diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo
deleted file mode 100644
index 01fbc87..0000000
--- a/_scmsync.obsinfo
+++ /dev/null
@@ -1,4 +0,0 @@
-mtime: 1764757918
-commit: 9be48396ff34661becca0a625465081e14bcc00512524f8c5226658c82082fac
-url: https://src.opensuse.org/dirkmueller/trivy.git
-revision: factory
diff --git a/_service b/_service
index 93914b9..02d4544 100644
--- a/_service
+++ b/_service
@@ -2,7 +2,7 @@
https://github.com/aquasecurity/trivy
git
- v0.68.1
+ v0.69.0
@PARENT_TAG@
v(.*)
enable
diff --git a/_servicedata b/_servicedata
index ff87fae..f141382 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
https://github.com/aquasecurity/trivy
- 96290ae3fb1d974fd2f9ec7e37cee43f6b7f1511
\ No newline at end of file
+ 8fb9191a07f5d92cb6088a8637b1001a2a7ad604
\ No newline at end of file
diff --git a/build.specials.obscpio b/build.specials.obscpio
deleted file mode 100644
index ae52f01..0000000
--- a/build.specials.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4f7160b80beafd405e1c4979b85b212e11ad10c356dc62da53c6276ebcd5ad8b
-size 256
diff --git a/trivy-0.68.1.tar.zst b/trivy-0.68.1.tar.zst
deleted file mode 100644
index 2454dfd..0000000
--- a/trivy-0.68.1.tar.zst
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:de79a513a649ad495e0f118f91d453ffbc598ab3231eb10fcf2b0d8818c159b5
-size 52162645
diff --git a/trivy-0.69.0.tar.zst b/trivy-0.69.0.tar.zst
new file mode 100644
index 0000000..cca2704
--- /dev/null
+++ b/trivy-0.69.0.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:14611f0d3383027aadb8bfdbc8f60bf74c9c8c2e11f619d5ff32354bcd040a2e
+size 52203690
diff --git a/trivy.changes b/trivy.changes
index fafbd87..cd5516f 100644
--- a/trivy.changes
+++ b/trivy.changes
@@ -1,3 +1,84 @@
+-------------------------------------------------------------------
+Mon Feb 02 10:31:54 UTC 2026 - Dirk Müller
+
+- Update to version 0.69.0 (bsc#1255366, CVE-2025-64702):
+ * release: v0.69.0 [main] (#9886)
+ * chore: bump trivy-checks to v2 (#9875)
+ * chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.1 to 2.4.1 (#10091)
+ * fix(repo): return a nil interface for gitAuth if missing (#10097)
+ * fix(java): correctly inherit properties from parent fields for pom.xml files (#9111)
+ * fix(rust): implement version inheritance for Cargo mono repos (#10011)
+ * feat(activestate): add support ActiveState images (#10081)
+ * feat(vex): support per-repo tls configuration (#10030)
+ * refactor: allow per-request transport options override (#10083)
+ * chore(deps): bump github.com/sigstore/rekor from 1.4.3 to 1.5.0 (#10084)
+ * chore(deps): bump github.com/sigstore/sigstore from 1.10.3 to 1.10.4 (#10085)
+ * fix(java): correctly propagate repositories from upper POMs to dependencies (#10077)
+ * feat(rocky): enable modular package vulnerability detection (#10069)
+ * chore(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.3.0 to 2.3.1 (#10079)
+ * docs: fix mistake in config file example for skip-dirs/skip-files flag (#10070)
+ * feat(report): add Trivy version to JSON output (#10065)
+ * fix(rust): add cargo workspace members glob support (#10032)
+ * feat: add AnalyzedBy field to track which analyzer detected packages (#10059)
+ * fix: use canonical SPDX license IDs from embeded licenses.json (#10053)
+ * docs: fix link to Docker Image Specification (#10057)
+ * feat(secret): add detection for Symfony default secret key (#9892)
+ * refactor(misconf): move common logic to base value and simplify typed values (#9986)
+ * fix(java): add hash of GAV+root pom file path for pkgID for packages from pom.xml files (#9880)
+ * feat(misconf): use Terraform plan configuration to partially restore schema (#9623)
+ * feat(misconf): add action block to Terraform schema (#10035)
+ * fix(misconf): correct typos in block and attribute names (#9993)
+ * test(misconf): simplify test values using *Test helpers (#9985)
+ * fix(misconf): safely parse rotation_period in google_kms_crypto_key (#9980)
+ * feat(misconf): support for ARM resources defined as an object (#9959)
+ * feat(misconf): support for azurerm_*_web_app (#9944)
+ * test: migrate private test helpers to `export_test.go` convention (#10043)
+ * chore(deps): bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.6.2 (#10048)
+ * fix(secret): improve word boundary detection for Hugging Face tokens (#10046)
+ * fix(go): use ldflags version for all pseudo-versions (#10037)
+ * chore: switch to ID from AVDID in internal and user-facing fields (#9655)
+ * refactor(misconf)!: use ID instead of AVDID for providers mapping (#9752)
+ * fix: move enum into items for array-type fields in JSON Schema (#10039)
+ * docs: fix incorrect documentation URLs (#10038)
+ * feat(sbom): exclude PEP 770 SBOMs in .dist-info/sboms/ (#10033)
+ * fix(docker): fix non-det scan results for images with embedded SBOM (#9866)
+ * chore(deps): bump the github-actions group with 11 updates (#10001)
+ * test: fix assertion after 2026 roll over (#10002)
+ * fix(vuln): skip vulns detection for CentOS Stream family without scan failure (#9964)
+ * fix(license): normalize licenses for PostAnalyzers (#9941)
+ * feat(nodejs): parse licenses from `package-lock.json` file (#9983)
+ * chore: update reference links to Go Wiki (#9987)
+ * refactor: add xslices.Map and replace lo.Map usages (#9984)
+ * fix(image): race condition in image artifact inspection (#9966)
+ * feat(flag): add JSON Schema for trivy.yaml configuration file (#9971)
+ * refactor(debian): use txtar format for test data (#9957)
+ * chore(deps): bump `golang.org/x/tools` to `v0.40.0` + `gopls` to `v0.21.0` (#9973)
+ * feat(rootio): Update trivy db to support usage of Severity from root.io feed (#9930)
+ * feat(vuln): skip vulnerability scanning for third-party packages in Debian/Ubuntu (#9932)
+ * docs: add info that `--file-pattern` flag doesn't disable default behaviuor (#9961)
+ * perf(misconf): optimize string concatenation in azure scanner (#9969)
+ * chore: add client option to install script (#9962)
+ * ci(helm): bump Trivy version to 0.68.2 for Trivy Helm Chart 0.20.1 (#9956)
+ * chore(deps): bump github.com/quic-go/quic-go from 0.54.1 to 0.57.0 (#9952)
+ * docs: update binary signature verification for sigstore bundles (#9929)
+ * chore(deps): bump alpine from `3.22.1` to `3.23.0` (#9935)
+ * chore(alpine): add EOL date for alpine 3.23 (#9934)
+ * feat(cloudformation): add support for Fn::ForEach (#9508)
+ * ci: enable `check-latest` for `setup-go` (#9931)
+ * feat(debian): detect third-party packages using maintainer list (#9917)
+ * fix(vex): add CVE-2025-66564 as not_affected into Trivy VEX file (#9924)
+ * feat(helm): add sslCertDir parameter (#9697)
+ * fix(misconf): respect .yml files when Helm charts are detected (#9912)
+ * feat(php): add support for dev dependencies in Composer (#9910)
+ * chore(deps): bump the common group across 1 directory with 9 updates (#9903)
+ * chore(deps): bump github.com/docker/cli from 29.0.3+incompatible to 29.1.1+incompatible in the docker group (#9859)
+ * fix: remove trailing tab in statefulset template (#9889)
+ * feat(julia): enable vulnerability scanning for the Julia language ecosystem (#9800)
+ * feat(misconf): initial ansible scanning support (#9332)
+ * feat(misconf): Update Azure Database schema (#9811)
+ * ci(helm): bump Trivy version to 0.68.1 for Trivy Helm Chart 0.20.0 (#9869)
+ * chore: update the install script (#9874)
+
-------------------------------------------------------------------
Wed Dec 03 10:23:46 UTC 2025 - Dirk Müller
diff --git a/trivy.spec b/trivy.spec
index afce6f0..e9eb2a3 100644
--- a/trivy.spec
+++ b/trivy.spec
@@ -17,7 +17,7 @@
Name: trivy
-Version: 0.68.1
+Version: 0.69.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
diff --git a/vendor.tar.zst b/vendor.tar.zst
index 4384efd..2923a5f 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:eecc750ffe8a863533cde96e35f6e85317ea60b9be56a4095e4167a78cc7f49c
-size 42000488
+oid sha256:322051fc3e10df084055d2428e7c5a2eb7fd4cf562a744b4c9e6c3610e3b4b87
+size 43054740