openSUSE Security Announce
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
November 2022
- 2 participants
- 149 discussions
SUSE-SU-2022:4166-1: important: Security update for java-1_8_0-ibm
by opensuse-security@opensuse.org 22 Nov '22
by opensuse-security@opensuse.org 22 Nov '22
22 Nov '22
SUSE Security Update: Security update for java-1_8_0-ibm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4166-1
Rating: important
References: #1201684 #1201685 #1201692 #1201694 #1202427
#1204468 #1204471 #1204472 #1204473 #1204475
#1204480 #1205302
Cross-References: CVE-2022-21540 CVE-2022-21541 CVE-2022-21549
CVE-2022-21618 CVE-2022-21619 CVE-2022-21624
CVE-2022-21626 CVE-2022-21628 CVE-2022-34169
CVE-2022-39399
CVSS scores:
CVE-2022-21540 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21540 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21541 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-21541 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-21549 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21549 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21618 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21618 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21626 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21626 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-34169 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-34169 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-39399 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-39399 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 10 vulnerabilities and has two fixes
is now available.
Description:
This update for java-1_8_0-ibm fixes the following issues:
- CVE-2022-21626: An unauthenticated attacker with network access via
HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204471).
- CVE-2022-21618: An unauthenticated attacker with network access via
Kerberos can compromise Oracle Java SE, Oracle GraalVM Enterprise
Edition (bsc#1204468).
- CVE-2022-21619: An unauthenticated attacker with network access via
multiple protocols to compromise Oracle Java SE (bsc#1204473).
- CVE-2022-21628: An unauthenticated attacker with network access via HTTP
can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204472).
- CVE-2022-21624: An unauthenticated attacker with network access via
multiple protocols to compromise Oracle Java SE, Oracle GraalVM
Enterprise (bsc#1204475).
- CVE-2022-39399: An unauthenticated attacker with network access via HTTP
can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204480).
- CVE-2022-21549: Fixed exponentials issue (bsc#1201685).
- CVE-2022-21541: Fixed an improper restriction of
MethodHandle.invokeBasic() (bsc#1201692).
- CVE-2022-34169; Fixed an integer truncation issue in Xalan (bsc#1201684).
- CVE-2022-21540: Fixed a class compilation issue (bsc#1201694).
- Update to Java 8.0 Service Refresh 7 Fix Pack 20.
* Security:
- The IBM ORB Does Not Support Object-Serialisation Data Filtering
- Large Allocation In CipherSuite
- Avoid Evaluating Sslalgorithmconstraints Twice
- Cache The Results Of Constraint Checks
- An incorrect ShortBufferException is thrown by IBMJCEPlus,
IBMJCEPlusFIPS during cipher update operation
- Disable SHA-1 Signed Jars For Ea
- JSSE Performance Improvement
- Oracle Road Map Kerberos Deprecation Of 3DES And RC4 Encryption
* Java 8/Orb:
- Upgrade ibmcfw.jar To Version o2228.02
* Class Libraries:
- Crash In Libjsor.So During An Rdma Failover
- High CPU Consumption Observed In ZosEventPort$EventHandlerTask.run
- Update Timezone Information To The Latest tzdata2022c
* Jit Compiler:
- Crash During JIT Compilation
- Incorrect JIT Optimization Of Java Code
- Incorrect Return From Class.isArray()
- Unexpected ClassCastException
- Performance Regression When Calling VM Helper Code On X86
* X/Os Extentions:
- Add RSA-OAEP Cipher Function To IBMJCECCA
- Update to Java 8.0 Service Refresh 7 Fix Pack 16
* Java Virtual Machine
- Assertion failure at ClassLoaderRememberedSet.cpp
- Assertion failure at StandardAccessBarrier.cpp when
-Xgc:concurrentScavenge is set.
- GC can have unflushed ownable synchronizer objects which can
eventually lead to heap corruption and failure when
-Xgc:concurrentScavenge is set.
* JIT Compiler:
- Incorrect JIT optimization of Java code
- JAVA JIT Power: JIT compile time assert on AIX or LINUXPPC
* Reliability and Serviceability:
- javacore with "kill -3" SIGQUIT signal freezes Java process
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4166=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4166=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4166=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4166=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4166=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4166=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4166=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4166=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4166=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4166=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4166=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4166=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-4166=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-4166=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4166=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4166=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-demo-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-src-1.8.0_sr7.20-150000.3.65.1
- openSUSE Leap 15.4 (x86_64):
java-1_8_0-ibm-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- openSUSE Leap 15.3 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-demo-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-src-1.8.0_sr7.20-150000.3.65.1
- openSUSE Leap 15.3 (x86_64):
java-1_8_0-ibm-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Server 4.1 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Proxy 4.1 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-LTSS (s390x):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Enterprise Storage 7 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Enterprise Storage 6 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE CaaS Platform 4.0 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
References:
https://www.suse.com/security/cve/CVE-2022-21540.html
https://www.suse.com/security/cve/CVE-2022-21541.html
https://www.suse.com/security/cve/CVE-2022-21549.html
https://www.suse.com/security/cve/CVE-2022-21618.html
https://www.suse.com/security/cve/CVE-2022-21619.html
https://www.suse.com/security/cve/CVE-2022-21624.html
https://www.suse.com/security/cve/CVE-2022-21626.html
https://www.suse.com/security/cve/CVE-2022-21628.html
https://www.suse.com/security/cve/CVE-2022-34169.html
https://www.suse.com/security/cve/CVE-2022-39399.html
https://bugzilla.suse.com/1201684
https://bugzilla.suse.com/1201685
https://bugzilla.suse.com/1201692
https://bugzilla.suse.com/1201694
https://bugzilla.suse.com/1202427
https://bugzilla.suse.com/1204468
https://bugzilla.suse.com/1204471
https://bugzilla.suse.com/1204472
https://bugzilla.suse.com/1204473
https://bugzilla.suse.com/1204475
https://bugzilla.suse.com/1204480
https://bugzilla.suse.com/1205302
1
0
SUSE-SU-2022:4167-1: important: Security update for krb5
by opensuse-security@opensuse.org 22 Nov '22
by opensuse-security@opensuse.org 22 Nov '22
22 Nov '22
SUSE Security Update: Security update for krb5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4167-1
Rating: important
References: #1205126
Cross-References: CVE-2022-42898
CVSS scores:
CVE-2022-42898 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for krb5 fixes the following issues:
- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4167=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4167=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4167=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4167=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4167=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4167=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
krb5-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-client-1.19.2-150300.7.7.1
krb5-client-debuginfo-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
krb5-devel-1.19.2-150300.7.7.1
krb5-mini-1.19.2-150300.7.7.1
krb5-mini-debuginfo-1.19.2-150300.7.7.1
krb5-mini-debugsource-1.19.2-150300.7.7.1
krb5-mini-devel-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.7.7.1
krb5-server-1.19.2-150300.7.7.1
krb5-server-debuginfo-1.19.2-150300.7.7.1
- openSUSE Leap 15.3 (x86_64):
krb5-32bit-1.19.2-150300.7.7.1
krb5-32bit-debuginfo-1.19.2-150300.7.7.1
krb5-devel-32bit-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.7.7.1
krb5-server-1.19.2-150300.7.7.1
krb5-server-debuginfo-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-client-1.19.2-150300.7.7.1
krb5-client-debuginfo-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
krb5-devel-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
krb5-32bit-1.19.2-150300.7.7.1
krb5-32bit-debuginfo-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
References:
https://www.suse.com/security/cve/CVE-2022-42898.html
https://bugzilla.suse.com/1205126
1
0
SUSE-SU-2022:4153-1: important: Security update for krb5
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for krb5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4153-1
Rating: important
References: #1205126
Cross-References: CVE-2022-42898
CVSS scores:
CVE-2022-42898 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for krb5 fixes the following issues:
- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4153=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4153=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4153=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4153=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4153=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
krb5-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150400.3.3.1
krb5-client-1.19.2-150400.3.3.1
krb5-client-debuginfo-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
krb5-devel-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-spake-1.19.2-150400.3.3.1
krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.3.1
krb5-server-1.19.2-150400.3.3.1
krb5-server-debuginfo-1.19.2-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
krb5-32bit-1.19.2-150400.3.3.1
krb5-32bit-debuginfo-1.19.2-150400.3.3.1
krb5-devel-32bit-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.3.1
krb5-server-1.19.2-150400.3.3.1
krb5-server-debuginfo-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150400.3.3.1
krb5-client-1.19.2-150400.3.3.1
krb5-client-debuginfo-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
krb5-devel-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
krb5-32bit-1.19.2-150400.3.3.1
krb5-32bit-debuginfo-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
krb5-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-42898.html
https://bugzilla.suse.com/1205126
1
0
SUSE-SU-2022:4141-1: important: Security update for grub2
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for grub2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4141-1
Rating: important
References: #1205178 #1205182
Cross-References: CVE-2022-2601 CVE-2022-3775
CVSS scores:
CVE-2022-2601 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3775 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for grub2 fixes the following issues:
- CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph
(bsc#1205178).
- CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182).
Other:
- Bump upstream SBAT generation to 3
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4141=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4141=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4141=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-4141=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4141=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4141=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
grub2-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
grub2-debugsource-2.06-150400.11.17.1
- openSUSE Leap Micro 5.3 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
grub2-x86_64-xen-2.06-150400.11.17.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
grub2-2.06-150400.11.17.1
grub2-branding-upstream-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
- openSUSE Leap 15.4 (aarch64 s390x x86_64):
grub2-debugsource-2.06-150400.11.17.1
- openSUSE Leap 15.4 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-arm64-efi-debug-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-i386-pc-debug-2.06-150400.11.17.1
grub2-powerpc-ieee1275-2.06-150400.11.17.1
grub2-powerpc-ieee1275-debug-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-systemd-sleep-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
grub2-x86_64-efi-debug-2.06-150400.11.17.1
grub2-x86_64-xen-2.06-150400.11.17.1
- openSUSE Leap 15.4 (s390x):
grub2-s390x-emu-2.06-150400.11.17.1
grub2-s390x-emu-debug-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
grub2-x86_64-xen-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
grub2-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 s390x x86_64):
grub2-debugsource-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-powerpc-ieee1275-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-systemd-sleep-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):
grub2-s390x-emu-2.06-150400.11.17.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
grub2-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
grub2-debugsource-2.06-150400.11.17.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
grub2-x86_64-xen-2.06-150400.11.17.1
- SUSE Linux Enterprise Micro 5.3 (s390x):
grub2-s390x-emu-2.06-150400.11.17.1
References:
https://www.suse.com/security/cve/CVE-2022-2601.html
https://www.suse.com/security/cve/CVE-2022-3775.html
https://bugzilla.suse.com/1205178
https://bugzilla.suse.com/1205182
1
0
SUSE-SU-2022:4146-1: moderate: Security update for binutils
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for binutils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4146-1
Rating: moderate
References: #1142579 #1185597 #1185712 #1188374 #1191473
#1193929 #1194783 #1197592 #1198237 #1202816
#1202966 #1202967 #1202969 PED-2029 PED-2030
PED-2031 PED-2032 PED-2033 PED-2034 PED-2035
PED-2038 SLE-25046 SLE-25047
Cross-References: CVE-2019-1010204 CVE-2021-3530 CVE-2021-3648
CVE-2021-3826 CVE-2021-45078 CVE-2021-46195
CVE-2022-27943 CVE-2022-38126 CVE-2022-38127
CVE-2022-38533
CVSS scores:
CVE-2019-1010204 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-1010204 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-3530 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3530 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3648 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3826 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3826 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CVE-2021-45078 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-45078 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-46195 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-46195 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-27943 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-27943 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38126 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38126 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38127 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38127 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38533 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38533 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 10 vulnerabilities, contains 10
features and has three fixes is now available.
Description:
This update for binutils fixes the following issues:
The following security bugs were fixed:
- CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcpp_file.h
(bsc#1142579).
- CVE-2021-3530: Fixed stack-based buffer overflow in demangle_path() in
rust-demangle.c (bsc#1185597).
- CVE-2021-3648: Fixed infinite loop while demangling rust symbols
(bsc#1188374).
- CVE-2021-3826: Fixed heap/stack buffer overflow in the dlang_lname
function in d-demangle.c (bsc#1202969).
- CVE-2021-45078: Fixed out-of-bounds write in stab_xcoff_builtin_type()
in stabs.c (bsc#1193929).
- CVE-2021-46195: Fixed uncontrolled recursion in
libiberty/rust-demangle.c (bsc#1194783).
- CVE-2022-27943: Fixed stack exhaustion in demangle_const in
(bsc#1197592).
- CVE-2022-38126: Fixed assertion fail in the display_debug_names()
function in binutils/dwarf.c (bsc#1202966).
- CVE-2022-38127: Fixed NULL pointer dereference in the
read_and_display_attr_value() function in binutils/dwarf.c (bsc#1202967).
- CVE-2022-38533: Fixed heap out-of-bounds read in bfd_getl32
(bsc#1202816).
The following non-security bugs were fixed:
- SLE toolchain update of binutils, update to 2.39 from 2.37.
- Update to 2.39:
* The ELF linker will now generate a warning message if the stack is
made executable. Similarly it will warn if the output binary contains
a segment with all three of the read, write and execute permission
bits set. These warnings are intended to help developers identify
programs which might be vulnerable to attack via these executable
memory regions. The warnings are enabled by default but can be
disabled via a command line option. It is also possible to build a
linker with the warnings disabled, should that be necessary.
* The ELF linker now supports a --package-metadata option that allows
embedding a JSON payload in accordance to the Package Metadata
specification.
* In linker scripts it is now possible to use TYPE=<type> in an output
section description to set the section type value.
* The objdump program now supports coloured/colored syntax highlighting
of its disassembler output for some architectures. (Currently: AVR,
RiscV, s390, x86, x86_64).
* The nm program now supports a --no-weak/-W option to make it ignore
weak symbols.
* The readelf and objdump programs now support a -wE option to prevent
them from attempting to access debuginfod servers when following links.
* The objcopy program's --weaken, --weaken-symbol, and
--weaken-symbols options now works with unique symbols as well.
- Update to 2.38:
* elfedit: Add --output-abiversion option to update ABIVERSION.
* Add support for the LoongArch instruction set.
* Tools which display symbols or strings (readelf, strings, nm, objdump)
have a new command line option which controls how unicode characters
are handled. By default they are treated as normal for the tool.
Using
--unicode=locale will display them according to the current locale.
Using --unicode=hex will display them as hex byte values, whilst
--unicode=escape will display them as escape sequences. In addition
using --unicode=highlight will display them as unicode escape
sequences highlighted in red (if supported by the output device).
* readelf -r dumps RELR relative relocations now.
* Support for efi-app-aarch64, efi-rtdrv-aarch64 and efi-bsdrv-aarch64
has been added to objcopy in order to enable UEFI development using
binutils.
* ar: Add --thin for creating thin archives. -T is a deprecated alias
without diagnostics. In many ar implementations -T has a different
meaning, as specified by X/Open System Interface.
* Add support for AArch64 system registers that were missing in previous
releases.
* Add support for the LoongArch instruction set.
* Add a command-line option, -muse-unaligned-vector-move, for x86 target
to encode aligned vector move as unaligned vector move.
* Add support for Cortex-R52+ for Arm.
* Add support for Cortex-A510, Cortex-A710, Cortex-X2 for AArch64.
* Add support for Cortex-A710 for Arm.
* Add support for Scalable Matrix Extension (SME) for AArch64.
* The --multibyte-handling=[allow|warn|warn-sym-only] option tells the
assembler what to when it encoutners multibyte characters in the
input. The default is to allow them. Setting the option to "warn"
will generate a warning message whenever any multibyte character is
encountered. Using the
option to "warn-sym-only" will make the assembler generate a warning
whenever a symbol is defined containing multibyte characters.
(References to undefined symbols will not generate warnings).
* Outputs of .ds.x directive and .tfloat directive with hex input from
x86 assembler have been reduced from 12 bytes to 10 bytes to match the
output of .tfloat directive.
* Add support for 'armv8.8-a', 'armv9-a', 'armv9.1-a', 'armv9.2-a' and
'armv9.3-a' for -march in AArch64 GAS.
* Add support for 'armv8.7-a', 'armv8.8-a', 'armv9-a', 'armv9.1-a',
'armv9.2-a' and 'armv9.3-a' for -march in Arm GAS.
* Add support for Intel AVX512_FP16 instructions.
* Add -z pack-relative-relocs/-z no pack-relative-relocs to x86 ELF
linker to pack relative relocations in the DT_RELR section.
* Add support for the LoongArch architecture.
* Add -z indirect-extern-access/-z noindirect-extern-access to x86 ELF
linker to control canonical function pointers and copy relocation.
* Add --max-cache-size=SIZE to set the the maximum cache size to SIZE
bytes.
- Explicitly enable --enable-warn-execstack=yes and
--enable-warn-rwx-segments=yes.
- Add gprofng subpackage.
- Include recognition of 'z16' name for 'arch14' on s390. (bsc#1198237).
- Add back fix for bsc#1191473, which got lost in the update to 2.38.
- Install symlinks for all target specific tools on arm-eabi-none
(bsc#1185712).
- Enable PRU architecture for AM335x CPU (Beagle Bone Black board)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4146=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4146=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4146=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4146=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4146=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4146=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4146=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4146=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4146=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4146=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4146=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4146=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4146=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4146=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4146=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4146=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4146=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4146=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4146=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-2.39-150100.7.40.1
cross-arm-binutils-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-debugsource-2.39-150100.7.40.1
cross-avr-binutils-2.39-150100.7.40.1
cross-avr-binutils-debuginfo-2.39-150100.7.40.1
cross-avr-binutils-debugsource-2.39-150100.7.40.1
cross-epiphany-binutils-2.39-150100.7.40.1
cross-epiphany-binutils-debuginfo-2.39-150100.7.40.1
cross-epiphany-binutils-debugsource-2.39-150100.7.40.1
cross-hppa-binutils-2.39-150100.7.40.1
cross-hppa-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa-binutils-debugsource-2.39-150100.7.40.1
cross-hppa64-binutils-2.39-150100.7.40.1
cross-hppa64-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa64-binutils-debugsource-2.39-150100.7.40.1
cross-i386-binutils-2.39-150100.7.40.1
cross-i386-binutils-debuginfo-2.39-150100.7.40.1
cross-i386-binutils-debugsource-2.39-150100.7.40.1
cross-ia64-binutils-2.39-150100.7.40.1
cross-ia64-binutils-debuginfo-2.39-150100.7.40.1
cross-ia64-binutils-debugsource-2.39-150100.7.40.1
cross-m68k-binutils-2.39-150100.7.40.1
cross-m68k-binutils-debuginfo-2.39-150100.7.40.1
cross-m68k-binutils-debugsource-2.39-150100.7.40.1
cross-mips-binutils-2.39-150100.7.40.1
cross-mips-binutils-debuginfo-2.39-150100.7.40.1
cross-mips-binutils-debugsource-2.39-150100.7.40.1
cross-ppc-binutils-2.39-150100.7.40.1
cross-ppc-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc-binutils-debugsource-2.39-150100.7.40.1
cross-ppc64-binutils-2.39-150100.7.40.1
cross-ppc64-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64-binutils-debugsource-2.39-150100.7.40.1
cross-riscv64-binutils-2.39-150100.7.40.1
cross-riscv64-binutils-debuginfo-2.39-150100.7.40.1
cross-riscv64-binutils-debugsource-2.39-150100.7.40.1
cross-rx-binutils-2.39-150100.7.40.1
cross-rx-binutils-debuginfo-2.39-150100.7.40.1
cross-rx-binutils-debugsource-2.39-150100.7.40.1
cross-s390-binutils-2.39-150100.7.40.1
cross-s390-binutils-debuginfo-2.39-150100.7.40.1
cross-s390-binutils-debugsource-2.39-150100.7.40.1
cross-sparc-binutils-2.39-150100.7.40.1
cross-sparc-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc-binutils-debugsource-2.39-150100.7.40.1
cross-sparc64-binutils-2.39-150100.7.40.1
cross-sparc64-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc64-binutils-debugsource-2.39-150100.7.40.1
cross-spu-binutils-2.39-150100.7.40.1
cross-spu-binutils-debuginfo-2.39-150100.7.40.1
cross-spu-binutils-debugsource-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
cross-s390x-binutils-2.39-150100.7.40.1
cross-s390x-binutils-debuginfo-2.39-150100.7.40.1
cross-s390x-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x):
cross-x86_64-binutils-2.39-150100.7.40.1
cross-x86_64-binutils-debuginfo-2.39-150100.7.40.1
cross-x86_64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (ppc64le s390x x86_64):
cross-aarch64-binutils-2.39-150100.7.40.1
cross-aarch64-binutils-debuginfo-2.39-150100.7.40.1
cross-aarch64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (aarch64 s390x x86_64):
cross-ppc64le-binutils-2.39-150100.7.40.1
cross-ppc64le-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64le-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-2.39-150100.7.40.1
cross-arm-binutils-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-debugsource-2.39-150100.7.40.1
cross-avr-binutils-2.39-150100.7.40.1
cross-avr-binutils-debuginfo-2.39-150100.7.40.1
cross-avr-binutils-debugsource-2.39-150100.7.40.1
cross-epiphany-binutils-2.39-150100.7.40.1
cross-epiphany-binutils-debuginfo-2.39-150100.7.40.1
cross-epiphany-binutils-debugsource-2.39-150100.7.40.1
cross-hppa-binutils-2.39-150100.7.40.1
cross-hppa-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa-binutils-debugsource-2.39-150100.7.40.1
cross-hppa64-binutils-2.39-150100.7.40.1
cross-hppa64-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa64-binutils-debugsource-2.39-150100.7.40.1
cross-i386-binutils-2.39-150100.7.40.1
cross-i386-binutils-debuginfo-2.39-150100.7.40.1
cross-i386-binutils-debugsource-2.39-150100.7.40.1
cross-ia64-binutils-2.39-150100.7.40.1
cross-ia64-binutils-debuginfo-2.39-150100.7.40.1
cross-ia64-binutils-debugsource-2.39-150100.7.40.1
cross-m68k-binutils-2.39-150100.7.40.1
cross-m68k-binutils-debuginfo-2.39-150100.7.40.1
cross-m68k-binutils-debugsource-2.39-150100.7.40.1
cross-mips-binutils-2.39-150100.7.40.1
cross-mips-binutils-debuginfo-2.39-150100.7.40.1
cross-mips-binutils-debugsource-2.39-150100.7.40.1
cross-ppc-binutils-2.39-150100.7.40.1
cross-ppc-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc-binutils-debugsource-2.39-150100.7.40.1
cross-ppc64-binutils-2.39-150100.7.40.1
cross-ppc64-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64-binutils-debugsource-2.39-150100.7.40.1
cross-riscv64-binutils-2.39-150100.7.40.1
cross-riscv64-binutils-debuginfo-2.39-150100.7.40.1
cross-riscv64-binutils-debugsource-2.39-150100.7.40.1
cross-rx-binutils-2.39-150100.7.40.1
cross-rx-binutils-debuginfo-2.39-150100.7.40.1
cross-rx-binutils-debugsource-2.39-150100.7.40.1
cross-s390-binutils-2.39-150100.7.40.1
cross-s390-binutils-debuginfo-2.39-150100.7.40.1
cross-s390-binutils-debugsource-2.39-150100.7.40.1
cross-sparc-binutils-2.39-150100.7.40.1
cross-sparc-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc-binutils-debugsource-2.39-150100.7.40.1
cross-sparc64-binutils-2.39-150100.7.40.1
cross-sparc64-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc64-binutils-debugsource-2.39-150100.7.40.1
cross-spu-binutils-2.39-150100.7.40.1
cross-spu-binutils-debuginfo-2.39-150100.7.40.1
cross-spu-binutils-debugsource-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le x86_64):
cross-s390x-binutils-2.39-150100.7.40.1
cross-s390x-binutils-debuginfo-2.39-150100.7.40.1
cross-s390x-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x):
cross-x86_64-binutils-2.39-150100.7.40.1
cross-x86_64-binutils-debuginfo-2.39-150100.7.40.1
cross-x86_64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (ppc64le s390x x86_64):
cross-aarch64-binutils-2.39-150100.7.40.1
cross-aarch64-binutils-debuginfo-2.39-150100.7.40.1
cross-aarch64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 s390x x86_64):
cross-ppc64le-binutils-2.39-150100.7.40.1
cross-ppc64le-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64le-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Manager Server 4.1 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Manager Proxy 4.1 (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (x86_64):
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (x86_64):
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Enterprise Storage 7 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Enterprise Storage 6 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE CaaS Platform 4.0 (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
References:
https://www.suse.com/security/cve/CVE-2019-1010204.html
https://www.suse.com/security/cve/CVE-2021-3530.html
https://www.suse.com/security/cve/CVE-2021-3648.html
https://www.suse.com/security/cve/CVE-2021-3826.html
https://www.suse.com/security/cve/CVE-2021-45078.html
https://www.suse.com/security/cve/CVE-2021-46195.html
https://www.suse.com/security/cve/CVE-2022-27943.html
https://www.suse.com/security/cve/CVE-2022-38126.html
https://www.suse.com/security/cve/CVE-2022-38127.html
https://www.suse.com/security/cve/CVE-2022-38533.html
https://bugzilla.suse.com/1142579
https://bugzilla.suse.com/1185597
https://bugzilla.suse.com/1185712
https://bugzilla.suse.com/1188374
https://bugzilla.suse.com/1191473
https://bugzilla.suse.com/1193929
https://bugzilla.suse.com/1194783
https://bugzilla.suse.com/1197592
https://bugzilla.suse.com/1198237
https://bugzilla.suse.com/1202816
https://bugzilla.suse.com/1202966
https://bugzilla.suse.com/1202967
https://bugzilla.suse.com/1202969
1
0
SUSE-SU-2022:4147-1: important: Security update for kubevirt stack
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for kubevirt stack
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4147-1
Rating: important
References:
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update provides rebuilds of the kubevirt containers with up to date
base images, fixing various security issues.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4147=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4147=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-4147=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4147=1
Package List:
- openSUSE Leap Micro 5.3 (x86_64):
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
- openSUSE Leap 15.4 (x86_64):
kubevirt-container-disk-0.54.0-150400.3.7.1
kubevirt-container-disk-debuginfo-0.54.0-150400.3.7.1
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-tests-0.54.0-150400.3.7.1
kubevirt-tests-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-api-0.54.0-150400.3.7.1
kubevirt-virt-api-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-controller-0.54.0-150400.3.7.1
kubevirt-virt-controller-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-handler-0.54.0-150400.3.7.1
kubevirt-virt-handler-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-launcher-0.54.0-150400.3.7.1
kubevirt-virt-launcher-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-operator-0.54.0-150400.3.7.1
kubevirt-virt-operator-debuginfo-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
obs-service-kubevirt_containers_meta-0.54.0-150400.3.7.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64):
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
References:
1
0
SUSE-SU-2022:4148-1: important: Security update for pixman
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for pixman
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4148-1
Rating: important
References: #1205033
Cross-References: CVE-2022-44638
CVSS scores:
CVE-2022-44638 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-44638 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pixman fixes the following issues:
- CVE-2022-44638: Fixed an integer overflow in pixman_sample_floor_y
leading to heap out-of-bounds write (bsc#1205033).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4148=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4148=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4148=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4148=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4148=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4148=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4148=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4148=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4148=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4148=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4148=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4148=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4148=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4148=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4148=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4148=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4148=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4148=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4148=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4148=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- openSUSE Leap 15.3 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Manager Server 4.1 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Manager Proxy 4.1 (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 7 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 6 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE CaaS Platform 4.0 (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
References:
https://www.suse.com/security/cve/CVE-2022-44638.html
https://bugzilla.suse.com/1205033
1
0
openSUSE-SU-2022:10209-1: moderate: Security update for tor
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for tor
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10209-1
Rating: moderate
References: #1205307
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tor fixes the following issues:
tor 0.4.7.11:
* Improve security of DNS cache by randomly clipping the TTL value
(boo#1205307, TROVE-2021-009)
* Improved defenses against network-wide DoS, multiple counters and
metrics added to MetricsPorts
* Apply circuit creation anti-DoS defenses if the outbound circuit max
cell queue size is reached too many times. This introduces two new
consensus parameters to control the queue size limit and number of
times allowed to go over that limit.
* Directory authority updates
* IPFire database and geoip updates
* Bump the maximum amount of CPU that can be used from 16 to 128. The
NumCPUs torrc option overrides this hardcoded maximum.
* onion service: set a higher circuit build timeout for opened client
rendezvous circuit to avoid timeouts and retry load
* Make the service retry a rendezvous if the circuit is being repurposed
for measurements
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10209=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10209=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
tor-0.4.7.11-bp154.2.9.1
tor-debuginfo-0.4.7.11-bp154.2.9.1
tor-debugsource-0.4.7.11-bp154.2.9.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
tor-0.4.7.11-bp153.2.21.1
References:
https://bugzilla.suse.com/1205307
1
0
openSUSE-SU-2022:10208-1: moderate: Security update for libpano
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for libpano
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10208-1
Rating: moderate
References: #1197011
Cross-References: CVE-2021-33293
CVSS scores:
CVE-2021-33293 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libpano fixes the following issues:
- CVE-2021-33293: Fixes out-of-bounds read in the function
panoParserFindOLine() in parser.c. (boo#1197011)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10208=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
libpano-devel-2.9.19-bp153.3.3.1
libpano-utils-2.9.19-bp153.3.3.1
libpano13-3-2.9.19-bp153.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-33293.html
https://bugzilla.suse.com/1197011
1
0
openSUSE-SU-2022:10206-1: moderate: Security update for tumbler
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for tumbler
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10206-1
Rating: moderate
References: #1203644 #1205210
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tumbler fixes the following issues:
tumbler was updated to version 4.16.1 (boo#1205210)
* gst-thumbnailer: Add mime type check (gxo#xfce/tumbler#65)
* desktop-thumbnailer: Guard against null path
* Fix typo in gthread version (gxo#xfce/tumbler!14)
- Add Recommends: ffmpegthumbnailer
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10206=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
libtumbler-1-0-4.16.1-bp153.2.3.1
tumbler-4.16.1-bp153.2.3.1
tumbler-devel-4.16.1-bp153.2.3.1
tumbler-folder-thumbnailer-4.16.1-bp153.2.3.1
tumbler-webp-thumbnailer-4.16.1-bp153.2.3.1
- openSUSE Backports SLE-15-SP3 (noarch):
tumbler-doc-4.16.1-bp153.2.3.1
tumbler-lang-4.16.1-bp153.2.3.1
References:
https://bugzilla.suse.com/1203644
https://bugzilla.suse.com/1205210
1
0