS add-ons pod identity associations
integration
* api-change:`iottwinmaker`: Support RESET_VALUE UpdateType for
PropertyUpdates to reset property value to default or null
* feature:logs start-live-tail: Adds support for starting a live tail
streaming session for one or more log groups.
* from version 1.32.117
* api-change:`codebuild`: AWS CodeBuild now supports Self-hosted GitHub
Actions runners for Github Enterprise
* api-change:`codeguru-security`: This release includes minor model updates
and documentation updates.
* api-change:`elasticache`: Update to attributes of TestFailover and minor
revisions.
* api-change:`launch-wizard`: This release adds support for describing
workload deployment specifications, deploying additional workload types, and
managing tags for Launch Wizard resources with API operations.
* from version 1.32.116
* api-change:`acm`: add v2 smoke tests and smithy smokeTests trait for SDK
testing.
* api-change:`bedrock-agent`: With this release, Knowledge bases for Bedrock
adds support for Titan Text Embedding v2.
* api-change:`bedrock-runtime`: This release adds Converse and ConverseStream
APIs to Bedrock Runtime
* api-change:`cloudtrail`: CloudTrail Lake returns PartitionKeys in the
GetEventDataStore API response. Events are grouped into partitions based on
these keys for better query performance. For example, the calendarday key
groups events by day, while combining the calendarday key with the hour key
groups them by day and hour.
* api-change:`connect`: Adding associatedQueueIds as a SearchCriteria and
response field to the SearchRoutingProfiles API
* api-change:`emr-serverless`: The release adds support for spark structured
streaming.
* api-change:`rds`: Updates Amazon RDS documentation for Aurora Postgres
DBname.
* api-change:`sagemaker`: Adds Model Card information as a new component to
Model Package. Autopilot launches algorithm selection for TimeSeries
modality to generate AutoML candidates per algorithm.
* bugfix:`ssm start-session`: Only provide profile name to session-manager-
plugin if provided using --profile flag
* from version 1.32.115
* api-change:`athena`: Throwing validation errors on CreateNotebook with Name
containing `/`,`:`,`\`
* api-change:`codebuild`: AWS CodeBuild now supports manually creating GitHub
webhooks
* api-change:`connect`: This release includes changes to DescribeContact API's
response by including ConnectedToSystemTimestamp, RoutingCriteria, Customer,
Campaign, AnsweringMachineDetectionStatus, CustomerVoiceActivity,
QualityMetrics, DisconnectDetails, and SegmentAttributes information from a
contact in Amazon Connect.
* api-change:`glue`: Add optional field JobMode to CreateJob and UpdateJob
APIs.
* api-change:`securityhub`: Add ROOT type for TargetType model
* from version 1.32.114
* api-change:`dynamodb`: Doc-only update for DynamoDB. Specified the IAM
actions needed to authorize a user to create a table with a resource-based
policy.
* api-change:`ec2`: Providing support to accept BgpAsnExtended attribute
* api-change:`kafka`: Adds ControllerNodeInfo in ListNodes response to support
Raft mode for MSK
* api-change:`swf`: This release adds new APIs for deleting activity type and
workflow type resources.
* from version 1.32.113
* api-change:`dynamodb`: Documentation only updates for DynamoDB.
* api-change:`iotfleetwise`: AWS IoT FleetWise now supports listing vehicles
with attributes filter, ListVehicles API is updated to support additional
attributes filter.
* api-change:`managedblockchain`: This is a minor documentation update to
address the impact of the shut down of the Goerli and Polygon networks.
* from version 1.32.112
* api-change:`emr-serverless`: This release adds the capability to run
interactive workloads using Apache Livy Endpoint.
* api-change:`opsworks`: Documentation-only update for OpsWorks Stacks.
* from version 1.32.111
* api-change:`chatbot`: This change adds support for tagging Chatbot
configurations.
* api-change:`cloudformation`: Added DeletionMode FORCE_DELETE_STACK for
deleting a stack that is stuck in DELETE_FAILED state due to resource
deletion failure.
* api-change:`kms`: This release includes feature to import customer's
asymmetric (RSA, ECC and SM2) and HMAC keys into KMS in China.
* api-change:`opensearch`: This release adds support for enabling or disabling
a data source configured as part of Zero-ETL integration with Amazon S3, by
setting its status.
* api-change:`wafv2`: You can now use Security Lake to collect web ACL traffic
data.
* from version 1.32.110
* api-change:`cloudfront`: Model update; no change to SDK functionality.
* api-change:`glue`: Add Maintenance window to CreateJob and UpdateJob APIs
and JobRun response. Add a new Job Run State for EXPIRED.
* api-change:`lightsail`: This release adds support for Amazon Lightsail
instances to switch between dual-stack or IPv4 only and IPv6-only public IP
address types.
* api-change:`mailmanager`: This release includes a new Amazon SES feature
called Mail Manager, which is a set of email gateway capabilities designed
to help customers strengthen their organization's email infrastructure,
simplify email workflow management, and streamline email compliance control.
* api-change:`pi`: Performance Insights added a new input parameter called
AuthorizedActions to support the fine-grained access feature. Performance
Insights also restricted the acceptable input characters.
* api-change:`rds`: Updates Amazon RDS documentation for Db2 license through
AWS Marketplace.
* api-change:`storagegateway`: Added new SMBSecurityStrategy enum named
MandatoryEncryptionNoAes128, new mode enforces encryption and disables AES
128-bit algorithums.
* from version 1.32.109
* api-change:`bedrock-agent`: This release adds support for using Guardrails
with Bedrock Agents.
* api-change:`bedrock-agent-runtime`: This release adds support for using
Guardrails with Bedrock Agents.
* api-change:`controltower`: Added ListControlOperations API and filtering
support for ListEnabledControls API. Updates also includes added metadata
for enabled controls and control operations.
* api-change:`osis`: Add support for creating an OpenSearch Ingestion pipeline
that is attached to a provided VPC. Add information about the destinations
of an OpenSearch Ingestion pipeline to the GetPipeline and ListPipelines
APIs.
* api-change:`rds`: This release adds support for EngineLifecycleSupport on
DBInstances, DBClusters, and GlobalClusters.
* api-change:`secretsmanager`: add v2 smoke tests and smithy smokeTests trait
for SDK testing
* from version 1.32.108
* api-change:`application-autoscaling`: add v2 smoke tests and smithy
smokeTests trait for SDK testing.
* api-change:`codebuild`: Aws CodeBuild now supports 36 hours build timeout
* api-change:`elbv2`: This release adds dualstack-without-public-ipv4 IP
address type for ALB.
* api-change:`lakeformation`: Introduces a new API, GetDataLakePrincipal, that
returns the identity of the invoking principal
* api-change:`transfer`: Enable use of CloudFormation traits in Smithy model
to improve generated CloudFormation schema from the Smithy API model.
* from version 1.32.107
* api-change:`acm-pca`: This release adds support for waiters to fail on
AccessDeniedException when having insufficient permissions
* api-change:`connect`: Adding Contact Flow metrics to the GetMetricDataV2 API
* api-change:`kafka`: AWS MSK support for Broker Removal.
* api-change:`mwaa`: Amazon MWAA now supports Airflow web server auto scaling
to automatically handle increased demand from REST APIs, Command Line
Interface (CLI), or more Airflow User Interface (UI) users. Customers can
specify maximum and minimum web server instances during environment creation
and update workflow.
* api-change:`quicksight`: This release adds DescribeKeyRegistration and
UpdateKeyRegistration APIs to manage QuickSight Customer Managed Keys (CMK).
* api-change:`sagemaker`: Introduced WorkerAccessConfiguration to SageMaker
Workteam. This allows customers to configure resource access for workers in
a workteam.
* api-change:`secretsmanager`: Documentation updates for AWS Secrets Manager
* from version 1.32.106
* api-change:`bedrock-agent-runtime`: Updating Bedrock Knowledge Base Metadata
& Filters feature with two new filters listContains and stringContains
* api-change:`codebuild`: CodeBuild Reserved Capacity VPC Support
* api-change:`datasync`: Task executions now display a CANCELLING status when
an execution is in the process of being cancelled.
* api-change:`grafana`: This release adds new ServiceAccount and
ServiceAccountToken APIs.
* api-change:`medical-imaging`: Added support for importing medical imaging
data from Amazon S3 buckets across accounts and regions.
* api-change:`securityhub`: Documentation-only update for AWS Security Hub
* Refresh patches for new version
* Update Requires from setup.py

* Update to 1.32.105

* api-change:`connect`: Amazon Connect provides enhanced search capabilities
for flows & flow modules on the Connect admin website and programmatically
using APIs. You can search for flows and flow modules by name, description,
type, status, and tags, to filter and identify a specific flow in your
Connect instances.
* api-change:`s3`: Updated a few x-id in the http uri traits
* from version 1.32.104
* api-change:`events`: Amazon EventBridge introduces KMS customer-managed key
(CMK) encryption support for custom and partner events published on
EventBridge Event Bus (including default bus) and UpdateEventBus API.
* api-change:`vpc-lattice`: This release adds TLS Passthrough support. It also
increases max number of target group per rule to 10.
* from version 1.32.103
* api-change:`discovery`: add v2 smoke tests and smithy smokeTests trait for
SDK testing
* api-change:`greengrassv2`: Mark ComponentVersion in
ComponentDeploymentSpecification as required.
* api-change:`sagemaker`: Introduced support for G6 instance types on
Sagemaker Notebook Instances and on SageMaker Studio for JupyterLab and
CodeEditor applications.
* api-change:`sso-oidc`: Updated request parameters for PKCE support.
* from version 1.32.102
* api-change:`bedrock-agent-runtime`: This release adds support to provide
guardrail configuration and modify inference parameters that are then used
in RetrieveAndGenerate API in Agents for Amazon Bedrock.
* api-change:`pinpoint`: This release adds support for specifying email
message headers for Email Templates, Campaigns, Journeys and Send Messages.
* api-change:`route53resolver`: Update the DNS Firewall settings to correct a
spelling issue.
* api-change:`ssm-sap`: Added support for application-aware start/stop of SAP
applications running on EC2 instances, with SSM for SAP
* api-change:`verifiedpermissions`: Adds policy effect and actions fields to
Policy API's.
* from version 1.32.101
* api-change:`cognito-idp`: Add EXTERNAL_PROVIDER enum value to
UserStatusType.
* api-change:`ec2`: Adding Precision Hardware Clock (PHC) to public API
DescribeInstanceTypes
* api-change:`ecr`: This release adds pull through cache rules support for
GitLab container registry in Amazon ECR.
* api-change:`fms`: The policy scope resource tag is always a string value,
either a non-empty string or an empty string.
* api-change:`polly`: Add new engine - generative - that builds the most
expressive conversational voices.
* api-change:`sqs`: This release adds MessageSystemAttributeNames to
ReceiveMessageRequest to replace AttributeNames.
* from version 1.32.100
* api-change:`b2bi`: Documentation update to clarify the MappingTemplate
definition.
* api-change:`budgets`: This release adds tag support for budgets and budget
actions.
* api-change:`resiliencehub`: AWS Resilience Hub has expanded its drift
detection capabilities by introducing a new type of drift detection -
application resource drift. This new enhancement detects changes, such as
the addition or deletion of resources within the application's input
sources.
* api-change:`route53profiles`: Doc only update for Route 53 profiles that
fixes some link issues
* from version 1.32.99
* api-change:`medialive`: AWS Elemental MediaLive now supports configuring how
SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output
groups. Previously, messages triggered breaks in all these output groups.
The new option is to trigger segment breaks only in groups that have SCTE 35
passthrough enabled.
* from version 1.32.98
* api-change:`bedrock-agent`: This release adds support for using Provisioned
Throughput with Bedrock Agents.
* api-change:`connect`: This release adds 5 new APIs for managing attachments:
StartAttachedFileUpload, CompleteAttachedFileUpload, GetAttachedFile,
BatchGetAttachedFileMetadata, DeleteAttachedFile. These APIs can be used to
programmatically upload and download attachments to Connect resources, like
cases.
* api-change:`connectcases`: This feature supports the release of Files
related items
* api-change:`datasync`: Updated guidance on using private or self-signed
certificate authorities (CAs) with AWS DataSync object storage locations.
* api-change:`inspector2`: This release adds CSV format to GetCisScanReport
for Inspector v2
* api-change:`sagemaker`: Amazon SageMaker Inference now supports m6i, c6i,
r6i, m7i, c7i, r7i and g5 instance types for Batch Transform Jobs
* api-change:`sesv2`: Adds support for specifying replacement headers per
BulkEmailEntry in SendBulkEmail in SESv2.
* from version 1.32.97
* api-change:`dynamodb`: This release adds support to specify an optional,
maximum OnDemandThroughput for DynamoDB tables and global secondary indexes
in the CreateTable or UpdateTable APIs. You can also override the
OnDemandThroughput settings by calling the ImportTable,
RestoreFromPointInTime, or RestoreFromBackup APIs.
* api-change:`ec2`: This release includes a new API for retrieving the public
endorsement key of the EC2 instance's Nitro Trusted Platform Module
(NitroTPM).
* api-change:`personalize`: This releases ability to delete users and their
data, including their metadata and interactions data, from a dataset group.
* api-change:`redshift-serverless`: Update Redshift Serverless List Scheduled
Actions Output Response to include Namespace Name.
* from version 1.32.96
* api-change:`bedrock-agent`: This release adds support for using MongoDB
Atlas as a vector store when creating a knowledge base.
* api-change:`ec2`: Documentation updates for Amazon EC2.
* api-change:`personalize-runtime`: This release adds support for a Reason
attribute for predicted items generated by User-Personalization-v2.
* api-change:`securityhub`: Updated CreateMembers API request with limits.
* api-change:`sesv2`: Fixes ListContacts and ListImportJobs APIs to use POST
instead of GET.
* from version 1.32.95
* api-change:`chime-sdk-voice`: Due to changes made by the Amazon Alexa
service, GetSipMediaApplicationAlexaSkillConfiguration and
PutSipMediaApplicationAlexaSkillConfiguration APIs are no longer available
for use. For more information, refer to the Alexa Smart Properties page.
* api-change:`codeartifact`: Add support for the Ruby package format.
* api-change:`fms`: AWS Firewall Manager now supports the network firewall
service stream exception policy feature for accounts within your
organization.
* api-change:`omics`: Add support for workflow sharing and dynamic run storage
* api-change:`opensearch`: This release enables customers to create Route53 A
and AAAA alias record types to point custom endpoint domain to OpenSearch
domain's dualstack search endpoint.
* api-change:`pinpoint-sms-voice-v2`: Amazon Pinpoint has added two new
features Multimedia services (MMS) and protect configurations. Use the three
new MMS APIs to send media messages to a mobile phone which includes image,
audio, text, or video files. Use the ten new protect configurations APIs to
block messages to specific countries.
* api-change:`qbusiness`: This is a general availability (GA) release of
Amazon Q Business. Q Business enables employees in an enterprise to get
comprehensive answers to complex questions and take actions through a
unified, intuitive web-based chat experience - using an enterprise's
existing content, data, and systems.
* api-change:`quicksight`: New Q embedding supporting Generative Q&A
* api-change:`route53resolver`: Release of FirewallDomainRedirectionAction
parameter on the Route 53 DNS Firewall Rule. This allows customers to
configure a DNS Firewall rule to inspect all the domains in the DNS
redirection chain (default) , such as CNAME, ALIAS, DNAME, etc., or just the
first domain and trust the rest.
* api-change:`sagemaker`: Amazon SageMaker Training now supports the use of
attribute-based access control (ABAC) roles for training job execution
roles. Amazon SageMaker Inference now supports G6 instance types.
* api-change:`signer`: Documentation updates for AWS Signer. Adds cross-
account signing constraint and definitions for cross-account actions.
* from version 1.32.94
* api-change:`amplify`: Updating max results limit for listing any resources
(Job, Artifacts, Branch, BackendResources, DomainAssociation) to 50 with the
exception of list apps that where max results can be up to 100.
* api-change:`connectcases`: This feature releases DeleteField, DeletedLayout,
and DeleteTemplate API's
* api-change:`inspector2`: Update Inspector2 to include new Agentless API
parameters.
* api-change:`timestream-query`: This change allows users to update and
describe account settings associated with their accounts.
* api-change:`transcribe`: This update provides error messaging for generative
call summarization in Transcribe Call Analytics
* api-change:`trustedadvisor`: This release adds the
BatchUpdateRecommendationResourceExclusion API to support batch updates of
Recommendation Resource exclusion statuses and introduces a new exclusion
status filter to the ListRecommendationResources and
ListOrganizationRecommendationResources APIs.
* from version 1.32.93
* api-change:`codepipeline`: Add ability to manually and automatically roll
back a pipeline stage to a previously successful execution.
* api-change:`cognito-idp`: Add LimitExceededException to SignUp errors
* api-change:`connectcampaigns`: This release adds support for specifying if
Answering Machine should wait for prompt sound.
* api-change:`marketplace-entitlement`: Releasing minor endpoint updates.
* api-change:`oam`: This release introduces support for Source Accounts to
define which Metrics and Logs to share with the Monitoring Account
* api-change:`rds`: SupportsLimitlessDatabase field added to describe-db-
engine-versions to indicate whether the DB engine version supports Aurora
Limitless Database.
* api-change:`support`: Releasing minor endpoint updates.
* enhancement:dependency: Bump upper bound of colorama to

OpenSSL update for Slackware

Go Cryptography and Fetchmail updates for Ubuntu

LibXSLT, AWS-CLI, Kernel, and more updates for SUSE

SUSE-SU-2025:3743-1: important: Security update for libxslt

SUSE-SU-2025:3744-1: important: Security update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest ...

Windows

Linux

macOS

Community