Bug ID | 1225537 |
---|---|
Summary | openSUSE Leap 15.6 known security regressions |
Classification | openSUSE |
Product | openSUSE Distribution |
Version | Leap 15.6 |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Major |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | Andreas.Stieger@gmx.de |
QA Contact | qa-bugs@suse.de |
CC | lubos.kocman@suse.com |
Blocks | 1224165 |
Target Milestone | --- |
Found By | --- |
Blocker | --- |
The packages listed blow are missing security maintenance in Leap 15.6 that we already released into openSUSE Leap 15.5. We should not release a new distribution release with known vulnerability regressions. Specifically these are maintenance updates we already performed into penSUSE:Backports:SLE-15-SP5:Update, that are not in openSUSE:Backports:SLE-15-SP6 in one way or another. boo#1217918 tor https://build.opensuse.org/request/show/1177405 to TW boo#1223420 cJSON https://build.opensuse.org/request/show/1176529 to devel project boo#1216403 gifsicle https://build.opensuse.org/request/show/1177406 to TW boo#1216429 roundcubemail https://build.opensuse.org/request/show/1177407 to TW boo#1222593, boo#1222594 sngrep https://build.opensuse.org/request/show/1177409 to TW boo#1212060, boo#1212061, boo#1212062, boo#1212063 sox https://build.opensuse.org/request/show/1177410 boo#1217153 yt-dlp https://build.opensuse.org/request/show/1177411 Bonus: CVE-2024-22423 not addressed boo#1219775, boo#1218199 zabbix https://build.opensuse.org/request/show/1177412 This does not include a comparison as to what is fixed in in Tumbleweed and missing in Leap 15.6. Ask to security and release team: monitor all of the above, and ensure that these or equivalent updates are submitted