| Bug ID | 1225537 |
|---|---|
| Summary | openSUSE Leap 15.6 known security regressions |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | Leap 15.6 |
| Hardware | Other |
| OS | Other |
| Status | NEW |
| Severity | Major |
| Priority | P5 - None |
| Component | Security |
| Assignee | security-team@suse.de |
| Reporter | Andreas.Stieger@gmx.de |
| QA Contact | qa-bugs@suse.de |
| CC | lubos.kocman@suse.com |
| Blocks | 1224165 |
| Target Milestone | --- |
| Found By | --- |
| Blocker | --- |
The packages listed blow are missing security maintenance in Leap 15.6 that we already released into openSUSE Leap 15.5. We should not release a new distribution release with known vulnerability regressions. Specifically these are maintenance updates we already performed into penSUSE:Backports:SLE-15-SP5:Update, that are not in openSUSE:Backports:SLE-15-SP6 in one way or another. boo#1217918 tor https://build.opensuse.org/request/show/1177405 to TW boo#1223420 cJSON https://build.opensuse.org/request/show/1176529 to devel project boo#1216403 gifsicle https://build.opensuse.org/request/show/1177406 to TW boo#1216429 roundcubemail https://build.opensuse.org/request/show/1177407 to TW boo#1222593, boo#1222594 sngrep https://build.opensuse.org/request/show/1177409 to TW boo#1212060, boo#1212061, boo#1212062, boo#1212063 sox https://build.opensuse.org/request/show/1177410 boo#1217153 yt-dlp https://build.opensuse.org/request/show/1177411 Bonus: CVE-2024-22423 not addressed boo#1219775, boo#1218199 zabbix https://build.opensuse.org/request/show/1177412 This does not include a comparison as to what is fixed in in Tumbleweed and missing in Leap 15.6. Ask to security and release team: monitor all of the above, and ensure that these or equivalent updates are submitted