April 2024 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1223152] New: Package openssl-3 built with gcc14 does not pass its testsuite and the build therefore fails
by bugzilla_noreply＠suse.com 31 May '24

31 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223152 Bug ID: 1223152 Summary: Package openssl-3 built with gcc14 does not pass its testsuite and the build therefore fails Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: screening-team-bugs(a)suse.de Reporter: mjambor(a)suse.com QA Contact: qa-bugs(a)suse.de CC: otto.hollmann(a)suse.com, rguenther(a)suse.com Blocks: 1220574 Target Milestone: --- Found By: --- Blocker: --- Package openssl-3, when built with with gcc14, spins infinitely (probably) in its testsuite and the build therefore fails: https://build.opensuse.org/package/live_build_log/home:rguenther:plgrnd/ope… This can be reproduced locally with: oosc build --clean --alternative-project home:rguenther:nextgcc The failure may be a genuine miscompilation, it goes away when LTO is disabled or when we disable identical code folding (ICF) using: %global optflags %{optflags} -fno-ipa-icf I have also tried disabling strict aliasing in a similar fashion, but that did not work. On the other hand, the issue seems to be brought in by our patches, I could reproduce the issue outside of an osc chroot when I applied all the patches from the package too but the issue did not reproduce when I did not. Unfortunately I was not quite able to pin it to a single patch, partly because that part of the spec file is somewhat complicated, partly probably because I quickly confused myself. It would be nice to figure out what exactly is going on and runs differently with gcc14 and its ICF. -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 1222089] New: open-vm-tools 12.4.0 has been released - please rebase
by bugzilla_noreply＠suse.com 30 May '24

30 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1222089 Bug ID: 1222089 Summary: open-vm-tools 12.4.0 has been released - please rebase Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Virtualization:Tools Assignee: virt-bugs(a)suse.de Reporter: john.wolfe(a)broadcom.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- open-vm-tools 12.4.0 was released on March 21, 2024. There are no new features in the open-vm-tools 12.4.0 release. This is primarily a maintenance release that addresses a single critical problem: For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.4.0 Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/ReleaseNotes.md The granular changes that have gone into the 12.4.0 release are in the ChangeLog at: https://github.com/vmware/open-vm-tools/blob/stable-12.4.0/open-vm-tools/Ch… -- You are receiving this mail because: You are on the CC list for the bug.

1 7

[Bug 1221077] New: prm cannot handle filenames with spaces in package
by bugzilla_noreply＠suse.com 30 May '24

30 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1221077 Bug ID: 1221077 Summary: prm cannot handle filenames with spaces in package Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development Assignee: screening-team-bugs(a)suse.de Reporter: msuchanek(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- AFAICT the filelist is generated correctly but the rpm scripting fails. https://build.suse.de/build/Devel:Kernel:linux-next/standard/x86_64/kernel-… https://build.suse.de/package/live_build_log/Devel:Kernel:linux-next/kernel… -- You are receiving this mail because: You are on the CC list for the bug.

1 30

[Bug 1218473] New: VUL-0: CVE-2023-26157: libredwg: out-of-bound read involving section->num_pages in decode_r2007.c
by bugzilla_noreply＠suse.com 29 May '24

29 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1218473 Bug ID: 1218473 Summary: VUL-0: CVE-2023-26157: libredwg: out-of-bound read involving section->num_pages in decode_r2007.c Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/389804/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: jengelh(a)inai.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: andrea.mattiazzo(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-26157 https://github.com/LibreDWG/libredwg/issues/850 Patch: https://github.com/LibreDWG/libredwg/commit/c8cf03ce4c2315b146caf582ea061c0… -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1223420] New: VUL-0: CVE-2024-31755: cJSON: NULL pointer dereference via cJSON_SetValuestring()
by bugzilla_noreply＠suse.com 29 May '24

29 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223420 Bug ID: 1223420 Summary: VUL-0: CVE-2024-31755: cJSON: NULL pointer dereference via cJSON_SetValuestring() Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/403222/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: mardnh(a)gmx.de Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: carlos.lopez(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31755 https://www.cve.org/CVERecord?id=CVE-2024-31755 https://github.com/DaveGamble/cJSON/issues/839 https://bugzilla.redhat.com/show_bug.cgi?id=2277268 -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1223544] New: kernel config: enable CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG
by bugzilla_noreply＠suse.com 29 May '24

29 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223544 Bug ID: 1223544 Summary: kernel config: enable CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: kernel-bugs(a)opensuse.org Reporter: lnussel(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- Systemd wants to have CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG to enable signed Verity images: https://github.com/systemd/systemd/blob/main/README#L131 Any chance we can enable that (and potentially other settings we missed) in TW kernels to leverage systemd's full potential? -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1223578] New: Ensure that all %ghost entries have %attr() matching the final permissions (e.g. from systemd-tmpfiles)
by bugzilla_noreply＠suse.com 28 May '24

28 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1223578 Bug ID: 1223578 Summary: Ensure that all %ghost entries have %attr() matching the final permissions (e.g. from systemd-tmpfiles) Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs(a)suse.de Reporter: mrueckert(a)suse.com QA Contact: qa-bugs(a)suse.de Target Milestone: --- Found By: --- Blocker: --- just an example ``` rpm -qlv pipewire | grep /var/lib/pip d--------- 2 root root 0 Apr 17 08:56 /var/lib/pipewire ---------- 1 root root 0 Apr 17 08:56 /var/lib/pipewire/pipewire_post_workaround ``` this then causes unneeded noise e.g. in `rpm -V pipewire` ``` rpm -V pipewire .M....... g /var/lib/pipewire ``` 1. all %ghost entries should come with %attr() ``` %ghost %attr(0644,root,root) %config(noreplace) /etc/apparmor.d/local/%{name} ``` 2. rpmlint check that errors out if the permissions bits for an entry are set to 000 -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1217807] New: VUL-0: CVE-2023-47633: traefik: 100% CPU usage when self-serving as backend
by bugzilla_noreply＠suse.com 28 May '24

28 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1217807 Bug ID: 1217807 Summary: VUL-0: CVE-2023-47633: traefik: 100% CPU usage when self-serving as backend Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/386934/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: alexandre.vicenzi(a)suse.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: carlos.lopez(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47633 -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1217804] New: VUL-0: CVE-2023-47106: traefik: incorrect processing of fragment in the URL leads to authorization bypass
by bugzilla_noreply＠suse.com 28 May '24

28 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1217804 Bug ID: 1217804 Summary: VUL-0: CVE-2023-47106: traefik: incorrect processing of fragment in the URL leads to authorization bypass Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/386931/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: alexandre.vicenzi(a)suse.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: carlos.lopez(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path and the query. When this is combined with another frontend proxy like Nginx, it can be used to bypass frontend proxy URI-based access control restrictions. This vulnerability has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47106 https://github.com/traefik/traefik/releases/tag/v2.10.6 https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 https://github.com/traefik/traefik/security/advisories/GHSA-fvhj-4qfh-q2hm -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1217806] New: VUL-0: CVE-2023-47124: traefik: Potential DDoS whith ACME HTTPChallenge
by bugzilla_noreply＠suse.com 28 May '24

28 May '24

https://bugzilla.suse.com/show_bug.cgi?id=1217806 Bug ID: 1217806 Summary: VUL-0: CVE-2023-47124: traefik: Potential DDoS whith ACME HTTPChallenge Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/386932/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: alexandre.vicenzi(a)suse.com Reporter: smash_bz(a)suse.de QA Contact: security-team(a)suse.de CC: carlos.lopez(a)suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let's Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by attackers to achieve a `slowloris attack`. This vulnerability has been patch in version 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. Users unable to upgrade should replace the `HTTPChallenge` with the `TLSChallenge` or the `DNSChallenge`. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-47124 https://doc.traefik.io/traefik/https/acme/#dnschallenge https://github.com/traefik/traefik/releases/tag/v2.10.6 https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 https://github.com/traefik/traefik/security/advisories/GHSA-8g85-whqh-cr2f -- You are receiving this mail because: You are on the CC list for the bug.

1 4