openSUSE Security Announce
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
October 2022
- 1 participants
- 107 discussions
SUSE-SU-2022:3766-1: important: Security update for buildah
by opensuse-security@opensuse.org 26 Oct '22
by opensuse-security@opensuse.org 26 Oct '22
26 Oct '22
SUSE Security Update: Security update for buildah
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3766-1
Rating: important
References: #1167864 #1181961 #1202812
Cross-References: CVE-2020-10696 CVE-2021-20206 CVE-2022-2990
CVSS scores:
CVE-2020-10696 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-10696 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-20206 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20206 (SUSE): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2990 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-2990 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for buildah fixes the following issues:
- CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to
execute arbitrary binaries on the host (bsc#1181961).
- CVE-2020-10696: Fixed an issue that could lead to files being
overwritten during the image building process (bsc#1167864).
- CVE-2022-2990: Fixed possible information disclosure and modification /
bsc#1202812
Buildah was updated to version 1.27.1:
* run: add container gid to additional groups
- Add fix for CVE-2022-2990 / bsc#1202812
Update to version 1.27.0:
* Don't try to call runLabelStdioPipes if spec.Linux is not set
* build: support filtering cache by duration using --cache-ttl
* build: support building from commit when using git repo as build context
* build: clean up git repos correctly when using subdirs
* integration tests: quote "?" in shell scripts
* test: manifest inspect should have OCIv1 annotation
* vendor: bump to c/common@87fab4b7019a
* Failure to determine a file or directory should print an error
* refactor: remove unused CommitOptions from generateBuildOutput
* stage_executor: generate output for cases with no commit
* stage_executor, commit: output only if last stage in build
* Use errors.Is() instead of os.Is{Not,}Exist
* Minor test tweak for podman-remote compatibility
* Cirrus: Use the latest imgts container
* imagebuildah: complain about the right Dockerfile
* tests: don't try to wrap `nil` errors
* cmd/buildah.commitCmd: don't shadow "err"
* cmd/buildah.pullCmd: complain about DecryptConfig/EncryptConfig
* Fix a copy/paste error message
* Fix a typo in an error message
* build,cache: support pulling/pushing cache layers to/from remote sources
* Update vendor of containers/(common, storage, image)
* Rename chroot/run.go to chroot/run_linux.go
* Don't bother telling codespell to skip files that don't exist
* Set user namespace defaults correctly for the library
* imagebuildah: optimize cache hits for COPY and ADD instructions
* Cirrus: Update VM images w/ updated bats
* docs, run: show SELinux label flag for cache and bind mounts
* imagebuildah, build: remove undefined concurrent writes
* bump github.com/opencontainers/runtime-tools
* Add FreeBSD support for 'buildah info'
* Vendor in latest containers/(storage, common, image)
* Add freebsd cross build targets
* Make the jail package build on 32bit platforms
* Cirrus: Ensure the build-push VM image is labeled
* GHA: Fix dynamic script filename
* Vendor in containers/(common, storage, image)
* Run codespell
* Remove import of github.com/pkg/errors
* Avoid using cgo in pkg/jail
* Rename footypes to fooTypes for naming consistency
* Move cleanupTempVolumes and cleanupRunMounts to run_common.go
* Make the various run mounts work for FreeBSD
* Move get{Bind,Tmpfs,Secret,SSH}Mount to run_common.go
* Move runSetupRunMounts to run_common.go
* Move cleanableDestinationListFromMounts to run_common.go
* Make setupMounts and runSetupBuiltinVolumes work on FreeBSD
* Move setupMounts and runSetupBuiltinVolumes to run_common.go
* Tidy up - runMakeStdioPipe can't be shared with linux
* Move runAcceptTerminal to run_common.go
* Move stdio copying utilities to run_common.go
* Move runUsingRuntime and runCollectOutput to run_common.go
* Move fileCloser, waitForSync and contains to run_common.go
* Move checkAndOverrideIsolationOptions to run_common.go
* Move DefaultNamespaceOptions to run_common.go
* Move getNetworkInterface to run_common.go
* Move configureEnvironment to run_common.go
* Don't crash in configureUIDGID if Process.Capabilities is nil
* Move configureUIDGID to run_common.go
* Move runLookupPath to run_common.go
* Move setupTerminal to run_common.go
* Move etc file generation utilities to run_common.go
* Add run support for FreeBSD
* Add a simple FreeBSD jail library
* Add FreeBSD support to pkg/chrootuser
* Sync call signature for RunUsingChroot with chroot/run.go
* test: verify feature to resolve basename with args
* vendor: bump openshift/imagebuilder to master@4151e43
* GHA: Remove required reserved-name use
* buildah: set XDG_RUNTIME_DIR before setting default runroot
* imagebuildah: honor build output even if build container is not commited
* chroot: honor DefaultErrnoRet
* [CI:DOCS] improve pull-policy documentation
* tests: retrofit test since --file does not supports dir
* Switch to golang native error wrapping
* BuildDockerfiles: error out if path to containerfile is a directory
* define.downloadToDirectory: fail early if bad HTTP response
* GHA: Allow re-use of Cirrus-Cron fail-mail workflow
* add: fail on bad http response instead of writing to container
* [CI:DOCS] Update buildahimage comment
* lint: inspectable is never nil
* vendor: c/common to common@7e1563b
* build: support OCI hooks for ephemeral build containers
* [CI:BUILD] Install latest buildah instead of compiling
* Add subid support with BuildRequires and BUILDTAG [NO NEW TESTS NEEDED]
* Make sure cpp is installed in buildah images
* demo: use unshare for rootless invocations
* buildah.spec.rpkg: initial addition
* build: fix test for subid 4
* build, userns: add support for --userns=auto
* Fix building upstream buildah image
* Remove redundant buildahimages-are-sane validation
* Docs: Update multi-arch buildah images readme
* Cirrus: Migrate multiarch build off github actions
* retrofit-tests: we skip unused stages so use stages
* stage_executor: dont rely on stage while looking for additional-context
* buildkit, multistage: skip computing unwanted stages
* More test cleanup
* copier: work around freebsd bug for "mkdir /"
* Replace $BUILDAH_BINARY with buildah() function
* Fix up buildah images
* Make util and copier build on FreeBSD
* Vendor in latest github.com/sirupsen/logrus
* Makefile: allow building without .git
* run_unix: don't return an error from getNetworkInterface
* run_unix: return a valid DefaultNamespaceOptions
* Update vendor of containers/storage
* chroot: use ActKillThread instead of ActKill
* use resolvconf package from c/common/libnetwork
* update c/common to latest main
* copier: add `NoOverwriteNonDirDir` option
* Sort buildoptions and move cli/build functions to internal
* Fix TODO: de-spaghettify run mounts
* Move options parsing out of build.go and into pkg/cli
* [CI:DOCS] Tutorial 04 - Include Debian/Ubuntu deps
* build, multiarch: support splitting build logs for --platform
* [CI:BUILD] WIP Cleanup Image Dockerfiles
* cli remove stutter
* docker-parity: ignore sanity check if baseImage history is null
* build, commit: allow disabling image history with --omit-history
* Fix use generic/ambiguous DEBUG name
* Cirrus: use Ubuntu 22.04 LTS
* Fix codespell errors
* Remove util.StringInSlice because it is defined in containers/common
* buildah: add support for renaming a device in rootless setups
* squash: never use build cache when computing last step of last stage
* Update vendor of containers/(common, storage, image)
* buildkit: supports additionalBuildContext in builds via --build-context
* buildah source pull/push: show progress bar
* run: allow resuing secret twice in different RUN steps
* test helpers: default to being rootless-aware
* Add --cpp-flag flag to buildah build
* build: accept branch and subdirectory when context is git repo
* Vendor in latest containers/common
* vendor: update c/storage and c/image
* Fix gentoo install docs
* copier: move NSS load to new process
* Add test for prevention of reusing encrypted layers
* Make `buildah build --label foo` create an empty "foo" label again
Update to version 1.26.4:
* build, multiarch: support splitting build logs for --platform
* copier: add `NoOverwriteNonDirDir` option
* docker-parity: ignore sanity check if baseImage history is null
* build, commit: allow disabling image history with --omit-history
* buildkit: supports additionalBuildContext in builds via --build-context
* Add --cpp-flag flag to buildah build
Update to version 1.26.3:
* define.downloadToDirectory: fail early if bad HTTP response
* add: fail on bad http response instead of writing to container
* squash: never use build cache when computing last step of last stage
* run: allow resuing secret twice in different RUN steps
* integration tests: update expected error messages
* integration tests: quote "?" in shell scripts
* Use errors.Is() to check for storage errors
* lint: inspectable is never nil
* chroot: use ActKillThread instead of ActKill
* chroot: honor DefaultErrnoRet
* Set user namespace defaults correctly for the library
* contrib/rpm/buildah.spec: fix `rpm` parser warnings
Drop requires on apparmor pattern, should be moved elsewhere for systems
which want AppArmor instead of SELinux.
- Update BuildRequires to libassuan-devel >= 2.5.2, pkgconfig file is
required to build.
Update to version 1.26.2:
* buildah: add support for renaming a device in rootless setups
Update to version 1.26.1:
* Make `buildah build --label foo` create an empty "foo" label again
* imagebuildah,build: move deepcopy of args before we spawn goroutine
* Vendor in containers/storage v1.40.2
* buildah.BuilderOptions.DefaultEnv is ignored, so mark it as deprecated
* help output: get more consistent about option usage text
* Handle OS version and features flags
* buildah build: --annotation and --label should remove values
* buildah build: add a --env
* buildah: deep copy options.Args before performing concurrent build/stage
* test: inline platform and builtinargs behaviour
* vendor: bump imagebuilder to master/009dbc6
* build: automatically set correct TARGETPLATFORM where expected
* Vendor in containers/(common, storage, image)
* imagebuildah, executor: process arg variables while populating baseMap
* buildkit: add support for custom build output with --output
* Cirrus: Update CI VMs to F36
* fix staticcheck linter warning for deprecated function
* Fix docs build on FreeBSD
* copier.unwrapError(): update for Go 1.16
* copier.PutOptions: add StripSetuidBit/StripSetgidBit/StripStickyBit
* copier.Put(): write to read-only directories
* Ed's periodic test cleanup
* using consistent lowercase 'invalid' word in returned err msg
* use etchosts package from c/common
* run: set actual hostname in /etc/hostname to match docker parity
* Update vendor of containers/(common,storage,image)
* manifest-create: allow creating manifest list from local image
* Update vendor of storage,common,image
* Initialize network backend before first pull
* oci spec: change special mount points for namespaces
* tests/helpers.bash: assert handle corner cases correctly
* buildah: actually use containers.conf settings
* integration tests: learn to start a dummy registry
* Fix error check to work on Podman
* buildah build should accept at most one arg
* tests: reduce concurrency for flaky bud-multiple-platform-no-run
* vendor in latest containers/common,image,storage
* manifest-add: allow override arch,variant while adding image
* Remove a stray `\` from .containerenv
* Vendor in latest opencontainers/selinux v1.10.1
* build, commit: allow removing default identity labels
* Create shorter names for containers based on image IDs
* test: skip rootless on cgroupv2 in root env
* fix hang when oci runtime fails
* Set permissions for GitHub actions
* copier test: use correct UID/GID in test archives
* run: set parent-death signals and forward SIGHUP/SIGINT/SIGTERM
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3766=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3766=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3766=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3766=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3766=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3766=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libgpg-error-debugsource-1.42-150300.9.3.1
libgpg-error0-1.42-150300.9.3.1
libgpg-error0-debuginfo-1.42-150300.9.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
buildah-1.27.1-150300.8.11.1
libgpg-error-debugsource-1.42-150300.9.3.1
libgpg-error-devel-1.42-150300.9.3.1
libgpg-error-devel-debuginfo-1.42-150300.9.3.1
libgpg-error0-1.42-150300.9.3.1
libgpg-error0-debuginfo-1.42-150300.9.3.1
- openSUSE Leap 15.3 (x86_64):
libgpg-error-devel-32bit-1.42-150300.9.3.1
libgpg-error-devel-32bit-debuginfo-1.42-150300.9.3.1
libgpg-error0-32bit-1.42-150300.9.3.1
libgpg-error0-32bit-debuginfo-1.42-150300.9.3.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
buildah-1.27.1-150300.8.11.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libgpg-error-debugsource-1.42-150300.9.3.1
libgpg-error-devel-1.42-150300.9.3.1
libgpg-error-devel-debuginfo-1.42-150300.9.3.1
libgpg-error0-1.42-150300.9.3.1
libgpg-error0-debuginfo-1.42-150300.9.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libgpg-error0-32bit-1.42-150300.9.3.1
libgpg-error0-32bit-debuginfo-1.42-150300.9.3.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libgpg-error-debugsource-1.42-150300.9.3.1
libgpg-error0-1.42-150300.9.3.1
libgpg-error0-debuginfo-1.42-150300.9.3.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libgpg-error-debugsource-1.42-150300.9.3.1
libgpg-error0-1.42-150300.9.3.1
libgpg-error0-debuginfo-1.42-150300.9.3.1
References:
https://www.suse.com/security/cve/CVE-2020-10696.html
https://www.suse.com/security/cve/CVE-2021-20206.html
https://www.suse.com/security/cve/CVE-2022-2990.html
https://bugzilla.suse.com/1167864
https://bugzilla.suse.com/1181961
https://bugzilla.suse.com/1202812
1
0
SUSE-SU-2022:3765-1: important: Security update for grafana
by opensuse-security@opensuse.org 26 Oct '22
by opensuse-security@opensuse.org 26 Oct '22
26 Oct '22
SUSE Security Update: Security update for grafana
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3765-1
Rating: important
References: #1195726 #1195727 #1195728 #1201535 #1201539
SLE-23422 SLE-23439 SLE-24565
Cross-References: CVE-2022-21702 CVE-2022-21703 CVE-2022-21713
CVE-2022-31097 CVE-2022-31107
CVSS scores:
CVE-2022-21702 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2022-21702 (SUSE): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
CVE-2022-21703 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-21703 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-21713 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-31097 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2022-31097 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CVE-2022-31107 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31107 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities, contains three
features is now available.
Description:
This update for grafana fixes the following issues:
Updated to version 8.3.10 (jsc#SLE-24565, jsc#SLE-23422, jsc#SLE-23439):
- CVE-2022-31097: Fixed XSS vulnerability in the Unified Alerting
(bsc#1201535).
- CVE-2022-31107: Fixed OAuth account takeover vulnerability
(bsc#1201539).
- CVE-2022-21702: Fixed XSS through attacker-controlled data source
(bsc#1195726).
- CVE-2022-21703: Fixed Cross Site Request Forgery (bsc#1195727).
- CVE-2022-21713: Fixed Teams API IDOR (bsc#1195728).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3765=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3765=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3765=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
grafana-8.3.10-150200.3.26.1
grafana-debuginfo-8.3.10-150200.3.26.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
grafana-8.3.10-150200.3.26.1
grafana-debuginfo-8.3.10-150200.3.26.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
grafana-8.3.10-150200.3.26.1
References:
https://www.suse.com/security/cve/CVE-2022-21702.html
https://www.suse.com/security/cve/CVE-2022-21703.html
https://www.suse.com/security/cve/CVE-2022-21713.html
https://www.suse.com/security/cve/CVE-2022-31097.html
https://www.suse.com/security/cve/CVE-2022-31107.html
https://bugzilla.suse.com/1195726
https://bugzilla.suse.com/1195727
https://bugzilla.suse.com/1195728
https://bugzilla.suse.com/1201535
https://bugzilla.suse.com/1201539
1
0
SUSE-SU-2022:3745-1: moderate: Security update for golang-github-prometheus-node_exporter
by opensuse-security@opensuse.org 26 Oct '22
by opensuse-security@opensuse.org 26 Oct '22
26 Oct '22
SUSE Security Update: Security update for golang-github-prometheus-node_exporter
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3745-1
Rating: moderate
References: #1196338 SLE-24238 SLE-24239
Cross-References: CVE-2022-21698
CVSS scores:
CVE-2022-21698 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-21698 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability, contains two
features is now available.
Description:
This update for golang-github-prometheus-node_exporter fixes the following
issues:
(bsc#1196338, jsc#SLE-24238, jsc#SLE-24239, jsc#SUMA-114, CVE-2022-21698)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3745=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3745=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3745=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3745=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3745=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3745=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3745=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3745=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3745=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3745=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3745=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3745=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3745=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3745=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3745=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3745=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3745=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3745=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3745=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Manager Proxy 4.1 (x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
- SUSE CaaS Platform 4.0 (x86_64):
golang-github-prometheus-node_exporter-1.3.0-150100.3.18.1
References:
https://www.suse.com/security/cve/CVE-2022-21698.html
https://bugzilla.suse.com/1196338
1
0
SUSE-SU-2022:3767-1: important: Recommended update for bind
by opensuse-security@opensuse.org 26 Oct '22
by opensuse-security@opensuse.org 26 Oct '22
26 Oct '22
SUSE Security Update: Recommended update for bind
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3767-1
Rating: important
References: #1201689 #1203250 #1203614 #1203618 #1203619
#1203620 SLE-24600
Cross-References: CVE-2022-2795 CVE-2022-3080 CVE-2022-38177
CVE-2022-38178
CVSS scores:
CVE-2022-2795 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2795 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3080 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3080 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38177 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38177 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38178 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38178 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves four vulnerabilities, contains one
feature and has two fixes is now available.
Description:
This update for bind fixes the following issues:
Update to release 9.16.33:
- CVE-2022-2795: Fixed potential performance degredation due to missing
database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in
the cache for the incoming query and the stale-answer-client-timeout
option is set to 0 (bsc#1203618).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered
in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
- CVE-2022-38178: Fixed memory leaks that could be externally triggered in
the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).
- Add systemd drop-in directory for named service (bsc#1201689).
- Add modified createNamedConfInclude script and README-bind.chrootenv
(bsc#1203250).
- Feature Changes:
- Response Rate Limiting (RRL) code now treats all QNAMEs that are
subject to wildcard processing within a given zone as the same name,
to prevent circumventing the limits enforced by RRL.
- Zones using dnssec-policy now require dynamic DNS or inline-signing to
be configured explicitly.
- A backward-compatible approach was implemented for encoding
internationalized domain names (IDN) in dig and converting the domain
to IDNA2008 form; if that fails, BIND tries an IDNA2003 conversion.
- The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically
disabled on systems where they are disallowed by the security policy.
Primary zones using those algorithms need to be migrated to new
algorithms prior to running on these systems, as graceful migration to
different DNSSEC algorithms is not possible when RSASHA1 is disallowed
by the operating system.
- Log messages related to fetch limiting have been improved to provide
more complete information. Specifically, the final counts of allowed
and spilled fetches are now logged before the counter object is
destroyed.
- Non-dynamic zones that inherit dnssec-policy from the view or options
blocks were not marked as inline-signed and therefore never scheduled
to be re-signed. This has been fixed.
- The old max-zone-ttl zone option was meant to be superseded by the
max-zone-ttl option in dnssec-policy; however, the latter option was
not fully effective. This has been corrected: zones no longer load if
they contain TTLs greater than the limit configured in dnssec-policy.
For zones with both the old max-zone-ttl option and dnssec-policy
configured, the old option is ignored, and a warning is generated.
- rndc dumpdb -expired was fixed to include expired RRsets, even if
stale-cache-enable is set to no and the cache-cleaning time window has
passed. (jsc#SLE-24600)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3767=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-3767=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3767=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
bind-9.16.33-150400.5.11.1
bind-debuginfo-9.16.33-150400.5.11.1
bind-debugsource-9.16.33-150400.5.11.1
bind-utils-9.16.33-150400.5.11.1
bind-utils-debuginfo-9.16.33-150400.5.11.1
- openSUSE Leap 15.4 (noarch):
bind-doc-9.16.33-150400.5.11.1
python3-bind-9.16.33-150400.5.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
bind-9.16.33-150400.5.11.1
bind-debuginfo-9.16.33-150400.5.11.1
bind-debugsource-9.16.33-150400.5.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
bind-doc-9.16.33-150400.5.11.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
bind-debuginfo-9.16.33-150400.5.11.1
bind-debugsource-9.16.33-150400.5.11.1
bind-utils-9.16.33-150400.5.11.1
bind-utils-debuginfo-9.16.33-150400.5.11.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-bind-9.16.33-150400.5.11.1
References:
https://www.suse.com/security/cve/CVE-2022-2795.html
https://www.suse.com/security/cve/CVE-2022-3080.html
https://www.suse.com/security/cve/CVE-2022-38177.html
https://www.suse.com/security/cve/CVE-2022-38178.html
https://bugzilla.suse.com/1201689
https://bugzilla.suse.com/1203250
https://bugzilla.suse.com/1203614
https://bugzilla.suse.com/1203618
https://bugzilla.suse.com/1203619
https://bugzilla.suse.com/1203620
1
0
SUSE-SU-2022:3729-1: important: Security update for bind
by opensuse-security@opensuse.org 25 Oct '22
by opensuse-security@opensuse.org 25 Oct '22
25 Oct '22
SUSE Security Update: Security update for bind
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3729-1
Rating: important
References: #1203614 #1203619 #1203620
Cross-References: CVE-2022-2795 CVE-2022-38177 CVE-2022-38178
CVSS scores:
CVE-2022-2795 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2795 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-38177 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38177 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38178 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38178 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for bind fixes the following issues:
- CVE-2022-2795: Fixed potential performance degredation due to missing
database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered
in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
- CVE-2022-38178: Fixed memory leaks that could be externally triggered
in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3729=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3729=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3729=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3729=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3729=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3729=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3729=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3729=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3729=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3729=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3729=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3729=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3729=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3729=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3729=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3729=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3729=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3729=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3729=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3729=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3729=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (x86_64):
bind-devel-32bit-9.16.6-150000.12.63.1
libbind9-1600-32bit-9.16.6-150000.12.63.1
libbind9-1600-32bit-debuginfo-9.16.6-150000.12.63.1
libdns1605-32bit-9.16.6-150000.12.63.1
libdns1605-32bit-debuginfo-9.16.6-150000.12.63.1
libirs1601-32bit-9.16.6-150000.12.63.1
libirs1601-32bit-debuginfo-9.16.6-150000.12.63.1
libisc1606-32bit-9.16.6-150000.12.63.1
libisc1606-32bit-debuginfo-9.16.6-150000.12.63.1
libisccc1600-32bit-9.16.6-150000.12.63.1
libisccc1600-32bit-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-32bit-9.16.6-150000.12.63.1
libisccfg1600-32bit-debuginfo-9.16.6-150000.12.63.1
libns1604-32bit-9.16.6-150000.12.63.1
libns1604-32bit-debuginfo-9.16.6-150000.12.63.1
- openSUSE Leap 15.3 (x86_64):
bind-devel-32bit-9.16.6-150000.12.63.1
libbind9-1600-32bit-9.16.6-150000.12.63.1
libbind9-1600-32bit-debuginfo-9.16.6-150000.12.63.1
libdns1605-32bit-9.16.6-150000.12.63.1
libdns1605-32bit-debuginfo-9.16.6-150000.12.63.1
libirs1601-32bit-9.16.6-150000.12.63.1
libirs1601-32bit-debuginfo-9.16.6-150000.12.63.1
libisc1606-32bit-9.16.6-150000.12.63.1
libisc1606-32bit-debuginfo-9.16.6-150000.12.63.1
libisccc1600-32bit-9.16.6-150000.12.63.1
libisccc1600-32bit-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-32bit-9.16.6-150000.12.63.1
libisccfg1600-32bit-debuginfo-9.16.6-150000.12.63.1
libns1604-32bit-9.16.6-150000.12.63.1
libns1604-32bit-debuginfo-9.16.6-150000.12.63.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Manager Server 4.1 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Manager Proxy 4.1 (x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Manager Proxy 4.1 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Enterprise Storage 7 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
- SUSE Enterprise Storage 6 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE CaaS Platform 4.0 (noarch):
bind-doc-9.16.6-150000.12.63.1
python3-bind-9.16.6-150000.12.63.1
- SUSE CaaS Platform 4.0 (x86_64):
bind-9.16.6-150000.12.63.1
bind-chrootenv-9.16.6-150000.12.63.1
bind-debuginfo-9.16.6-150000.12.63.1
bind-debugsource-9.16.6-150000.12.63.1
bind-devel-9.16.6-150000.12.63.1
bind-utils-9.16.6-150000.12.63.1
bind-utils-debuginfo-9.16.6-150000.12.63.1
libbind9-1600-9.16.6-150000.12.63.1
libbind9-1600-debuginfo-9.16.6-150000.12.63.1
libdns1605-9.16.6-150000.12.63.1
libdns1605-debuginfo-9.16.6-150000.12.63.1
libirs-devel-9.16.6-150000.12.63.1
libirs1601-9.16.6-150000.12.63.1
libirs1601-debuginfo-9.16.6-150000.12.63.1
libisc1606-9.16.6-150000.12.63.1
libisc1606-debuginfo-9.16.6-150000.12.63.1
libisccc1600-9.16.6-150000.12.63.1
libisccc1600-debuginfo-9.16.6-150000.12.63.1
libisccfg1600-9.16.6-150000.12.63.1
libisccfg1600-debuginfo-9.16.6-150000.12.63.1
libns1604-9.16.6-150000.12.63.1
libns1604-debuginfo-9.16.6-150000.12.63.1
References:
https://www.suse.com/security/cve/CVE-2022-2795.html
https://www.suse.com/security/cve/CVE-2022-38177.html
https://www.suse.com/security/cve/CVE-2022-38178.html
https://bugzilla.suse.com/1203614
https://bugzilla.suse.com/1203619
https://bugzilla.suse.com/1203620
1
0
SUSE-SU-2022:3730-1: important: Security update for python-paramiko
by opensuse-security@opensuse.org 25 Oct '22
by opensuse-security@opensuse.org 25 Oct '22
25 Oct '22
SUSE Security Update: Security update for python-paramiko
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3730-1
Rating: important
References: #1111151 #1200603
Cross-References: CVE-2018-1000805
CVSS scores:
CVE-2018-1000805 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000805 (SUSE): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for python-paramiko fixes the following issues:
Updated to version 2.4.3:
- CVE-2018-1000805: Fixed authentication bypass (bsc#1111151).
Bugfixes:
- Fixed Ed25519 key handling for certain key comment lengths (bsc#1200603).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3730=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3730=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3730=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3730=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3730=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3730=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3730=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3730=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3730=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3730=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3730=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-3730=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3730=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3730=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3730=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3730=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3730=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3730=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3730=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3730=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (noarch):
python-paramiko-doc-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- openSUSE Leap 15.3 (noarch):
python-paramiko-doc-2.4.3-150100.6.15.1
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Manager Server 4.1 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Manager Proxy 4.1 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Enterprise Storage 7 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE Enterprise Storage 6 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
- SUSE CaaS Platform 4.0 (noarch):
python2-paramiko-2.4.3-150100.6.15.1
python3-paramiko-2.4.3-150100.6.15.1
References:
https://www.suse.com/security/cve/CVE-2018-1000805.html
https://bugzilla.suse.com/1111151
https://bugzilla.suse.com/1200603
1
0
SUSE-SU-2022:3731-1: important: Security update for python-waitress
by opensuse-security@opensuse.org 25 Oct '22
by opensuse-security@opensuse.org 25 Oct '22
25 Oct '22
SUSE Security Update: Security update for python-waitress
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3731-1
Rating: important
References: #1197255
Cross-References: CVE-2022-24761
CVSS scores:
CVE-2022-24761 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-24761 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-waitress fixes the following issues:
- CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP
requests leading to request smuggling. (bsc#1197255)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3731=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3731=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3731=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3731=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3731=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3731=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3731=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3731=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3731=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3731=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3731=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3731=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3731=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3731=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3731=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3731=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3731=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3731=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3731=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3731=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3731=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3731=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3731=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3731=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3731=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- openSUSE Leap 15.3 (noarch):
python2-waitress-1.4.3-150000.3.6.1
python3-waitress-1.4.3-150000.3.6.1
- SUSE Manager Server 4.1 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Manager Proxy 4.1 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
python2-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
python2-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Enterprise Storage 7 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE Enterprise Storage 6 (noarch):
python3-waitress-1.4.3-150000.3.6.1
- SUSE CaaS Platform 4.0 (noarch):
python3-waitress-1.4.3-150000.3.6.1
References:
https://www.suse.com/security/cve/CVE-2022-24761.html
https://bugzilla.suse.com/1197255
1
0
25 Oct '22
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3727-1
Rating: moderate
References: #1027519 #1167608 #1201631 #1201994 #1203806
#1203807
Cross-References: CVE-2022-33746 CVE-2022-33748
CVSS scores:
CVE-2022-33746 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33746 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33748 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33748 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has four
fixes is now available.
Description:
This update for xen fixes the following issues:
Updated to version 4.16.2 (bsc#1027519):
- CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing
(bsc#1203806).
- CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).
Bugfixes:
- Fixed Xen DomU unable to emulate audio device (bsc#1201994).
- Fixed logic error in built-in default of max_event_channels
(bsc#1167608, bsc#1201631).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3727=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-3727=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3727=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3727=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
xen-4.16.2_06-150400.4.11.1
xen-debugsource-4.16.2_06-150400.4.11.1
xen-devel-4.16.2_06-150400.4.11.1
xen-doc-html-4.16.2_06-150400.4.11.1
xen-libs-4.16.2_06-150400.4.11.1
xen-libs-debuginfo-4.16.2_06-150400.4.11.1
xen-tools-4.16.2_06-150400.4.11.1
xen-tools-debuginfo-4.16.2_06-150400.4.11.1
xen-tools-domU-4.16.2_06-150400.4.11.1
xen-tools-domU-debuginfo-4.16.2_06-150400.4.11.1
- openSUSE Leap 15.4 (x86_64):
xen-libs-32bit-4.16.2_06-150400.4.11.1
xen-libs-32bit-debuginfo-4.16.2_06-150400.4.11.1
- openSUSE Leap 15.4 (noarch):
xen-tools-xendomains-wait-disk-4.16.2_06-150400.4.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (x86_64):
xen-4.16.2_06-150400.4.11.1
xen-debugsource-4.16.2_06-150400.4.11.1
xen-devel-4.16.2_06-150400.4.11.1
xen-tools-4.16.2_06-150400.4.11.1
xen-tools-debuginfo-4.16.2_06-150400.4.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
xen-tools-xendomains-wait-disk-4.16.2_06-150400.4.11.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
xen-debugsource-4.16.2_06-150400.4.11.1
xen-libs-4.16.2_06-150400.4.11.1
xen-libs-debuginfo-4.16.2_06-150400.4.11.1
xen-tools-domU-4.16.2_06-150400.4.11.1
xen-tools-domU-debuginfo-4.16.2_06-150400.4.11.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
xen-debugsource-4.16.2_06-150400.4.11.1
xen-libs-4.16.2_06-150400.4.11.1
xen-libs-debuginfo-4.16.2_06-150400.4.11.1
References:
https://www.suse.com/security/cve/CVE-2022-33746.html
https://www.suse.com/security/cve/CVE-2022-33748.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1167608
https://bugzilla.suse.com/1201631
https://bugzilla.suse.com/1201994
https://bugzilla.suse.com/1203806
https://bugzilla.suse.com/1203807
1
0
SUSE-SU-2022:3726-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 25 Oct '22
by opensuse-security@opensuse.org 25 Oct '22
25 Oct '22
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3726-1
Rating: important
References: #1204421
Cross-References: CVE-2022-42927 CVE-2022-42928 CVE-2022-42929
CVE-2022-42932
CVSS scores:
CVE-2022-42927 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42928 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42929 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42932 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
- Updated to version 102.4.0 ESR (bsc#1204421)
- CVE-2022-42927: Fixed same-origin policy violation that could have
leaked cross-origin URLs.
- CVE-2022-42928: Fixed memory Corruption in JS Engine.
- CVE-2022-42929: Fixed denial of Service via window.print.
- CVE-2022-42932: Fixed memory safety bugs.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3726=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3726=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3726=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3726=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3726=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3726=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3726=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3726=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-3726=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-3726=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3726=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3726=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3726=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-branding-upstream-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-branding-upstream-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Manager Proxy 4.1 (x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-102.4.0-150200.152.64.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
MozillaFirefox-102.4.0-150200.152.64.1
MozillaFirefox-debuginfo-102.4.0-150200.152.64.1
MozillaFirefox-debugsource-102.4.0-150200.152.64.1
MozillaFirefox-devel-102.4.0-150200.152.64.1
MozillaFirefox-translations-common-102.4.0-150200.152.64.1
MozillaFirefox-translations-other-102.4.0-150200.152.64.1
References:
https://www.suse.com/security/cve/CVE-2022-42927.html
https://www.suse.com/security/cve/CVE-2022-42928.html
https://www.suse.com/security/cve/CVE-2022-42929.html
https://www.suse.com/security/cve/CVE-2022-42932.html
https://bugzilla.suse.com/1204421
1
0
SUSE-SU-2022:3710-1: important: Security update for multipath-tools
by opensuse-security@opensuse.org 24 Oct '22
by opensuse-security@opensuse.org 24 Oct '22
24 Oct '22
SUSE Security Update: Security update for multipath-tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3710-1
Rating: important
References: #1189551 #1191900 #1195506 #1197570 #1202616
#1202739 PED-1448
Cross-References: CVE-2022-41973 CVE-2022-41974
CVSS scores:
CVE-2022-41973 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-41974 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves two vulnerabilities, contains one
feature and has four fixes is now available.
Description:
This update for multipath-tools fixes the following issues:
- CVE-2022-41973: Fixed a symlink attack in multipathd. (bsc#1202739)
- CVE-2022-41974: Fixed an authorization bypass issue in multipathd.
(bsc#1202739)
- multipathd: add "force_reconfigure" option (bsc#1189551) The command
"multipathd -kreconfigure" changes behavior: instead
of reloading every map, it checks map configuration and reloads
only modified maps. This speeds up the reconfigure operation
substantially. The old behavior can be reinstated by setting
"force_reconfigure yes" in multipath.conf (not recommended). Note:
"force_reconfigure yes" is not supported in SLE15-SP4 and beyond,
which provide the command "multipathd -k'reconfigure all'"
- multipathd: avoid stalled clients during reconfigure (bsc#1189551)
- multipathd: handle client disconnect correctly (bsc#1189551)
- Avoid linking to libreadline to avoid licensing issue (bsc#1202616)
- multipathd: don't switch to DAEMON_IDLE during startup (bsc#1197570)
- multipathd: disallow changing to/from fpin marginal paths on reconfig
- multipathd handle fpin events (bsc#1195506,jsc#PED-1448)
- multipath: fix exit status of multipath -T (bsc#1191900)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3710=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3710=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3710=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3710=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3710=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
kpartx-0.8.5+126+suse.8ce8da5-150300.2.14.1
kpartx-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debugsource-0.8.5+126+suse.8ce8da5-150300.2.14.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
kpartx-0.8.5+126+suse.8ce8da5-150300.2.14.1
kpartx-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libdmmp-devel-0.8.5+126+suse.8ce8da5-150300.2.14.1
libdmmp0_2_0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libdmmp0_2_0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debugsource-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-devel-0.8.5+126+suse.8ce8da5-150300.2.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
kpartx-0.8.5+126+suse.8ce8da5-150300.2.14.1
kpartx-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libdmmp-devel-0.8.5+126+suse.8ce8da5-150300.2.14.1
libdmmp0_2_0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libdmmp0_2_0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debugsource-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-devel-0.8.5+126+suse.8ce8da5-150300.2.14.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kpartx-0.8.5+126+suse.8ce8da5-150300.2.14.1
kpartx-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debugsource-0.8.5+126+suse.8ce8da5-150300.2.14.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kpartx-0.8.5+126+suse.8ce8da5-150300.2.14.1
kpartx-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-0.8.5+126+suse.8ce8da5-150300.2.14.1
libmpath0-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debuginfo-0.8.5+126+suse.8ce8da5-150300.2.14.1
multipath-tools-debugsource-0.8.5+126+suse.8ce8da5-150300.2.14.1
References:
https://www.suse.com/security/cve/CVE-2022-41973.html
https://www.suse.com/security/cve/CVE-2022-41974.html
https://bugzilla.suse.com/1189551
https://bugzilla.suse.com/1191900
https://bugzilla.suse.com/1195506
https://bugzilla.suse.com/1197570
https://bugzilla.suse.com/1202616
https://bugzilla.suse.com/1202739
1
0