July 2020 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1173402] Kernel delays boot by 12s if ip= option given
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

https://bugzilla.suse.com/show_bug.cgi?id=1173402 https://bugzilla.suse.com/show_bug.cgi?id=1173402#c2 Thomas Blume <thomas.blume(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(thomas.blume@suse | |.com), | |needinfo?(daniel.molkentin@ | |suse.com) | --- Comment #2 from Thomas Blume <thomas.blume(a)suse.com> --- (In reply to Fabian Vogt from comment #0) > @dracut maintainers: It seems like "rd.neednet=1" is enough to get dracut to > acquire an address over DHCP, so a workaround is to just drop "ip=dhcp". I'd > like to have confirmation that this is intended behaviour and won't break > without notice in the future. This doesn't help for cases without DHCP > though. > > If it's not possible to avoid the "ip=foo" induced kernel delay, it might be > a good idea to provide "rd.ip=foo" or similar as alias, which is ignored by > the kernel. Need to double check but AFAIK, rd.neednet isn't sufficient, at least if the machine has multiple network interfaces. In this case you need to tell dracut which interface to use. ip=dhcp works in this case, because it is a wildcard to try all network interfaces. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1173595] VUL-0: CVE-2020-14983: chocolate-doom: malicious user can overwrite the server's stack leads to DoS
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

https://bugzilla.suse.com/show_bug.cgi?id=1173595 Maintenance Robot <maint-coord+maintenance_robot(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1173597] New: VUL-0: CVE-2020-15471,CVE-2020-15472,CVE-2020-15473,CVE-2020-15474,CVE-2020-15475,CVE-2020-15476: ndpi: multiple memory safety issues
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

http://bugzilla.opensuse.org/show_bug.cgi?id=1173597 Bug ID: 1173597 Summary: VUL-0: CVE-2020-15471,CVE-2020-15472,CVE-2020-15473,CVE-2020- 15474,CVE-2020-15475,CVE-2020-15476: ndpi: multiple memory safety issues Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/262669/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: mardnh(a)gmx.de Reporter: wolfgang.frisch(a)suse.com QA Contact: security-team(a)suse.de Found By: Security Response Team Blocker: --- CVE-2020-15471 In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c. CVE-2020-15472 In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c. CVE-2020-15473 In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c. CVE-2020-15474 In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c. CVE-2020-15475 In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free. CVE-2020-15476 In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15471 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15472 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15473 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15474 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15475 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15476 http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15471.html http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15472.html http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15473.html http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15474.html http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15475.html http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-15476.html -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1173595] New: VUL-0: CVE-2020-14983: chocolate-doom: malicious user can overwrite the server's stack leads to DoS
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

http://bugzilla.opensuse.org/show_bug.cgi?id=1173595 Bug ID: 1173595 Summary: VUL-0: CVE-2020-14983: chocolate-doom: malicious user can overwrite the server's stack leads to DoS Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/262159/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: jengelh(a)inai.de Reporter: atoptsoglou(a)suse.com QA Contact: security-team(a)suse.de Found By: Security Response Team Blocker: --- CVE-2020-14983 The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. References: https://github.com/chocolate-doom/chocolate-doom/issues/1293 References: https://bugzilla.redhat.com/show_bug.cgi?id=1852412 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14983 http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-14983.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14983 https://github.com/chocolate-doom/chocolate-doom/issues/1293 -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1173589] New: VUL-0: CVE-2018-3846: cfitsio: Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

http://bugzilla.opensuse.org/show_bug.cgi?id=1173589 Bug ID: 1173589 Summary: VUL-0: CVE-2018-3846: cfitsio: Unsafe use of sprintf() can allow a remote unauthenticated attacker to execute arbitrary code Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/204060/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: atoptsoglou(a)suse.com QA Contact: security-team(a)suse.de Found By: Security Response Team Blocker: --- CVE-2018-3846 NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues not covered by CVE-2018-3846, CVE-2018-3847, CVE-2018-3848, and CVE-2018-3849. One example is ftp_status in drvrnet.c mishandling a long string beginning with a '4' character. Upstream pull request: https://github.com/astropy/astropy/pull/7274 References: https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3420.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3430.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892458 References: https://bugzilla.redhat.com/show_bug.cgi?id=1850866 https://bugzilla.redhat.com/show_bug.cgi?id=1563913 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3846 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3846.html https://access.redhat.com/security/cve/CVE-2018-3846 http://www.cvedetails.com/cve/CVE-2018-3846/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3846 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529 -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1173588] New: VUL-0: CVE-2018-3848: cfitsio: Stack-based buffer overflow in ffghbn() allows for potential code execution
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

http://bugzilla.opensuse.org/show_bug.cgi?id=1173588 Bug ID: 1173588 Summary: VUL-0: CVE-2018-3848: cfitsio: Stack-based buffer overflow in ffghbn() allows for potential code execution Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/204061/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: atoptsoglou(a)suse.com QA Contact: security-team(a)suse.de Found By: Security Response Team Blocker: --- CVE-2018-3848 CFITSIO through version 3.42 has a stack-based buffer overflow vulnerability in the ffghbn() function that can potentially allow an attacker to execute code via a crafted FIT image file. External References: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531 https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt Additional References: https://github.com/astropy/astropy/pull/7274 References: https://bugzilla.redhat.com/show_bug.cgi?id=1568180 https://bugzilla.redhat.com/show_bug.cgi?id=1850866 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3848 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3848.html https://access.redhat.com/security/cve/CVE-2018-3848 http://www.cvedetails.com/cve/CVE-2018-3848/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3848 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531 -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1173583] VUL-0: CVE-2013-7489: python-Beaker: Deserialization of Untrusted Data which can lead to Arbitrary code execution
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

1 0

[Bug 1173583] VUL-0: CVE-2013-7489: python-beaker: Deserialization of Untrusted Data which can lead to Arbitrary code execution
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

https://bugzilla.suse.com/show_bug.cgi?id=1173583 Maintenance Robot <maint-coord+maintenance_robot(a)suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1173586] New: VUL-0: CVE-2018-3849: cfitsio: Stack-based buffer overflow in ffghtb() allows for potential code execution
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

http://bugzilla.opensuse.org/show_bug.cgi?id=1173586 Bug ID: 1173586 Summary: VUL-0: CVE-2018-3849: cfitsio: Stack-based buffer overflow in ffghtb() allows for potential code execution Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/204062/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: atoptsoglou(a)suse.com QA Contact: security-team(a)suse.de Found By: Security Response Team Blocker: --- CVE-2018-3849 NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues not covered by CVE-2018-3846, CVE-2018-3847, CVE-2018-3848, and CVE-2018-3849. One example is ftp_status in drvrnet.c mishandling a long string beginning with a '4' character. Upstream pull request: https://github.com/astropy/astropy/pull/7274 References: https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3420.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3430.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892458 References: https://bugzilla.redhat.com/show_bug.cgi?id=1850866 https://bugzilla.redhat.com/show_bug.cgi?id=1568185 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3849 https://access.redhat.com/security/cve/CVE-2018-3849 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-3849.html http://www.cvedetails.com/cve/CVE-2018-3849/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3849 -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1173585] New: VUL-0: CVE-2019-1010060: cfitsio: buffer overflow leads to arbitrary code execution
by bugzilla_noreply＠suse.com 01 Jul '20

01 Jul '20

http://bugzilla.opensuse.org/show_bug.cgi?id=1173585 Bug ID: 1173585 Summary: VUL-0: CVE-2019-1010060: cfitsio: buffer overflow leads to arbitrary code execution Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/237294/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: security-team(a)suse.de Reporter: atoptsoglou(a)suse.com QA Contact: security-team(a)suse.de Found By: Security Response Team Blocker: --- CVE-2019-1010060 NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues not covered by CVE-2018-3846, CVE-2018-3847, CVE-2018-3848, and CVE-2018-3849. One example is ftp_status in drvrnet.c mishandling a long string beginning with a '4' character. Upstream pull request: https://github.com/astropy/astropy/pull/7274 References: https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3420.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3430.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892458 References: https://bugzilla.redhat.com/show_bug.cgi?id=1850866 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010060 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892458 http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010060.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010060 https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3430.tar.gz https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/cfitsio3420.tar.gz https://github.com/astropy/astropy/pull/7274 https://heasarc.gsfc.nasa.gov/FTP/software/fitsio/c/docs/changes2.txt -- You are receiving this mail because: You are on the CC list for the bug.

1 1