openSUSE Updates
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
January 2024
- 3 participants
- 152 discussions
19 Jan '24
# Recommended update for util-linux
Announcement ID: SUSE-RU-2024:0164-1
Rating: important
References:
* bsc#1207987
Affected Products:
* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
An update that has one fix can now be installed.
## Description:
This update for util-linux fixes the following issues:
* Instead of explicitly truncating clocks.txt file, pad with whitespaces in
the end of file. This is done to improve performance of libuuid on xfs.
(bsc#1207987)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-164=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-164=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-164=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-164=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-164=1
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-164=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-164=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-164=1
## Package List:
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* python3-libmount-debuginfo-2.36.2-150300.4.38.1
* libblkid-devel-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* libuuid-devel-2.36.2-150300.4.38.1
* libfdisk-devel-static-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libmount-devel-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libsmartcols-devel-2.36.2-150300.4.38.1
* python3-libmount-2.36.2-150300.4.38.1
* libblkid-devel-static-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libfdisk-devel-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libsmartcols-devel-static-2.36.2-150300.4.38.1
* libuuid-devel-static-2.36.2-150300.4.38.1
* python3-libmount-debugsource-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* libmount-devel-static-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* uuidd-debuginfo-2.36.2-150300.4.38.1
* uuidd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* openSUSE Leap 15.3 (x86_64)
* libblkid-devel-32bit-2.36.2-150300.4.38.1
* libuuid-devel-32bit-2.36.2-150300.4.38.1
* libuuid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libblkid1-32bit-2.36.2-150300.4.38.1
* libmount-devel-32bit-2.36.2-150300.4.38.1
* libuuid1-32bit-2.36.2-150300.4.38.1
* libfdisk1-32bit-2.36.2-150300.4.38.1
* libblkid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-debuginfo-2.36.2-150300.4.38.1
* libfdisk1-32bit-debuginfo-2.36.2-150300.4.38.1
* libsmartcols1-32bit-debuginfo-2.36.2-150300.4.38.1
* libfdisk-devel-32bit-2.36.2-150300.4.38.1
* libsmartcols-devel-32bit-2.36.2-150300.4.38.1
* libmount1-32bit-2.36.2-150300.4.38.1
* libsmartcols1-32bit-2.36.2-150300.4.38.1
* openSUSE Leap 15.3 (noarch)
* util-linux-lang-2.36.2-150300.4.38.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* libsmartcols1-64bit-2.36.2-150300.4.38.1
* libuuid1-64bit-debuginfo-2.36.2-150300.4.38.1
* libsmartcols-devel-64bit-2.36.2-150300.4.38.1
* libuuid1-64bit-2.36.2-150300.4.38.1
* libblkid-devel-64bit-2.36.2-150300.4.38.1
* libmount1-64bit-debuginfo-2.36.2-150300.4.38.1
* libsmartcols1-64bit-debuginfo-2.36.2-150300.4.38.1
* libuuid-devel-64bit-2.36.2-150300.4.38.1
* libfdisk1-64bit-debuginfo-2.36.2-150300.4.38.1
* libblkid1-64bit-2.36.2-150300.4.38.1
* libmount-devel-64bit-2.36.2-150300.4.38.1
* libfdisk-devel-64bit-2.36.2-150300.4.38.1
* libblkid1-64bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-64bit-2.36.2-150300.4.38.1
* libfdisk1-64bit-2.36.2-150300.4.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libblkid-devel-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* libuuid-devel-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libmount-devel-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libsmartcols-devel-2.36.2-150300.4.38.1
* libblkid-devel-static-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libfdisk-devel-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid-devel-static-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* uuidd-debuginfo-2.36.2-150300.4.38.1
* uuidd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* util-linux-lang-2.36.2-150300.4.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* libuuid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libblkid1-32bit-2.36.2-150300.4.38.1
* libuuid1-32bit-2.36.2-150300.4.38.1
* libblkid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* libblkid-devel-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* libuuid-devel-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libmount-devel-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libsmartcols-devel-2.36.2-150300.4.38.1
* libblkid-devel-static-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libfdisk-devel-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid-devel-static-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* uuidd-debuginfo-2.36.2-150300.4.38.1
* uuidd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* util-linux-lang-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* libuuid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libblkid1-32bit-2.36.2-150300.4.38.1
* libuuid1-32bit-2.36.2-150300.4.38.1
* libblkid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libblkid-devel-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* libuuid-devel-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libmount-devel-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libsmartcols-devel-2.36.2-150300.4.38.1
* libblkid-devel-static-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libfdisk-devel-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid-devel-static-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* uuidd-debuginfo-2.36.2-150300.4.38.1
* uuidd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* util-linux-lang-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* libuuid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libblkid1-32bit-2.36.2-150300.4.38.1
* libuuid1-32bit-2.36.2-150300.4.38.1
* libblkid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-2.36.2-150300.4.38.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libblkid-devel-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* libuuid-devel-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libmount-devel-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libsmartcols-devel-2.36.2-150300.4.38.1
* libblkid-devel-static-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libfdisk-devel-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid-devel-static-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* uuidd-debuginfo-2.36.2-150300.4.38.1
* uuidd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* SUSE Enterprise Storage 7.1 (noarch)
* util-linux-lang-2.36.2-150300.4.38.1
* SUSE Enterprise Storage 7.1 (x86_64)
* libuuid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libblkid1-32bit-2.36.2-150300.4.38.1
* libuuid1-32bit-2.36.2-150300.4.38.1
* libblkid1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-debuginfo-2.36.2-150300.4.38.1
* libmount1-32bit-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* util-linux-systemd-debugsource-2.36.2-150300.4.38.1
* libfdisk1-2.36.2-150300.4.38.1
* libmount1-2.36.2-150300.4.38.1
* libuuid1-2.36.2-150300.4.38.1
* libblkid1-debuginfo-2.36.2-150300.4.38.1
* libmount1-debuginfo-2.36.2-150300.4.38.1
* util-linux-2.36.2-150300.4.38.1
* libsmartcols1-2.36.2-150300.4.38.1
* libsmartcols1-debuginfo-2.36.2-150300.4.38.1
* libblkid1-2.36.2-150300.4.38.1
* util-linux-debuginfo-2.36.2-150300.4.38.1
* util-linux-debugsource-2.36.2-150300.4.38.1
* libuuid1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-2.36.2-150300.4.38.1
* libfdisk1-debuginfo-2.36.2-150300.4.38.1
* util-linux-systemd-debuginfo-2.36.2-150300.4.38.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1207987
1
0
openSUSE-SU-2024:0025-1: critical: Security update for chromium
by opensuse-security@opensuse.org 19 Jan '24
by opensuse-security@opensuse.org 19 Jan '24
19 Jan '24
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0025-1
Rating: critical
References: #1218892
Cross-References: CVE-2024-0517 CVE-2024-0518 CVE-2024-0519
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Update to 120.0.6099.224 (boo#1218892):
- CVE-2024-0517: Out of bounds write in V8
- CVE-2024-0518: Type Confusion in V8
- CVE-2024-0519: Out of bounds memory access in V8
- Various fixes from internal audits, fuzzing and other initiatives
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-25=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
chromedriver-120.0.6099.224-bp155.2.67.1
chromium-120.0.6099.224-bp155.2.67.1
References:
https://www.suse.com/security/cve/CVE-2024-0517.html
https://www.suse.com/security/cve/CVE-2024-0518.html
https://www.suse.com/security/cve/CVE-2024-0519.html
https://bugzilla.suse.com/1218892
1
0
18 Jan '24
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0156-1
Rating: important
References:
* bsc#1179610
* bsc#1183045
* bsc#1193285
* bsc#1211162
* bsc#1211226
* bsc#1212584
* bsc#1214747
* bsc#1214823
* bsc#1215237
* bsc#1215696
* bsc#1215885
* bsc#1216057
* bsc#1216559
* bsc#1216776
* bsc#1217036
* bsc#1217217
* bsc#1217250
* bsc#1217602
* bsc#1217692
* bsc#1217790
* bsc#1217801
* bsc#1217933
* bsc#1217938
* bsc#1217946
* bsc#1217947
* bsc#1217980
* bsc#1217981
* bsc#1217982
* bsc#1218056
* bsc#1218139
* bsc#1218184
* bsc#1218234
* bsc#1218253
* bsc#1218258
* bsc#1218335
* bsc#1218357
* bsc#1218447
* bsc#1218515
* bsc#1218559
* bsc#1218569
* bsc#1218659
* jsc#PED-3459
* jsc#PED-5021
* jsc#PED-7322
Cross-References:
* CVE-2020-26555
* CVE-2023-51779
* CVE-2023-6121
* CVE-2023-6531
* CVE-2023-6546
* CVE-2023-6606
* CVE-2023-6610
* CVE-2023-6622
* CVE-2023-6931
* CVE-2023-6932
CVSS scores:
* CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 10 vulnerabilities, contains three features and has 31
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
bugfixes.
The following security bugs were fixed:
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic()on
the socket that the SKB is queued on (bsc#1218447).
* CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing
debug information (bsc#1217946).
* CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race
condition in bt_sock_recvmsg (bsc#1218559).
* CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the
Bluetooth subsystem that would allow replay attacks (bsc#1179610
bsc#1215237).
* CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving
a malformed length from a server (bsc#1217947).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1218335).
* CVE-2023-6931: Fixed an out of bounds write in the Performance Events
subsystem when adding a new event (bsc#1218258).
* CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query
packet due to reference count mismanagement (bsc#1218253).
* CVE-2023-6622: Fixed a null pointer dereference vulnerability in
nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user
privilege to trigger a denial of service (bsc#1217938).
* CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted
packet in the NVMe-oF/TCP subsystem (bsc#1217250).
The following non-security bugs were fixed:
* Reviewed and added more information to README.SUSE (jsc#PED-5021).
* Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226,
bsc#1218184).
* Drop drm/bridge lt9611uxc patches that have been reverted on stable trees
* KVM: s390/mm: Properly reset no-dat (bsc#1218056).
* KVM: s390: vsie: fix wrong VIR 37 when MSO is used (bsc#1217933).
* KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
* NFS: Fix O_DIRECT locking issues (bsc#1211162).
* NFS: Fix a few more clear_bit() instances that need release semantics
(bsc#1211162).
* NFS: Fix a potential data corruption (bsc#1211162).
* NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
* NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
* NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162).
* NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
* NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
* NLM: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
* Updated SPI patches for NVIDIA Grace enablement (bsc#1212584 jsc#PED-3459)
* block: fix revalidate performance regression (bsc#1216057).
* bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234).
* ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
(bsc#1217980).
* ceph: fix type promotion bug on 32bit systems (bsc#1217982).
* clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885
bsc#1217217).
* clocksource: Enable TSC watchdog checking of HPET and PMTMR only when
requested (bsc#1215885 bsc#1217217).
* clocksource: Handle negative skews in "skew is too large" messages
(bsc#1215885 bsc#1217217).
* clocksource: Improve "skew is too large" messages (bsc#1215885 bsc#1217217).
* clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
* clocksource: Loosen clocksource watchdog constraints (bsc#1215885
bsc#1217217).
* clocksource: Print clocksource name when clocksource is tested unstable
(bsc#1215885 bsc#1217217).
* clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885
bsc#1217217).
* dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
* fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
* libceph: use kernel_connect() (bsc#1217981).
* mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
* net/smc: Fix pos miscalculation in statistics (bsc#1218139).
* net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
* nfs: only issue commit in DIO codepath if we have uncommitted data
(bsc#1211162).
* remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
* s390/vx: fix save/restore of fpu kernel context (bsc#1218357).
* scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
* swiotlb: fix a braino in the alignment check fix (bsc#1216559).
* swiotlb: fix slot alignment checks (bsc#1216559).
* tracing: Disable preemption when using the filter buffer (bsc#1217036).
* tracing: Fix a possible race when disabling buffered events (bsc#1217036).
* tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
* tracing: Fix incomplete locking when disabling buffered events
(bsc#1217036).
* tracing: Fix warning in trace_buffered_event_disable() (bsc#1217036).
* tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver()
(bsc#1217036).
* uapi: propagate __struct_group() attributes to the container union
(jsc#SLE-18978).
* vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
* x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
* x86/platform/uv: Use alternate source for socket to node data (bsc#1215696
bsc#1217790).
* x86/tsc: Add option to force frequency recalibration with HW timer
(bsc#1215885 bsc#1217217).
* x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
* x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885
bsc#1217217).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-156=1
* SUSE Linux Enterprise Real Time 15 SP4
zypper in -t patch SUSE-SLE-Product-RT-15-SP4-2024-156=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-156=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-156=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-156=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-156=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-156=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-156=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-156=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-156=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-156=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-156=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-156=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-156=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-156=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-156=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.
* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-156=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-156=1
## Package List:
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Real Time 15 SP4 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Real Time 15 SP4 (x86_64)
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Real Time 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Real Time 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* kernel-default-extra-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.103.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Manager Proxy 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Manager Proxy 4.3 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Manager Proxy 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Manager Retail Branch Server 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.103.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (noarch)
* kernel-docs-html-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-source-vanilla-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* kernel-source-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (ppc64le x86_64)
* kernel-debug-devel-5.14.21-150400.24.103.1
* kernel-debug-debuginfo-5.14.21-150400.24.103.1
* kernel-debug-debugsource-5.14.21-150400.24.103.1
* kernel-debug-livepatch-devel-5.14.21-150400.24.103.1
* kernel-debug-devel-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.103.1
* kernel-kvmsmall-devel-5.14.21-150400.24.103.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.103.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.103.1
* kernel-default-base-rebuild-5.14.21-150400.24.103.1.150400.24.48.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kernel-default-optional-5.14.21-150400.24.103.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* ocfs2-kmp-default-5.14.21-150400.24.103.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.103.1
* cluster-md-kmp-default-5.14.21-150400.24.103.1
* dlm-kmp-default-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-livepatch-devel-5.14.21-150400.24.103.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* gfs2-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-qa-5.14.21-150400.24.103.1
* kernel-default-extra-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* kernel-default-livepatch-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kselftests-kmp-default-5.14.21-150400.24.103.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_103-default-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-1-150400.9.3.1
* kernel-livepatch-SLE15-SP4_Update_22-debugsource-1-150400.9.3.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.103.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64)
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-extra-5.14.21-150400.24.103.1
* dtb-socionext-5.14.21-150400.24.103.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* dtb-amazon-5.14.21-150400.24.103.1
* dtb-freescale-5.14.21-150400.24.103.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* dtb-lg-5.14.21-150400.24.103.1
* ocfs2-kmp-64kb-5.14.21-150400.24.103.1
* dtb-mediatek-5.14.21-150400.24.103.1
* dtb-hisilicon-5.14.21-150400.24.103.1
* dtb-altera-5.14.21-150400.24.103.1
* dlm-kmp-64kb-5.14.21-150400.24.103.1
* dtb-sprd-5.14.21-150400.24.103.1
* dtb-amlogic-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-livepatch-devel-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* dtb-nvidia-5.14.21-150400.24.103.1
* dtb-qcom-5.14.21-150400.24.103.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* gfs2-kmp-64kb-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* reiserfs-kmp-64kb-5.14.21-150400.24.103.1
* dtb-xilinx-5.14.21-150400.24.103.1
* dtb-apm-5.14.21-150400.24.103.1
* dtb-apple-5.14.21-150400.24.103.1
* dtb-marvell-5.14.21-150400.24.103.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.103.1
* dtb-renesas-5.14.21-150400.24.103.1
* dtb-rockchip-5.14.21-150400.24.103.1
* kernel-64kb-optional-5.14.21-150400.24.103.1
* kselftests-kmp-64kb-5.14.21-150400.24.103.1
* dtb-amd-5.14.21-150400.24.103.1
* dtb-arm-5.14.21-150400.24.103.1
* dtb-cavium-5.14.21-150400.24.103.1
* dtb-allwinner-5.14.21-150400.24.103.1
* dtb-exynos-5.14.21-150400.24.103.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* dtb-broadcom-5.14.21-150400.24.103.1
* cluster-md-kmp-64kb-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_103-default-1-150400.9.3.1
* kernel-default-livepatch-devel-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-livepatch-5.14.21-150400.24.103.1
* kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-1-150400.9.3.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-livepatch-SLE15-SP4_Update_22-debugsource-1-150400.9.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-5.14.21-150400.24.103.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.103.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* ocfs2-kmp-default-5.14.21-150400.24.103.1
* gfs2-kmp-default-5.14.21-150400.24.103.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* cluster-md-kmp-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
## References:
* https://www.suse.com/security/cve/CVE-2020-26555.html
* https://www.suse.com/security/cve/CVE-2023-51779.html
* https://www.suse.com/security/cve/CVE-2023-6121.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2023-6606.html
* https://www.suse.com/security/cve/CVE-2023-6610.html
* https://www.suse.com/security/cve/CVE-2023-6622.html
* https://www.suse.com/security/cve/CVE-2023-6931.html
* https://www.suse.com/security/cve/CVE-2023-6932.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1183045
* https://bugzilla.suse.com/show_bug.cgi?id=1193285
* https://bugzilla.suse.com/show_bug.cgi?id=1211162
* https://bugzilla.suse.com/show_bug.cgi?id=1211226
* https://bugzilla.suse.com/show_bug.cgi?id=1212584
* https://bugzilla.suse.com/show_bug.cgi?id=1214747
* https://bugzilla.suse.com/show_bug.cgi?id=1214823
* https://bugzilla.suse.com/show_bug.cgi?id=1215237
* https://bugzilla.suse.com/show_bug.cgi?id=1215696
* https://bugzilla.suse.com/show_bug.cgi?id=1215885
* https://bugzilla.suse.com/show_bug.cgi?id=1216057
* https://bugzilla.suse.com/show_bug.cgi?id=1216559
* https://bugzilla.suse.com/show_bug.cgi?id=1216776
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217217
* https://bugzilla.suse.com/show_bug.cgi?id=1217250
* https://bugzilla.suse.com/show_bug.cgi?id=1217602
* https://bugzilla.suse.com/show_bug.cgi?id=1217692
* https://bugzilla.suse.com/show_bug.cgi?id=1217790
* https://bugzilla.suse.com/show_bug.cgi?id=1217801
* https://bugzilla.suse.com/show_bug.cgi?id=1217933
* https://bugzilla.suse.com/show_bug.cgi?id=1217938
* https://bugzilla.suse.com/show_bug.cgi?id=1217946
* https://bugzilla.suse.com/show_bug.cgi?id=1217947
* https://bugzilla.suse.com/show_bug.cgi?id=1217980
* https://bugzilla.suse.com/show_bug.cgi?id=1217981
* https://bugzilla.suse.com/show_bug.cgi?id=1217982
* https://bugzilla.suse.com/show_bug.cgi?id=1218056
* https://bugzilla.suse.com/show_bug.cgi?id=1218139
* https://bugzilla.suse.com/show_bug.cgi?id=1218184
* https://bugzilla.suse.com/show_bug.cgi?id=1218234
* https://bugzilla.suse.com/show_bug.cgi?id=1218253
* https://bugzilla.suse.com/show_bug.cgi?id=1218258
* https://bugzilla.suse.com/show_bug.cgi?id=1218335
* https://bugzilla.suse.com/show_bug.cgi?id=1218357
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218515
* https://bugzilla.suse.com/show_bug.cgi?id=1218559
* https://bugzilla.suse.com/show_bug.cgi?id=1218569
* https://bugzilla.suse.com/show_bug.cgi?id=1218659
* https://jira.suse.com/browse/PED-3459
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7322
1
0
18 Jan '24
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0160-1
Rating: important
References:
* bsc#1179610
* bsc#1183045
* bsc#1211162
* bsc#1211226
* bsc#1212139
* bsc#1212584
* bsc#1214117
* bsc#1214158
* bsc#1214747
* bsc#1214823
* bsc#1215237
* bsc#1215696
* bsc#1215885
* bsc#1215952
* bsc#1216032
* bsc#1216057
* bsc#1216559
* bsc#1216776
* bsc#1217036
* bsc#1217217
* bsc#1217250
* bsc#1217602
* bsc#1217692
* bsc#1217790
* bsc#1217801
* bsc#1217822
* bsc#1217927
* bsc#1217933
* bsc#1217938
* bsc#1217946
* bsc#1217947
* bsc#1217980
* bsc#1217981
* bsc#1217982
* bsc#1218056
* bsc#1218092
* bsc#1218139
* bsc#1218184
* bsc#1218229
* bsc#1218234
* bsc#1218253
* bsc#1218258
* bsc#1218335
* bsc#1218357
* bsc#1218397
* bsc#1218447
* bsc#1218461
* bsc#1218515
* bsc#1218559
* bsc#1218569
* bsc#1218643
* bsc#1218738
* jsc#PED-3459
* jsc#PED-5021
* jsc#PED-7167
Cross-References:
* CVE-2020-26555
* CVE-2023-51779
* CVE-2023-6121
* CVE-2023-6531
* CVE-2023-6546
* CVE-2023-6606
* CVE-2023-6610
* CVE-2023-6622
* CVE-2023-6931
* CVE-2023-6932
CVSS scores:
* CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* Legacy Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Availability Extension 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5
An update that solves 10 vulnerabilities, contains three features and has 42
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
* CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth
Core Specification 1.0B that may permit an unauthenticated nearby device to
spoof the BD_ADDR of the peer device to complete pairing without knowledge
of the PIN (bsc#1179610 bsc#1215237).
* CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race
condition in bt_sock_recvmsg (bsc#1218559).
* CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP
subsystem that could lead to information leak (bsc#1217250).
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic()on
the socket that the SKB is queued on (bsc#1218447).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1218335).
* CVE-2023-6606: Fixed an out-of-bounds read vulnerability in smbCalcSize in
fs/smb/client/netmisc.c that could allow a local attacker to crash the
system or leak internal kernel information (bsc#1217947).
* CVE-2023-6610: Fixed an out-of-bounds read vulnerability in smb2_dump_detail
in fs/smb/client/smb2ops.c that could allow a local attacker to crash the
system or leak internal kernel information (bsc#1217946).
* CVE-2023-6622: Fixed a null pointer dereference vulnerability in
nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user
privilege to trigger a denial of service (bsc#1217938).
* CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux
kernel's Performance Events system component that could lead to local
privilege escalation. (bsc#1218258).
* CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's
ipv4: igmp component that could lead to local privilege escalation
(bsc#1218253).
The following non-security bugs were fixed:
* Documentation: KVM: add separate directories for architecture-specific
documentation (jsc#PED-7167).
* Documentation: KVM: update amd-memory-encryption.rst references
(jsc#PED-7167).
* Documentation: KVM: update msr.rst reference (jsc#PED-7167).
* Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167).
* Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167).
* Documentation: drop more IDE boot options and ide-cd.rst (git-fixes).
* Documentation: qat: Use code block for qat sysfs example (git-fixes).
* Drop Documentation/ide/ (git-fixes).
* Fix crash in vmw_context_cotables_unref when 3d support is enabled
(bsc#1218738)
* Fix crash on screen resize (bsc#1218229)
* Fix drm gem object underflow (bsc#1218092)
* Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()" (git-fixes).
* Revert "PCI: acpiphp: Reassign resources on bridge if necessary" (git-
fixes).
* Revert "md: unlock mddev before reap sync_thread in action_store" (git-
fixes).
* Revert "swiotlb: panic if nslabs is too small" (git-fixes).
* Revert "xhci: Loosen RPM as default policy to cover for AMD xHC 1.1" (git-
fixes).
* Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
* acpi: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (git-
fixes).
* acpi: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects (git-fixes).
* acpica: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes).
* afs: Fix afs_server_list to be cleaned up with RCU (git-fixes).
* afs: Fix dynamic root lookup DNS check (git-fixes).
* afs: Fix file locking on R/O volumes to operate in local mode (git-fixes).
* afs: Fix overwriting of result of DNS query (git-fixes).
* afs: Fix refcount underflow from error handling race (git-fixes).
* afs: Fix the dynamic root's d_delete to always delete unused dentries (git-
fixes).
* afs: Fix use-after-free due to get/remove race in volume tree (git-fixes).
* afs: Make error on cell lookup failure consistent with OpenAFS (git-fixes).
* afs: Return ENOENT if no cell DNS record can be found (git-fixes).
* alsa: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro
(git-fixes).
* alsa: hda/hdmi: add force-connect quirk for NUC5CPYB (git-fixes).
* alsa: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (git-
fixes).
* alsa: hda/realtek: Add Framework laptop 16 to quirks (git-fixes).
* alsa: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes).
* alsa: hda/realtek: Add supported ALC257 for ChromeOS (git-fixes).
* alsa: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes).
* alsa: hda/realtek: Enable headset on Lenovo M90 Gen5 (git-fixes).
* alsa: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (git-
fixes).
* alsa: hda/realtek: Headset Mic VREF to 100% (git-fixes).
* alsa: hda/realtek: add new Framework laptop to quirks (git-fixes).
* alsa: hda/realtek: enable SND_PCI_QUIRK for hp pavilion 14-ec1xxx series
(git-fixes).
* alsa: hda/realtek: fix mute/micmute LEDs for a HP ZBook (git-fixes).
* alsa: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes).
* alsa: hda: intel-dsp-cfg: add LunarLake support (git-fixes).
* alsa: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes).
* alsa: seq: oss: Fix racy open/close of MIDI devices (git-fixes).
* alsa: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes).
* alsa: usb-audio: Increase delay in MOTU M quirk (git-fixes).
* apparmor: Free up __cleanup() name (jsc#PED-7167).
* arm64: dts: arm: add missing cache properties (git-fixes)
* arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes)
* arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes)
* arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes)
* arm64: kdump: Skip kmemleak scan reserved memory for kdump (jsc#PED-7167).
* arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-
fixes)
* arm: OMAP2+: Fix null pointer dereference and memory leak in
omap_soc_device_init (git-fixes).
* arm: PL011: Fix DMA support (git-fixes).
* asoc: fsl_rpmsg: Fix error handler with pm_runtime_enable (git-fixes).
* asoc: hdmi-codec: fix missing report for jack initial status (git-fixes).
* asoc: meson: g12a-toacodec: Fix event generation (git-fixes).
* asoc: meson: g12a-toacodec: Validate written enum values (git-fixes).
* asoc: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (git-fixes).
* asoc: meson: g12a-tohdmitx: Validate written enum values (git-fixes).
* asoc: wm_adsp: fix memleak in wm_adsp_buffer_populate (git-fixes).
* bitmap: unify find_bit operations (jsc#PED-7167).
* block: fix revalidate performance regression (bsc#1216057).
* bluetooth: Fix deadlock in vhci_send_frame (git-fixes).
* bluetooth: L2CAP: Send reject on command corrupted request (git-fixes).
* bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (git-
fixes).
* bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 (bsc#1218461).
* bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (git-
fixes).
* bluetooth: hci_event: shut up a false-positive warning (git-fixes).
* bluetooth: hci_qca: Fix the teardown problem for real (git-fixes).
* bnxt: do not handle XDP in netpoll (jsc#PED-1495).
* bnxt_en: Clear resource reservation during resume (jsc#PED-1495).
* bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic (jsc#PED-1495).
* bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495).
* bnxt_en: Fix page pool logic for page size >= 64K (jsc#PED-1495).
* bnxt_en: Fix wrong return value check in bnxt_close_nic() (jsc#PED-1495).
* bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI (jsc#PED-1495).
* bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
* bus: ti-sysc: Flush posted write only after srst_udelay (git-fixes).
* ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
(bsc#1217980).
* ceph: fix type promotion bug on 32bit systems (bsc#1217982).
* cleanup: Make no_free_ptr() __must_check (jsc#PED-7167).
* clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885
bsc#1217217).
* clocksource: Enable TSC watchdog checking of HPET and PMTMR only when
requested (bsc#1215885 bsc#1217217).
* clocksource: Handle negative skews in "skew is too large" messages
(bsc#1215885 bsc#1217217).
* clocksource: Improve "skew is too large" messages (bsc#1215885 bsc#1217217).
* clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
* clocksource: Loosen clocksource watchdog constraints (bsc#1215885
bsc#1217217).
* clocksource: Print clocksource name when clocksource is tested unstable
(bsc#1215885 bsc#1217217).
* clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885
bsc#1217217).
* configfs-tsm: Introduce a shared ABI for attestation reports (jsc#PED-7167).
* crypto: ccp - Add SEV_INIT rc error logging on init (jsc#PED-7167).
* crypto: ccp - Add SEV_INIT_EX support (jsc#PED-7167).
* crypto: ccp - Add a header for multiple drivers to use `__psp_pa`
(jsc#PED-7167).
* crypto: ccp - Add a quirk to firmware update (jsc#PED-7167).
* crypto: ccp - Add psp_init_on_probe module parameter (jsc#PED-7167).
* crypto: ccp - Drop TEE support for IRQ handler (jsc#PED-7167).
* crypto: ccp - Ensure psp_ret is always init'd in
__sev_platform_init_locked() (jsc#PED-7167).
* crypto: ccp - Fail the PSP initialization when writing psp data file failed
(jsc#PED-7167).
* crypto: ccp - Fix the INIT_EX data file open failure (jsc#PED-7167).
* crypto: ccp - Fix whitespace in sev_cmd_buffer_len() (jsc#PED-7167).
* crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware
(jsc#PED-7167).
* crypto: ccp - Initialize PSP when reading psp data file failed
(jsc#PED-7167).
* crypto: ccp - Log when resetting PSP SEV state (jsc#PED-7167).
* crypto: ccp - Move SEV_INIT retry for corrupted data (jsc#PED-7167).
* crypto: ccp - Move some PSP mailbox bit definitions into common header
(jsc#PED-7167).
* crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (jsc#PED-7167).
* crypto: ccp - Refactor out sev_fw_alloc() (jsc#PED-7167).
* crypto: ccp - remove unneeded semicolon (jsc#PED-7167).
* crypto: ccp: Get rid of __sev_platform_init_locked()'s local function
pointer (jsc#PED-7167).
* dm verity: initialize fec io before freeing it (git-fixes).
* dm-verity: do not use blocking calls from tasklets (git-fixes).
* dm: add cond_resched() to dm_wq_requeue_work() (git-fixes).
* dm: do not attempt to queue IO under RCU protection (git-fixes).
* dm: fix __send_duplicate_bios() to always allow for splitting IO
(bsc#1215952).
* dm: fix improper splitting for abnormal bios (bsc#1215952).
* dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter (git-fixes).
* dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
* dmaengine: ioat: Free up __cleanup() name (jsc#PED-7167).
* doc/README.SUSE: Add how to update the config for module signing
(jsc#PED-5021)
* doc/README.SUSE: Remove how to build modules using kernel-source
(jsc#PED-5021)
* doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
* drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (git-fixes).
* drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (bsc#1212139).
* drm/amdgpu: Add EEPROM I2C address support for ip discovery (git-fixes).
* drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes).
* drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes).
* drm/amdgpu: Decouple RAS EEPROM addresses from chips (git-fixes).
* drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes).
* drm/amdgpu: Remove second moot switch to set EEPROM I2C address (git-fixes).
* drm/amdgpu: Return from switch early for EEPROM I2C address (git-fixes).
* drm/amdgpu: Update EEPROM I2C address for smu v13_0_0 (git-fixes).
* drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10 (git-
fixes).
* drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes).
* drm/amdgpu: correct the amdgpu runtime dereference usage count (git-fixes).
* drm/amdgpu: fix tear down order in amdgpu_vm_pt_free (git-fixes).
* drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes).
* drm/bridge: parade-ps8640: Never store more than msg->size bytes in AUX xfer
(git-fixes).
* drm/bridge: ps8640: Fix size mismatch warning w/ len (git-fixes).
* drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS (git-fixes).
* drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer
(git-fixes).
* drm/i915/display: Drop check for doublescan mode in modevalid (git-fixes).
* drm/i915/dp: Fix passing the correct DPCD_REV for
drm_dp_set_phy_test_pattern (git-fixes).
* drm/i915/dpt: Only do the POT stride remap when using DPT (git-fixes).
* drm/i915/lvds: Use REG_BIT() & co (git-fixes).
* drm/i915/mtl: limit second scaler vertical scaling in ver >= 14 (git-fixes).
* drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo (git-
fixes).
* drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (git-fixes).
* drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes).
* drm/i915: Reject async flips with bigjoiner (git-fixes).
* drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes).
* drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal()
(jsc#PED-7167).
* drm/mediatek: Add spinlock for setting vblank event in atomic_begin (git-
fixes).
* drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (git-
fixes).
* efi/libstub: Implement support for unaccepted memory (jsc#PED-7167).
* efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted
memory (jsc#PED-7167).
* efi/unaccepted: Fix off-by-one when checking for overlapping ranges
(jsc#PED-7167).
* efi/unaccepted: Fix soft lockups caused by parallel memory acceptance
(jsc#PED-7167).
* efi/unaccepted: Make sure unaccepted table is mapped (jsc#PED-7167).
* efi/unaccepted: Use ACPI reclaim memory for unaccepted memory table
(jsc#PED-7167).
* efi/x86: Get full memory map in allocate_e820() (jsc#PED-7167).
* efi: Add unaccepted memory support (jsc#PED-7167).
* efi: libstub: avoid efi_get_memory_map() for allocating the virt map
(jsc#PED-7167).
* efi: libstub: install boot-time memory map as config table (jsc#PED-7167).
* efi: libstub: remove DT dependency from generic stub (jsc#PED-7167).
* efi: libstub: remove pointless goto kludge (jsc#PED-7167).
* efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap
(jsc#PED-7167).
* efi: libstub: unify initrd loading between architectures (jsc#PED-7167).
* floppy: fix MAX_ORDER usage (jsc#PED-7167).
* fprobe: Fix to ensure the number of active retprobes is not zero (git-
fixes).
* fs/jfs: Add check for negative db_l2nbperpage (git-fixes).
* fs/jfs: Add validity check for db_maxag and db_agpref (git-fixes).
* fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (git-
fixes).
* fs/remap: constrain dedupe of EOF blocks (git-fixes).
* fs: avoid empty option when generating legacy mount string (git-fixes).
* fs: fix an infinite loop in iomap_fiemap (git-fixes).
* fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).
* genwqe: fix MAX_ORDER usage (jsc#PED-7167).
* gfs2: Add wrapper for iomap_file_buffered_write (git-fixes).
* gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
* gfs2: Clean up function may_grant (git-fixes).
* gfs2: Fix filesystem block deallocation for short writes (git-fixes).
* gfs2: Fix gfs2_release for non-writers regression (git-fixes).
* gfs2: Fix inode height consistency check (git-fixes).
* gfs2: Fix length of holes reported at end-of-file (git-fixes).
* gfs2: Fix possible data races in gfs2_show_options() (git-fixes).
* gfs2: Improve gfs2_make_fs_rw error handling (git-fixes).
* gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).
* gfs2: Silence "suspicious RCU usage in gfs2_permission" warning (git-fixes).
* gfs2: Switch from strlcpy to strscpy (git-fixes).
* gfs2: fix an oops in gfs2_permission (git-fixes).
* gfs2: gfs2_setattr_size error path fix (git-fixes).
* gfs2: ignore negated quota changes (git-fixes).
* gfs2: jdata writepage fix (git-fixes).
* gfs2: use i_lock spin_lock for inode qadata (git-fixes).
* gpiolib: sysfs: Fix error handling on failed export (git-fixes).
* gve: Fixes for napi_poll when budget is 0 (git-fixes).
* gve: Use size_add() in call to struct_size() (git-fixes).
* hid: add ALWAYS_POLL quirk for Apple kb (git-fixes).
* hid: glorious: fix Glorious Model I HID report (git-fixes).
* hid: hid-asus: add const to read-only outgoing usb buffer (git-fixes).
* hid: hid-asus: reset the backlight brightness level on resume (git-fixes).
* hid: lenovo: Restrict detection of patched firmware only to USB cptkbd (git-
fixes).
* hid: multitouch: Add quirk for HONOR GLO-GXXX touchpad (git-fixes).
* hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes).
* hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (git-
fixes).
* i2c: aspeed: Handle the coalesced stop conditions with the start conditions
(git-fixes).
* i2c: core: Fix atomic xfer check for non-preempt config (git-fixes).
* i2c: designware: Fix corrupted memory seen in the ISR (git-fixes).
* i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372).
* i40e: Fix VF VLAN offloading when port VLAN is configured (jsc#PED-372).
* i40e: Fix unexpected MFS warning message (jsc#PED-372).
* i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (jsc#PED-372).
* i40e: fix misleading debug logs (jsc#PED-372).
* i40e: fix potential NULL pointer dereferencing of pf->vf
i40e_sync_vsi_filters() (jsc#PED-372).
* i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372).
* i40e: prevent crash on probe if hw registers have invalid values
(jsc#PED-372).
* ib/mlx5: Fix init stage error handling to avoid double free of same QP and
UAF (git-fixes)
* ib/mlx5: Fix rdma counter binding for RAW QP (git-fixes)
* igb: Avoid starting unnecessary workqueues (jsc#PED-370).
* igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
(jsc#PED-370).
* igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (jsc#PED-370).
* igb: clean up in all error paths when enabling SR-IOV (jsc#PED-370).
* igb: disable virtualization features on 82580 (jsc#PED-370).
* igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80
(jsc#PED-370).
* igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
(jsc#PED-375).
* igc: Expose tx-usecs coalesce setting to user (jsc#PED-375).
* igc: Fix ambiguity in the ethtool advertising (jsc#PED-375).
* igc: Fix infinite initialization loop with early XDP redirect (jsc#PED-375).
* igc: Fix the typo in the PTM Control macro (jsc#PED-375).
* iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (git-
fixes).
* iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table
(git-fixes).
* iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw
(git-fixes).
* iio: triggered-buffer: prevent possible freeing of wrong buffer (git-fixes).
* input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN (git-fixes).
* input: ipaq-micro-keys - add error handling for devm_kmemdup (git-fixes).
* input: soc_button_array - add mapping for airplane mode button (git-fixes).
* input: xpad - add HyperX Clutch Gladiate Support (git-fixes).
* interconnect: Treat xlate() returning NULL node as an error (git-fixes).
* iomap: Fix iomap_dio_rw return value for user copies (git-fixes).
* iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (jsc#PED-7167).
* iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-
fixes).
* jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes).
* jfs: fix array-index-out-of-bounds in diAlloc (git-fixes).
* jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount (git-fixes).
* jfs: validate max amount of blocks before allocation (git-fixes).
* kABI: Preserve the type of rethook::handler (git-fixes).
* kABI: restore void return to typec_altmode_attention (git-fixes).
* kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes,
as used only locally for asus-wmi stuff
* kabi/severities: make snp_issue_guest_request PASS (jsc#PED-7167)
* kabi: fix of_reserved_mem_* due to struct vm_struct became defined
(jsc#PED-7167).
* kabi: fix sev-dev due to fs_struct became defined (jsc#PED-7167).
* kabi: fix struct efi after adding unaccepted memory table (jsc#PED-7167).
* kabi: fix struct zone kabi after adding unaccepted_pages and NR_UNACCEPTED
(jsc#PED-7167).
* kbuild: Drop -Wdeclaration-after-statement (jsc#PED-7167).
* kconfig: fix memory leak from range properties (git-fixes).
* kprobes: consistent rcu api usage for kretprobe holder (git-fixes).
* kvm: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167).
* kvm: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).
* kvm: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933).
* lib/vsprintf: Fix %pfwf when current node refcount == 0 (git-fixes).
* libceph: use kernel_connect() (bsc#1217981).
* locking: Introduce __cleanup() based infrastructure (jsc#PED-7167).
* locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock
(git-fixes).
* md/bitmap: do not set max_write_behind if there is no write mostly device
(git-fixes).
* md/md-bitmap: hold 'reconfig_mutex' in backlog_store() (git-fixes).
* md/md-bitmap: remove unnecessary local variable in backlog_store() (git-
fixes).
* md/raid0: add discard support for the 'original' layout (git-fixes).
* md/raid10: do not call bio_start_io_acct twice for bio which experienced
read error (git-fixes).
* md/raid10: factor out code from wait_barrier() to stop_waiting_barrier()
(git-fixes).
* md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes).
* md/raid10: fix io loss while replacement replace rdev (git-fixes).
* md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).
* md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
* md/raid10: fix memleak of md thread (git-fixes).
* md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).
* md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-
fixes).
* md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
* md/raid10: fix task hung in raid10d (git-fixes).
* md/raid10: fix the condition to call bio_end_io_acct() (git-fixes).
* md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).
* md/raid10: prevent soft lockup while flush writes (git-fixes).
* md/raid10: use dereference_rdev_and_rrdev() to get devices (git-fixes).
* md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).
* md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).
* md/raid1: hold the barrier until handle_read_error() finishes (git-fixes).
* md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes).
* md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() (git-
fixes).
* md/raid5: fix miscalculation of 'end_sector' in raid5_read_one_chunk() (git-
fixes).
* md: Put the right device in md_seq_next (bsc#1217822).
* md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes).
* md: avoid signed overflow in slot_store() (git-fixes).
* md: do not update recovery_cp when curr_resync is ACTIVE (git-fixes).
* md: drop queue limitation for RAID1 and RAID10 (git-fixes).
* md: raid0: account for split bio in iostat accounting (git-fixes).
* md: raid10 add nowait support (git-fixes).
* md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).
* md: restore 'noio_flag' for the last mddev_resume() (git-fixes).
* md: select BLOCK_LEGACY_AUTOLOAD (git-fixes).
* memblock: exclude MEMBLOCK_NOMAP regions from kmemleak (jsc#PED-7167).
* memblock: make memblock_find_in_range method private (jsc#PED-7167).
* misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write
(git-fixes).
* misc: mei: client.c: return negative error code in mei_cl_write (git-fixes).
* mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When
MULTIBUILD option in config.sh is enabled generate a _multibuild file
listing all spec files.
* mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks
(jsc#PED-7167).
* mm/pgtable: Fix multiple -Wstringop-overflow warnings (jsc#PED-7167).
* mm/slab: Add __free() support for kvfree (jsc#PED-7167).
* mm/slub: fix MAX_ORDER usage in calculate_order() (jsc#PED-7167).
* mm: Add PAGE_ALIGN_DOWN macro (jsc#PED-7167).
* mm: Add support for unaccepted memory (jsc#PED-7167).
* mm: add pageblock_align() macro (jsc#PED-7167).
* mm: add pageblock_aligned() macro (jsc#PED-7167).
* mm: avoid passing 0 to __ffs() (jsc#PED-7167).
* mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
* mm: move kvmalloc-related functions to slab.h (jsc#PED-7167).
* mm: new primitive kvmemdup() (jsc#PED-7167).
* mm: reuse pageblock_start/end_pfn() macro (jsc#PED-7167).
* mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes).
* mmc: rpmb: fixes pause retune on all RPMB partitions (git-fixes).
* mmc: sdhci-sprd: Fix eMMC init failure after hw reset (git-fixes).
* neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (git-fixes).
* net/rose: Fix Use-After-Free in rose_ioctl (git-fixes).
* net/smc: Fix pos miscalculation in statistics (bsc#1218139).
* net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
* net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).
* net: bnxt: fix a potential use-after-free in bnxt_init_tc (jsc#PED-1495).
* net: ena: Destroy correct number of xdp queues upon failure (git-fixes).
* net: ena: Fix XDP redirection error (git-fixes).
* net: ena: Fix xdp drops handling due to multibuf packets (git-fixes).
* net: ena: Flush XDP packets on error (git-fixes).
* net: mana: select PAGE_POOL (git-fixes).
* net: rfkill: gpio: set GPIO direction (git-fixes).
* net: usb: ax88179_178a: avoid failed operations when device is disconnected
(git-fixes).
* net: usb: ax88179_178a: clean up pm calls (git-fixes).
* net: usb: ax88179_178a: wol optimizations (git-fixes).
* net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
* nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to
llcp_local (git-fixes).
* nfs: Fix O_DIRECT locking issues (bsc#1211162).
* nfs: Fix a few more clear_bit() instances that need release semantics
(bsc#1211162).
* nfs: Fix a potential data corruption (bsc#1211162).
* nfs: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
* nfs: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
* nfs: More O_DIRECT accounting fixes for error paths (bsc#1211162).
* nfs: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
* nfs: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
* nfs: only issue commit in DIO codepath if we have uncommitted data
(bsc#1211162).
* nilfs2: fix missing error check for sb_set_blocksize call (git-fixes).
* nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (git-fixes).
* nlm: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
* null_blk: fix poll request timeout handling (git-fixes).
* nvme-core: check for too small lba shift (bsc#1214117).
* nvme-pci: Add sleep quirk for Kingston drives (git-fixes).
* nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev (git-fixes).
* nvme-pci: do not set the NUMA node of device if it has none (git-fixes).
* nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes).
* nvme-rdma: do not try to stop unallocated queues (git-fixes).
* nvme: sanitize metadata bounce buffer for reads (git-fixes).
* nvmet-auth: complete a request only after freeing the dhchap pointers (git-
fixes).
* of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem
(jsc#PED-7167).
* orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-
fixes).
* orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (git-fixes).
* orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).
* orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
(git-fixes).
* padata: Fix refcnt handling in padata_free_shell() (git-fixes).
* parport: Add support for Brainboxes IX/UC/PX parallel cards (git-fixes).
* pci: loongson: Limit MRRS to 256 (git-fixes).
* perf/core: fix MAX_ORDER usage in rb_alloc_aux_page() (jsc#PED-7167).
* pinctrl: at91-pio4: use dedicated lock class for IRQ (git-fixes).
* platform/surface: aggregator: fix recv_buf() return value (git-fixes).
* platform/x86: asus-wmi: Add support for ROG X13 tablet mode (git-fixes).
* platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (git-
fixes).
* platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (git-
fixes).
* platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code
(git-fixes).
* platform/x86: asus-wmi: Simplify tablet-mode-switch handling (git-fixes).
* platform/x86: asus-wmi: Simplify tablet-mode-switch probing (git-fixes).
* platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct
wmi_driver (git-fixes).
* platform/x86: wmi: Skip blocks with zero instances (git-fixes).
* powerpc/pseries/vas: Migration suspend waits for no in-progress open windows
(bsc#1218397 ltc#204523).
* qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info
(jsc#PED-1526).
* qed: Fix a potential use-after-free in qed_cxt_tables_alloc (jsc#PED-1526).
* qed: fix LL2 RX buffer allocation (jsc#PED-1526).
* qede: fix firmware halt over suspend and resume (jsc#PED-1526).
* qla2xxx: add debug log for deprecated hw detected (bsc#1216032).
* r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).
* r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).
* r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (git-fixes).
* r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (git-fixes).
* r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes).
* r8169: Fix PCI error on system resume (git-fixes).
* rdma/bnxt_re: Correct module description string (jsc#PED-1495).
* rdma/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes)
* rdma/hfi1: Use FIELD_GET() to extract Link Width (git-fixes)
* rdma/hfi1: Workaround truncation compilation error (git-fixes)
* rdma/hns: Add check for SL (git-fixes)
* rdma/hns: Fix printing level of asynchronous events (git-fixes)
* rdma/hns: Fix signed-unsigned mixed comparisons (git-fixes)
* rdma/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes)
* rdma/hns: The UD mode can only be configured with DCQCN (git-fixes)
* regmap: fix bogus error on regcache_sync success (git-fixes).
* reiserfs: Check the return value from __getblk() (git-fixes).
* reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).
* remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
* reset: Fix crash when freeing non-existent optional resets (git-fixes).
* restore renamed device IDs for USB HID devices (git-fixes).
* rethook: Fix to use WRITE_ONCE() for rethook:: Handler (git-fixes).
* rethook: Use __rcu pointer for rethook::handler (git-fixes).
* ring-buffer: Do not try to put back write_stamp (git-fixes).
* ring-buffer: Do not update before stamp when switching sub-buffers (git-
fixes).
* ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (git-fixes).
* ring-buffer: Fix memory leak of free page (git-fixes).
* ring-buffer: Fix slowpath of interrupted event (git-fixes).
* ring-buffer: Fix wake ups when buffer_percent is set to 100 (git-fixes).
* ring-buffer: Fix writing to the buffer with max_data_size (git-fixes).
* ring-buffer: Force absolute timestamp on discard of event (git-fixes).
* ring-buffer: Have saved event hold the entire event (git-fixes).
* ring-buffer: Remove useless update to write_stamp in rb_try_to_discard()
(git-fixes).
* s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218357).
* scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
* serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (git-fixes).
* serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (git-fixes).
* serial: sc16is7xx: address RX timeout interrupt errata (git-fixes).
* soundwire: stream: fix NULL pointer dereference for multi_link (git-fixes).
* spi: atmel: Fix clock issue when using devices with different polarities
(git-fixes).
* statfs: enforce statfs[64] structure initialization (git-fixes).
* supported.conf: add drivers/virt/coco/tsm (jsc#PED-7167)
* swiotlb: always set the number of areas before allocating the pool (git-
fixes).
* swiotlb: do not panic! (git-fixes).
* swiotlb: fix a braino in the alignment check fix (bsc#1216559).
* swiotlb: fix debugfs reporting of reserved memory pools (git-fixes).
* swiotlb: fix slot alignment checks (bsc#1216559).
* swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes).
* swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes).
* swiotlb: reduce the number of areas to match actual memory pool size (git-
fixes).
* swiotlb: reduce the swiotlb buffer size on allocation failure (git-fixes).
* swiotlb: use the calculated number of areas (git-fixes).
* tracing / synthetic: Disable events after testing in
synth_event_gen_test_init() (git-fixes).
* tracing/kprobes: Fix the description of variable length arguments (git-
fixes).
* tracing/kprobes: Fix the order of argument descriptions (git-fixes).
* tracing/perf: Add interrupt_context_level() helper (git-fixes).
* tracing/synthetic: fix kernel-doc warnings (git-fixes).
* tracing: Always update snapshot buffer size (git-fixes).
* tracing: Disable preemption when using the filter buffer (bsc#1217036).
* tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).
* tracing: Fix a possible race when disabling buffered events (bsc#1217036).
* tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
* tracing: Fix blocked reader of snapshot buffer (git-fixes).
* tracing: Fix incomplete locking when disabling buffered events
(bsc#1217036).
* tracing: Fix warning in trace_buffered_event_disable() (git-fixes,
bsc#1217036).
* tracing: Have the user copy of synthetic event address use correct context
(git-fixes).
* tracing: Reuse logic from perf's get_recursion_context() (git-fixes).
* tracing: Set actual size after ring buffer resize (git-fixes).
* tracing: Stop current tracer when resizing buffer (git-fixes).
* tracing: Update snapshot buffer on resize if it is allocated (git-fixes).
* tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver()
(bsc#1217036).
* tracing: relax trace_event_eval_update() execution with cond_resched() (git-
fixes).
* uapi: propagate __struct_group() attributes to the container union
(jsc#SLE-18978).
* ubifs: Fix memory leak of bud->log_hash (git-fixes).
* ubifs: fix possible dereference after free (git-fixes).
* usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate 3.0 G3 (git-
fixes).
* usb: aqc111: check packet for fixup for true limit (git-fixes).
* usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (git-fixes).
* usb: host: xhci-plat: fix possible kernel oops while resuming (git-fixes).
* usb: hub: Guard against accesses to uninitialized BOS descriptors (git-
fixes).
* usb: serial: ftdi_sio: update Actisense PIDs constant names (git-fixes).
* usb: serial: option: add Foxconn T99W265 with new baseline (git-fixes).
* usb: serial: option: add Quectel EG912Y module support (git-fixes).
* usb: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).
* usb: typec: bus: verify partner exists in typec_altmode_attention (git-
fixes).
* usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
* usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325 (git-fixes).
* virt/coco/sev-guest: Double-buffer messages (jsc#PED-7167).
* virt: coco: Add a coco/Makefile and coco/Kconfig (jsc#PED-7167).
* virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT
(jsc#PED-7167).
* virt: sevguest: Fix passing a stack buffer as a scatterlist target
(jsc#PED-7167).
* virt: sevguest: Prep for kernel internal get_ext_report() (jsc#PED-7167).
* virt: tdx-guest: Add Quote generation support using TSM_REPORTS
(jsc#PED-7167).
* vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
* wifi: cfg80211: Add my certificate (git-fixes).
* wifi: cfg80211: fix certs build to not depend on file order (git-fixes).
* wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (git-
fixes).
* wifi: iwlwifi: pcie: do not synchronize IRQs from IRQ (git-fixes).
* wifi: mac80211: mesh: check element parsing succeeded (git-fixes).
* wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes).
* x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
* x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes).
* x86/alternatives: Disable interrupts and sync when optimizing NOPs in place
(git-fixes).
* x86/alternatives: Sync core before enabling interrupts (git-fixes).
* x86/boot/compressed: Handle unaccepted memory (jsc#PED-7167).
* x86/boot/compressed: Reserve more memory for page tables (git-fixes).
* x86/boot: Add an efi.h header for the decompressor (jsc#PED-7167).
* x86/boot: Centralize __pa()/__va() definitions (jsc#PED-7167).
* x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes).
* x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes).
* x86/cpu: Do not write CSTAR MSR on Intel CPUs (jsc#PED-7167).
* x86/cpu: Fix amd_check_microcode() declaration (git-fixes).
* x86/efi: Safely enable unaccepted memory in UEFI (jsc#PED-7167).
* x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927).
* x86/entry: Do not allow external 0x80 interrupts (bsc#1217927).
* x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf()
(git-fixes).
* x86/fpu: Invalidate FPU state correctly on exec() (git-fixes).
* x86/platform/uv: Use alternate source for socket to node data (bsc#1215696
bsc#1217790).
* x86/purgatory: Remove LTO flags (git-fixes).
* x86/resctrl: Fix kernel-doc warnings (git-fixes).
* x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate()
(jsc#PED-7167).
* x86/sev-es: Use insn_decode_mmio() for MMIO implementation (jsc#PED-7167).
* x86/sev: Add SNP-specific unaccepted memory support (jsc#PED-7167).
* x86/sev: Allow for use of the early boot GHCB for PSC requests
(jsc#PED-7167).
* x86/sev: Change npages to unsigned long in snp_accept_memory()
(jsc#PED-7167).
* x86/sev: Change snp_guest_issue_request()'s fw_err argument (jsc#PED-7167).
* x86/sev: Fix address space sparse warning (jsc#PED-7167).
* x86/sev: Get rid of special sev_es_enable_key (jsc#PED-7167).
* x86/sev: Mark snp_abort() noreturn (jsc#PED-7167).
* x86/sev: Put PSC struct on the stack in prep for unaccepted memory support
(jsc#PED-7167).
* x86/sev: Use large PSC requests if applicable (jsc#PED-7167).
* x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes).
* x86/srso: Add SRSO mitigation for Hygon processors (git-fixes).
* x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes).
* x86/srso: Fix vulnerability reporting for missing microcode (git-fixes).
* x86/tdx: Add unaccepted memory support (jsc#PED-7167).
* x86/tdx: Disable NOTIFY_ENABLES (jsc#PED-7167).
* x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot
stub (jsc#PED-7167).
* x86/tdx: Refactor try_accept_one() (jsc#PED-7167).
* x86/tdx: Relax SEPT_VE_DISABLE check for debug TD (jsc#PED-7167).
* x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE
(jsc#PED-7167).
* x86/tsc: Add option to force frequency recalibration with HW timer
(bsc#1215885 bsc#1217217).
* x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
* x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885
bsc#1217217).
* x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-
fixes).
* xfs: Rename __xfs_attr_rmtval_remove (git-fixes).
* xfs: Use kvcalloc() instead of kvzalloc() (git-fixes).
* xfs: aborting inodes on shutdown may need buffer lock (git-fixes).
* xfs: add selinux labels to whiteout inodes (git-fixes).
* xfs: clean up "%Ld/%Lu" which does not meet C standard (git-fixes).
* xfs: convert flex-array declarations in struct xfs_attrlist* (git-fixes).
* xfs: convert flex-array declarations in xfs attr leaf blocks (git-fixes).
* xfs: convert flex-array declarations in xfs attr shortform objects (git-
fixes).
* xfs: decode scrub flags in ftrace output (git-fixes).
* xfs: dump log intent items that cannot be recovered due to corruption (git-
fixes).
* xfs: fix a bug in the online fsck directory leaf1 bestcount check (git-
fixes).
* xfs: fix agf_fllast when repairing an empty AGFL (git-fixes).
* xfs: fix incorrect unit conversion in scrub tracepoint (git-fixes).
* xfs: fix silly whitespace problems with kernel libxfs (git-fixes).
* xfs: fix uninit warning in xfs_growfs_data (git-fixes).
* xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).
* xfs: make sure maxlen is still congruent with prod when rounding down (git-
fixes).
* xfs: remove kmem_alloc_io() (git-fixes).
* xfs: remove the xfs_dinode_t typedef (git-fixes).
* xfs: remove the xfs_dqblk_t typedef (git-fixes).
* xfs: remove the xfs_dsb_t typedef (git-fixes).
* xfs: rename xfs_has_attr() (git-fixes).
* xfs: replace snprintf in show functions with sysfs_emit (git-fixes).
* xfs: return EINTR when a fatal signal terminates scrub (git-fixes).
* xfs: sb verifier does not handle uncached sb buffer (git-fixes).
* xfs: simplify two-level sysctl registration for xfs_table (git-fixes).
* xfs: sysfs: use default_groups in kobj_type (git-fixes).
* xfs: use swap() to make dabtree code cleaner (git-fixes).
* xhci: Clear EHB bit only at end of interrupt handler (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-160=1 openSUSE-SLE-15.5-2024-160=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-160=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-160=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-160=1
* Legacy Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-160=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-160=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.
* SUSE Linux Enterprise High Availability Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-160=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-160=1
## Package List:
* openSUSE Leap 15.5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-vanilla-5.14.21-150500.55.44.1
* kernel-macros-5.14.21-150500.55.44.1
* kernel-docs-html-5.14.21-150500.55.44.1
* kernel-source-5.14.21-150500.55.44.1
* kernel-devel-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (ppc64le x86_64)
* kernel-debug-devel-5.14.21-150500.55.44.1
* kernel-debug-debugsource-5.14.21-150500.55.44.1
* kernel-debug-livepatch-devel-5.14.21-150500.55.44.1
* kernel-debug-debuginfo-5.14.21-150500.55.44.1
* kernel-debug-devel-debuginfo-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (x86_64)
* kernel-default-vdso-debuginfo-5.14.21-150500.55.44.1
* kernel-kvmsmall-vdso-5.14.21-150500.55.44.1
* kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.44.1
* kernel-debug-vdso-debuginfo-5.14.21-150500.55.44.1
* kernel-default-vdso-5.14.21-150500.55.44.1
* kernel-debug-vdso-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-debuginfo-5.14.21-150500.55.44.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.44.1
* kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2
* kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.44.1
* kernel-kvmsmall-debugsource-5.14.21-150500.55.44.1
* kernel-default-base-rebuild-5.14.21-150500.55.44.1.150500.6.19.2
* kernel-kvmsmall-devel-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* dlm-kmp-default-5.14.21-150500.55.44.1
* kernel-default-optional-5.14.21-150500.55.44.1
* kernel-default-optional-debuginfo-5.14.21-150500.55.44.1
* kselftests-kmp-default-5.14.21-150500.55.44.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.44.1
* kernel-syms-5.14.21-150500.55.44.1
* kernel-default-extra-debuginfo-5.14.21-150500.55.44.1
* kernel-obs-qa-5.14.21-150500.55.44.1
* kernel-obs-build-debugsource-5.14.21-150500.55.44.1
* gfs2-kmp-default-5.14.21-150500.55.44.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-livepatch-devel-5.14.21-150500.55.44.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.44.1
* kernel-default-devel-5.14.21-150500.55.44.1
* cluster-md-kmp-default-5.14.21-150500.55.44.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-extra-5.14.21-150500.55.44.1
* kernel-obs-build-5.14.21-150500.55.44.1
* ocfs2-kmp-default-5.14.21-150500.55.44.1
* kselftests-kmp-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-livepatch-5.14.21-150500.55.44.1
* kernel-default-debugsource-5.14.21-150500.55.44.1
* reiserfs-kmp-default-5.14.21-150500.55.44.1
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.44.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_44-default-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-1-150500.11.5.1
* kernel-livepatch-SLE15-SP5_Update_9-debugsource-1-150500.11.5.1
* openSUSE Leap 15.5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150500.55.44.1
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (nosrc)
* dtb-aarch64-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (aarch64)
* dtb-allwinner-5.14.21-150500.55.44.1
* kselftests-kmp-64kb-5.14.21-150500.55.44.1
* dtb-amlogic-5.14.21-150500.55.44.1
* kernel-64kb-debugsource-5.14.21-150500.55.44.1
* dtb-arm-5.14.21-150500.55.44.1
* cluster-md-kmp-64kb-5.14.21-150500.55.44.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.44.1
* dtb-apple-5.14.21-150500.55.44.1
* dtb-renesas-5.14.21-150500.55.44.1
* dtb-freescale-5.14.21-150500.55.44.1
* dtb-broadcom-5.14.21-150500.55.44.1
* dtb-cavium-5.14.21-150500.55.44.1
* dtb-hisilicon-5.14.21-150500.55.44.1
* dtb-altera-5.14.21-150500.55.44.1
* kernel-64kb-optional-5.14.21-150500.55.44.1
* reiserfs-kmp-64kb-5.14.21-150500.55.44.1
* kernel-64kb-extra-5.14.21-150500.55.44.1
* dtb-lg-5.14.21-150500.55.44.1
* dtb-exynos-5.14.21-150500.55.44.1
* dtb-sprd-5.14.21-150500.55.44.1
* dtb-xilinx-5.14.21-150500.55.44.1
* dlm-kmp-64kb-5.14.21-150500.55.44.1
* ocfs2-kmp-64kb-5.14.21-150500.55.44.1
* kernel-64kb-optional-debuginfo-5.14.21-150500.55.44.1
* dtb-amazon-5.14.21-150500.55.44.1
* dtb-marvell-5.14.21-150500.55.44.1
* dtb-socionext-5.14.21-150500.55.44.1
* kernel-64kb-extra-debuginfo-5.14.21-150500.55.44.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.44.1
* kernel-64kb-devel-5.14.21-150500.55.44.1
* kernel-64kb-debuginfo-5.14.21-150500.55.44.1
* dlm-kmp-64kb-debuginfo-5.14.21-150500.55.44.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.44.1
* dtb-rockchip-5.14.21-150500.55.44.1
* dtb-nvidia-5.14.21-150500.55.44.1
* dtb-mediatek-5.14.21-150500.55.44.1
* kernel-64kb-livepatch-devel-5.14.21-150500.55.44.1
* dtb-apm-5.14.21-150500.55.44.1
* dtb-amd-5.14.21-150500.55.44.1
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.44.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.44.1
* dtb-qcom-5.14.21-150500.55.44.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.44.1
* gfs2-kmp-64kb-5.14.21-150500.55.44.1
* openSUSE Leap 15.5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.44.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150500.55.44.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (aarch64)
* kernel-64kb-debuginfo-5.14.21-150500.55.44.1
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.44.1
* kernel-64kb-debugsource-5.14.21-150500.55.44.1
* kernel-64kb-devel-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150500.55.44.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.44.1
* kernel-default-devel-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (noarch)
* kernel-devel-5.14.21-150500.55.44.1
* kernel-macros-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.44.1
* Basesystem Module 15-SP5 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150500.55.44.1
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.44.1
* Development Tools Module 15-SP5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.44.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-obs-build-debugsource-5.14.21-150500.55.44.1
* kernel-obs-build-5.14.21-150500.55.44.1
* kernel-syms-5.14.21-150500.55.44.1
* Development Tools Module 15-SP5 (noarch)
* kernel-source-5.14.21-150500.55.44.1
* Legacy Module 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.44.1
* Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* reiserfs-kmp-default-5.14.21-150500.55.44.1
* kernel-default-debugsource-5.14.21-150500.55.44.1
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
* SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.44.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_44-default-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-1-150500.11.5.1
* kernel-default-livepatch-5.14.21-150500.55.44.1
* kernel-default-debugsource-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-livepatch-devel-5.14.21-150500.55.44.1
* kernel-livepatch-SLE15-SP5_Update_9-debugsource-1-150500.11.5.1
* SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-5.14.21-150500.55.44.1
* cluster-md-kmp-default-5.14.21-150500.55.44.1
* ocfs2-kmp-default-5.14.21-150500.55.44.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.44.1
* gfs2-kmp-default-5.14.21-150500.55.44.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
* kernel-default-debugsource-5.14.21-150500.55.44.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.44.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.44.1
* SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc)
* kernel-default-5.14.21-150500.55.44.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc)
* kernel-default-5.14.21-150500.55.44.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* kernel-default-extra-debuginfo-5.14.21-150500.55.44.1
* kernel-default-extra-5.14.21-150500.55.44.1
* kernel-default-debugsource-5.14.21-150500.55.44.1
* kernel-default-debuginfo-5.14.21-150500.55.44.1
## References:
* https://www.suse.com/security/cve/CVE-2020-26555.html
* https://www.suse.com/security/cve/CVE-2023-51779.html
* https://www.suse.com/security/cve/CVE-2023-6121.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2023-6606.html
* https://www.suse.com/security/cve/CVE-2023-6610.html
* https://www.suse.com/security/cve/CVE-2023-6622.html
* https://www.suse.com/security/cve/CVE-2023-6931.html
* https://www.suse.com/security/cve/CVE-2023-6932.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1183045
* https://bugzilla.suse.com/show_bug.cgi?id=1211162
* https://bugzilla.suse.com/show_bug.cgi?id=1211226
* https://bugzilla.suse.com/show_bug.cgi?id=1212139
* https://bugzilla.suse.com/show_bug.cgi?id=1212584
* https://bugzilla.suse.com/show_bug.cgi?id=1214117
* https://bugzilla.suse.com/show_bug.cgi?id=1214158
* https://bugzilla.suse.com/show_bug.cgi?id=1214747
* https://bugzilla.suse.com/show_bug.cgi?id=1214823
* https://bugzilla.suse.com/show_bug.cgi?id=1215237
* https://bugzilla.suse.com/show_bug.cgi?id=1215696
* https://bugzilla.suse.com/show_bug.cgi?id=1215885
* https://bugzilla.suse.com/show_bug.cgi?id=1215952
* https://bugzilla.suse.com/show_bug.cgi?id=1216032
* https://bugzilla.suse.com/show_bug.cgi?id=1216057
* https://bugzilla.suse.com/show_bug.cgi?id=1216559
* https://bugzilla.suse.com/show_bug.cgi?id=1216776
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217217
* https://bugzilla.suse.com/show_bug.cgi?id=1217250
* https://bugzilla.suse.com/show_bug.cgi?id=1217602
* https://bugzilla.suse.com/show_bug.cgi?id=1217692
* https://bugzilla.suse.com/show_bug.cgi?id=1217790
* https://bugzilla.suse.com/show_bug.cgi?id=1217801
* https://bugzilla.suse.com/show_bug.cgi?id=1217822
* https://bugzilla.suse.com/show_bug.cgi?id=1217927
* https://bugzilla.suse.com/show_bug.cgi?id=1217933
* https://bugzilla.suse.com/show_bug.cgi?id=1217938
* https://bugzilla.suse.com/show_bug.cgi?id=1217946
* https://bugzilla.suse.com/show_bug.cgi?id=1217947
* https://bugzilla.suse.com/show_bug.cgi?id=1217980
* https://bugzilla.suse.com/show_bug.cgi?id=1217981
* https://bugzilla.suse.com/show_bug.cgi?id=1217982
* https://bugzilla.suse.com/show_bug.cgi?id=1218056
* https://bugzilla.suse.com/show_bug.cgi?id=1218092
* https://bugzilla.suse.com/show_bug.cgi?id=1218139
* https://bugzilla.suse.com/show_bug.cgi?id=1218184
* https://bugzilla.suse.com/show_bug.cgi?id=1218229
* https://bugzilla.suse.com/show_bug.cgi?id=1218234
* https://bugzilla.suse.com/show_bug.cgi?id=1218253
* https://bugzilla.suse.com/show_bug.cgi?id=1218258
* https://bugzilla.suse.com/show_bug.cgi?id=1218335
* https://bugzilla.suse.com/show_bug.cgi?id=1218357
* https://bugzilla.suse.com/show_bug.cgi?id=1218397
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218461
* https://bugzilla.suse.com/show_bug.cgi?id=1218515
* https://bugzilla.suse.com/show_bug.cgi?id=1218559
* https://bugzilla.suse.com/show_bug.cgi?id=1218569
* https://bugzilla.suse.com/show_bug.cgi?id=1218643
* https://bugzilla.suse.com/show_bug.cgi?id=1218738
* https://jira.suse.com/browse/PED-3459
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7167
1
0
18 Jan '24
# Recommended update for dpdk22
Announcement ID: SUSE-RU-2024:0161-1
Rating: moderate
References:
* jsc#PED-7147
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Package Hub 15 15-SP5
An update that contains one feature can now be installed.
## Description:
This update of dpdk22 fixes the following issue:
* DPDK 22.11.1 is shipped to SLE Micro 5.5. (jsc#PED-7147)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-161=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-161=1 SUSE-2024-161=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-161=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-161=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-161=1
* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-161=1
## Package List:
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* fstrm-debuginfo-0.6.1-150300.9.5.1
* libfstrm0-0.6.1-150300.9.5.1
* fstrm-0.6.1-150300.9.5.1
* libfstrm0-debuginfo-0.6.1-150300.9.5.1
* fstrm-debugsource-0.6.1-150300.9.5.1
* fstrm-devel-0.6.1-150300.9.5.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.13.1
* openvswitch3-debuginfo-3.1.0-150500.3.13.1
* python3-ovs3-3.1.0-150500.3.13.1
* libopenvswitch-3_1-0-3.1.0-150500.3.13.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.13.1
* openvswitch3-vtep-3.1.0-150500.3.13.1
* openvswitch3-debugsource-3.1.0-150500.3.13.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.13.1
* ovn3-docker-23.03.0-150500.3.13.1
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.13.1
* ovn3-host-debuginfo-23.03.0-150500.3.13.1
* ovn3-23.03.0-150500.3.13.1
* openvswitch3-test-3.1.0-150500.3.13.1
* openvswitch3-ipsec-3.1.0-150500.3.13.1
* libovn-23_03-0-23.03.0-150500.3.13.1
* ovn3-central-debuginfo-23.03.0-150500.3.13.1
* openvswitch3-pki-3.1.0-150500.3.13.1
* ovn3-debuginfo-23.03.0-150500.3.13.1
* ovn3-central-23.03.0-150500.3.13.1
* ovn3-devel-23.03.0-150500.3.13.1
* ovn3-host-23.03.0-150500.3.13.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.13.1
* ovn3-vtep-23.03.0-150500.3.13.1
* openvswitch3-3.1.0-150500.3.13.1
* openvswitch3-devel-3.1.0-150500.3.13.1
* openSUSE Leap 15.5 (noarch)
* dpdk22-doc-22.11.1-150500.5.2.3
* ovn3-doc-23.03.0-150500.3.13.1
* python3-sortedcontainers-2.1.0-150200.3.4.1
* unbound-munin-1.6.8-150100.10.10.1
* openvswitch3-doc-3.1.0-150500.3.13.1
* dpdk22-thunderx-doc-22.11.1-150500.5.2.3
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
* dpdk22-devel-static-22.11.1-150500.5.2.3
* dpdk22-debugsource-22.11.1-150500.5.2.3
* dpdk22-examples-22.11.1-150500.5.2.3
* dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-debuginfo-22.11.1-150500.5.2.3
* dpdk22-devel-22.11.1-150500.5.2.3
* dpdk22-22.11.1-150500.5.2.3
* dpdk22-examples-debuginfo-22.11.1-150500.5.2.3
* dpdk22-tools-22.11.1-150500.5.2.3
* dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* libdpdk-23-22.11.1-150500.5.2.3
* libdpdk-23-debuginfo-22.11.1-150500.5.2.3
* openSUSE Leap 15.5 (aarch64)
* dpdk22-thunderx-debugsource-22.11.1-150500.5.2.3
* dpdk22-thunderx-examples-22.11.1-150500.5.2.3
* dpdk22-thunderx-debuginfo-22.11.1-150500.5.2.3
* dpdk22-thunderx-examples-debuginfo-22.11.1-150500.5.2.3
* dpdk22-thunderx-22.11.1-150500.5.2.3
* dpdk22-thunderx-tools-22.11.1-150500.5.2.3
* dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-thunderx-devel-22.11.1-150500.5.2.3
* dpdk22-thunderx-devel-static-22.11.1-150500.5.2.3
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* unbound-anchor-1.6.8-150100.10.10.1
* fstrm-debuginfo-0.6.1-150300.9.5.1
* libfstrm0-0.6.1-150300.9.5.1
* fstrm-0.6.1-150300.9.5.1
* libfstrm0-debuginfo-0.6.1-150300.9.5.1
* unbound-devel-1.6.8-150100.10.10.1
* unbound-debugsource-1.6.8-150100.10.10.1
* unbound-python-debuginfo-1.6.8-150100.10.10.1
* libunbound2-1.6.8-150100.10.10.1
* unbound-anchor-debuginfo-1.6.8-150100.10.10.1
* fstrm-debugsource-0.6.1-150300.9.5.1
* libunbound2-debuginfo-1.6.8-150100.10.10.1
* unbound-debuginfo-1.6.8-150100.10.10.1
* unbound-python-1.6.8-150100.10.10.1
* fstrm-devel-0.6.1-150300.9.5.1
* unbound-1.6.8-150100.10.10.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* dpdk22-debugsource-22.11.1-150500.5.2.3
* dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-debuginfo-22.11.1-150500.5.2.3
* dpdk22-22.11.1-150500.5.2.3
* dpdk22-tools-22.11.1-150500.5.2.3
* dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* libdpdk-23-22.11.1-150500.5.2.3
* libdpdk-23-debuginfo-22.11.1-150500.5.2.3
* SUSE Linux Enterprise Micro 5.5 (aarch64)
* dpdk22-thunderx-debugsource-22.11.1-150500.5.2.3
* dpdk22-thunderx-debuginfo-22.11.1-150500.5.2.3
* dpdk22-thunderx-22.11.1-150500.5.2.3
* dpdk22-thunderx-tools-22.11.1-150500.5.2.3
* dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* protobuf-c-debuginfo-1.3.0-150000.3.5.1
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.13.1
* libfstrm0-0.6.1-150300.9.5.1
* openvswitch3-debuginfo-3.1.0-150500.3.13.1
* python3-ovs3-3.1.0-150500.3.13.1
* libopenvswitch-3_1-0-3.1.0-150500.3.13.1
* fstrm-debugsource-0.6.1-150300.9.5.1
* openvswitch3-vtep-3.1.0-150500.3.13.1
* libprotobuf-c1-debuginfo-1.3.0-150000.3.5.1
* openvswitch3-debugsource-3.1.0-150500.3.13.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.13.1
* ovn3-docker-23.03.0-150500.3.13.1
* unbound-debugsource-1.6.8-150100.10.10.1
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.13.1
* libunbound2-debuginfo-1.6.8-150100.10.10.1
* ovn3-host-debuginfo-23.03.0-150500.3.13.1
* ovn3-23.03.0-150500.3.13.1
* protobuf-c-debugsource-1.3.0-150000.3.5.1
* libfstrm0-debuginfo-0.6.1-150300.9.5.1
* libovn-23_03-0-23.03.0-150500.3.13.1
* ovn3-central-debuginfo-23.03.0-150500.3.13.1
* openvswitch3-pki-3.1.0-150500.3.13.1
* ovn3-debuginfo-23.03.0-150500.3.13.1
* ovn3-central-23.03.0-150500.3.13.1
* ovn3-host-23.03.0-150500.3.13.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.13.1
* ovn3-vtep-23.03.0-150500.3.13.1
* openvswitch3-3.1.0-150500.3.13.1
* fstrm-debuginfo-0.6.1-150300.9.5.1
* unbound-anchor-1.6.8-150100.10.10.1
* libprotobuf-c1-1.3.0-150000.3.5.1
* libunbound2-1.6.8-150100.10.10.1
* unbound-debuginfo-1.6.8-150100.10.10.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* python3-sortedcontainers-2.1.0-150200.3.4.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* unbound-anchor-1.6.8-150100.10.10.1
* fstrm-debuginfo-0.6.1-150300.9.5.1
* libfstrm0-0.6.1-150300.9.5.1
* fstrm-0.6.1-150300.9.5.1
* libfstrm0-debuginfo-0.6.1-150300.9.5.1
* unbound-devel-1.6.8-150100.10.10.1
* unbound-debugsource-1.6.8-150100.10.10.1
* libunbound2-1.6.8-150100.10.10.1
* unbound-anchor-debuginfo-1.6.8-150100.10.10.1
* fstrm-debugsource-0.6.1-150300.9.5.1
* libunbound2-debuginfo-1.6.8-150100.10.10.1
* unbound-debuginfo-1.6.8-150100.10.10.1
* fstrm-devel-0.6.1-150300.9.5.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* unbound-python-debuginfo-1.6.8-150100.10.10.1
* unbound-debugsource-1.6.8-150100.10.10.1
* unbound-debuginfo-1.6.8-150100.10.10.1
* unbound-python-1.6.8-150100.10.10.1
* unbound-1.6.8-150100.10.10.1
* Server Applications Module 15-SP5 (aarch64 ppc64le x86_64)
* dpdk22-debugsource-22.11.1-150500.5.2.3
* dpdk22-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-debuginfo-22.11.1-150500.5.2.3
* dpdk22-devel-22.11.1-150500.5.2.3
* dpdk22-22.11.1-150500.5.2.3
* dpdk22-tools-22.11.1-150500.5.2.3
* dpdk22-kmp-default-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* libdpdk-23-22.11.1-150500.5.2.3
* libdpdk-23-debuginfo-22.11.1-150500.5.2.3
* Server Applications Module 15-SP5 (aarch64)
* dpdk22-thunderx-debugsource-22.11.1-150500.5.2.3
* dpdk22-thunderx-debuginfo-22.11.1-150500.5.2.3
* dpdk22-thunderx-22.11.1-150500.5.2.3
* dpdk22-thunderx-kmp-default-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-thunderx-kmp-default-debuginfo-22.11.1_k5.14.21_150500.55.39-150500.5.2.3
* dpdk22-thunderx-devel-22.11.1-150500.5.2.3
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* openvswitch3-vtep-debuginfo-3.1.0-150500.3.13.1
* openvswitch3-debuginfo-3.1.0-150500.3.13.1
* python3-ovs3-3.1.0-150500.3.13.1
* libopenvswitch-3_1-0-3.1.0-150500.3.13.1
* openvswitch3-test-debuginfo-3.1.0-150500.3.13.1
* openvswitch3-vtep-3.1.0-150500.3.13.1
* openvswitch3-debugsource-3.1.0-150500.3.13.1
* libovn-23_03-0-debuginfo-23.03.0-150500.3.13.1
* ovn3-docker-23.03.0-150500.3.13.1
* libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.13.1
* ovn3-host-debuginfo-23.03.0-150500.3.13.1
* ovn3-23.03.0-150500.3.13.1
* openvswitch3-test-3.1.0-150500.3.13.1
* openvswitch3-ipsec-3.1.0-150500.3.13.1
* libovn-23_03-0-23.03.0-150500.3.13.1
* ovn3-central-debuginfo-23.03.0-150500.3.13.1
* openvswitch3-pki-3.1.0-150500.3.13.1
* ovn3-debuginfo-23.03.0-150500.3.13.1
* ovn3-central-23.03.0-150500.3.13.1
* ovn3-devel-23.03.0-150500.3.13.1
* ovn3-host-23.03.0-150500.3.13.1
* ovn3-vtep-debuginfo-23.03.0-150500.3.13.1
* ovn3-vtep-23.03.0-150500.3.13.1
* openvswitch3-3.1.0-150500.3.13.1
* openvswitch3-devel-3.1.0-150500.3.13.1
* Server Applications Module 15-SP5 (noarch)
* python3-sortedcontainers-2.1.0-150200.3.4.1
## References:
* https://jira.suse.com/browse/PED-7147
1
0
openSUSE-RU-2024:0024-1: moderate: Recommended update for xfce4-docklike-plugin, xfce4-notes-plugin
by maintenance@opensuse.org 18 Jan '24
by maintenance@opensuse.org 18 Jan '24
18 Jan '24
openSUSE Recommended Update: Recommended update for xfce4-docklike-plugin, xfce4-notes-plugin
______________________________________________________________________________
Announcement ID: openSUSE-RU-2024:0024-1
Rating: moderate
References:
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update for xfce4-docklike-plugin, xfce4-notes-plugin fixes the
following issues:
Changes in xfce4-docklike-plugin:
- Update to version 0.4.2
* Wnck: Add missing sanity check
* Settings: Use different colors for active and inactive indicators
* Use FDO compliant icon name
* Fix blurry icons/thumbnails when UI scale > 1
* GroupMenu: Make sure the window is the right size for each popup
* Group: Stop timeouts in destructor
* Fix pending source when GroupMenu is destroyed
* Settings: Bound icon sizes
* SettingsDialog: Fix deprecated icon names
* Remove unused project files
* Remove contrib directory
* GroupMenu: Re-popup if windows are added/removed when shown
* Update preview widgets on "showPreviews" setting change
* Helpers: Always stop timeout before starting a new one
* Wnck: Always update unactivated window state
* Group: Do not filter out skip-tasklist windows when activated
* Group: Do not manually mark window as activated when activating group
* Group: Update active state when adding windows
* Group: Remove useless class member states
* AppInfos: Use also app names for matching
* Use g_debug for debug logs
* Replace FALSE with false
* Replace NULL with nullptr
* Release data as much as possible on XfcePanelPlugin::free-data signal
* Wnck: Do not check for active window in init
* Fix remaining raw pointers not released
* Manage group button lifetime in Group
* Revert "Reset pointer when group button is destroyed"
* Wnck: Use std::shared_ptr to manage memory allocation of GroupWindows
* Dock: Use std::shared_ptr to manage memory allocation of Groups
* AppInfos: Use std::shared_ptr to manage memory allocation
* AppInfos: Wrap raw pointers into std::unique_ptr
* GroupMenuItem: Fix crash when closing window with preview enabled
* Revert "group: Fix crash when middle-clicking an item with preview
enabled"
* Store pinned apps as ids instead of paths
* Wnck: Fix memory leaks
* Theme: Fix memory leaks
* SettingsDialog: Fix memory leaks
* Settings: Fix memory leaks
* Helpers: Fix memory leaks
* GroupMenuItem: Fix memory leaks
* Group: Fix memory leaks
* Dock: Fix memory leaks
* Fix previous commit
* Appinfos: Fix some memory leaks
* Update TODO
* AppInfos: Honor XDG_DATA_HOME also when editing item
* AppInfos: Properly honor XDG base dir spec
* group: Detach menu from button and destroy when hidden (Fixes #20)
* Fix cplusplus.StringChecker warning from scan-build 16.0.6
* Use glib functions for memory allocation
* build: Fix -Wunused-function warnings
* build: Fix -Wdangling-else warnings
* build: Fix -Wsequence-point warnings
* build: Fix -Wsign-compare warnings
* build: Fix -Wmaybe-uninitialized warnings
* build: Fix -Wshadow warnings
* build: Fix -Wmissing-declarations warnings
* group-menu-item: Refresh preview less often
* group: Fix missing dnd icon
* group: Fix crash when middle-clicking an item with preview enabled
* Reset pointer when group button is destroyed
* helpers: Reset source id when removed
* app-infos: Get translated app name (Fixes #67)
* Fix help button icon to be same as other plugins
* Added middle mouse button do nothing option
* Added closedir call to prevent too many open files error (Fixes #54)
* Fix copyright info
* Translation Updates
Changes in xfce4-notes-plugin:
- Update to version 1.11.0
* Update copyright year
* Make default notes names in singular form
* Start numbering the notes with 1
* Rework Xnp.Window.insert_note()
* Use separate icon for logo
* Make menu icon themed
* Notes path change: handle case when both apps are running
* Rework Xnp.Application.update_notes_path()
* Don't ask when deleting a group with one blank note
* Fix notebook tab prelight
* Focus previous notes window when hiding a window
* Rework Xnp.Application.show_hide_notes()
* Avoid focus loss when removing a group
* Avoid focus loss for note windows
* Store "skip-taskbar-hint" property in Xnp.Application
* Rewrite links processing code
* Switch to previous page after deleting current note
* Merge delete_note with delete_current_note
* Use separate icon names for panel, tray and application
* Switch to rDNS icon naming scheme
* Fix segfault when pressing Ctrl+W on empty group
* Use default values for externally created groups
* Rework notes window switching processing
* Handle empty group window titles
* Add notes path setting
* Slightly change the design of settings dialog
* Fix Xfconf "notes-path" property handling
* Fix background color of title bar when renaming a group
* Reduce frequency of saving windows configuration
* Undo/redo: make cursor position behavior natural
* Fix the logic of "move-cursor" signal detection
* Remember windows focus order
* Rework access to Xnp.Application.window_list from Xnp.Window
* Escape window title for markup parser
* Save windows configuration before group reloading
* Make transition to new version seemless
* Update tags immediately after loading a note
* Slightly improve undo/redo processing
* Simplify code
* Allow note tabs to be moved between groups
* New method: Xnp.Window.get_tab_evbox()
* New method: Xnp.Window.get_note()
* New property: Xnp.Window.current_note
* Rework Xnp.Window.n_pages
* Save windows configuration when in system tray mode
* Rework application termination sequence
* Simplify save_windows_configuration()
* Prevent possible data loss when saving notes
* Fix mouse cursor behavior after clicking on a link
* Refuse to create/delete notes on file system errors
* Handle errors when renaming a note
* Report errors when creating/deleting notes
* Select note before deletion request
* Delete note with middle mouse click on tab
* Handle errors when creating a group
* Handle errors when deleting a group
* Handle errors when renaming a group
* Add error popup if note could not be saved
* Save notes only when changed
* Overwrite windows configuration only when changed
* Save current note on page switching or focus loss
* Don't overwrite notes on program start up
* Add titles to dialog windows
* Make title text color independent of gtk theme
* Make title bar arrows respond to mouse scroll events
* Replace mouse button numbers with constants
* Set default icon name for application
* Use pure gtk style when selecting "GTK+" color
* Separate color css to a separate Gtk.CssProvider
* Make titlebar customized
* Simplify access to notebook pages
* Rename note with double click on tab
* Cleanup
* Add icons to dialog windows
* Fix notebook tab names for new notes
* Don't change the title label sensitivity
* Add a note about possibility of css customization
* Allow resizing notes window from the top border
* Change accelerators hexa values to symbolic names
* Reset timeout_background when timer reaches end
* Make 'GTK+' background color work
* Bring back the choice of background color
* Add support for ~/.config/gtk-3.0/gtk.css
* Fix background color of disabled arrow
* Get rid of ~/.config/xfce4/notes/xfce4-notes.css
* Rename gtk-main.css -> gtk.css
* Add support for system wide css customizations
* Unite update_css() and update_style_context()
* Move data files to $(datadir)/xfce4/notes
* Derive hypertext link color from theme
* Redraw main menu icon on mouse enter/leave events
* Allow user to customize main menu icon
* Add support for custom css
* Replace 'Remove' with 'Quit' in application menu
* Don't overwrite xfce4-notes.css without a need
* Reload css instead of adding it over and over again
* Move resource files to xfce4/notes subdirectory
* Auto create config directory
* Replace Gdk.Color with Gdk.RGBA
* Don't use stock gtk elements to create menu
* Simplify menu creation
* Gtk.Image.from_stock() -> Gtk.Image.from_icon_name()
* Bring menu icons back
* Change authors order
* Translation Updates
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-24=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64):
xfce4-docklike-plugin-0.4.2-bp155.2.3.1
xfce4-notes-plugin-1.11.0-bp155.2.3.1
xfce4-notes-plugin-debuginfo-1.11.0-bp155.2.3.1
xfce4-notes-plugin-debugsource-1.11.0-bp155.2.3.1
- openSUSE Backports SLE-15-SP5 (noarch):
xfce4-docklike-plugin-lang-0.4.2-bp155.2.3.1
xfce4-notes-plugin-lang-1.11.0-bp155.2.3.1
References:
1
0
openSUSE-SU-2024:0023-1: moderate: Security update for libuev
by opensuse-security@opensuse.org 18 Jan '24
by opensuse-security@opensuse.org 18 Jan '24
18 Jan '24
openSUSE Security Update: Security update for libuev
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0023-1
Rating: moderate
References: #1218749
Cross-References: CVE-2022-48620
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libuev fixes the following issues:
- Update to 2.4.1:
* Update README with list of moden Linux APIs used
* Fix #27: possible buffer overrun in uev_run() boo#1218749
CVE-2022-48620
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-23=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64):
libuev-devel-2.4.1-bp155.3.3.1
libuev3-2.4.1-bp155.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-48620.html
https://bugzilla.suse.com/1218749
1
0
18 Jan '24
# Recommended update for btrfsprogs
Announcement ID: SUSE-RU-2024:0146-1
Rating: moderate
References:
* bsc#1218029
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that has one fix can now be installed.
## Description:
This update for btrfsprogs fixes the following issue:
* btrfs-progs: fix defrag -c option parsing (bsc#1218029)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-146=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-146=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-146=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-146=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-146=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-146=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-146=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-146=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-146=1
* SUSE Linux Enterprise Real Time 15 SP4
zypper in -t patch SUSE-SLE-Product-RT-15-SP4-2024-146=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-146=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-146=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-146=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-146=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-146=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-146=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* btrfsprogs-static-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debugsource-5.14-150400.5.6.1
* python-btrfsutil-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* libbtrfsutil-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfsutil1-debuginfo-5.14-150400.5.6.1
* python-btrfsutil-debuginfo-5.14-150400.5.6.1
* libbtrfsutil1-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* btrfsprogs-static-5.14-150400.5.6.1
* openSUSE Leap 15.4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* openSUSE Leap Micro 5.3 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* openSUSE Leap Micro 5.4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Real Time 15 SP4 (x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Real Time 15 SP4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Manager Proxy 4.3 (x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Manager Proxy 4.3 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* btrfsprogs-debugsource-5.14-150400.5.6.1
* libbtrfs0-debuginfo-5.14-150400.5.6.1
* libbtrfs-devel-5.14-150400.5.6.1
* btrfsprogs-debuginfo-5.14-150400.5.6.1
* libbtrfs0-5.14-150400.5.6.1
* btrfsprogs-5.14-150400.5.6.1
* SUSE Manager Server 4.3 (noarch)
* btrfsprogs-udev-rules-5.14-150400.5.6.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1218029
1
0
18 Jan '24
# Recommended update for selinux-policy
Announcement ID: SUSE-RU-2024:0151-1
Rating: moderate
References:
* bsc#1215423
* bsc#1216060
Affected Products:
* openSUSE Leap Micro 5.3
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro for Rancher 5.3
An update that has two fixes can now be installed.
## Description:
This update for selinux-policy fixes the following issues:
* Allow keepalived_t read+write kernel_t pipes (bsc#1216060)
* Support new PING_CHECK health checker in keepalived
* Allow init to run bpf programs. We do this during early startup
(bsc#1215423)
* Allow sysadm_t run kernel bpf programs
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-151=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-151=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-151=1
## Package List:
* openSUSE Leap Micro 5.3 (noarch)
* selinux-policy-targeted-20210716+git65.8c9b6599-150400.5.12.1
* selinux-policy-devel-20210716+git65.8c9b6599-150400.5.12.1
* selinux-policy-20210716+git65.8c9b6599-150400.5.12.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* selinux-policy-targeted-20210716+git65.8c9b6599-150400.5.12.1
* selinux-policy-devel-20210716+git65.8c9b6599-150400.5.12.1
* selinux-policy-20210716+git65.8c9b6599-150400.5.12.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* selinux-policy-targeted-20210716+git65.8c9b6599-150400.5.12.1
* selinux-policy-devel-20210716+git65.8c9b6599-150400.5.12.1
* selinux-policy-20210716+git65.8c9b6599-150400.5.12.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1215423
* https://bugzilla.suse.com/show_bug.cgi?id=1216060
1
0
18 Jan '24
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0153-1
Rating: important
References:
* bsc#1179610
* bsc#1215237
* bsc#1215375
* bsc#1217250
* bsc#1217709
* bsc#1217946
* bsc#1217947
* bsc#1218105
* bsc#1218253
* bsc#1218258
* bsc#1218559
* jsc#PED-5021
Cross-References:
* CVE-2020-26555
* CVE-2023-51779
* CVE-2023-6121
* CVE-2023-6606
* CVE-2023-6610
* CVE-2023-6931
* CVE-2023-6932
CVSS scores:
* CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Availability Extension 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Manager Proxy 4.2
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Server 4.2
An update that solves seven vulnerabilities, contains one feature and has four
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
* CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth
Core Specification 1.0B that may permit an unauthenticated nearby device to
spoof the BD_ADDR of the peer device to complete pairing without knowledge
of the PIN (bsc#1179610 bsc#1215237).
* CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race
condition in bt_sock_recvmsg (bsc#1218559).
* CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP
subsystem that could lead to information leak (bsc#1217250).
* CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving
a malformed length from a server (bsc#1217947).
* CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing
debug information (bsc#1217946).
* CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux
kernel's Performance Events system component that could lead to local
privilege escalation. (bsc#1218258).
* CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's
ipv4: igmp component that could lead to local privilege escalation
(bsc#1218253).
The following non-security bugs were fixed:
* clocksource: Avoid accidental unstable marking of clocksources
(bsc#1218105).
* clocksource: Suspend the watchdog temporarily when high read latency
detected (bsc#1218105).
* doc/README.SUSE: Add how to update the config for module signing
(jsc#PED-5021)
* doc/README.SUSE: Remove how to build modules using kernel-source
(jsc#PED-5021)
* doc/README.SUSE: Simplify the list of references (jsc#PED-5021).
* efi/mokvar: Reserve the table only if it is in boot services data
(bsc#1215375).
* io_uring: fix 32-bit compatability with sendmsg/recvmsg (bsc#1217709).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-153=1
* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-153=1
* SUSE Linux Enterprise High Availability Extension 15 SP3
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-153=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-153=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-153=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-153=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-153=1
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-153=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-153=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-153=1
## Package List:
* openSUSE Leap 15.3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.147.1
* openSUSE Leap 15.3 (noarch)
* kernel-macros-5.3.18-150300.59.147.1
* kernel-docs-html-5.3.18-150300.59.147.1
* kernel-source-vanilla-5.3.18-150300.59.147.1
* kernel-devel-5.3.18-150300.59.147.1
* kernel-source-5.3.18-150300.59.147.1
* openSUSE Leap 15.3 (nosrc ppc64le x86_64)
* kernel-kvmsmall-5.3.18-150300.59.147.2
* kernel-debug-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (ppc64le x86_64)
* kernel-kvmsmall-debugsource-5.3.18-150300.59.147.2
* kernel-debug-livepatch-devel-5.3.18-150300.59.147.2
* kernel-kvmsmall-devel-5.3.18-150300.59.147.2
* kernel-kvmsmall-debuginfo-5.3.18-150300.59.147.2
* kernel-debug-devel-5.3.18-150300.59.147.2
* kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-debug-debuginfo-5.3.18-150300.59.147.2
* kernel-debug-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.147.2
* kernel-debug-debugsource-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
* kselftests-kmp-default-5.3.18-150300.59.147.2
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* cluster-md-kmp-default-5.3.18-150300.59.147.2
* kernel-default-optional-debuginfo-5.3.18-150300.59.147.2
* kernel-default-livepatch-devel-5.3.18-150300.59.147.2
* kernel-default-extra-5.3.18-150300.59.147.2
* kernel-obs-qa-5.3.18-150300.59.147.1
* kernel-default-base-rebuild-5.3.18-150300.59.147.2.150300.18.86.2
* kernel-default-extra-debuginfo-5.3.18-150300.59.147.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-devel-5.3.18-150300.59.147.2
* kernel-syms-5.3.18-150300.59.147.1
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* dlm-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-obs-build-5.3.18-150300.59.147.2
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-livepatch-5.3.18-150300.59.147.2
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-obs-build-debugsource-5.3.18-150300.59.147.2
* reiserfs-kmp-default-5.3.18-150300.59.147.2
* ocfs2-kmp-default-5.3.18-150300.59.147.2
* dlm-kmp-default-5.3.18-150300.59.147.2
* kernel-default-optional-5.3.18-150300.59.147.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* gfs2-kmp-default-5.3.18-150300.59.147.2
* kselftests-kmp-default-debuginfo-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_40-debugsource-1-150300.7.3.2
* kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-1-150300.7.3.2
* kernel-livepatch-5_3_18-150300_59_147-default-1-150300.7.3.2
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_147-preempt-1-150300.7.3.2
* kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-1-150300.7.3.2
* openSUSE Leap 15.3 (aarch64 x86_64)
* cluster-md-kmp-preempt-5.3.18-150300.59.147.2
* kernel-preempt-optional-5.3.18-150300.59.147.2
* dlm-kmp-preempt-5.3.18-150300.59.147.2
* kernel-preempt-livepatch-devel-5.3.18-150300.59.147.2
* kernel-preempt-debuginfo-5.3.18-150300.59.147.2
* gfs2-kmp-preempt-5.3.18-150300.59.147.2
* reiserfs-kmp-preempt-5.3.18-150300.59.147.2
* ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.147.2
* ocfs2-kmp-preempt-5.3.18-150300.59.147.2
* kernel-preempt-devel-5.3.18-150300.59.147.2
* gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-optional-debuginfo-5.3.18-150300.59.147.2
* kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.147.2
* kselftests-kmp-preempt-5.3.18-150300.59.147.2
* kernel-preempt-extra-5.3.18-150300.59.147.2
* cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.147.2
* dlm-kmp-preempt-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-extra-debuginfo-5.3.18-150300.59.147.2
* reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.147.1
* openSUSE Leap 15.3 (s390x)
* kernel-zfcpdump-debugsource-5.3.18-150300.59.147.1
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.147.1
* openSUSE Leap 15.3 (nosrc)
* dtb-aarch64-5.3.18-150300.59.147.1
* openSUSE Leap 15.3 (aarch64)
* dtb-marvell-5.3.18-150300.59.147.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-debugsource-5.3.18-150300.59.147.2
* dlm-kmp-64kb-debuginfo-5.3.18-150300.59.147.2
* dtb-freescale-5.3.18-150300.59.147.1
* gfs2-kmp-64kb-5.3.18-150300.59.147.2
* kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.147.2
* dtb-zte-5.3.18-150300.59.147.1
* dlm-kmp-64kb-5.3.18-150300.59.147.2
* kernel-64kb-extra-debuginfo-5.3.18-150300.59.147.2
* dtb-lg-5.3.18-150300.59.147.1
* dtb-renesas-5.3.18-150300.59.147.1
* dtb-al-5.3.18-150300.59.147.1
* dtb-allwinner-5.3.18-150300.59.147.1
* dtb-amd-5.3.18-150300.59.147.1
* dtb-apm-5.3.18-150300.59.147.1
* dtb-socionext-5.3.18-150300.59.147.1
* kernel-64kb-livepatch-devel-5.3.18-150300.59.147.2
* dtb-sprd-5.3.18-150300.59.147.1
* dtb-arm-5.3.18-150300.59.147.1
* ocfs2-kmp-64kb-5.3.18-150300.59.147.2
* reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-debuginfo-5.3.18-150300.59.147.2
* kselftests-kmp-64kb-5.3.18-150300.59.147.2
* ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-extra-5.3.18-150300.59.147.2
* gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-optional-debuginfo-5.3.18-150300.59.147.2
* dtb-altera-5.3.18-150300.59.147.1
* kernel-64kb-devel-5.3.18-150300.59.147.2
* dtb-hisilicon-5.3.18-150300.59.147.1
* dtb-mediatek-5.3.18-150300.59.147.1
* dtb-xilinx-5.3.18-150300.59.147.1
* dtb-broadcom-5.3.18-150300.59.147.1
* dtb-cavium-5.3.18-150300.59.147.1
* reiserfs-kmp-64kb-5.3.18-150300.59.147.2
* dtb-exynos-5.3.18-150300.59.147.1
* dtb-qcom-5.3.18-150300.59.147.1
* cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-optional-5.3.18-150300.59.147.2
* dtb-amlogic-5.3.18-150300.59.147.1
* dtb-nvidia-5.3.18-150300.59.147.1
* dtb-rockchip-5.3.18-150300.59.147.1
* cluster-md-kmp-64kb-5.3.18-150300.59.147.2
* openSUSE Leap 15.3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-default-livepatch-5.3.18-150300.59.147.2
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* kernel-livepatch-5_3_18-150300_59_147-default-1-150300.7.3.2
* kernel-default-livepatch-devel-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
s390x x86_64)
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.147.2
* ocfs2-kmp-default-5.3.18-150300.59.147.2
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.147.2
* dlm-kmp-default-5.3.18-150300.59.147.2
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* cluster-md-kmp-default-5.3.18-150300.59.147.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.147.2
* dlm-kmp-default-debuginfo-5.3.18-150300.59.147.2
* gfs2-kmp-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
* kernel-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-debugsource-5.3.18-150300.59.147.2
* kernel-64kb-devel-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
x86_64)
* kernel-default-5.3.18-150300.59.147.2
* kernel-preempt-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* kernel-obs-build-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-debugsource-5.3.18-150300.59.147.2
* reiserfs-kmp-default-5.3.18-150300.59.147.2
* kernel-syms-5.3.18-150300.59.147.1
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-obs-build-5.3.18-150300.59.147.2
* kernel-default-devel-5.3.18-150300.59.147.2
* kernel-preempt-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-devel-5.3.18-150300.59.147.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* kernel-devel-5.3.18-150300.59.147.1
* kernel-macros-5.3.18-150300.59.147.1
* kernel-source-5.3.18-150300.59.147.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64)
* kernel-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-debugsource-5.3.18-150300.59.147.2
* kernel-64kb-devel-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* kernel-obs-build-debugsource-5.3.18-150300.59.147.2
* reiserfs-kmp-default-5.3.18-150300.59.147.2
* kernel-syms-5.3.18-150300.59.147.1
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* kernel-obs-build-5.3.18-150300.59.147.2
* kernel-default-devel-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* kernel-devel-5.3.18-150300.59.147.1
* kernel-macros-5.3.18-150300.59.147.1
* kernel-source-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64)
* kernel-preempt-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-devel-5.3.18-150300.59.147.2
* kernel-preempt-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x)
* kernel-zfcpdump-debugsource-5.3.18-150300.59.147.1
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
x86_64)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* kernel-obs-build-debugsource-5.3.18-150300.59.147.2
* reiserfs-kmp-default-5.3.18-150300.59.147.2
* kernel-syms-5.3.18-150300.59.147.1
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* kernel-obs-build-5.3.18-150300.59.147.2
* kernel-default-devel-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* kernel-devel-5.3.18-150300.59.147.1
* kernel-macros-5.3.18-150300.59.147.1
* kernel-source-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* kernel-preempt-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-devel-5.3.18-150300.59.147.2
* kernel-preempt-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.147.2
* SUSE Enterprise Storage 7.1 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.147.2
* SUSE Enterprise Storage 7.1 (aarch64)
* kernel-64kb-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-64kb-debugsource-5.3.18-150300.59.147.2
* kernel-64kb-devel-5.3.18-150300.59.147.2
* SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
* kernel-default-5.3.18-150300.59.147.2
* kernel-preempt-5.3.18-150300.59.147.2
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* kernel-obs-build-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-debugsource-5.3.18-150300.59.147.2
* reiserfs-kmp-default-5.3.18-150300.59.147.2
* kernel-syms-5.3.18-150300.59.147.1
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.147.2
* kernel-obs-build-5.3.18-150300.59.147.2
* kernel-default-devel-5.3.18-150300.59.147.2
* kernel-preempt-debuginfo-5.3.18-150300.59.147.2
* kernel-preempt-devel-5.3.18-150300.59.147.2
* SUSE Enterprise Storage 7.1 (noarch)
* kernel-devel-5.3.18-150300.59.147.1
* kernel-macros-5.3.18-150300.59.147.1
* kernel-source-5.3.18-150300.59.147.1
* SUSE Enterprise Storage 7.1 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.147.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.147.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.147.2.150300.18.86.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.147.2
* kernel-default-debugsource-5.3.18-150300.59.147.2
## References:
* https://www.suse.com/security/cve/CVE-2020-26555.html
* https://www.suse.com/security/cve/CVE-2023-51779.html
* https://www.suse.com/security/cve/CVE-2023-6121.html
* https://www.suse.com/security/cve/CVE-2023-6606.html
* https://www.suse.com/security/cve/CVE-2023-6610.html
* https://www.suse.com/security/cve/CVE-2023-6931.html
* https://www.suse.com/security/cve/CVE-2023-6932.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1215237
* https://bugzilla.suse.com/show_bug.cgi?id=1215375
* https://bugzilla.suse.com/show_bug.cgi?id=1217250
* https://bugzilla.suse.com/show_bug.cgi?id=1217709
* https://bugzilla.suse.com/show_bug.cgi?id=1217946
* https://bugzilla.suse.com/show_bug.cgi?id=1217947
* https://bugzilla.suse.com/show_bug.cgi?id=1218105
* https://bugzilla.suse.com/show_bug.cgi?id=1218253
* https://bugzilla.suse.com/show_bug.cgi?id=1218258
* https://bugzilla.suse.com/show_bug.cgi?id=1218559
* https://jira.suse.com/browse/PED-5021
1
0