openSUSE Security Announce
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
November 2022
- 2 participants
- 149 discussions
openSUSE-SU-2022:10222-1: important: Security update for rxvt-unicode
by opensuse-security@opensuse.org 30 Nov '22
by opensuse-security@opensuse.org 30 Nov '22
30 Nov '22
openSUSE Security Update: Security update for rxvt-unicode
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10222-1
Rating: important
References: #1186174
Cross-References: CVE-2008-1142 CVE-2021-33477
CVSS scores:
CVE-2021-33477 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rxvt-unicode fixes the following issues:
Update to 9.26
- ev_iouring.c was wrongly required during compilation, and wrongly not
packaged.
Update to 9.25 (boo#1186174 CVE-2021-33477)
- for the 17.5th anniversary, and because many distributions seem to
remove rxvt in favour of urxvt, this release resurrects rclock as
urclock.
- add support for systemd socket-based activation - debian bug #917105,
freebsd bug #234276.
- do not destruct perl on exit anymore: this might fail for a variety of
reasons, and takes unneccessary time.
- remove any macros from urxvtperl manpage(s), should fix debian bug
858385.
- the old bg image resources are now provided by the background extension,
and perl is thus required for bg image support. No configuration change
is needed: urxvt autoloads the background ext if any bg image
resource/option is present (for OSC sequences to work you need to enable
it explicity). The old bg image resources are also now deprecated; users
are encouraged to switch to the new bg image interface (see man
urxvt-background).
- confirm-paste now checks for any ctlchars, not just newlines.
- searchable scrollback will now ignore bracketed paste mode sequences
(prompted by Daniel Gr��ber's patch).
- drop ISO 2022 locale support. ISO 2022 encodings are not supported in
POSIX locales and clash with vt100 charset emulation (the luit program
can be used as a substitute).
- perl didn't parse rgba colours specified as an array correctly,
only allowing 0 and 100% intensity for each component (this affected
fill and tint).
- when iterating over resources, urxvt will now try to properly handle
multipart resources (such as "*background.expr"), for the benefit
of autoloading perl extensions.
- ESC G (query rxvt graphics mode) has been disabled due to security
implications. The rxvt graphics mode was removed in rxvt-unicode 1.5,
and no programs relying on being able to query the mode are known.
- work around API change breakage in perl 5.28, based on a patch by Roman
Bogorodskiy.
- improved security: rob nation's (obsolete) graphics mode queries no
longer reply with linefeed in secure/default mode.
- ISO 8613-3 direct colour SGR sequences (patch by Fengguang Wu).
- xterm focus reporting mode (patch by Daniel Hahler).
- xterm SGR mouse mode.
- implement DECRQM. Patch by P��emysl Eric Janouch.
- add missing color index parameter to OSC 4 response. Patch by P��emysl
Eric Janouch.
- in some window managers, if smart resize was enabled, urxvt erroneously
moved the window on font change - awesome bug #532, arch linux bug
##34807 (patch by Uli Schlachter).
- fix urxvtd crash when using a background expression.
- properly restore colors when using fading and reverse video is enabled
while urxvt is focused and then disabled while it is not focused, or
vice versa (patch by Daniel Hahler).
- fix high memory usage when an extension repeatedly hides and shows an
overlay (reported by Marcel Lautenbach).
- expose priv_modes member and constants to perl extensions (patch by
Rastislav Barlik).
- fix a whole slew of const sillyness, unfortunately forced upon us by ISO
C++.
- update to libecb 0x00010006.
- disable all thread support in ecb.h as we presumably don't need it.
- slightly improve Makefile source dependencies.
- work around bugs in newer Pod::Xhtml versions (flags incorrect
formatting codes in xhtml/html sections but does not interpret correct
ones).
- New file: /usr/bin/urclock
- restore the -256color binaries
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10222=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10222=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
rxvt-unicode-9.26-bp154.2.3.1
rxvt-unicode-debuginfo-9.26-bp154.2.3.1
rxvt-unicode-debugsource-9.26-bp154.2.3.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
rxvt-unicode-9.26-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2008-1142.html
https://www.suse.com/security/cve/CVE-2021-33477.html
https://bugzilla.suse.com/1186174
1
0
Hi,
SUSE Linux Enterprise Server 15 SP3 leaves its regular maintenance and
support phase on December 31st 2022.
As openSUSE Leap 15.3 uses the SLES 15 SP3 updates, also openSUSE Leap
15.3 support from openSUSE Maintenance and Security will end on December 31st 2022.
An upgrade to openSUSE Leap 15.4 is recommended.
Ciao, Marcus
1
0
SUSE-SU-2022:4285-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4285-1
Rating: important
References: #1205120 #1205121 #1205122 #1205123 #1205124
Cross-References: CVE-2022-32888 CVE-2022-32923 CVE-2022-42799
CVE-2022-42823 CVE-2022-42824
CVSS scores:
CVE-2022-32888 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32888 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32923 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-32923 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-42799 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42799 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42823 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42823 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42824 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-42824 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
Security fixes:
- CVE-2022-32888: Fixed possible arbitrary code execution via maliciously
crafted web content (bsc#1205121).
- CVE-2022-32923: Fixed possible information leak via maliciously crafted
web content (bsc#1205122).
- CVE-2022-42799: Fixed user interface spoofing when visiting a malicious
website (bsc#1205123).
- CVE-2022-42823: Fixed possible arbitrary code execution via maliciously
crafted web content (bsc#1205120).
- CVE-2022-42824: Fixed possible sensitive user information leak via
maliciously crafted web content (bsc#1205124).
Update to version 2.38.2:
- Fix scrolling issues in some sites having fixed background.
- Fix prolonged buffering during progressive live playback.
- Fix the build with accessibility disabled.
- Fix several crashes and rendering issues.
Update to version 2.38.1:
- Make xdg-dbus-proxy work if host session bus address is an abstract
socket.
- Use a single xdg-dbus-proxy process when sandbox is enabled.
- Fix high resolution video playback due to unimplemented changeType
operation.
- Ensure GSubprocess uses posix_spawn() again and inherit file
descriptors.
- Fix player stucking in buffering (paused) state for progressive
streaming.
- Do not try to preconnect on link click when link preconnect setting is
disabled.
- Fix close status code returned when the client closes a WebSocket in
some cases.
- Fix media player duration calculation.
- Fix several crashes and rendering issues.
Update to version 2.38.0:
- New media controls UI style.
- Add new API to set WebView's Content-Security-Policy for web
extensions support.
- Make it possible to use the remote inspector from other browsers using
WEBKIT_INSPECTOR_HTTP_SERVER env var.
- MediaSession is enabled by default, allowing remote media control
using MPRIS.
- Add support for PDF documents using PDF.js.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4285=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4285=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4285=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4285=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4285=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4285=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4285=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4285=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4285=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4285=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4285=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4285=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4285=1
Package List:
- openSUSE Leap 15.4 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit-jsc-4-2.38.2-150200.54.2
webkit-jsc-4-debuginfo-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
webkit2gtk3-minibrowser-2.38.2-150200.54.2
webkit2gtk3-minibrowser-debuginfo-2.38.2-150200.54.2
- openSUSE Leap 15.3 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-32bit-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-32bit-debuginfo-2.38.2-150200.54.2
- openSUSE Leap 15.3 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Manager Server 4.1 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Manager Retail Branch Server 4.1 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Manager Proxy 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Manager Proxy 4.1 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Enterprise Storage 7 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
References:
https://www.suse.com/security/cve/CVE-2022-32888.html
https://www.suse.com/security/cve/CVE-2022-32923.html
https://www.suse.com/security/cve/CVE-2022-42799.html
https://www.suse.com/security/cve/CVE-2022-42823.html
https://www.suse.com/security/cve/CVE-2022-42824.html
https://bugzilla.suse.com/1205120
https://bugzilla.suse.com/1205121
https://bugzilla.suse.com/1205122
https://bugzilla.suse.com/1205123
https://bugzilla.suse.com/1205124
1
0
SUSE-SU-2022:4292-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4292-1
Rating: moderate
References: #1205563 #1205564
Cross-References: CVE-2022-39318 CVE-2022-39319
CVSS scores:
CVE-2022-39318 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39318 (SUSE): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39319 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-39319 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39318: Fixed division by zero in urbdrc (bsc#1205563).
- CVE-2022-39319: Fixed missing input buffer length check in urbdrc
(bsc#1205564).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4292=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4292=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4292=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
freerdp-2.1.2-150200.15.24.1
freerdp-debuginfo-2.1.2-150200.15.24.1
freerdp-debugsource-2.1.2-150200.15.24.1
freerdp-devel-2.1.2-150200.15.24.1
freerdp-proxy-2.1.2-150200.15.24.1
freerdp-proxy-debuginfo-2.1.2-150200.15.24.1
freerdp-server-2.1.2-150200.15.24.1
freerdp-server-debuginfo-2.1.2-150200.15.24.1
freerdp-wayland-2.1.2-150200.15.24.1
freerdp-wayland-debuginfo-2.1.2-150200.15.24.1
libfreerdp2-2.1.2-150200.15.24.1
libfreerdp2-debuginfo-2.1.2-150200.15.24.1
libuwac0-0-2.1.2-150200.15.24.1
libuwac0-0-debuginfo-2.1.2-150200.15.24.1
libwinpr2-2.1.2-150200.15.24.1
libwinpr2-debuginfo-2.1.2-150200.15.24.1
uwac0-0-devel-2.1.2-150200.15.24.1
winpr2-devel-2.1.2-150200.15.24.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
freerdp-2.1.2-150200.15.24.1
freerdp-debuginfo-2.1.2-150200.15.24.1
freerdp-debugsource-2.1.2-150200.15.24.1
freerdp-devel-2.1.2-150200.15.24.1
freerdp-proxy-2.1.2-150200.15.24.1
freerdp-proxy-debuginfo-2.1.2-150200.15.24.1
libfreerdp2-2.1.2-150200.15.24.1
libfreerdp2-debuginfo-2.1.2-150200.15.24.1
libwinpr2-2.1.2-150200.15.24.1
libwinpr2-debuginfo-2.1.2-150200.15.24.1
winpr2-devel-2.1.2-150200.15.24.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
freerdp-2.1.2-150200.15.24.1
freerdp-debuginfo-2.1.2-150200.15.24.1
freerdp-debugsource-2.1.2-150200.15.24.1
freerdp-devel-2.1.2-150200.15.24.1
freerdp-proxy-2.1.2-150200.15.24.1
freerdp-proxy-debuginfo-2.1.2-150200.15.24.1
libfreerdp2-2.1.2-150200.15.24.1
libfreerdp2-debuginfo-2.1.2-150200.15.24.1
libwinpr2-2.1.2-150200.15.24.1
libwinpr2-debuginfo-2.1.2-150200.15.24.1
winpr2-devel-2.1.2-150200.15.24.1
References:
https://www.suse.com/security/cve/CVE-2022-39318.html
https://www.suse.com/security/cve/CVE-2022-39319.html
https://bugzilla.suse.com/1205563
https://bugzilla.suse.com/1205564
1
0
SUSE-SU-2022:4282-1: important: Security update for vim
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for vim
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4282-1
Rating: important
References: #1192478 #1202962 #1203110 #1203152 #1203155
#1203194 #1203272 #1203508 #1203509 #1203796
#1203797 #1203799 #1203820 #1203924 #1204779
Cross-References: CVE-2021-3928 CVE-2022-2980 CVE-2022-2982
CVE-2022-3037 CVE-2022-3099 CVE-2022-3134
CVE-2022-3153 CVE-2022-3234 CVE-2022-3235
CVE-2022-3278 CVE-2022-3296 CVE-2022-3297
CVE-2022-3324 CVE-2022-3352 CVE-2022-3705
CVSS scores:
CVE-2021-3928 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3928 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
CVE-2022-2980 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-2980 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-2982 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2982 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3037 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3099 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3099 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-3134 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3134 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3153 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3234 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3235 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3235 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3278 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3278 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3296 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3296 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-3297 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3297 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3324 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3324 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3352 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3352 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-3705 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3705 (SUSE): 5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
This update for vim fixes the following issues:
Updated to version 9.0 with patch level 0814:
- CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
- CVE-2022-3234: Fixed heap-based buffer overflow (bsc#1203508).
- CVE-2022-3235: Fixed use-after-free (bsc#1203509).
- CVE-2022-3324: Fixed stack-based buffer overflow (bsc#1203820).
- CVE-2022-3705: Fixed use-after-free in function qf_update_buffer of the
file quickfix.c (bsc#1204779).
- CVE-2022-2982: Fixed use-after-free in qf_fill_buffer() (bsc#1203152).
- CVE-2022-3296: Fixed stack out of bounds read in ex_finally() in
ex_eval.c (bsc#1203796).
- CVE-2022-3297: Fixed use-after-free in process_next_cpt_value() at
insexpand.c (bsc#1203797).
- CVE-2022-3099: Fixed use-after-free in ex_docmd.c (bsc#1203110).
- CVE-2022-3134: Fixed use-after-free in do_tag() (bsc#1203194).
- CVE-2022-3153: Fixed NULL pointer dereference (bsc#1203272).
- CVE-2022-3278: Fixed NULL pointer dereference in eval_next_non_blank()
in eval.c (bsc#1203799).
- CVE-2022-3352: Fixed use-after-free (bsc#1203924).
- CVE-2022-2980: Fixed NULL pointer dereference in do_mouse()
(bsc#1203155).
- CVE-2022-3037: Fixed use-after-free (bsc#1202962).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4282=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4282=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4282=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4282=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4282=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4282=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4282=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4282=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4282=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4282=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4282=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4282=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4282=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4282=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4282=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4282=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4282=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4282=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4282=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4282=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4282=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4282=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4282=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4282=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap Micro 5.3 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap Micro 5.2 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap 15.4 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap 15.3 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Manager Server 4.1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Manager Proxy 4.1 (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Manager Proxy 4.1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 7 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 6 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE CaaS Platform 4.0 (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE CaaS Platform 4.0 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
References:
https://www.suse.com/security/cve/CVE-2021-3928.html
https://www.suse.com/security/cve/CVE-2022-2980.html
https://www.suse.com/security/cve/CVE-2022-2982.html
https://www.suse.com/security/cve/CVE-2022-3037.html
https://www.suse.com/security/cve/CVE-2022-3099.html
https://www.suse.com/security/cve/CVE-2022-3134.html
https://www.suse.com/security/cve/CVE-2022-3153.html
https://www.suse.com/security/cve/CVE-2022-3234.html
https://www.suse.com/security/cve/CVE-2022-3235.html
https://www.suse.com/security/cve/CVE-2022-3278.html
https://www.suse.com/security/cve/CVE-2022-3296.html
https://www.suse.com/security/cve/CVE-2022-3297.html
https://www.suse.com/security/cve/CVE-2022-3324.html
https://www.suse.com/security/cve/CVE-2022-3352.html
https://www.suse.com/security/cve/CVE-2022-3705.html
https://bugzilla.suse.com/1192478
https://bugzilla.suse.com/1202962
https://bugzilla.suse.com/1203110
https://bugzilla.suse.com/1203152
https://bugzilla.suse.com/1203155
https://bugzilla.suse.com/1203194
https://bugzilla.suse.com/1203272
https://bugzilla.suse.com/1203508
https://bugzilla.suse.com/1203509
https://bugzilla.suse.com/1203796
https://bugzilla.suse.com/1203797
https://bugzilla.suse.com/1203799
https://bugzilla.suse.com/1203820
https://bugzilla.suse.com/1203924
https://bugzilla.suse.com/1204779
1
0
SUSE-SU-2022:4281-1: important: Security update for python3
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for python3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4281-1
Rating: important
References: #1188607 #1203125 #1204577
Cross-References: CVE-2019-18348 CVE-2020-10735 CVE-2020-8492
CVE-2022-37454
CVSS scores:
CVE-2019-18348 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2019-18348 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2020-10735 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-10735 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-8492 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-8492 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-37454 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37454 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for python3 fixes the following issues:
- CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_*
implementations. (bsc#1204577)
- CVE-2020-10735: Fixed a bug to limit amount of digits converting text to
int and vice vera. (bsc#1203125)
The following non-security bug was fixed:
- Fixed a crash in the garbage collection (bsc#1188607).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4281=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4281=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4281=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4281=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4281=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4281=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4281=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4281=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4281=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4281=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-doc-3.6.15-150300.10.37.1
python3-doc-devhelp-3.6.15-150300.10.37.1
python3-idle-3.6.15-150300.10.37.2
python3-testsuite-3.6.15-150300.10.37.2
python3-testsuite-debuginfo-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- openSUSE Leap 15.4 (x86_64):
libpython3_6m1_0-32bit-3.6.15-150300.10.37.2
libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.37.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-doc-3.6.15-150300.10.37.1
python3-doc-devhelp-3.6.15-150300.10.37.1
python3-idle-3.6.15-150300.10.37.2
python3-testsuite-3.6.15-150300.10.37.2
python3-testsuite-debuginfo-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- openSUSE Leap 15.3 (x86_64):
libpython3_6m1_0-32bit-3.6.15-150300.10.37.2
libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
python3-core-debugsource-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
python3-core-debugsource-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-idle-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-idle-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
References:
https://www.suse.com/security/cve/CVE-2019-18348.html
https://www.suse.com/security/cve/CVE-2020-10735.html
https://www.suse.com/security/cve/CVE-2020-8492.html
https://www.suse.com/security/cve/CVE-2022-37454.html
https://bugzilla.suse.com/1188607
https://bugzilla.suse.com/1203125
https://bugzilla.suse.com/1204577
1
0
SUSE-SU-2022:4278-1: moderate: Security update for supportutils
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for supportutils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4278-1
Rating: moderate
References: #1184689 #1188086 #1192252 #1192648 #1197428
#1200330 #1202269 #1202337 #1202417 #1203818
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for supportutils fixes the following issues:
Security issues fixed:
- Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt
(bsc#1203818)
Bug fixes:
- Added lifecycle information
- Fixed KVM virtualization detection on bare metal (bsc#1184689)
- Added logging using journalctl (bsc#1200330)
- Get current sar data before collecting files (bsc#1192648)
- Collects everything in /etc/multipath/ (bsc#1192252)
- Collects power management information in hardware.txt (bsc#1197428)
- Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337)
- Fixed conf_files and conf_text_files so y2log is gathered (bsc#1202269)
- Update to nvme_info and block_info (bsc#1202417)
- Added includedir directories from /etc/sudoers (bsc#1188086)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4278=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4278=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4278=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4278=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4278=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4278=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4278=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4278=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4278=1
Package List:
- openSUSE Leap Micro 5.3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- openSUSE Leap Micro 5.2 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- openSUSE Leap 15.4 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- openSUSE Leap 15.3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
supportutils-3.1.21-150300.7.35.15.1
References:
https://bugzilla.suse.com/1184689
https://bugzilla.suse.com/1188086
https://bugzilla.suse.com/1192252
https://bugzilla.suse.com/1192648
https://bugzilla.suse.com/1197428
https://bugzilla.suse.com/1200330
https://bugzilla.suse.com/1202269
https://bugzilla.suse.com/1202337
https://bugzilla.suse.com/1202417
https://bugzilla.suse.com/1203818
1
0
SUSE-SU-2022:4276-1: important: Security update for exiv2
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for exiv2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4276-1
Rating: important
References: #1050257 #1095070 #1110282 #1119559 #1119560
#1119562 #1142677 #1142678 #1153577 #1186231
#1189337
Cross-References: CVE-2017-11591 CVE-2018-11531 CVE-2018-17581
CVE-2018-20097 CVE-2018-20098 CVE-2018-20099
CVE-2019-13109 CVE-2019-13110 CVE-2019-17402
CVE-2021-29473 CVE-2021-32815
CVSS scores:
CVE-2017-11591 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-11591 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-11531 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-11531 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2018-17581 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-17581 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-20097 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20097 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20098 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20098 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20099 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20099 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-13109 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13109 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-13110 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13110 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-17402 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29473 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29473 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32815 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32815 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for exiv2 fixes the following issues:
- CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in
CiffDirectory:readDirectory leads to denail of service (bsc#1142678).
- CVE-2019-13109: Fixed a denial of service in PngImage:readMetadata
(bsc#1142677).
- CVE-2018-17581: Fixed an excessive stack consumption
CiffDirectory:readDirectory() at crwimage_int.cpp (bsc#1110282).
- CVE-2017-11591: Fixed a floating point exception in Exiv2::ValueType
(bsc#1050257).
- CVE-2019-17402: Fixed an improper validation of the total size to the
offset and size leads to a crash in Exiv2::getULong in types.cpp
(bsc#1153577).
- CVE-2021-32815: Fixed a deny-of-service due to assertion failure in
crwimage_int.cpp (bsc#1189337).
- CVE-2018-20097: Fixed SEGV in
Exiv2::Internal::TiffParserWorker::findPrimaryGroupsu (bsc#1119562).
- CVE-2021-29473: Fixed out-of-bounds read in
Exiv2::Jp2Image:doWriteMetadata (bsc#1186231).
- CVE-2018-20098: Fixed a heap-based buffer over-read in
Exiv2::Jp2Image::encodeJp2Header (bsc#1119560).
- CVE-2018-11531: Fixed a heap-based buffer overflow in getData in
preview.cpp (bsc#1095070).
- CVE-2018-20099: exiv2: infinite loop in Exiv2::Jp2Image::encodeJp2Header
(bsc#1119559).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4276=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4276=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4276=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4276=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4276=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4276=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4276=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4276=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4276=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4276=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4276=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4276=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4276=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4276=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4276=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
exiv2-0.26-150000.6.26.1
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
libexiv2-doc-0.26-150000.6.26.1
- openSUSE Leap 15.3 (noarch):
exiv2-lang-0.26-150000.6.26.1
- openSUSE Leap 15.3 (x86_64):
libexiv2-26-32bit-0.26-150000.6.26.1
libexiv2-26-32bit-debuginfo-0.26-150000.6.26.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Manager Proxy 4.1 (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE CaaS Platform 4.0 (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
References:
https://www.suse.com/security/cve/CVE-2017-11591.html
https://www.suse.com/security/cve/CVE-2018-11531.html
https://www.suse.com/security/cve/CVE-2018-17581.html
https://www.suse.com/security/cve/CVE-2018-20097.html
https://www.suse.com/security/cve/CVE-2018-20098.html
https://www.suse.com/security/cve/CVE-2018-20099.html
https://www.suse.com/security/cve/CVE-2019-13109.html
https://www.suse.com/security/cve/CVE-2019-13110.html
https://www.suse.com/security/cve/CVE-2019-17402.html
https://www.suse.com/security/cve/CVE-2021-29473.html
https://www.suse.com/security/cve/CVE-2021-32815.html
https://bugzilla.suse.com/1050257
https://bugzilla.suse.com/1095070
https://bugzilla.suse.com/1110282
https://bugzilla.suse.com/1119559
https://bugzilla.suse.com/1119560
https://bugzilla.suse.com/1119562
https://bugzilla.suse.com/1142677
https://bugzilla.suse.com/1142678
https://bugzilla.suse.com/1153577
https://bugzilla.suse.com/1186231
https://bugzilla.suse.com/1189337
1
0
SUSE-SU-2022:4259-1: important: Security update for tiff
by opensuse-security@opensuse.org 28 Nov '22
by opensuse-security@opensuse.org 28 Nov '22
28 Nov '22
SUSE Security Update: Security update for tiff
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4259-1
Rating: important
References: #1204641 #1204643 #1204644 #1204645 #1205392
Cross-References: CVE-2022-3597 CVE-2022-3599 CVE-2022-3626
CVE-2022-3627 CVE-2022-3970
CVSS scores:
CVE-2022-3597 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3597 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3599 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3599 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3626 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3626 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3627 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3627 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3970 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3970 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for tiff fixes the following issues:
- CVE-2022-3597: Fixed out-of-bounds write in _TIFFmemcpy in
libtiff/tif_unix.c (bnc#1204641).
- CVE-2022-3599: Fixed out-of-bounds read in writeSingleSection in
tools/tiffcrop.c (bnc#1204643).
- CVE-2022-3626: Fixed out-of-bounds write in _TIFFmemset in
libtiff/tif_unix.c (bnc#1204644)
- CVE-2022-3627: Fixed out-of-bounds write in _TIFFmemcpy in
libtiff/tif_unix.c (bnc#1204645).
- CVE-2022-3970: Fixed unsigned integer overflow in TIFFReadRGBATileExt()
(bnc#1205392).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4259=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4259=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4259=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4259=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4259=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4259=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4259=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4259=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4259=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4259=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4259=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4259=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4259=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4259=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4259=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4259=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4259=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4259=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4259=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4259=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4259=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4259=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4259=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4259=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4259=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4259=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4259=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4259=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4259=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4259=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- openSUSE Leap 15.4 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- openSUSE Leap 15.3 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Manager Server 4.1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Manager Proxy 4.1 (x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Enterprise Storage 7 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
- SUSE Enterprise Storage 6 (x86_64):
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
- SUSE CaaS Platform 4.0 (x86_64):
libtiff-devel-4.0.9-150000.45.19.1
libtiff5-32bit-4.0.9-150000.45.19.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.19.1
libtiff5-4.0.9-150000.45.19.1
libtiff5-debuginfo-4.0.9-150000.45.19.1
tiff-debuginfo-4.0.9-150000.45.19.1
tiff-debugsource-4.0.9-150000.45.19.1
References:
https://www.suse.com/security/cve/CVE-2022-3597.html
https://www.suse.com/security/cve/CVE-2022-3599.html
https://www.suse.com/security/cve/CVE-2022-3626.html
https://www.suse.com/security/cve/CVE-2022-3627.html
https://www.suse.com/security/cve/CVE-2022-3970.html
https://bugzilla.suse.com/1204641
https://bugzilla.suse.com/1204643
https://bugzilla.suse.com/1204644
https://bugzilla.suse.com/1204645
https://bugzilla.suse.com/1205392
1
0
SUSE-SU-2022:4260-1: important: Security update for busybox
by opensuse-security@opensuse.org 28 Nov '22
by opensuse-security@opensuse.org 28 Nov '22
28 Nov '22
SUSE Security Update: Security update for busybox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4260-1
Rating: important
References: #1099260 #914660
Cross-References: CVE-2014-9645 CVE-2018-1000517
CVSS scores:
CVE-2014-9645 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2018-1000517 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000517 (SUSE): 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for busybox fixes the following issues:
- CVE-2014-9645: Fixed loading of unwanted module with / in module names
(bsc#914660).
- Enable switch_root With this change virtme --force-initramfs works as
expected.
- Enable udhcpc
Update to 1.35.0:
- awk: fix printf %%, fix read beyond end of buffer
- Adjust busybox.config for new features in find, date and cpio
- chrt: silence analyzer warning
- libarchive: remove duplicate forward declaration
- mount: "mount -o rw ...." should not fall back to RO mount
- ps: fix -o pid=PID,args interpreting entire "PID,args" as header
- tar: prevent malicious archives with long name sizes causing OOM
- udhcpc6: fix udhcp_find_option to actually find DHCP6 options
- xxd: fix -p -r
- support for new optoins added to basename, cpio, date, find, mktemp,
wget and others
- Adjust busybox.config for new features in find, date and cpio
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4260=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4260=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4260=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4260=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4260=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4260=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4260=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4260=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4260=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4260=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4260=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4260=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4260=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4260=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4260=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4260=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4260=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4260=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4260=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4260=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4260=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Manager Proxy 4.1 (x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
busybox-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
busybox-1.35.0-150000.4.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
- SUSE CaaS Platform 4.0 (x86_64):
busybox-1.35.0-150000.4.14.1
busybox-static-1.35.0-150000.4.14.1
References:
https://www.suse.com/security/cve/CVE-2014-9645.html
https://www.suse.com/security/cve/CVE-2018-1000517.html
https://bugzilla.suse.com/1099260
https://bugzilla.suse.com/914660
1
0
SUSE-SU-2022:4255-1: important: Security update for nodejs14
by opensuse-security@opensuse.org 28 Nov '22
by opensuse-security@opensuse.org 28 Nov '22
28 Nov '22
SUSE Security Update: Security update for nodejs14
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4255-1
Rating: important
References: #1205119
Cross-References: CVE-2022-43548
CVSS scores:
CVE-2022-43548 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for nodejs14 fixes the following issues:
- Update to 14.21.1:
- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP
address (bsc#1205119).
- Update to 14.21.0:
- src: add --openssl-shared-config option
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4255=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4255=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4255=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4255=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4255=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4255=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4255=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4255=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-4255=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4255=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4255=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4255=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack14-14.21.1-150200.15.40.2
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- openSUSE Leap 15.4 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Manager Server 4.1 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Manager Proxy 4.1 (x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Manager Proxy 4.1 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs14-14.21.1-150200.15.40.2
nodejs14-debuginfo-14.21.1-150200.15.40.2
nodejs14-debugsource-14.21.1-150200.15.40.2
nodejs14-devel-14.21.1-150200.15.40.2
npm14-14.21.1-150200.15.40.2
- SUSE Enterprise Storage 7 (noarch):
nodejs14-docs-14.21.1-150200.15.40.2
References:
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1205119
1
0
SUSE-SU-2022:4250-1: important: Security update for java-1_8_0-openj9
by opensuse-security@opensuse.org 28 Nov '22
by opensuse-security@opensuse.org 28 Nov '22
28 Nov '22
SUSE Security Update: Security update for java-1_8_0-openj9
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4250-1
Rating: important
References: #1204471 #1204472 #1204473 #1204475 #1204703
Cross-References: CVE-2022-21619 CVE-2022-21624 CVE-2022-21626
CVE-2022-21628 CVE-2022-3676
CVSS scores:
CVE-2022-21619 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21626 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21626 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3676 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-3676 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for java-1_8_0-openj9 fixes the following issues:
- Update to OpenJDK 8u352 build 08 with OpenJ9 0.35.0 virtual machine,
including Oracle October 2022 CPU changes.
- CVE-2022-21619: An unauthenticated attacker with network access via
multiple protocols to compromise Oracle Java SE (bsc#1204473).
- CVE-2022-21626: An unauthenticated attacker with network access via
HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204471).
- CVE-2022-21624: An unauthenticated attacker with network access via
multiple protocols to compromise Oracle Java SE, Oracle GraalVM
Enterprise (bsc#1204475).
- CVE-2022-21628: An unauthenticated attacker with network access via HTTP
can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204472).
- CVE-2022-3676: Fixed interface than calls can be inlined without a
runtime type check (bsc#1204703).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4250=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4250=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
java-1_8_0-openj9-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-accessibility-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-debuginfo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-debugsource-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-demo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-demo-debuginfo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-devel-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-devel-debuginfo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-headless-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-headless-debuginfo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-src-1.8.0.352-150200.3.27.1
- openSUSE Leap 15.4 (noarch):
java-1_8_0-openj9-javadoc-1.8.0.352-150200.3.27.1
- openSUSE Leap 15.3 (ppc64le s390x x86_64):
java-1_8_0-openj9-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-accessibility-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-debuginfo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-debugsource-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-demo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-demo-debuginfo-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-devel-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-headless-1.8.0.352-150200.3.27.1
java-1_8_0-openj9-src-1.8.0.352-150200.3.27.1
- openSUSE Leap 15.3 (noarch):
java-1_8_0-openj9-javadoc-1.8.0.352-150200.3.27.1
References:
https://www.suse.com/security/cve/CVE-2022-21619.html
https://www.suse.com/security/cve/CVE-2022-21624.html
https://www.suse.com/security/cve/CVE-2022-21626.html
https://www.suse.com/security/cve/CVE-2022-21628.html
https://www.suse.com/security/cve/CVE-2022-3676.html
https://bugzilla.suse.com/1204471
https://bugzilla.suse.com/1204472
https://bugzilla.suse.com/1204473
https://bugzilla.suse.com/1204475
https://bugzilla.suse.com/1204703
1
0
SUSE-SU-2022:4254-1: important: Security update for nodejs12
by opensuse-security@opensuse.org 28 Nov '22
by opensuse-security@opensuse.org 28 Nov '22
28 Nov '22
SUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4254-1
Rating: important
References: #1205119
Cross-References: CVE-2022-43548
CVSS scores:
CVE-2022-43548 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for nodejs12 fixes the following issues:
- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP
address (bsc#1205119).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4254=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4254=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4254=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4254=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4254=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4254=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4254=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4254=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-4254=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4254=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4254=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4254=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- openSUSE Leap 15.4 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Manager Server 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Manager Proxy 4.1 (x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Manager Proxy 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs12-12.22.12-150200.4.41.2
nodejs12-debuginfo-12.22.12-150200.4.41.2
nodejs12-debugsource-12.22.12-150200.4.41.2
nodejs12-devel-12.22.12-150200.4.41.2
npm12-12.22.12-150200.4.41.2
- SUSE Enterprise Storage 7 (noarch):
nodejs12-docs-12.22.12-150200.4.41.2
References:
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1205119
1
0
openSUSE-SU-2022:10221-1: important: Security update for chromium
by opensuse-security@opensuse.org 28 Nov '22
by opensuse-security@opensuse.org 28 Nov '22
28 Nov '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10221-1
Rating: important
References: #1205736
Cross-References: CVE-2022-4135
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for chromium fixes the following issues:
Chromium 107.0.5304.121 (boo#1205736)
* CVE-2022-4135: Heap buffer overflow in GPU
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10221=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10221=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-107.0.5304.121-bp154.2.46.1
chromedriver-debuginfo-107.0.5304.121-bp154.2.46.1
chromium-107.0.5304.121-bp154.2.46.1
chromium-debuginfo-107.0.5304.121-bp154.2.46.1
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-107.0.5304.121-bp153.2.139.1
chromium-107.0.5304.121-bp153.2.139.1
References:
https://www.suse.com/security/cve/CVE-2022-4135.html
https://bugzilla.suse.com/1205736
1
0
openSUSE-SU-2022:10218-1: important: Security update for opera
by opensuse-security@opensuse.org 26 Nov '22
by opensuse-security@opensuse.org 26 Nov '22
26 Nov '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10218-1
Rating: important
References:
Cross-References: CVE-2022-3723
CVSS scores:
CVE-2022-3723 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3:NonFree
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for opera fixes the following issues:
Update to 93.0.4585.11:
- CHR-9051 Update chromium on desktop-stable-107-4585 to 107.0.5304.88
- DNA-95965 Add support for more UD TLDs
- DNA-102960 Replace messengers icons
- DNA-102964 Crash at -[FramedBrowserWindow sendEvent:]
- DNA-103125 Translations for O93
- DNA-103287 Bump O93 to stable
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:NonFree:
zypper in -t patch openSUSE-2022-10218=1
Package List:
- openSUSE Leap 15.3:NonFree (x86_64):
opera-93.0.4585.11-lp153.2.69.1
References:
https://www.suse.com/security/cve/CVE-2022-3723.html
1
0
openSUSE-SU-2022:10219-1: important: Security update for opera
by opensuse-security@opensuse.org 26 Nov '22
by opensuse-security@opensuse.org 26 Nov '22
26 Nov '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10219-1
Rating: important
References:
Cross-References: CVE-2022-3723
CVSS scores:
CVE-2022-3723 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.4:NonFree
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for opera fixes the following issues:
Update to 93.0.4585.11
- CHR-9051 Update chromium on desktop-stable-107-4585 to 107.0.5304.88
- DNA-95965 Add support for more UD TLDs
- DNA-102960 Replace messengers icons
- DNA-102964 Crash at -[FramedBrowserWindow sendEvent:]
- DNA-103125 Translations for O93
- DNA-103287 Bump O93 to stable
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:NonFree:
zypper in -t patch openSUSE-2022-10219=1
Package List:
- openSUSE Leap 15.4:NonFree (x86_64):
opera-93.0.4585.11-lp154.2.29.1
References:
https://www.suse.com/security/cve/CVE-2022-3723.html
1
0
SUSE-SU-2022:4224-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 25 Nov '22
by opensuse-security@opensuse.org 25 Nov '22
25 Nov '22
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4224-1
Rating: moderate
References: #1205563 #1205564
Cross-References: CVE-2022-39318 CVE-2022-39319
CVSS scores:
CVE-2022-39318 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39318 (SUSE): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39319 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-39319 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39318: Fixed division by zero in urbdrc (bsc#1205563).
- CVE-2022-39319: Fixed missing input buffer length check in urbdrc
(bsc#1205564).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4224=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-4224=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4224=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
freerdp-2.4.0-150400.3.12.1
freerdp-debuginfo-2.4.0-150400.3.12.1
freerdp-debugsource-2.4.0-150400.3.12.1
freerdp-devel-2.4.0-150400.3.12.1
freerdp-proxy-2.4.0-150400.3.12.1
freerdp-proxy-debuginfo-2.4.0-150400.3.12.1
freerdp-server-2.4.0-150400.3.12.1
freerdp-server-debuginfo-2.4.0-150400.3.12.1
freerdp-wayland-2.4.0-150400.3.12.1
freerdp-wayland-debuginfo-2.4.0-150400.3.12.1
libfreerdp2-2.4.0-150400.3.12.1
libfreerdp2-debuginfo-2.4.0-150400.3.12.1
libuwac0-0-2.4.0-150400.3.12.1
libuwac0-0-debuginfo-2.4.0-150400.3.12.1
libwinpr2-2.4.0-150400.3.12.1
libwinpr2-debuginfo-2.4.0-150400.3.12.1
uwac0-0-devel-2.4.0-150400.3.12.1
winpr2-devel-2.4.0-150400.3.12.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
freerdp-2.4.0-150400.3.12.1
freerdp-debuginfo-2.4.0-150400.3.12.1
freerdp-debugsource-2.4.0-150400.3.12.1
freerdp-devel-2.4.0-150400.3.12.1
freerdp-proxy-2.4.0-150400.3.12.1
freerdp-proxy-debuginfo-2.4.0-150400.3.12.1
libfreerdp2-2.4.0-150400.3.12.1
libfreerdp2-debuginfo-2.4.0-150400.3.12.1
libwinpr2-2.4.0-150400.3.12.1
libwinpr2-debuginfo-2.4.0-150400.3.12.1
winpr2-devel-2.4.0-150400.3.12.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
freerdp-2.4.0-150400.3.12.1
freerdp-debuginfo-2.4.0-150400.3.12.1
freerdp-debugsource-2.4.0-150400.3.12.1
freerdp-devel-2.4.0-150400.3.12.1
freerdp-proxy-2.4.0-150400.3.12.1
freerdp-proxy-debuginfo-2.4.0-150400.3.12.1
libfreerdp2-2.4.0-150400.3.12.1
libfreerdp2-debuginfo-2.4.0-150400.3.12.1
libwinpr2-2.4.0-150400.3.12.1
libwinpr2-debuginfo-2.4.0-150400.3.12.1
winpr2-devel-2.4.0-150400.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-39318.html
https://www.suse.com/security/cve/CVE-2022-39319.html
https://bugzilla.suse.com/1205563
https://bugzilla.suse.com/1205564
1
0
SUSE-SU-2022:4219-1: important: Security update for grub2
by opensuse-security@opensuse.org 25 Nov '22
by opensuse-security@opensuse.org 25 Nov '22
25 Nov '22
SUSE Security Update: Security update for grub2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4219-1
Rating: important
References: #1205178 #1205182
Cross-References: CVE-2022-2601 CVE-2022-3775
CVSS scores:
CVE-2022-2601 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3775 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for grub2 fixes the following issues:
- CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph
(bsc#1205178).
- CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182).
Other:
- Bump upstream SBAT generation to 3
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4219=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4219=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4219=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-4219=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4219=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4219=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
grub2-2.04-150300.22.25.1
grub2-debuginfo-2.04-150300.22.25.1
grub2-debugsource-2.04-150300.22.25.1
- openSUSE Leap Micro 5.2 (noarch):
grub2-arm64-efi-2.04-150300.22.25.1
grub2-i386-pc-2.04-150300.22.25.1
grub2-snapper-plugin-2.04-150300.22.25.1
grub2-x86_64-efi-2.04-150300.22.25.1
grub2-x86_64-xen-2.04-150300.22.25.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
grub2-2.04-150300.22.25.1
grub2-branding-upstream-2.04-150300.22.25.1
grub2-debuginfo-2.04-150300.22.25.1
- openSUSE Leap 15.3 (aarch64 s390x x86_64):
grub2-debugsource-2.04-150300.22.25.1
- openSUSE Leap 15.3 (noarch):
grub2-arm64-efi-2.04-150300.22.25.1
grub2-arm64-efi-debug-2.04-150300.22.25.1
grub2-i386-pc-2.04-150300.22.25.1
grub2-i386-pc-debug-2.04-150300.22.25.1
grub2-powerpc-ieee1275-2.04-150300.22.25.1
grub2-powerpc-ieee1275-debug-2.04-150300.22.25.1
grub2-snapper-plugin-2.04-150300.22.25.1
grub2-systemd-sleep-plugin-2.04-150300.22.25.1
grub2-x86_64-efi-2.04-150300.22.25.1
grub2-x86_64-efi-debug-2.04-150300.22.25.1
grub2-x86_64-xen-2.04-150300.22.25.1
- openSUSE Leap 15.3 (s390x):
grub2-s390x-emu-2.04-150300.22.25.1
grub2-s390x-emu-debug-2.04-150300.22.25.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
grub2-x86_64-xen-2.04-150300.22.25.1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (noarch):
grub2-arm64-efi-2.04-150300.22.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
grub2-2.04-150300.22.25.1
grub2-debuginfo-2.04-150300.22.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 s390x x86_64):
grub2-debugsource-2.04-150300.22.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
grub2-arm64-efi-2.04-150300.22.25.1
grub2-i386-pc-2.04-150300.22.25.1
grub2-powerpc-ieee1275-2.04-150300.22.25.1
grub2-snapper-plugin-2.04-150300.22.25.1
grub2-systemd-sleep-plugin-2.04-150300.22.25.1
grub2-x86_64-efi-2.04-150300.22.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
grub2-s390x-emu-2.04-150300.22.25.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
grub2-2.04-150300.22.25.1
grub2-debuginfo-2.04-150300.22.25.1
grub2-debugsource-2.04-150300.22.25.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
grub2-arm64-efi-2.04-150300.22.25.1
grub2-i386-pc-2.04-150300.22.25.1
grub2-snapper-plugin-2.04-150300.22.25.1
grub2-x86_64-efi-2.04-150300.22.25.1
grub2-x86_64-xen-2.04-150300.22.25.1
- SUSE Linux Enterprise Micro 5.2 (s390x):
grub2-s390x-emu-2.04-150300.22.25.1
References:
https://www.suse.com/security/cve/CVE-2022-2601.html
https://www.suse.com/security/cve/CVE-2022-3775.html
https://bugzilla.suse.com/1205178
https://bugzilla.suse.com/1205182
1
0
SUSE-SU-2022:4215-1: important: Security update for erlang
by opensuse-security@opensuse.org 24 Nov '22
by opensuse-security@opensuse.org 24 Nov '22
24 Nov '22
SUSE Security Update: Security update for erlang
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4215-1
Rating: important
References: #1205318
Cross-References: CVE-2022-37026
CVSS scores:
CVE-2022-37026 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37026 (SUSE): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for erlang fixes the following issues:
- CVE-2022-37026: fixed a client authorization bypass vulnerability for
SSL, TLS, and DTLS in Erlang/OTP. [bsc#1205318]
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4215=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4215=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4215=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4215=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
erlang-22.3-150300.3.3.1
erlang-debugger-22.3-150300.3.3.1
erlang-debugger-src-22.3-150300.3.3.1
erlang-debuginfo-22.3-150300.3.3.1
erlang-debugsource-22.3-150300.3.3.1
erlang-dialyzer-22.3-150300.3.3.1
erlang-dialyzer-debuginfo-22.3-150300.3.3.1
erlang-dialyzer-src-22.3-150300.3.3.1
erlang-diameter-22.3-150300.3.3.1
erlang-diameter-src-22.3-150300.3.3.1
erlang-doc-22.3-150300.3.3.1
erlang-epmd-22.3-150300.3.3.1
erlang-epmd-debuginfo-22.3-150300.3.3.1
erlang-et-22.3-150300.3.3.1
erlang-et-src-22.3-150300.3.3.1
erlang-jinterface-22.3-150300.3.3.1
erlang-jinterface-src-22.3-150300.3.3.1
erlang-observer-22.3-150300.3.3.1
erlang-observer-src-22.3-150300.3.3.1
erlang-reltool-22.3-150300.3.3.1
erlang-reltool-src-22.3-150300.3.3.1
erlang-src-22.3-150300.3.3.1
erlang-wx-22.3-150300.3.3.1
erlang-wx-debuginfo-22.3-150300.3.3.1
erlang-wx-src-22.3-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
erlang-22.3-150300.3.3.1
erlang-debugger-22.3-150300.3.3.1
erlang-debugger-src-22.3-150300.3.3.1
erlang-debuginfo-22.3-150300.3.3.1
erlang-debugsource-22.3-150300.3.3.1
erlang-dialyzer-22.3-150300.3.3.1
erlang-dialyzer-debuginfo-22.3-150300.3.3.1
erlang-dialyzer-src-22.3-150300.3.3.1
erlang-diameter-22.3-150300.3.3.1
erlang-diameter-src-22.3-150300.3.3.1
erlang-doc-22.3-150300.3.3.1
erlang-epmd-22.3-150300.3.3.1
erlang-epmd-debuginfo-22.3-150300.3.3.1
erlang-et-22.3-150300.3.3.1
erlang-et-src-22.3-150300.3.3.1
erlang-jinterface-22.3-150300.3.3.1
erlang-jinterface-src-22.3-150300.3.3.1
erlang-observer-22.3-150300.3.3.1
erlang-observer-src-22.3-150300.3.3.1
erlang-reltool-22.3-150300.3.3.1
erlang-reltool-src-22.3-150300.3.3.1
erlang-src-22.3-150300.3.3.1
erlang-wx-22.3-150300.3.3.1
erlang-wx-debuginfo-22.3-150300.3.3.1
erlang-wx-src-22.3-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
erlang-22.3-150300.3.3.1
erlang-debuginfo-22.3-150300.3.3.1
erlang-debugsource-22.3-150300.3.3.1
erlang-epmd-22.3-150300.3.3.1
erlang-epmd-debuginfo-22.3-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
erlang-22.3-150300.3.3.1
erlang-debuginfo-22.3-150300.3.3.1
erlang-debugsource-22.3-150300.3.3.1
erlang-epmd-22.3-150300.3.3.1
erlang-epmd-debuginfo-22.3-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-37026.html
https://bugzilla.suse.com/1205318
1
0
24 Nov '22
SUSE Security Update: Security update for libdb-4_8
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4214-1
Rating: low
References: #1174414
Cross-References: CVE-2019-2708
CVSS scores:
CVE-2019-2708 (NVD) : 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2019-2708 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libdb-4_8 fixes the following issues:
- CVE-2019-2708: Fixed partial DoS due to data store execution
(bsc#1174414).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4214=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4214=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4214=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4214=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4214=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4214=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4214=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4214=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4214=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
libdb-4_8-devel-4.8.30-150000.7.6.1
libdb_java-4_8-4.8.30-150000.7.6.1
libdb_java-4_8-debuginfo-4.8.30-150000.7.6.1
libdb_java-4_8-debugsource-4.8.30-150000.7.6.1
libdb_java-4_8-devel-4.8.30-150000.7.6.1
- openSUSE Leap 15.4 (x86_64):
libdb-4_8-32bit-4.8.30-150000.7.6.1
libdb-4_8-32bit-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-devel-32bit-4.8.30-150000.7.6.1
- openSUSE Leap 15.4 (noarch):
db48-doc-4.8.30-150000.7.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
libdb-4_8-devel-4.8.30-150000.7.6.1
libdb_java-4_8-4.8.30-150000.7.6.1
libdb_java-4_8-debuginfo-4.8.30-150000.7.6.1
libdb_java-4_8-debugsource-4.8.30-150000.7.6.1
libdb_java-4_8-devel-4.8.30-150000.7.6.1
- openSUSE Leap 15.3 (x86_64):
libdb-4_8-32bit-4.8.30-150000.7.6.1
libdb-4_8-32bit-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-devel-32bit-4.8.30-150000.7.6.1
- openSUSE Leap 15.3 (noarch):
db48-doc-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
libdb-4_8-devel-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libdb-4_8-32bit-4.8.30-150000.7.6.1
libdb-4_8-32bit-debuginfo-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
libdb-4_8-devel-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libdb-4_8-32bit-4.8.30-150000.7.6.1
libdb-4_8-32bit-debuginfo-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
db48-utils-4.8.30-150000.7.6.1
db48-utils-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-4.8.30-150000.7.6.1
libdb-4_8-debuginfo-4.8.30-150000.7.6.1
libdb-4_8-debugsource-4.8.30-150000.7.6.1
References:
https://www.suse.com/security/cve/CVE-2019-2708.html
https://bugzilla.suse.com/1174414
1
0
SUSE-SU-2022:4208-1: important: Security update for exiv2-0_26
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for exiv2-0_26
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4208-1
Rating: important
References: #1050257 #1095070 #1110282 #1119559 #1119560
#1119562 #1142677 #1142678 #1153577 #1186231
#1189337
Cross-References: CVE-2017-11591 CVE-2018-11531 CVE-2018-17581
CVE-2018-20097 CVE-2018-20098 CVE-2018-20099
CVE-2019-13109 CVE-2019-13110 CVE-2019-17402
CVE-2021-29473 CVE-2021-32815
CVSS scores:
CVE-2017-11591 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-11591 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-11531 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-11531 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2018-17581 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-17581 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-20097 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20097 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20098 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20098 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20099 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20099 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-13109 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13109 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-13110 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13110 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-17402 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29473 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29473 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32815 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32815 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for exiv2-0_26 fixes the following issues:
- CVE-2019-17402: Fixed improper validation of the total size to the
offset and size leads to a crash in Exiv2::getULong in types.cpp
(bsc#1153577).
- CVE-2018-20098: Fixed a heap-based buffer over-read in
Exiv2::Jp2Image::encodeJp2Header (bsc#1119560).
- CVE-2018-17581: Fixed an excessive stack consumption
CiffDirectory:readDirectory() at crwimage_int.cpp (bsc#1110282).
- CVE-2018-20099: exiv2: infinite loop in Exiv2::Jp2Image::encodeJp2Header
(bsc#1119559).
- CVE-2018-20097: Fixed SEGV in
Exiv2::Internal::TiffParserWorker::findPrimaryGroupsu (bsc#1119562).
- CVE-2017-11591: Fixed a floating point exception in Exiv2::ValueType
(bsc#1050257).
- CVE-2018-11531: Fixed a heap-based buffer overflow in getData in
preview.cpp (bsc#1095070).
- CVE-2021-32815: Fixed a deny-of-service due to assertion failure in
crwimage_int.cpp (bsc#1189337).
- CVE-2021-29473: Fixed out-of-bounds read in
Exiv2::Jp2Image:doWriteMetadata (bsc#1186231).
- CVE-2019-13109: Fixed a denial of service in PngImage:readMetadata
(bsc#1142677).
- CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in
CiffDirectory:readDirectory leads to denail of service (bsc#1142678).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4208=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4208=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libexiv2-26-0.26-150400.9.21.1
libexiv2-26-debuginfo-0.26-150400.9.21.1
- openSUSE Leap 15.4 (x86_64):
libexiv2-26-32bit-0.26-150400.9.21.1
libexiv2-26-32bit-debuginfo-0.26-150400.9.21.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libexiv2-26-0.26-150400.9.21.1
libexiv2-26-debuginfo-0.26-150400.9.21.1
References:
https://www.suse.com/security/cve/CVE-2017-11591.html
https://www.suse.com/security/cve/CVE-2018-11531.html
https://www.suse.com/security/cve/CVE-2018-17581.html
https://www.suse.com/security/cve/CVE-2018-20097.html
https://www.suse.com/security/cve/CVE-2018-20098.html
https://www.suse.com/security/cve/CVE-2018-20099.html
https://www.suse.com/security/cve/CVE-2019-13109.html
https://www.suse.com/security/cve/CVE-2019-13110.html
https://www.suse.com/security/cve/CVE-2019-17402.html
https://www.suse.com/security/cve/CVE-2021-29473.html
https://www.suse.com/security/cve/CVE-2021-32815.html
https://bugzilla.suse.com/1050257
https://bugzilla.suse.com/1095070
https://bugzilla.suse.com/1110282
https://bugzilla.suse.com/1119559
https://bugzilla.suse.com/1119560
https://bugzilla.suse.com/1119562
https://bugzilla.suse.com/1142677
https://bugzilla.suse.com/1142678
https://bugzilla.suse.com/1153577
https://bugzilla.suse.com/1186231
https://bugzilla.suse.com/1189337
1
0
23 Nov '22
SUSE Security Update: Security update for libarchive
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4202-1
Rating: low
References: #1205629
Cross-References: CVE-2022-36227
CVSS scores:
CVE-2022-36227 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libarchive fixes the following issues:
- CVE-2022-36227: Fixed potential NULL pointer dereference in
__archive_write_allocate_filter() (bsc#1205629).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4202=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4202=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4202=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
bsdtar-3.4.2-150200.4.15.1
bsdtar-debuginfo-3.4.2-150200.4.15.1
libarchive-debugsource-3.4.2-150200.4.15.1
libarchive-devel-3.4.2-150200.4.15.1
libarchive13-3.4.2-150200.4.15.1
libarchive13-debuginfo-3.4.2-150200.4.15.1
- openSUSE Leap 15.3 (x86_64):
libarchive13-32bit-3.4.2-150200.4.15.1
libarchive13-32bit-debuginfo-3.4.2-150200.4.15.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
bsdtar-3.4.2-150200.4.15.1
bsdtar-debuginfo-3.4.2-150200.4.15.1
libarchive-debugsource-3.4.2-150200.4.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libarchive-debugsource-3.4.2-150200.4.15.1
libarchive-devel-3.4.2-150200.4.15.1
libarchive13-3.4.2-150200.4.15.1
libarchive13-debuginfo-3.4.2-150200.4.15.1
References:
https://www.suse.com/security/cve/CVE-2022-36227.html
https://bugzilla.suse.com/1205629
1
0
openSUSE-SU-2022:10214-1: important: Security update for python-joblib
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
openSUSE Security Update: Security update for python-joblib
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10214-1
Rating: important
References: #1204232
Cross-References: CVE-2022-21797
CVSS scores:
CVE-2022-21797 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-joblib fixes the following issues:
- CVE-2022-21797: Fixed arbitrary code execution in joblib (boo#1204232)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10214=1
Package List:
- openSUSE Backports SLE-15-SP3 (noarch):
python3-joblib-0.16.0-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-21797.html
https://bugzilla.suse.com/1204232
1
0
SUSE-SU-2022:4201-1: important: Security update for nginx
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for nginx
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4201-1
Rating: important
References: #1187685
Cross-References: CVE-2021-3618
CVSS scores:
CVE-2021-3618 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-3618 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for nginx fixes the following issues:
- CVE-2021-3618: Fixed the ALPACA attack limiting the number of errors
after which the connection is closed (bsc#1187685).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4201=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4201=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4201=1
Package List:
- openSUSE Leap 15.4 (noarch):
vim-plugin-nginx-1.19.8-150300.3.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nginx-1.19.8-150300.3.9.1
nginx-debuginfo-1.19.8-150300.3.9.1
nginx-debugsource-1.19.8-150300.3.9.1
- openSUSE Leap 15.3 (noarch):
nginx-source-1.19.8-150300.3.9.1
vim-plugin-nginx-1.19.8-150300.3.9.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
nginx-1.19.8-150300.3.9.1
nginx-debuginfo-1.19.8-150300.3.9.1
nginx-debugsource-1.19.8-150300.3.9.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
nginx-source-1.19.8-150300.3.9.1
References:
https://www.suse.com/security/cve/CVE-2021-3618.html
https://bugzilla.suse.com/1187685
1
0
SUSE-SU-2022:4204-1: moderate: Security update for keylime
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for keylime
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4204-1
Rating: moderate
References: #1204782
Cross-References: CVE-2022-3500
CVSS scores:
CVE-2022-3500 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for keylime fixes the following issues:
- CVE-2022-3500: Fixed vulnerability where a node seems as attested when
in reality it is not properly attested (bsc#1204782).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4204=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4204=1
Package List:
- openSUSE Leap 15.4 (noarch):
keylime-agent-6.3.2-150400.4.14.1
keylime-config-6.3.2-150400.4.14.1
keylime-firewalld-6.3.2-150400.4.14.1
keylime-registrar-6.3.2-150400.4.14.1
keylime-tpm_cert_store-6.3.2-150400.4.14.1
keylime-verifier-6.3.2-150400.4.14.1
python3-keylime-6.3.2-150400.4.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
keylime-agent-6.3.2-150400.4.14.1
keylime-config-6.3.2-150400.4.14.1
keylime-firewalld-6.3.2-150400.4.14.1
keylime-logrotate-6.3.2-150400.4.14.1
keylime-registrar-6.3.2-150400.4.14.1
keylime-tpm_cert_store-6.3.2-150400.4.14.1
keylime-verifier-6.3.2-150400.4.14.1
python3-keylime-6.3.2-150400.4.14.1
References:
https://www.suse.com/security/cve/CVE-2022-3500.html
https://bugzilla.suse.com/1204782
1
0
SUSE-SU-2022:4205-1: moderate: Security update for net-snmp
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for net-snmp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4205-1
Rating: moderate
References: #1201103 SLE-11203
Cross-References: CVE-2022-24805 CVE-2022-24806 CVE-2022-24807
CVE-2022-24808 CVE-2022-24809 CVE-2022-24810
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap 15.5
______________________________________________________________________________
An update that fixes 6 vulnerabilities, contains one
feature is now available.
Description:
This update for net-snmp fixes the following issues:
Updated to version 5.9.3 (bsc#1201103, jsc#SLE-11203):
- CVE-2022-24805: Fixed a buffer overflow in the handling of the INDEX
of NET-SNMP-VACM-MIB that can cause an out-of-bounds memory access.
- CVE-2022-24809: Fixed a malformed OID in a GET-NEXT to the
nsVacmAccessTable that can cause a NULL pointer dereference.
- CVE-2022-24806: Fixed an improper Input Validation when SETing
malformed OIDs in master agent and subagent simultaneously.
- CVE-2022-24807: Fixed a malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds
memory access.
- CVE-2022-24808: Fixed a malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference.
- CVE-2022-24810: Fixed a malformed OID in a SET to the
nsVacmAccessTable can cause a NULL pointer dereference.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.5:
zypper in -t patch openSUSE-SLE-15.5-2022-4205=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4205=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4205=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4205=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4205=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4205=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4205=1
Package List:
- openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64):
net-snmp-5.9.3-150300.15.3.1
net-snmp-debuginfo-5.9.3-150300.15.3.1
net-snmp-debugsource-5.9.3-150300.15.3.1
net-snmp-devel-5.9.3-150300.15.3.1
perl-SNMP-5.9.3-150300.15.3.1
perl-SNMP-debuginfo-5.9.3-150300.15.3.1
python3-net-snmp-5.9.3-150300.15.3.1
python3-net-snmp-debuginfo-5.9.3-150300.15.3.1
snmp-mibs-5.9.3-150300.15.3.1
- openSUSE Leap 15.5 (x86_64):
net-snmp-devel-32bit-5.9.3-150300.15.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libsnmp40-5.9.3-150300.15.3.1
libsnmp40-debuginfo-5.9.3-150300.15.3.1
net-snmp-5.9.3-150300.15.3.1
net-snmp-debuginfo-5.9.3-150300.15.3.1
net-snmp-debugsource-5.9.3-150300.15.3.1
net-snmp-devel-5.9.3-150300.15.3.1
perl-SNMP-5.9.3-150300.15.3.1
perl-SNMP-debuginfo-5.9.3-150300.15.3.1
python3-net-snmp-5.9.3-150300.15.3.1
python3-net-snmp-debuginfo-5.9.3-150300.15.3.1
snmp-mibs-5.9.3-150300.15.3.1
- openSUSE Leap 15.4 (x86_64):
libsnmp40-32bit-5.9.3-150300.15.3.1
libsnmp40-32bit-debuginfo-5.9.3-150300.15.3.1
net-snmp-devel-32bit-5.9.3-150300.15.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsnmp40-5.9.3-150300.15.3.1
libsnmp40-debuginfo-5.9.3-150300.15.3.1
net-snmp-5.9.3-150300.15.3.1
net-snmp-debuginfo-5.9.3-150300.15.3.1
net-snmp-debugsource-5.9.3-150300.15.3.1
net-snmp-devel-5.9.3-150300.15.3.1
perl-SNMP-5.9.3-150300.15.3.1
perl-SNMP-debuginfo-5.9.3-150300.15.3.1
python2-net-snmp-5.9.3-150300.15.3.1
python2-net-snmp-debuginfo-5.9.3-150300.15.3.1
python3-net-snmp-5.9.3-150300.15.3.1
python3-net-snmp-debuginfo-5.9.3-150300.15.3.1
snmp-mibs-5.9.3-150300.15.3.1
- openSUSE Leap 15.3 (x86_64):
libsnmp40-32bit-5.9.3-150300.15.3.1
libsnmp40-32bit-debuginfo-5.9.3-150300.15.3.1
net-snmp-devel-32bit-5.9.3-150300.15.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (x86_64):
net-snmp-debugsource-5.9.3-150300.15.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libsnmp40-32bit-5.9.3-150300.15.3.1
libsnmp40-32bit-debuginfo-5.9.3-150300.15.3.1
net-snmp-debugsource-5.9.3-150300.15.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libsnmp40-5.9.3-150300.15.3.1
libsnmp40-debuginfo-5.9.3-150300.15.3.1
net-snmp-5.9.3-150300.15.3.1
net-snmp-debuginfo-5.9.3-150300.15.3.1
net-snmp-debugsource-5.9.3-150300.15.3.1
net-snmp-devel-5.9.3-150300.15.3.1
perl-SNMP-5.9.3-150300.15.3.1
perl-SNMP-debuginfo-5.9.3-150300.15.3.1
snmp-mibs-5.9.3-150300.15.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsnmp40-5.9.3-150300.15.3.1
libsnmp40-debuginfo-5.9.3-150300.15.3.1
net-snmp-5.9.3-150300.15.3.1
net-snmp-debuginfo-5.9.3-150300.15.3.1
net-snmp-debugsource-5.9.3-150300.15.3.1
net-snmp-devel-5.9.3-150300.15.3.1
perl-SNMP-5.9.3-150300.15.3.1
perl-SNMP-debuginfo-5.9.3-150300.15.3.1
snmp-mibs-5.9.3-150300.15.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24805.html
https://www.suse.com/security/cve/CVE-2022-24806.html
https://www.suse.com/security/cve/CVE-2022-24807.html
https://www.suse.com/security/cve/CVE-2022-24808.html
https://www.suse.com/security/cve/CVE-2022-24809.html
https://www.suse.com/security/cve/CVE-2022-24810.html
https://bugzilla.suse.com/1201103
1
0
SUSE-SU-2022:4206-1: important: Security update for pixman
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for pixman
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4206-1
Rating: important
References: #1205033
Cross-References: CVE-2022-44638
CVSS scores:
CVE-2022-44638 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-44638 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pixman fixes the following issues:
- CVE-2022-44638: Fixed an integer overflow in pixman_sample_floor_y
leading to heap out-of-bounds write (bsc#1205033).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4206=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4206=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4206=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4206=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4206=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libpixman-1-0-0.40.0-150400.3.3.1
libpixman-1-0-debuginfo-0.40.0-150400.3.3.1
pixman-debugsource-0.40.0-150400.3.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.40.0-150400.3.3.1
libpixman-1-0-debuginfo-0.40.0-150400.3.3.1
libpixman-1-0-devel-0.40.0-150400.3.3.1
pixman-debugsource-0.40.0-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
libpixman-1-0-32bit-0.40.0-150400.3.3.1
libpixman-1-0-32bit-debuginfo-0.40.0-150400.3.3.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (x86_64):
libpixman-1-0-32bit-0.40.0-150400.3.3.1
libpixman-1-0-32bit-debuginfo-0.40.0-150400.3.3.1
pixman-debugsource-0.40.0-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.40.0-150400.3.3.1
libpixman-1-0-debuginfo-0.40.0-150400.3.3.1
libpixman-1-0-devel-0.40.0-150400.3.3.1
pixman-debugsource-0.40.0-150400.3.3.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libpixman-1-0-0.40.0-150400.3.3.1
libpixman-1-0-debuginfo-0.40.0-150400.3.3.1
pixman-debugsource-0.40.0-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-44638.html
https://bugzilla.suse.com/1205033
1
0
SUSE-SU-2022:4207-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4207-1
Rating: important
References: #1205120 #1205121 #1205122 #1205123 #1205124
Cross-References: CVE-2022-32888 CVE-2022-32923 CVE-2022-42799
CVE-2022-42823 CVE-2022-42824
CVSS scores:
CVE-2022-32888 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32888 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32923 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-32923 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-42799 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42799 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42823 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42823 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42824 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-42824 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
Security fixes:
- CVE-2022-32888: Fixed possible arbitrary code execution via maliciously
crafted web content (bsc#1205121).
- CVE-2022-32923: Fixed possible information leak via maliciously crafted
web content (bsc#1205122).
- CVE-2022-42799: Fixed user interface spoofing when visiting a malicious
website (bsc#1205123).
- CVE-2022-42823: Fixed possible arbitrary code execution via maliciously
crafted web content (bsc#1205120).
- CVE-2022-42824: Fixed possible sensitive user information leak via
maliciously crafted web content (bsc#1205124).
Update to version 2.38.2:
- Fix scrolling issues in some sites having fixed background.
- Fix prolonged buffering during progressive live playback.
- Fix the build with accessibility disabled.
- Fix several crashes and rendering issues.
Update to version 2.38.1:
- Make xdg-dbus-proxy work if host session bus address is an abstract
socket.
- Use a single xdg-dbus-proxy process when sandbox is enabled.
- Fix high resolution video playback due to unimplemented changeType
operation.
- Ensure GSubprocess uses posix_spawn() again and inherit file
descriptors.
- Fix player stucking in buffering (paused) state for progressive
streaming.
- Do not try to preconnect on link click when link preconnect setting is
disabled.
- Fix close status code returned when the client closes a WebSocket in
some cases.
- Fix media player duration calculation.
- Fix several crashes and rendering issues.
Update to version 2.38.0:
- New media controls UI style.
- Add new API to set WebView's Content-Security-Policy for web
extensions support.
- Make it possible to use the remote inspector from other browsers using
WEBKIT_INSPECTOR_HTTP_SERVER env var.
- MediaSession is enabled by default, allowing remote media control
using MPRIS.
- Add support for PDF documents using PDF.js.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4207=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4207=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4207=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4207=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_1-0-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_1-0-debuginfo-2.38.2-150400.4.22.1
libjavascriptcoregtk-5_0-0-2.38.2-150400.4.22.1
libjavascriptcoregtk-5_0-0-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-4_0-37-2.38.2-150400.4.22.1
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-4_1-0-2.38.2-150400.4.22.1
libwebkit2gtk-4_1-0-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-5_0-0-2.38.2-150400.4.22.1
libwebkit2gtk-5_0-0-debuginfo-2.38.2-150400.4.22.1
typelib-1_0-JavaScriptCore-4_0-2.38.2-150400.4.22.1
typelib-1_0-JavaScriptCore-4_1-2.38.2-150400.4.22.1
typelib-1_0-JavaScriptCore-5_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2-4_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2-4_1-2.38.2-150400.4.22.1
typelib-1_0-WebKit2-5_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2WebExtension-4_1-2.38.2-150400.4.22.1
typelib-1_0-WebKit2WebExtension-5_0-2.38.2-150400.4.22.1
webkit-jsc-4-2.38.2-150400.4.22.1
webkit-jsc-4-debuginfo-2.38.2-150400.4.22.1
webkit-jsc-4.1-2.38.2-150400.4.22.1
webkit-jsc-4.1-debuginfo-2.38.2-150400.4.22.1
webkit-jsc-5.0-2.38.2-150400.4.22.1
webkit-jsc-5.0-debuginfo-2.38.2-150400.4.22.1
webkit2gtk-4_0-injected-bundles-2.38.2-150400.4.22.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150400.4.22.1
webkit2gtk-4_1-injected-bundles-2.38.2-150400.4.22.1
webkit2gtk-4_1-injected-bundles-debuginfo-2.38.2-150400.4.22.1
webkit2gtk-5_0-injected-bundles-2.38.2-150400.4.22.1
webkit2gtk-5_0-injected-bundles-debuginfo-2.38.2-150400.4.22.1
webkit2gtk3-debugsource-2.38.2-150400.4.22.1
webkit2gtk3-devel-2.38.2-150400.4.22.1
webkit2gtk3-minibrowser-2.38.2-150400.4.22.1
webkit2gtk3-minibrowser-debuginfo-2.38.2-150400.4.22.1
webkit2gtk3-soup2-debugsource-2.38.2-150400.4.22.1
webkit2gtk3-soup2-devel-2.38.2-150400.4.22.1
webkit2gtk3-soup2-minibrowser-2.38.2-150400.4.22.1
webkit2gtk3-soup2-minibrowser-debuginfo-2.38.2-150400.4.22.1
webkit2gtk4-debugsource-2.38.2-150400.4.22.1
webkit2gtk4-devel-2.38.2-150400.4.22.1
webkit2gtk4-minibrowser-2.38.2-150400.4.22.1
webkit2gtk4-minibrowser-debuginfo-2.38.2-150400.4.22.1
- openSUSE Leap 15.4 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_1-0-32bit-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-4_0-37-32bit-2.38.2-150400.4.22.1
libwebkit2gtk-4_0-37-32bit-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-4_1-0-32bit-2.38.2-150400.4.22.1
libwebkit2gtk-4_1-0-32bit-debuginfo-2.38.2-150400.4.22.1
- openSUSE Leap 15.4 (noarch):
WebKit2GTK-4.0-lang-2.38.2-150400.4.22.1
WebKit2GTK-4.1-lang-2.38.2-150400.4.22.1
WebKit2GTK-5.0-lang-2.38.2-150400.4.22.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-5_0-0-2.38.2-150400.4.22.1
libjavascriptcoregtk-5_0-0-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-5_0-0-2.38.2-150400.4.22.1
libwebkit2gtk-5_0-0-debuginfo-2.38.2-150400.4.22.1
typelib-1_0-JavaScriptCore-5_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2-5_0-2.38.2-150400.4.22.1
webkit2gtk-5_0-injected-bundles-2.38.2-150400.4.22.1
webkit2gtk-5_0-injected-bundles-debuginfo-2.38.2-150400.4.22.1
webkit2gtk4-debugsource-2.38.2-150400.4.22.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_1-0-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_1-0-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-4_1-0-2.38.2-150400.4.22.1
libwebkit2gtk-4_1-0-debuginfo-2.38.2-150400.4.22.1
typelib-1_0-JavaScriptCore-4_1-2.38.2-150400.4.22.1
typelib-1_0-WebKit2-4_1-2.38.2-150400.4.22.1
typelib-1_0-WebKit2WebExtension-4_1-2.38.2-150400.4.22.1
webkit2gtk-4_1-injected-bundles-2.38.2-150400.4.22.1
webkit2gtk-4_1-injected-bundles-debuginfo-2.38.2-150400.4.22.1
webkit2gtk3-debugsource-2.38.2-150400.4.22.1
webkit2gtk3-devel-2.38.2-150400.4.22.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150400.4.22.1
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150400.4.22.1
libwebkit2gtk-4_0-37-2.38.2-150400.4.22.1
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150400.4.22.1
typelib-1_0-JavaScriptCore-4_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2-4_0-2.38.2-150400.4.22.1
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150400.4.22.1
webkit2gtk-4_0-injected-bundles-2.38.2-150400.4.22.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150400.4.22.1
webkit2gtk3-soup2-debugsource-2.38.2-150400.4.22.1
webkit2gtk3-soup2-devel-2.38.2-150400.4.22.1
References:
https://www.suse.com/security/cve/CVE-2022-32888.html
https://www.suse.com/security/cve/CVE-2022-32923.html
https://www.suse.com/security/cve/CVE-2022-42799.html
https://www.suse.com/security/cve/CVE-2022-42823.html
https://www.suse.com/security/cve/CVE-2022-42824.html
https://bugzilla.suse.com/1205120
https://bugzilla.suse.com/1205121
https://bugzilla.suse.com/1205122
https://bugzilla.suse.com/1205123
https://bugzilla.suse.com/1205124
1
0
23 Nov '22
SUSE Security Update: Security update for libarchive
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4209-1
Rating: low
References: #1205629
Cross-References: CVE-2022-36227
CVSS scores:
CVE-2022-36227 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libarchive fixes the following issues:
- CVE-2022-36227: Fixed potential NULL pointer dereference in
__archive_write_allocate_filter() (bsc#1205629).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4209=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4209=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4209=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4209=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4209=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libarchive-debugsource-3.5.1-150400.3.12.1
libarchive13-3.5.1-150400.3.12.1
libarchive13-debuginfo-3.5.1-150400.3.12.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
bsdtar-3.5.1-150400.3.12.1
bsdtar-debuginfo-3.5.1-150400.3.12.1
libarchive-debugsource-3.5.1-150400.3.12.1
libarchive-devel-3.5.1-150400.3.12.1
libarchive13-3.5.1-150400.3.12.1
libarchive13-debuginfo-3.5.1-150400.3.12.1
- openSUSE Leap 15.4 (x86_64):
libarchive13-32bit-3.5.1-150400.3.12.1
libarchive13-32bit-debuginfo-3.5.1-150400.3.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
bsdtar-3.5.1-150400.3.12.1
bsdtar-debuginfo-3.5.1-150400.3.12.1
libarchive-debugsource-3.5.1-150400.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libarchive-debugsource-3.5.1-150400.3.12.1
libarchive-devel-3.5.1-150400.3.12.1
libarchive13-3.5.1-150400.3.12.1
libarchive13-debuginfo-3.5.1-150400.3.12.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libarchive-debugsource-3.5.1-150400.3.12.1
libarchive13-3.5.1-150400.3.12.1
libarchive13-debuginfo-3.5.1-150400.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-36227.html
https://bugzilla.suse.com/1205629
1
0
SUSE-SU-2022:4197-1: moderate: Security update for strongswan
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for strongswan
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4197-1
Rating: moderate
References: #1203556 SLE-20151
Cross-References: CVE-2022-40617
CVSS scores:
CVE-2022-40617 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40617 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability, contains one
feature is now available.
Description:
This update for strongswan fixes the following issues:
Security issues fixed:
- CVE-2022-40617: Fixed that using untrusted URIs for revocation checking
could lead to denial of service (bsc#1203556)
Feature changes:
- Enable Marvell plugin (jsc#SLE-20151)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4197=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-4197=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4197=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4197=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
strongswan-5.8.2-150400.19.3.3
strongswan-debuginfo-5.8.2-150400.19.3.3
strongswan-debugsource-5.8.2-150400.19.3.3
strongswan-hmac-5.8.2-150400.19.3.3
strongswan-ipsec-5.8.2-150400.19.3.3
strongswan-ipsec-debuginfo-5.8.2-150400.19.3.3
strongswan-libs0-5.8.2-150400.19.3.3
strongswan-libs0-debuginfo-5.8.2-150400.19.3.3
strongswan-mysql-5.8.2-150400.19.3.3
strongswan-mysql-debuginfo-5.8.2-150400.19.3.3
strongswan-nm-5.8.2-150400.19.3.3
strongswan-nm-debuginfo-5.8.2-150400.19.3.3
strongswan-sqlite-5.8.2-150400.19.3.3
strongswan-sqlite-debuginfo-5.8.2-150400.19.3.3
- openSUSE Leap 15.4 (noarch):
strongswan-doc-5.8.2-150400.19.3.3
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
strongswan-debuginfo-5.8.2-150400.19.3.3
strongswan-debugsource-5.8.2-150400.19.3.3
strongswan-nm-5.8.2-150400.19.3.3
strongswan-nm-debuginfo-5.8.2-150400.19.3.3
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
strongswan-debuginfo-5.8.2-150400.19.3.3
strongswan-debugsource-5.8.2-150400.19.3.3
strongswan-nm-5.8.2-150400.19.3.3
strongswan-nm-debuginfo-5.8.2-150400.19.3.3
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
strongswan-5.8.2-150400.19.3.3
strongswan-debuginfo-5.8.2-150400.19.3.3
strongswan-debugsource-5.8.2-150400.19.3.3
strongswan-hmac-5.8.2-150400.19.3.3
strongswan-ipsec-5.8.2-150400.19.3.3
strongswan-ipsec-debuginfo-5.8.2-150400.19.3.3
strongswan-libs0-5.8.2-150400.19.3.3
strongswan-libs0-debuginfo-5.8.2-150400.19.3.3
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
strongswan-doc-5.8.2-150400.19.3.3
References:
https://www.suse.com/security/cve/CVE-2022-40617.html
https://bugzilla.suse.com/1203556
1
0
SUSE-SU-2022:4196-1: moderate: Security update for opensc
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for opensc
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4196-1
Rating: moderate
References: #1122756
Cross-References: CVE-2019-6502
CVSS scores:
CVE-2019-6502 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-6502 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for opensc fixes the following issues:
- CVE-2019-6502: Fixed memory leak in sc_context_create in ctx.c
(bsc#1122756).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4196=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4196=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4196=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4196=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4196=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
opensc-0.19.0-150100.3.19.1
opensc-debuginfo-0.19.0-150100.3.19.1
opensc-debugsource-0.19.0-150100.3.19.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
opensc-0.19.0-150100.3.19.1
opensc-debuginfo-0.19.0-150100.3.19.1
opensc-debugsource-0.19.0-150100.3.19.1
- openSUSE Leap 15.3 (x86_64):
opensc-32bit-0.19.0-150100.3.19.1
opensc-32bit-debuginfo-0.19.0-150100.3.19.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
opensc-0.19.0-150100.3.19.1
opensc-debuginfo-0.19.0-150100.3.19.1
opensc-debugsource-0.19.0-150100.3.19.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
opensc-0.19.0-150100.3.19.1
opensc-debuginfo-0.19.0-150100.3.19.1
opensc-debugsource-0.19.0-150100.3.19.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
opensc-0.19.0-150100.3.19.1
opensc-debuginfo-0.19.0-150100.3.19.1
opensc-debugsource-0.19.0-150100.3.19.1
References:
https://www.suse.com/security/cve/CVE-2019-6502.html
https://bugzilla.suse.com/1122756
1
0
openSUSE-SU-2022:10211-1: moderate: Security update for Botan
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
openSUSE Security Update: Security update for Botan
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10211-1
Rating: moderate
References: #1205509
Cross-References: CVE-2022-43705
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for Botan fixes the following issues:
- CVE-2022-43705: Fixed validation of embedded certificates was when
checking OCSP responses (boo#1205509).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10211=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 s390x x86_64):
Botan-2.18.2-bp154.2.3.1
libbotan-2-18-2.18.2-bp154.2.3.1
libbotan-devel-2.18.2-bp154.2.3.1
python3-botan-2.18.2-bp154.2.3.1
- openSUSE Backports SLE-15-SP4 (aarch64_ilp32):
libbotan-2-18-64bit-2.18.2-bp154.2.3.1
libbotan-devel-64bit-2.18.2-bp154.2.3.1
- openSUSE Backports SLE-15-SP4 (noarch):
Botan-doc-2.18.2-bp154.2.3.1
- openSUSE Backports SLE-15-SP4 (x86_64):
libbotan-2-18-32bit-2.18.2-bp154.2.3.1
libbotan-devel-32bit-2.18.2-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-43705.html
https://bugzilla.suse.com/1205509
1
0
openSUSE-SU-2022:10212-1: moderate: Security update for xtrabackup
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
openSUSE Security Update: Security update for xtrabackup
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10212-1
Rating: moderate
References: #1125418 #1135095 #1170644 #1205581
Cross-References: CVE-2020-10997 CVE-2020-29488
CVSS scores:
CVE-2020-10997 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-10997 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that solves two vulnerabilities and has two fixes
is now available.
Description:
This update for xtrabackup fixes the following issues:
Update xtrabackup to version 2.4.26:
- CVE-2020-10997: Information exposure via cmd line output and table
history (boo#1170644)
- CVE-2020-29488: Changes in how absolute paths are handled (boo#1205581)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10212=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
xtrabackup-2.4.26-bp154.2.3.1
xtrabackup-test-2.4.26-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2020-10997.html
https://www.suse.com/security/cve/CVE-2020-29488.html
https://bugzilla.suse.com/1125418
https://bugzilla.suse.com/1135095
https://bugzilla.suse.com/1170644
https://bugzilla.suse.com/1205581
1
0
SUSE-SU-2022:4194-1: important: Security update for ffmpeg-4
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for ffmpeg-4
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4194-1
Rating: important
References: #1205388
Cross-References: CVE-2022-3964
CVSS scores:
CVE-2022-3964 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2022-3964 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for ffmpeg-4 fixes the following issues:
- CVE-2022-3964: Fixed out of bounds read in update_block_in_prev_frame()
(bsc#1205388).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4194=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-4194=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4194=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4194=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ffmpeg-4-4.4-150400.3.5.1
ffmpeg-4-debuginfo-4.4-150400.3.5.1
ffmpeg-4-debugsource-4.4-150400.3.5.1
ffmpeg-4-libavcodec-devel-4.4-150400.3.5.1
ffmpeg-4-libavdevice-devel-4.4-150400.3.5.1
ffmpeg-4-libavfilter-devel-4.4-150400.3.5.1
ffmpeg-4-libavformat-devel-4.4-150400.3.5.1
ffmpeg-4-libavresample-devel-4.4-150400.3.5.1
ffmpeg-4-libavutil-devel-4.4-150400.3.5.1
ffmpeg-4-libpostproc-devel-4.4-150400.3.5.1
ffmpeg-4-libswresample-devel-4.4-150400.3.5.1
ffmpeg-4-libswscale-devel-4.4-150400.3.5.1
ffmpeg-4-private-devel-4.4-150400.3.5.1
libavcodec58_134-4.4-150400.3.5.1
libavcodec58_134-debuginfo-4.4-150400.3.5.1
libavdevice58_13-4.4-150400.3.5.1
libavdevice58_13-debuginfo-4.4-150400.3.5.1
libavfilter7_110-4.4-150400.3.5.1
libavfilter7_110-debuginfo-4.4-150400.3.5.1
libavformat58_76-4.4-150400.3.5.1
libavformat58_76-debuginfo-4.4-150400.3.5.1
libavresample4_0-4.4-150400.3.5.1
libavresample4_0-debuginfo-4.4-150400.3.5.1
libavutil56_70-4.4-150400.3.5.1
libavutil56_70-debuginfo-4.4-150400.3.5.1
libpostproc55_9-4.4-150400.3.5.1
libpostproc55_9-debuginfo-4.4-150400.3.5.1
libswresample3_9-4.4-150400.3.5.1
libswresample3_9-debuginfo-4.4-150400.3.5.1
libswscale5_9-4.4-150400.3.5.1
libswscale5_9-debuginfo-4.4-150400.3.5.1
- openSUSE Leap 15.4 (x86_64):
libavcodec58_134-32bit-4.4-150400.3.5.1
libavcodec58_134-32bit-debuginfo-4.4-150400.3.5.1
libavdevice58_13-32bit-4.4-150400.3.5.1
libavdevice58_13-32bit-debuginfo-4.4-150400.3.5.1
libavfilter7_110-32bit-4.4-150400.3.5.1
libavfilter7_110-32bit-debuginfo-4.4-150400.3.5.1
libavformat58_76-32bit-4.4-150400.3.5.1
libavformat58_76-32bit-debuginfo-4.4-150400.3.5.1
libavresample4_0-32bit-4.4-150400.3.5.1
libavresample4_0-32bit-debuginfo-4.4-150400.3.5.1
libavutil56_70-32bit-4.4-150400.3.5.1
libavutil56_70-32bit-debuginfo-4.4-150400.3.5.1
libpostproc55_9-32bit-4.4-150400.3.5.1
libpostproc55_9-32bit-debuginfo-4.4-150400.3.5.1
libswresample3_9-32bit-4.4-150400.3.5.1
libswresample3_9-32bit-debuginfo-4.4-150400.3.5.1
libswscale5_9-32bit-4.4-150400.3.5.1
libswscale5_9-32bit-debuginfo-4.4-150400.3.5.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
ffmpeg-4-debuginfo-4.4-150400.3.5.1
ffmpeg-4-debugsource-4.4-150400.3.5.1
libavformat58_76-4.4-150400.3.5.1
libavformat58_76-debuginfo-4.4-150400.3.5.1
libswscale5_9-4.4-150400.3.5.1
libswscale5_9-debuginfo-4.4-150400.3.5.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
ffmpeg-4-debuginfo-4.4-150400.3.5.1
ffmpeg-4-debugsource-4.4-150400.3.5.1
libavformat58_76-4.4-150400.3.5.1
libavformat58_76-debuginfo-4.4-150400.3.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
ffmpeg-4-debuginfo-4.4-150400.3.5.1
ffmpeg-4-debugsource-4.4-150400.3.5.1
libavcodec58_134-4.4-150400.3.5.1
libavcodec58_134-debuginfo-4.4-150400.3.5.1
libavutil56_70-4.4-150400.3.5.1
libavutil56_70-debuginfo-4.4-150400.3.5.1
libswresample3_9-4.4-150400.3.5.1
libswresample3_9-debuginfo-4.4-150400.3.5.1
References:
https://www.suse.com/security/cve/CVE-2022-3964.html
https://bugzilla.suse.com/1205388
1
0
openSUSE-SU-2022:10210-1: moderate: Security update for Botan
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
openSUSE Security Update: Security update for Botan
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10210-1
Rating: moderate
References: #1205509
Cross-References: CVE-2022-43705
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for Botan fixes the following issues:
- CVE-2022-43705: Fixed validation of embedded certificates was when
checking OCSP responses (boo#1205509).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10210=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
Botan-2.10.0-bp153.3.3.1
libbotan-2-10-2.10.0-bp153.3.3.1
libbotan-devel-2.10.0-bp153.3.3.1
python3-botan-2.10.0-bp153.3.3.1
- openSUSE Backports SLE-15-SP3 (aarch64_ilp32):
libbotan-2-10-64bit-2.10.0-bp153.3.3.1
libbotan-devel-64bit-2.10.0-bp153.3.3.1
- openSUSE Backports SLE-15-SP3 (noarch):
Botan-doc-2.10.0-bp153.3.3.1
- openSUSE Backports SLE-15-SP3 (x86_64):
libbotan-2-10-32bit-2.10.0-bp153.3.3.1
libbotan-devel-32bit-2.10.0-bp153.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-43705.html
https://bugzilla.suse.com/1205509
1
0
SUSE-SU-2022:4191-1: important: Security update for containerized-data-importer
by opensuse-security@opensuse.org 23 Nov '22
by opensuse-security@opensuse.org 23 Nov '22
23 Nov '22
SUSE Security Update: Security update for containerized-data-importer
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4191-1
Rating: important
References:
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update rebuilds the current containeried data importer images against
current base images, to fix security issues.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4191=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4191=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-4191=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4191=1
Package List:
- openSUSE Leap Micro 5.3 (x86_64):
containerized-data-importer-manifests-1.51.0-150400.4.7.1
- openSUSE Leap 15.4 (x86_64):
containerized-data-importer-api-1.51.0-150400.4.7.1
containerized-data-importer-api-debuginfo-1.51.0-150400.4.7.1
containerized-data-importer-cloner-1.51.0-150400.4.7.1
containerized-data-importer-cloner-debuginfo-1.51.0-150400.4.7.1
containerized-data-importer-controller-1.51.0-150400.4.7.1
containerized-data-importer-controller-debuginfo-1.51.0-150400.4.7.1
containerized-data-importer-importer-1.51.0-150400.4.7.1
containerized-data-importer-importer-debuginfo-1.51.0-150400.4.7.1
containerized-data-importer-manifests-1.51.0-150400.4.7.1
containerized-data-importer-operator-1.51.0-150400.4.7.1
containerized-data-importer-operator-debuginfo-1.51.0-150400.4.7.1
containerized-data-importer-uploadproxy-1.51.0-150400.4.7.1
containerized-data-importer-uploadproxy-debuginfo-1.51.0-150400.4.7.1
containerized-data-importer-uploadserver-1.51.0-150400.4.7.1
containerized-data-importer-uploadserver-debuginfo-1.51.0-150400.4.7.1
obs-service-cdi_containers_meta-1.51.0-150400.4.7.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64):
containerized-data-importer-manifests-1.51.0-150400.4.7.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
containerized-data-importer-manifests-1.51.0-150400.4.7.1
References:
1
0
22 Nov '22
SUSE Security Update: Security update for redis
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4169-1
Rating: low
References: #1204633
Cross-References: CVE-2022-3647
CVSS scores:
CVE-2022-3647 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3647 (SUSE): 0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for redis fixes the following issues:
- CVE-2022-3647: Fixed crash in sigsegvHandler debug function
(bsc#1204633).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4169=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4169=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
redis-6.0.14-150200.6.14.1
redis-debuginfo-6.0.14-150200.6.14.1
redis-debugsource-6.0.14-150200.6.14.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
redis-6.0.14-150200.6.14.1
redis-debuginfo-6.0.14-150200.6.14.1
redis-debugsource-6.0.14-150200.6.14.1
References:
https://www.suse.com/security/cve/CVE-2022-3647.html
https://bugzilla.suse.com/1204633
1
0
22 Nov '22
SUSE Security Update: Security update for redis
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4168-1
Rating: low
References: #1204633
Cross-References: CVE-2022-3647
CVSS scores:
CVE-2022-3647 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3647 (SUSE): 0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for redis fixes the following issues:
- CVE-2022-3647: Fixed crash in sigsegvHandler debug function
(bsc#1204633).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4168=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4168=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
redis-6.2.6-150400.3.6.1
redis-debuginfo-6.2.6-150400.3.6.1
redis-debugsource-6.2.6-150400.3.6.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
redis-6.2.6-150400.3.6.1
redis-debuginfo-6.2.6-150400.3.6.1
redis-debugsource-6.2.6-150400.3.6.1
References:
https://www.suse.com/security/cve/CVE-2022-3647.html
https://bugzilla.suse.com/1204633
1
0
22 Nov '22
SUSE Security Update: Security update for colord
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4170-1
Rating: low
References: #1202802
Cross-References: CVE-2021-42523
CVSS scores:
CVE-2021-42523 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-42523 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for colord fixes the following issues:
- CVE-2021-42523: Fixed small memory leak in sqlite3_exec (bsc#1202802).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4170=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4170=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4170=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4170=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4170=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4170=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
colord-debuginfo-1.4.4-150200.4.6.1
colord-debugsource-1.4.4-150200.4.6.1
libcolord2-1.4.4-150200.4.6.1
libcolord2-debuginfo-1.4.4-150200.4.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
colord-1.4.4-150200.4.6.1
colord-color-profiles-1.4.4-150200.4.6.1
colord-debuginfo-1.4.4-150200.4.6.1
colord-debugsource-1.4.4-150200.4.6.1
libcolord-devel-1.4.4-150200.4.6.1
libcolord2-1.4.4-150200.4.6.1
libcolord2-debuginfo-1.4.4-150200.4.6.1
libcolorhug2-1.4.4-150200.4.6.1
libcolorhug2-debuginfo-1.4.4-150200.4.6.1
typelib-1_0-Colord-1_0-1.4.4-150200.4.6.1
typelib-1_0-Colorhug-1_0-1.4.4-150200.4.6.1
- openSUSE Leap 15.3 (x86_64):
libcolord2-32bit-1.4.4-150200.4.6.1
libcolord2-32bit-debuginfo-1.4.4-150200.4.6.1
- openSUSE Leap 15.3 (noarch):
colord-lang-1.4.4-150200.4.6.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
colord-1.4.4-150200.4.6.1
colord-debuginfo-1.4.4-150200.4.6.1
colord-debugsource-1.4.4-150200.4.6.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (noarch):
colord-lang-1.4.4-150200.4.6.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
colord-color-profiles-1.4.4-150200.4.6.1
colord-debuginfo-1.4.4-150200.4.6.1
colord-debugsource-1.4.4-150200.4.6.1
libcolord-devel-1.4.4-150200.4.6.1
libcolorhug2-1.4.4-150200.4.6.1
libcolorhug2-debuginfo-1.4.4-150200.4.6.1
typelib-1_0-Colord-1_0-1.4.4-150200.4.6.1
typelib-1_0-Colorhug-1_0-1.4.4-150200.4.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
colord-debuginfo-1.4.4-150200.4.6.1
colord-debugsource-1.4.4-150200.4.6.1
libcolord2-1.4.4-150200.4.6.1
libcolord2-debuginfo-1.4.4-150200.4.6.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
colord-debuginfo-1.4.4-150200.4.6.1
colord-debugsource-1.4.4-150200.4.6.1
libcolord2-1.4.4-150200.4.6.1
libcolord2-debuginfo-1.4.4-150200.4.6.1
References:
https://www.suse.com/security/cve/CVE-2021-42523.html
https://bugzilla.suse.com/1202802
1
0
SUSE-SU-2022:4159-1: moderate: Security update for strongswan
by opensuse-security@opensuse.org 22 Nov '22
by opensuse-security@opensuse.org 22 Nov '22
22 Nov '22
SUSE Security Update: Security update for strongswan
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4159-1
Rating: moderate
References: #1203556
Cross-References: CVE-2022-40617
CVSS scores:
CVE-2022-40617 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40617 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for strongswan fixes the following issues:
- CVE-2022-40617: Fixed that using untrusted URIs for revocation checking
could lead to denial of service (bsc#1203556)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4159=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4159=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4159=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4159=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
strongswan-5.8.2-150200.11.30.1
strongswan-debuginfo-5.8.2-150200.11.30.1
strongswan-debugsource-5.8.2-150200.11.30.1
strongswan-hmac-5.8.2-150200.11.30.1
strongswan-ipsec-5.8.2-150200.11.30.1
strongswan-ipsec-debuginfo-5.8.2-150200.11.30.1
strongswan-libs0-5.8.2-150200.11.30.1
strongswan-libs0-debuginfo-5.8.2-150200.11.30.1
strongswan-mysql-5.8.2-150200.11.30.1
strongswan-mysql-debuginfo-5.8.2-150200.11.30.1
strongswan-nm-5.8.2-150200.11.30.1
strongswan-nm-debuginfo-5.8.2-150200.11.30.1
strongswan-sqlite-5.8.2-150200.11.30.1
strongswan-sqlite-debuginfo-5.8.2-150200.11.30.1
- openSUSE Leap 15.3 (noarch):
strongswan-doc-5.8.2-150200.11.30.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
strongswan-debuginfo-5.8.2-150200.11.30.1
strongswan-debugsource-5.8.2-150200.11.30.1
strongswan-nm-5.8.2-150200.11.30.1
strongswan-nm-debuginfo-5.8.2-150200.11.30.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
strongswan-debuginfo-5.8.2-150200.11.30.1
strongswan-debugsource-5.8.2-150200.11.30.1
strongswan-nm-5.8.2-150200.11.30.1
strongswan-nm-debuginfo-5.8.2-150200.11.30.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
strongswan-5.8.2-150200.11.30.1
strongswan-debuginfo-5.8.2-150200.11.30.1
strongswan-debugsource-5.8.2-150200.11.30.1
strongswan-hmac-5.8.2-150200.11.30.1
strongswan-ipsec-5.8.2-150200.11.30.1
strongswan-ipsec-debuginfo-5.8.2-150200.11.30.1
strongswan-libs0-5.8.2-150200.11.30.1
strongswan-libs0-debuginfo-5.8.2-150200.11.30.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
strongswan-doc-5.8.2-150200.11.30.1
References:
https://www.suse.com/security/cve/CVE-2022-40617.html
https://bugzilla.suse.com/1203556
1
0
SUSE-SU-2022:4166-1: important: Security update for java-1_8_0-ibm
by opensuse-security@opensuse.org 22 Nov '22
by opensuse-security@opensuse.org 22 Nov '22
22 Nov '22
SUSE Security Update: Security update for java-1_8_0-ibm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4166-1
Rating: important
References: #1201684 #1201685 #1201692 #1201694 #1202427
#1204468 #1204471 #1204472 #1204473 #1204475
#1204480 #1205302
Cross-References: CVE-2022-21540 CVE-2022-21541 CVE-2022-21549
CVE-2022-21618 CVE-2022-21619 CVE-2022-21624
CVE-2022-21626 CVE-2022-21628 CVE-2022-34169
CVE-2022-39399
CVSS scores:
CVE-2022-21540 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21540 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21541 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-21541 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-21549 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21549 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21618 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21618 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21626 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21626 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-34169 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-34169 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-39399 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-39399 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 10 vulnerabilities and has two fixes
is now available.
Description:
This update for java-1_8_0-ibm fixes the following issues:
- CVE-2022-21626: An unauthenticated attacker with network access via
HTTPS can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204471).
- CVE-2022-21618: An unauthenticated attacker with network access via
Kerberos can compromise Oracle Java SE, Oracle GraalVM Enterprise
Edition (bsc#1204468).
- CVE-2022-21619: An unauthenticated attacker with network access via
multiple protocols to compromise Oracle Java SE (bsc#1204473).
- CVE-2022-21628: An unauthenticated attacker with network access via HTTP
can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204472).
- CVE-2022-21624: An unauthenticated attacker with network access via
multiple protocols to compromise Oracle Java SE, Oracle GraalVM
Enterprise (bsc#1204475).
- CVE-2022-39399: An unauthenticated attacker with network access via HTTP
can compromise Oracle Java SE, Oracle GraalVM Enterprise Edition
(bsc#1204480).
- CVE-2022-21549: Fixed exponentials issue (bsc#1201685).
- CVE-2022-21541: Fixed an improper restriction of
MethodHandle.invokeBasic() (bsc#1201692).
- CVE-2022-34169; Fixed an integer truncation issue in Xalan (bsc#1201684).
- CVE-2022-21540: Fixed a class compilation issue (bsc#1201694).
- Update to Java 8.0 Service Refresh 7 Fix Pack 20.
* Security:
- The IBM ORB Does Not Support Object-Serialisation Data Filtering
- Large Allocation In CipherSuite
- Avoid Evaluating Sslalgorithmconstraints Twice
- Cache The Results Of Constraint Checks
- An incorrect ShortBufferException is thrown by IBMJCEPlus,
IBMJCEPlusFIPS during cipher update operation
- Disable SHA-1 Signed Jars For Ea
- JSSE Performance Improvement
- Oracle Road Map Kerberos Deprecation Of 3DES And RC4 Encryption
* Java 8/Orb:
- Upgrade ibmcfw.jar To Version o2228.02
* Class Libraries:
- Crash In Libjsor.So During An Rdma Failover
- High CPU Consumption Observed In ZosEventPort$EventHandlerTask.run
- Update Timezone Information To The Latest tzdata2022c
* Jit Compiler:
- Crash During JIT Compilation
- Incorrect JIT Optimization Of Java Code
- Incorrect Return From Class.isArray()
- Unexpected ClassCastException
- Performance Regression When Calling VM Helper Code On X86
* X/Os Extentions:
- Add RSA-OAEP Cipher Function To IBMJCECCA
- Update to Java 8.0 Service Refresh 7 Fix Pack 16
* Java Virtual Machine
- Assertion failure at ClassLoaderRememberedSet.cpp
- Assertion failure at StandardAccessBarrier.cpp when
-Xgc:concurrentScavenge is set.
- GC can have unflushed ownable synchronizer objects which can
eventually lead to heap corruption and failure when
-Xgc:concurrentScavenge is set.
* JIT Compiler:
- Incorrect JIT optimization of Java code
- JAVA JIT Power: JIT compile time assert on AIX or LINUXPPC
* Reliability and Serviceability:
- javacore with "kill -3" SIGQUIT signal freezes Java process
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4166=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4166=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4166=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4166=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4166=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4166=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4166=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4166=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4166=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4166=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4166=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4166=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-4166=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-4166=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4166=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4166=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-demo-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-src-1.8.0_sr7.20-150000.3.65.1
- openSUSE Leap 15.4 (x86_64):
java-1_8_0-ibm-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- openSUSE Leap 15.3 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-demo-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-src-1.8.0_sr7.20-150000.3.65.1
- openSUSE Leap 15.3 (x86_64):
java-1_8_0-ibm-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-32bit-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Server 4.1 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Manager Proxy 4.1 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Server 15-LTSS (s390x):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Enterprise Storage 7 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE Enterprise Storage 6 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
- SUSE CaaS Platform 4.0 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.65.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.65.1
References:
https://www.suse.com/security/cve/CVE-2022-21540.html
https://www.suse.com/security/cve/CVE-2022-21541.html
https://www.suse.com/security/cve/CVE-2022-21549.html
https://www.suse.com/security/cve/CVE-2022-21618.html
https://www.suse.com/security/cve/CVE-2022-21619.html
https://www.suse.com/security/cve/CVE-2022-21624.html
https://www.suse.com/security/cve/CVE-2022-21626.html
https://www.suse.com/security/cve/CVE-2022-21628.html
https://www.suse.com/security/cve/CVE-2022-34169.html
https://www.suse.com/security/cve/CVE-2022-39399.html
https://bugzilla.suse.com/1201684
https://bugzilla.suse.com/1201685
https://bugzilla.suse.com/1201692
https://bugzilla.suse.com/1201694
https://bugzilla.suse.com/1202427
https://bugzilla.suse.com/1204468
https://bugzilla.suse.com/1204471
https://bugzilla.suse.com/1204472
https://bugzilla.suse.com/1204473
https://bugzilla.suse.com/1204475
https://bugzilla.suse.com/1204480
https://bugzilla.suse.com/1205302
1
0
SUSE-SU-2022:4167-1: important: Security update for krb5
by opensuse-security@opensuse.org 22 Nov '22
by opensuse-security@opensuse.org 22 Nov '22
22 Nov '22
SUSE Security Update: Security update for krb5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4167-1
Rating: important
References: #1205126
Cross-References: CVE-2022-42898
CVSS scores:
CVE-2022-42898 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for krb5 fixes the following issues:
- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4167=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4167=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4167=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4167=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4167=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4167=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
krb5-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-client-1.19.2-150300.7.7.1
krb5-client-debuginfo-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
krb5-devel-1.19.2-150300.7.7.1
krb5-mini-1.19.2-150300.7.7.1
krb5-mini-debuginfo-1.19.2-150300.7.7.1
krb5-mini-debugsource-1.19.2-150300.7.7.1
krb5-mini-devel-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.7.7.1
krb5-server-1.19.2-150300.7.7.1
krb5-server-debuginfo-1.19.2-150300.7.7.1
- openSUSE Leap 15.3 (x86_64):
krb5-32bit-1.19.2-150300.7.7.1
krb5-32bit-debuginfo-1.19.2-150300.7.7.1
krb5-devel-32bit-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-1.19.2-150300.7.7.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.7.7.1
krb5-server-1.19.2-150300.7.7.1
krb5-server-debuginfo-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-client-1.19.2-150300.7.7.1
krb5-client-debuginfo-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
krb5-devel-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-1.19.2-150300.7.7.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-1.19.2-150300.7.7.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-1.19.2-150300.7.7.1
krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
krb5-32bit-1.19.2-150300.7.7.1
krb5-32bit-debuginfo-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
krb5-1.19.2-150300.7.7.1
krb5-debuginfo-1.19.2-150300.7.7.1
krb5-debugsource-1.19.2-150300.7.7.1
References:
https://www.suse.com/security/cve/CVE-2022-42898.html
https://bugzilla.suse.com/1205126
1
0
SUSE-SU-2022:4153-1: important: Security update for krb5
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for krb5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4153-1
Rating: important
References: #1205126
Cross-References: CVE-2022-42898
CVSS scores:
CVE-2022-42898 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for krb5 fixes the following issues:
- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4153=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4153=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4153=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4153=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4153=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
krb5-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150400.3.3.1
krb5-client-1.19.2-150400.3.3.1
krb5-client-debuginfo-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
krb5-devel-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-spake-1.19.2-150400.3.3.1
krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.3.1
krb5-server-1.19.2-150400.3.3.1
krb5-server-debuginfo-1.19.2-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
krb5-32bit-1.19.2-150400.3.3.1
krb5-32bit-debuginfo-1.19.2-150400.3.3.1
krb5-devel-32bit-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-1.19.2-150400.3.3.1
krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.3.1
krb5-server-1.19.2-150400.3.3.1
krb5-server-debuginfo-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
krb5-1.19.2-150400.3.3.1
krb5-client-1.19.2-150400.3.3.1
krb5-client-debuginfo-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
krb5-devel-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-1.19.2-150400.3.3.1
krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-1.19.2-150400.3.3.1
krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
krb5-32bit-1.19.2-150400.3.3.1
krb5-32bit-debuginfo-1.19.2-150400.3.3.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
krb5-1.19.2-150400.3.3.1
krb5-debuginfo-1.19.2-150400.3.3.1
krb5-debugsource-1.19.2-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-42898.html
https://bugzilla.suse.com/1205126
1
0
SUSE-SU-2022:4141-1: important: Security update for grub2
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for grub2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4141-1
Rating: important
References: #1205178 #1205182
Cross-References: CVE-2022-2601 CVE-2022-3775
CVSS scores:
CVE-2022-2601 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3775 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for grub2 fixes the following issues:
- CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph
(bsc#1205178).
- CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182).
Other:
- Bump upstream SBAT generation to 3
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4141=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4141=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4141=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-4141=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4141=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4141=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
grub2-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
grub2-debugsource-2.06-150400.11.17.1
- openSUSE Leap Micro 5.3 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
grub2-x86_64-xen-2.06-150400.11.17.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
grub2-2.06-150400.11.17.1
grub2-branding-upstream-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
- openSUSE Leap 15.4 (aarch64 s390x x86_64):
grub2-debugsource-2.06-150400.11.17.1
- openSUSE Leap 15.4 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-arm64-efi-debug-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-i386-pc-debug-2.06-150400.11.17.1
grub2-powerpc-ieee1275-2.06-150400.11.17.1
grub2-powerpc-ieee1275-debug-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-systemd-sleep-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
grub2-x86_64-efi-debug-2.06-150400.11.17.1
grub2-x86_64-xen-2.06-150400.11.17.1
- openSUSE Leap 15.4 (s390x):
grub2-s390x-emu-2.06-150400.11.17.1
grub2-s390x-emu-debug-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
grub2-x86_64-xen-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
grub2-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 s390x x86_64):
grub2-debugsource-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-powerpc-ieee1275-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-systemd-sleep-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):
grub2-s390x-emu-2.06-150400.11.17.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
grub2-2.06-150400.11.17.1
grub2-debuginfo-2.06-150400.11.17.1
grub2-debugsource-2.06-150400.11.17.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
grub2-arm64-efi-2.06-150400.11.17.1
grub2-i386-pc-2.06-150400.11.17.1
grub2-snapper-plugin-2.06-150400.11.17.1
grub2-x86_64-efi-2.06-150400.11.17.1
grub2-x86_64-xen-2.06-150400.11.17.1
- SUSE Linux Enterprise Micro 5.3 (s390x):
grub2-s390x-emu-2.06-150400.11.17.1
References:
https://www.suse.com/security/cve/CVE-2022-2601.html
https://www.suse.com/security/cve/CVE-2022-3775.html
https://bugzilla.suse.com/1205178
https://bugzilla.suse.com/1205182
1
0
SUSE-SU-2022:4146-1: moderate: Security update for binutils
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for binutils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4146-1
Rating: moderate
References: #1142579 #1185597 #1185712 #1188374 #1191473
#1193929 #1194783 #1197592 #1198237 #1202816
#1202966 #1202967 #1202969 PED-2029 PED-2030
PED-2031 PED-2032 PED-2033 PED-2034 PED-2035
PED-2038 SLE-25046 SLE-25047
Cross-References: CVE-2019-1010204 CVE-2021-3530 CVE-2021-3648
CVE-2021-3826 CVE-2021-45078 CVE-2021-46195
CVE-2022-27943 CVE-2022-38126 CVE-2022-38127
CVE-2022-38533
CVSS scores:
CVE-2019-1010204 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-1010204 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-3530 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3530 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3648 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3826 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3826 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CVE-2021-45078 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-45078 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-46195 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-46195 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-27943 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-27943 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38126 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38126 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38127 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38127 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38533 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-38533 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 10 vulnerabilities, contains 10
features and has three fixes is now available.
Description:
This update for binutils fixes the following issues:
The following security bugs were fixed:
- CVE-2019-1010204: Fixed out-of-bounds read in elfcpp/elfcpp_file.h
(bsc#1142579).
- CVE-2021-3530: Fixed stack-based buffer overflow in demangle_path() in
rust-demangle.c (bsc#1185597).
- CVE-2021-3648: Fixed infinite loop while demangling rust symbols
(bsc#1188374).
- CVE-2021-3826: Fixed heap/stack buffer overflow in the dlang_lname
function in d-demangle.c (bsc#1202969).
- CVE-2021-45078: Fixed out-of-bounds write in stab_xcoff_builtin_type()
in stabs.c (bsc#1193929).
- CVE-2021-46195: Fixed uncontrolled recursion in
libiberty/rust-demangle.c (bsc#1194783).
- CVE-2022-27943: Fixed stack exhaustion in demangle_const in
(bsc#1197592).
- CVE-2022-38126: Fixed assertion fail in the display_debug_names()
function in binutils/dwarf.c (bsc#1202966).
- CVE-2022-38127: Fixed NULL pointer dereference in the
read_and_display_attr_value() function in binutils/dwarf.c (bsc#1202967).
- CVE-2022-38533: Fixed heap out-of-bounds read in bfd_getl32
(bsc#1202816).
The following non-security bugs were fixed:
- SLE toolchain update of binutils, update to 2.39 from 2.37.
- Update to 2.39:
* The ELF linker will now generate a warning message if the stack is
made executable. Similarly it will warn if the output binary contains
a segment with all three of the read, write and execute permission
bits set. These warnings are intended to help developers identify
programs which might be vulnerable to attack via these executable
memory regions. The warnings are enabled by default but can be
disabled via a command line option. It is also possible to build a
linker with the warnings disabled, should that be necessary.
* The ELF linker now supports a --package-metadata option that allows
embedding a JSON payload in accordance to the Package Metadata
specification.
* In linker scripts it is now possible to use TYPE=<type> in an output
section description to set the section type value.
* The objdump program now supports coloured/colored syntax highlighting
of its disassembler output for some architectures. (Currently: AVR,
RiscV, s390, x86, x86_64).
* The nm program now supports a --no-weak/-W option to make it ignore
weak symbols.
* The readelf and objdump programs now support a -wE option to prevent
them from attempting to access debuginfod servers when following links.
* The objcopy program's --weaken, --weaken-symbol, and
--weaken-symbols options now works with unique symbols as well.
- Update to 2.38:
* elfedit: Add --output-abiversion option to update ABIVERSION.
* Add support for the LoongArch instruction set.
* Tools which display symbols or strings (readelf, strings, nm, objdump)
have a new command line option which controls how unicode characters
are handled. By default they are treated as normal for the tool.
Using
--unicode=locale will display them according to the current locale.
Using --unicode=hex will display them as hex byte values, whilst
--unicode=escape will display them as escape sequences. In addition
using --unicode=highlight will display them as unicode escape
sequences highlighted in red (if supported by the output device).
* readelf -r dumps RELR relative relocations now.
* Support for efi-app-aarch64, efi-rtdrv-aarch64 and efi-bsdrv-aarch64
has been added to objcopy in order to enable UEFI development using
binutils.
* ar: Add --thin for creating thin archives. -T is a deprecated alias
without diagnostics. In many ar implementations -T has a different
meaning, as specified by X/Open System Interface.
* Add support for AArch64 system registers that were missing in previous
releases.
* Add support for the LoongArch instruction set.
* Add a command-line option, -muse-unaligned-vector-move, for x86 target
to encode aligned vector move as unaligned vector move.
* Add support for Cortex-R52+ for Arm.
* Add support for Cortex-A510, Cortex-A710, Cortex-X2 for AArch64.
* Add support for Cortex-A710 for Arm.
* Add support for Scalable Matrix Extension (SME) for AArch64.
* The --multibyte-handling=[allow|warn|warn-sym-only] option tells the
assembler what to when it encoutners multibyte characters in the
input. The default is to allow them. Setting the option to "warn"
will generate a warning message whenever any multibyte character is
encountered. Using the
option to "warn-sym-only" will make the assembler generate a warning
whenever a symbol is defined containing multibyte characters.
(References to undefined symbols will not generate warnings).
* Outputs of .ds.x directive and .tfloat directive with hex input from
x86 assembler have been reduced from 12 bytes to 10 bytes to match the
output of .tfloat directive.
* Add support for 'armv8.8-a', 'armv9-a', 'armv9.1-a', 'armv9.2-a' and
'armv9.3-a' for -march in AArch64 GAS.
* Add support for 'armv8.7-a', 'armv8.8-a', 'armv9-a', 'armv9.1-a',
'armv9.2-a' and 'armv9.3-a' for -march in Arm GAS.
* Add support for Intel AVX512_FP16 instructions.
* Add -z pack-relative-relocs/-z no pack-relative-relocs to x86 ELF
linker to pack relative relocations in the DT_RELR section.
* Add support for the LoongArch architecture.
* Add -z indirect-extern-access/-z noindirect-extern-access to x86 ELF
linker to control canonical function pointers and copy relocation.
* Add --max-cache-size=SIZE to set the the maximum cache size to SIZE
bytes.
- Explicitly enable --enable-warn-execstack=yes and
--enable-warn-rwx-segments=yes.
- Add gprofng subpackage.
- Include recognition of 'z16' name for 'arch14' on s390. (bsc#1198237).
- Add back fix for bsc#1191473, which got lost in the update to 2.38.
- Install symlinks for all target specific tools on arm-eabi-none
(bsc#1185712).
- Enable PRU architecture for AM335x CPU (Beagle Bone Black board)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4146=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4146=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4146=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4146=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4146=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4146=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4146=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4146=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4146=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4146=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4146=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4146=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4146=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4146=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4146=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4146=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4146=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4146=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4146=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4146=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-2.39-150100.7.40.1
cross-arm-binutils-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-debugsource-2.39-150100.7.40.1
cross-avr-binutils-2.39-150100.7.40.1
cross-avr-binutils-debuginfo-2.39-150100.7.40.1
cross-avr-binutils-debugsource-2.39-150100.7.40.1
cross-epiphany-binutils-2.39-150100.7.40.1
cross-epiphany-binutils-debuginfo-2.39-150100.7.40.1
cross-epiphany-binutils-debugsource-2.39-150100.7.40.1
cross-hppa-binutils-2.39-150100.7.40.1
cross-hppa-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa-binutils-debugsource-2.39-150100.7.40.1
cross-hppa64-binutils-2.39-150100.7.40.1
cross-hppa64-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa64-binutils-debugsource-2.39-150100.7.40.1
cross-i386-binutils-2.39-150100.7.40.1
cross-i386-binutils-debuginfo-2.39-150100.7.40.1
cross-i386-binutils-debugsource-2.39-150100.7.40.1
cross-ia64-binutils-2.39-150100.7.40.1
cross-ia64-binutils-debuginfo-2.39-150100.7.40.1
cross-ia64-binutils-debugsource-2.39-150100.7.40.1
cross-m68k-binutils-2.39-150100.7.40.1
cross-m68k-binutils-debuginfo-2.39-150100.7.40.1
cross-m68k-binutils-debugsource-2.39-150100.7.40.1
cross-mips-binutils-2.39-150100.7.40.1
cross-mips-binutils-debuginfo-2.39-150100.7.40.1
cross-mips-binutils-debugsource-2.39-150100.7.40.1
cross-ppc-binutils-2.39-150100.7.40.1
cross-ppc-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc-binutils-debugsource-2.39-150100.7.40.1
cross-ppc64-binutils-2.39-150100.7.40.1
cross-ppc64-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64-binutils-debugsource-2.39-150100.7.40.1
cross-riscv64-binutils-2.39-150100.7.40.1
cross-riscv64-binutils-debuginfo-2.39-150100.7.40.1
cross-riscv64-binutils-debugsource-2.39-150100.7.40.1
cross-rx-binutils-2.39-150100.7.40.1
cross-rx-binutils-debuginfo-2.39-150100.7.40.1
cross-rx-binutils-debugsource-2.39-150100.7.40.1
cross-s390-binutils-2.39-150100.7.40.1
cross-s390-binutils-debuginfo-2.39-150100.7.40.1
cross-s390-binutils-debugsource-2.39-150100.7.40.1
cross-sparc-binutils-2.39-150100.7.40.1
cross-sparc-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc-binutils-debugsource-2.39-150100.7.40.1
cross-sparc64-binutils-2.39-150100.7.40.1
cross-sparc64-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc64-binutils-debugsource-2.39-150100.7.40.1
cross-spu-binutils-2.39-150100.7.40.1
cross-spu-binutils-debuginfo-2.39-150100.7.40.1
cross-spu-binutils-debugsource-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
cross-s390x-binutils-2.39-150100.7.40.1
cross-s390x-binutils-debuginfo-2.39-150100.7.40.1
cross-s390x-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x):
cross-x86_64-binutils-2.39-150100.7.40.1
cross-x86_64-binutils-debuginfo-2.39-150100.7.40.1
cross-x86_64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (ppc64le s390x x86_64):
cross-aarch64-binutils-2.39-150100.7.40.1
cross-aarch64-binutils-debuginfo-2.39-150100.7.40.1
cross-aarch64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (aarch64 s390x x86_64):
cross-ppc64le-binutils-2.39-150100.7.40.1
cross-ppc64le-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64le-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.4 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-2.39-150100.7.40.1
cross-arm-binutils-debuginfo-2.39-150100.7.40.1
cross-arm-binutils-debugsource-2.39-150100.7.40.1
cross-avr-binutils-2.39-150100.7.40.1
cross-avr-binutils-debuginfo-2.39-150100.7.40.1
cross-avr-binutils-debugsource-2.39-150100.7.40.1
cross-epiphany-binutils-2.39-150100.7.40.1
cross-epiphany-binutils-debuginfo-2.39-150100.7.40.1
cross-epiphany-binutils-debugsource-2.39-150100.7.40.1
cross-hppa-binutils-2.39-150100.7.40.1
cross-hppa-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa-binutils-debugsource-2.39-150100.7.40.1
cross-hppa64-binutils-2.39-150100.7.40.1
cross-hppa64-binutils-debuginfo-2.39-150100.7.40.1
cross-hppa64-binutils-debugsource-2.39-150100.7.40.1
cross-i386-binutils-2.39-150100.7.40.1
cross-i386-binutils-debuginfo-2.39-150100.7.40.1
cross-i386-binutils-debugsource-2.39-150100.7.40.1
cross-ia64-binutils-2.39-150100.7.40.1
cross-ia64-binutils-debuginfo-2.39-150100.7.40.1
cross-ia64-binutils-debugsource-2.39-150100.7.40.1
cross-m68k-binutils-2.39-150100.7.40.1
cross-m68k-binutils-debuginfo-2.39-150100.7.40.1
cross-m68k-binutils-debugsource-2.39-150100.7.40.1
cross-mips-binutils-2.39-150100.7.40.1
cross-mips-binutils-debuginfo-2.39-150100.7.40.1
cross-mips-binutils-debugsource-2.39-150100.7.40.1
cross-ppc-binutils-2.39-150100.7.40.1
cross-ppc-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc-binutils-debugsource-2.39-150100.7.40.1
cross-ppc64-binutils-2.39-150100.7.40.1
cross-ppc64-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64-binutils-debugsource-2.39-150100.7.40.1
cross-riscv64-binutils-2.39-150100.7.40.1
cross-riscv64-binutils-debuginfo-2.39-150100.7.40.1
cross-riscv64-binutils-debugsource-2.39-150100.7.40.1
cross-rx-binutils-2.39-150100.7.40.1
cross-rx-binutils-debuginfo-2.39-150100.7.40.1
cross-rx-binutils-debugsource-2.39-150100.7.40.1
cross-s390-binutils-2.39-150100.7.40.1
cross-s390-binutils-debuginfo-2.39-150100.7.40.1
cross-s390-binutils-debugsource-2.39-150100.7.40.1
cross-sparc-binutils-2.39-150100.7.40.1
cross-sparc-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc-binutils-debugsource-2.39-150100.7.40.1
cross-sparc64-binutils-2.39-150100.7.40.1
cross-sparc64-binutils-debuginfo-2.39-150100.7.40.1
cross-sparc64-binutils-debugsource-2.39-150100.7.40.1
cross-spu-binutils-2.39-150100.7.40.1
cross-spu-binutils-debuginfo-2.39-150100.7.40.1
cross-spu-binutils-debugsource-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le x86_64):
cross-s390x-binutils-2.39-150100.7.40.1
cross-s390x-binutils-debuginfo-2.39-150100.7.40.1
cross-s390x-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x):
cross-x86_64-binutils-2.39-150100.7.40.1
cross-x86_64-binutils-debuginfo-2.39-150100.7.40.1
cross-x86_64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (ppc64le s390x x86_64):
cross-aarch64-binutils-2.39-150100.7.40.1
cross-aarch64-binutils-debuginfo-2.39-150100.7.40.1
cross-aarch64-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (aarch64 s390x x86_64):
cross-ppc64le-binutils-2.39-150100.7.40.1
cross-ppc64le-binutils-debuginfo-2.39-150100.7.40.1
cross-ppc64le-binutils-debugsource-2.39-150100.7.40.1
- openSUSE Leap 15.3 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Manager Server 4.1 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Manager Proxy 4.1 (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-gold-2.39-150100.7.40.1
binutils-gold-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (x86_64):
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (x86_64):
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Enterprise Storage 7 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
- SUSE Enterprise Storage 6 (x86_64):
binutils-devel-32bit-2.39-150100.7.40.1
- SUSE CaaS Platform 4.0 (x86_64):
binutils-2.39-150100.7.40.1
binutils-debuginfo-2.39-150100.7.40.1
binutils-debugsource-2.39-150100.7.40.1
binutils-devel-2.39-150100.7.40.1
binutils-devel-32bit-2.39-150100.7.40.1
libctf-nobfd0-2.39-150100.7.40.1
libctf-nobfd0-debuginfo-2.39-150100.7.40.1
libctf0-2.39-150100.7.40.1
libctf0-debuginfo-2.39-150100.7.40.1
References:
https://www.suse.com/security/cve/CVE-2019-1010204.html
https://www.suse.com/security/cve/CVE-2021-3530.html
https://www.suse.com/security/cve/CVE-2021-3648.html
https://www.suse.com/security/cve/CVE-2021-3826.html
https://www.suse.com/security/cve/CVE-2021-45078.html
https://www.suse.com/security/cve/CVE-2021-46195.html
https://www.suse.com/security/cve/CVE-2022-27943.html
https://www.suse.com/security/cve/CVE-2022-38126.html
https://www.suse.com/security/cve/CVE-2022-38127.html
https://www.suse.com/security/cve/CVE-2022-38533.html
https://bugzilla.suse.com/1142579
https://bugzilla.suse.com/1185597
https://bugzilla.suse.com/1185712
https://bugzilla.suse.com/1188374
https://bugzilla.suse.com/1191473
https://bugzilla.suse.com/1193929
https://bugzilla.suse.com/1194783
https://bugzilla.suse.com/1197592
https://bugzilla.suse.com/1198237
https://bugzilla.suse.com/1202816
https://bugzilla.suse.com/1202966
https://bugzilla.suse.com/1202967
https://bugzilla.suse.com/1202969
1
0
SUSE-SU-2022:4147-1: important: Security update for kubevirt stack
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for kubevirt stack
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4147-1
Rating: important
References:
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update provides rebuilds of the kubevirt containers with up to date
base images, fixing various security issues.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4147=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4147=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-4147=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4147=1
Package List:
- openSUSE Leap Micro 5.3 (x86_64):
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
- openSUSE Leap 15.4 (x86_64):
kubevirt-container-disk-0.54.0-150400.3.7.1
kubevirt-container-disk-debuginfo-0.54.0-150400.3.7.1
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-tests-0.54.0-150400.3.7.1
kubevirt-tests-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-api-0.54.0-150400.3.7.1
kubevirt-virt-api-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-controller-0.54.0-150400.3.7.1
kubevirt-virt-controller-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-handler-0.54.0-150400.3.7.1
kubevirt-virt-handler-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-launcher-0.54.0-150400.3.7.1
kubevirt-virt-launcher-debuginfo-0.54.0-150400.3.7.1
kubevirt-virt-operator-0.54.0-150400.3.7.1
kubevirt-virt-operator-debuginfo-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
obs-service-kubevirt_containers_meta-0.54.0-150400.3.7.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64):
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
kubevirt-manifests-0.54.0-150400.3.7.1
kubevirt-virtctl-0.54.0-150400.3.7.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.7.1
References:
1
0
SUSE-SU-2022:4148-1: important: Security update for pixman
by opensuse-security@opensuse.org 21 Nov '22
by opensuse-security@opensuse.org 21 Nov '22
21 Nov '22
SUSE Security Update: Security update for pixman
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4148-1
Rating: important
References: #1205033
Cross-References: CVE-2022-44638
CVSS scores:
CVE-2022-44638 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-44638 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pixman fixes the following issues:
- CVE-2022-44638: Fixed an integer overflow in pixman_sample_floor_y
leading to heap out-of-bounds write (bsc#1205033).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4148=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4148=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4148=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4148=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4148=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4148=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4148=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4148=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4148=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4148=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4148=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4148=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4148=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4148=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4148=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4148=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4148=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4148=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4148=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4148=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4148=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- openSUSE Leap 15.3 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Manager Server 4.1 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Manager Proxy 4.1 (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 7 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
- SUSE Enterprise Storage 6 (x86_64):
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
- SUSE CaaS Platform 4.0 (x86_64):
libpixman-1-0-0.34.0-150000.7.5.1
libpixman-1-0-32bit-0.34.0-150000.7.5.1
libpixman-1-0-32bit-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-debuginfo-0.34.0-150000.7.5.1
libpixman-1-0-devel-0.34.0-150000.7.5.1
pixman-debugsource-0.34.0-150000.7.5.1
References:
https://www.suse.com/security/cve/CVE-2022-44638.html
https://bugzilla.suse.com/1205033
1
0
openSUSE-SU-2022:10209-1: moderate: Security update for tor
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for tor
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10209-1
Rating: moderate
References: #1205307
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tor fixes the following issues:
tor 0.4.7.11:
* Improve security of DNS cache by randomly clipping the TTL value
(boo#1205307, TROVE-2021-009)
* Improved defenses against network-wide DoS, multiple counters and
metrics added to MetricsPorts
* Apply circuit creation anti-DoS defenses if the outbound circuit max
cell queue size is reached too many times. This introduces two new
consensus parameters to control the queue size limit and number of
times allowed to go over that limit.
* Directory authority updates
* IPFire database and geoip updates
* Bump the maximum amount of CPU that can be used from 16 to 128. The
NumCPUs torrc option overrides this hardcoded maximum.
* onion service: set a higher circuit build timeout for opened client
rendezvous circuit to avoid timeouts and retry load
* Make the service retry a rendezvous if the circuit is being repurposed
for measurements
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10209=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10209=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
tor-0.4.7.11-bp154.2.9.1
tor-debuginfo-0.4.7.11-bp154.2.9.1
tor-debugsource-0.4.7.11-bp154.2.9.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
tor-0.4.7.11-bp153.2.21.1
References:
https://bugzilla.suse.com/1205307
1
0
openSUSE-SU-2022:10208-1: moderate: Security update for libpano
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for libpano
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10208-1
Rating: moderate
References: #1197011
Cross-References: CVE-2021-33293
CVSS scores:
CVE-2021-33293 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libpano fixes the following issues:
- CVE-2021-33293: Fixes out-of-bounds read in the function
panoParserFindOLine() in parser.c. (boo#1197011)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10208=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
libpano-devel-2.9.19-bp153.3.3.1
libpano-utils-2.9.19-bp153.3.3.1
libpano13-3-2.9.19-bp153.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-33293.html
https://bugzilla.suse.com/1197011
1
0
openSUSE-SU-2022:10206-1: moderate: Security update for tumbler
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for tumbler
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10206-1
Rating: moderate
References: #1203644 #1205210
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tumbler fixes the following issues:
tumbler was updated to version 4.16.1 (boo#1205210)
* gst-thumbnailer: Add mime type check (gxo#xfce/tumbler#65)
* desktop-thumbnailer: Guard against null path
* Fix typo in gthread version (gxo#xfce/tumbler!14)
- Add Recommends: ffmpegthumbnailer
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10206=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
libtumbler-1-0-4.16.1-bp153.2.3.1
tumbler-4.16.1-bp153.2.3.1
tumbler-devel-4.16.1-bp153.2.3.1
tumbler-folder-thumbnailer-4.16.1-bp153.2.3.1
tumbler-webp-thumbnailer-4.16.1-bp153.2.3.1
- openSUSE Backports SLE-15-SP3 (noarch):
tumbler-doc-4.16.1-bp153.2.3.1
tumbler-lang-4.16.1-bp153.2.3.1
References:
https://bugzilla.suse.com/1203644
https://bugzilla.suse.com/1205210
1
0
openSUSE-SU-2022:10207-1: moderate: Security update for tumbler
by opensuse-security@opensuse.org 20 Nov '22
by opensuse-security@opensuse.org 20 Nov '22
20 Nov '22
openSUSE Security Update: Security update for tumbler
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10207-1
Rating: moderate
References: #1203644 #1205210
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tumbler fixes the following issues:
tumbler was updated to version 4.16.1 (boo#1205210)
* gst-thumbnailer: Add mime type check (gxo#xfce/tumbler#65)
* desktop-thumbnailer: Guard against null path
* Fix typo in gthread version (gxo#xfce/tumbler!14)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10207=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64):
libtumbler-1-0-4.16.1-bp154.3.3.1
tumbler-4.16.1-bp154.3.3.1
tumbler-devel-4.16.1-bp154.3.3.1
tumbler-folder-thumbnailer-4.16.1-bp154.3.3.1
tumbler-webp-thumbnailer-4.16.1-bp154.3.3.1
- openSUSE Backports SLE-15-SP4 (noarch):
tumbler-doc-4.16.1-bp154.3.3.1
tumbler-lang-4.16.1-bp154.3.3.1
References:
https://bugzilla.suse.com/1203644
https://bugzilla.suse.com/1205210
1
0
18 Nov '22
SUSE Security Update: Security update for 389-ds
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4124-1
Rating: low
References: #1194119 #1204493 #1204748 #1205146
Cross-References: CVE-2021-45710
CVSS scores:
CVE-2021-45710 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45710 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves one vulnerability and has three fixes
is now available.
Description:
This update for 389-ds fixes the following issues:
- CVE-2021-45710: Fixed tokio data race with memory corruption
(bsc#1194119).
- Update to version 2.0.16~git56.d15a0a7.
- Failure to migrate from openldap if pwdPolicyChecker present
(bsc#1205146).
- Resolve issue with checklist post migration when dds is present
(bsc#1204748).
- Improve reliability of migrations from openldap when dynamic directory
services is configured (bsc#1204493).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4124=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4124=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
389-ds-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-debuginfo-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-debugsource-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-devel-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-snmp-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-snmp-debuginfo-1.4.4.19~git59.136fc84-150300.3.27.1
lib389-1.4.4.19~git59.136fc84-150300.3.27.1
libsvrcore0-1.4.4.19~git59.136fc84-150300.3.27.1
libsvrcore0-debuginfo-1.4.4.19~git59.136fc84-150300.3.27.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
389-ds-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-debuginfo-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-debugsource-1.4.4.19~git59.136fc84-150300.3.27.1
389-ds-devel-1.4.4.19~git59.136fc84-150300.3.27.1
lib389-1.4.4.19~git59.136fc84-150300.3.27.1
libsvrcore0-1.4.4.19~git59.136fc84-150300.3.27.1
libsvrcore0-debuginfo-1.4.4.19~git59.136fc84-150300.3.27.1
References:
https://www.suse.com/security/cve/CVE-2021-45710.html
https://bugzilla.suse.com/1194119
https://bugzilla.suse.com/1204493
https://bugzilla.suse.com/1204748
https://bugzilla.suse.com/1205146
1
0
SUSE-SU-2022:4130-1: important: Security update for frr
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for frr
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4130-1
Rating: important
References: #1202085 #1204124
Cross-References: CVE-2022-37035 CVE-2022-42917
CVSS scores:
CVE-2022-37035 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37035 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for frr fixes the following issues:
- CVE-2022-37035: Fixed a possible use-after-free due to a race condition
related to bgp_notify_send_with_data() and bgp_process_packet()
(bsc#1202085).
- CVE-2022-42917: Fixed a privilege escalation from frr to root in frr
config creation (bsc#1204124).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4130=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4130=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4130=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4130=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
frr-7.4-150300.4.10.1
frr-debuginfo-7.4-150300.4.10.1
frr-debugsource-7.4-150300.4.10.1
frr-devel-7.4-150300.4.10.1
libfrr0-7.4-150300.4.10.1
libfrr0-debuginfo-7.4-150300.4.10.1
libfrr_pb0-7.4-150300.4.10.1
libfrr_pb0-debuginfo-7.4-150300.4.10.1
libfrrcares0-7.4-150300.4.10.1
libfrrcares0-debuginfo-7.4-150300.4.10.1
libfrrfpm_pb0-7.4-150300.4.10.1
libfrrfpm_pb0-debuginfo-7.4-150300.4.10.1
libfrrgrpc_pb0-7.4-150300.4.10.1
libfrrgrpc_pb0-debuginfo-7.4-150300.4.10.1
libfrrospfapiclient0-7.4-150300.4.10.1
libfrrospfapiclient0-debuginfo-7.4-150300.4.10.1
libfrrsnmp0-7.4-150300.4.10.1
libfrrsnmp0-debuginfo-7.4-150300.4.10.1
libfrrzmq0-7.4-150300.4.10.1
libfrrzmq0-debuginfo-7.4-150300.4.10.1
libmlag_pb0-7.4-150300.4.10.1
libmlag_pb0-debuginfo-7.4-150300.4.10.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
frr-7.4-150300.4.10.1
frr-debuginfo-7.4-150300.4.10.1
frr-debugsource-7.4-150300.4.10.1
frr-devel-7.4-150300.4.10.1
libfrr0-7.4-150300.4.10.1
libfrr0-debuginfo-7.4-150300.4.10.1
libfrr_pb0-7.4-150300.4.10.1
libfrr_pb0-debuginfo-7.4-150300.4.10.1
libfrrcares0-7.4-150300.4.10.1
libfrrcares0-debuginfo-7.4-150300.4.10.1
libfrrfpm_pb0-7.4-150300.4.10.1
libfrrfpm_pb0-debuginfo-7.4-150300.4.10.1
libfrrgrpc_pb0-7.4-150300.4.10.1
libfrrgrpc_pb0-debuginfo-7.4-150300.4.10.1
libfrrospfapiclient0-7.4-150300.4.10.1
libfrrospfapiclient0-debuginfo-7.4-150300.4.10.1
libfrrsnmp0-7.4-150300.4.10.1
libfrrsnmp0-debuginfo-7.4-150300.4.10.1
libfrrzmq0-7.4-150300.4.10.1
libfrrzmq0-debuginfo-7.4-150300.4.10.1
libmlag_pb0-7.4-150300.4.10.1
libmlag_pb0-debuginfo-7.4-150300.4.10.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
frr-7.4-150300.4.10.1
frr-debuginfo-7.4-150300.4.10.1
frr-debugsource-7.4-150300.4.10.1
frr-devel-7.4-150300.4.10.1
libfrr0-7.4-150300.4.10.1
libfrr0-debuginfo-7.4-150300.4.10.1
libfrr_pb0-7.4-150300.4.10.1
libfrr_pb0-debuginfo-7.4-150300.4.10.1
libfrrcares0-7.4-150300.4.10.1
libfrrcares0-debuginfo-7.4-150300.4.10.1
libfrrfpm_pb0-7.4-150300.4.10.1
libfrrfpm_pb0-debuginfo-7.4-150300.4.10.1
libfrrgrpc_pb0-7.4-150300.4.10.1
libfrrgrpc_pb0-debuginfo-7.4-150300.4.10.1
libfrrospfapiclient0-7.4-150300.4.10.1
libfrrospfapiclient0-debuginfo-7.4-150300.4.10.1
libfrrsnmp0-7.4-150300.4.10.1
libfrrsnmp0-debuginfo-7.4-150300.4.10.1
libfrrzmq0-7.4-150300.4.10.1
libfrrzmq0-debuginfo-7.4-150300.4.10.1
libmlag_pb0-7.4-150300.4.10.1
libmlag_pb0-debuginfo-7.4-150300.4.10.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
frr-7.4-150300.4.10.1
frr-debuginfo-7.4-150300.4.10.1
frr-debugsource-7.4-150300.4.10.1
frr-devel-7.4-150300.4.10.1
libfrr0-7.4-150300.4.10.1
libfrr0-debuginfo-7.4-150300.4.10.1
libfrr_pb0-7.4-150300.4.10.1
libfrr_pb0-debuginfo-7.4-150300.4.10.1
libfrrcares0-7.4-150300.4.10.1
libfrrcares0-debuginfo-7.4-150300.4.10.1
libfrrfpm_pb0-7.4-150300.4.10.1
libfrrfpm_pb0-debuginfo-7.4-150300.4.10.1
libfrrgrpc_pb0-7.4-150300.4.10.1
libfrrgrpc_pb0-debuginfo-7.4-150300.4.10.1
libfrrospfapiclient0-7.4-150300.4.10.1
libfrrospfapiclient0-debuginfo-7.4-150300.4.10.1
libfrrsnmp0-7.4-150300.4.10.1
libfrrsnmp0-debuginfo-7.4-150300.4.10.1
libfrrzmq0-7.4-150300.4.10.1
libfrrzmq0-debuginfo-7.4-150300.4.10.1
libmlag_pb0-7.4-150300.4.10.1
libmlag_pb0-debuginfo-7.4-150300.4.10.1
References:
https://www.suse.com/security/cve/CVE-2022-37035.html
https://www.suse.com/security/cve/CVE-2022-42917.html
https://bugzilla.suse.com/1202085
https://bugzilla.suse.com/1204124
1
0
SUSE-SU-2022:4084-1: important: Security update for nodejs16
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for nodejs16
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4084-1
Rating: important
References: #1205119
Cross-References: CVE-2022-43548
CVSS scores:
CVE-2022-43548 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for nodejs16 fixes the following issues:
- Update to LTS versino 16.18.1.
- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP
address (bsc#1205119).
- Update to LTS version 16.18.0:
* http: throw error on content-length mismatch
* stream: add ReadableByteStream.tee()
* deps: npm updated to 8.19.2
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4084=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-4084=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs16-16.18.1-150300.7.15.1
nodejs16-debuginfo-16.18.1-150300.7.15.1
nodejs16-debugsource-16.18.1-150300.7.15.1
nodejs16-devel-16.18.1-150300.7.15.1
npm16-16.18.1-150300.7.15.1
- openSUSE Leap 15.3 (noarch):
nodejs16-docs-16.18.1-150300.7.15.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs16-16.18.1-150300.7.15.1
nodejs16-debuginfo-16.18.1-150300.7.15.1
nodejs16-debugsource-16.18.1-150300.7.15.1
nodejs16-devel-16.18.1-150300.7.15.1
npm16-16.18.1-150300.7.15.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs16-docs-16.18.1-150300.7.15.1
References:
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1205119
1
0
SUSE-SU-2022:4079-1: moderate: Security update for java-17-openjdk
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for java-17-openjdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4079-1
Rating: moderate
References: #1203476 #1204468 #1204472 #1204473 #1204475
#1204480
Cross-References: CVE-2022-21618 CVE-2022-21619 CVE-2022-21624
CVE-2022-21628 CVE-2022-39399
CVSS scores:
CVE-2022-21618 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21618 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21628 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39399 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-39399 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 5 vulnerabilities and has one errata
is now available.
Description:
This update for java-17-openjdk fixes the following issues:
- Update to jdk-17.0.5+8 (October 2022 CPU)
- CVE-2022-39399: Improve HTTP/2 client usage(bsc#1204480)
- CVE-2022-21628: Better HttpServer service (bsc#1204472)
- CVE-2022-21624: Enhance icon presentations (bsc#1204475)
- CVE-2022-21619: Improve NTLM support (bsc#1204473)
- CVE-2022-21618: Wider MultiByte (bsc#1204468)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4079=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4079=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
java-17-openjdk-17.0.5.0-150400.3.6.1
java-17-openjdk-accessibility-17.0.5.0-150400.3.6.1
java-17-openjdk-accessibility-debuginfo-17.0.5.0-150400.3.6.1
java-17-openjdk-debuginfo-17.0.5.0-150400.3.6.1
java-17-openjdk-debugsource-17.0.5.0-150400.3.6.1
java-17-openjdk-demo-17.0.5.0-150400.3.6.1
java-17-openjdk-devel-17.0.5.0-150400.3.6.1
java-17-openjdk-devel-debuginfo-17.0.5.0-150400.3.6.1
java-17-openjdk-headless-17.0.5.0-150400.3.6.1
java-17-openjdk-headless-debuginfo-17.0.5.0-150400.3.6.1
java-17-openjdk-jmods-17.0.5.0-150400.3.6.1
java-17-openjdk-src-17.0.5.0-150400.3.6.1
- openSUSE Leap 15.4 (noarch):
java-17-openjdk-javadoc-17.0.5.0-150400.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
java-17-openjdk-17.0.5.0-150400.3.6.1
java-17-openjdk-debuginfo-17.0.5.0-150400.3.6.1
java-17-openjdk-debugsource-17.0.5.0-150400.3.6.1
java-17-openjdk-demo-17.0.5.0-150400.3.6.1
java-17-openjdk-devel-17.0.5.0-150400.3.6.1
java-17-openjdk-devel-debuginfo-17.0.5.0-150400.3.6.1
java-17-openjdk-headless-17.0.5.0-150400.3.6.1
java-17-openjdk-headless-debuginfo-17.0.5.0-150400.3.6.1
References:
https://www.suse.com/security/cve/CVE-2022-21618.html
https://www.suse.com/security/cve/CVE-2022-21619.html
https://www.suse.com/security/cve/CVE-2022-21624.html
https://www.suse.com/security/cve/CVE-2022-21628.html
https://www.suse.com/security/cve/CVE-2022-39399.html
https://bugzilla.suse.com/1203476
https://bugzilla.suse.com/1204468
https://bugzilla.suse.com/1204472
https://bugzilla.suse.com/1204473
https://bugzilla.suse.com/1204475
https://bugzilla.suse.com/1204480
1
0
SUSE-SU-2022:4078-1: moderate: Security update for java-11-openjdk
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for java-11-openjdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4078-1
Rating: moderate
References: #1203476 #1204468 #1204471 #1204472 #1204473
#1204475 #1204480 #1204523
Cross-References: CVE-2022-21618 CVE-2022-21619 CVE-2022-21624
CVE-2022-21626 CVE-2022-21628 CVE-2022-39399
CVSS scores:
CVE-2022-21618 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21618 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21619 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21624 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21626 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21626 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21628 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39399 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-39399 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 6 vulnerabilities and has two fixes
is now available.
Description:
This update for java-11-openjdk fixes the following issues:
- Update to jdk-11.0.17+8 (October 2022 CPU)
- CVE-2022-39399: Improve HTTP/2 client usage(bsc#1204480)
- CVE-2022-21628: Better HttpServer service (bsc#1204472)
- CVE-2022-21624: Enhance icon presentations (bsc#1204475)
- CVE-2022-21619: Improve NTLM support (bsc#1204473)
- CVE-2022-21626: Key X509 usages (bsc#1204471)
- CVE-2022-21618: Wider MultiByte (bsc#1204468)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4078=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4078=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4078=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4078=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4078=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4078=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4078=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4078=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4078=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4078=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4078=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4078=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4078=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4078=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4078=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4078=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4078=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4078=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4078=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4078=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4078=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4078=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4078=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4078=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4078=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-accessibility-11.0.17.0-150000.3.86.2
java-11-openjdk-accessibility-debuginfo-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
java-11-openjdk-jmods-11.0.17.0-150000.3.86.2
java-11-openjdk-src-11.0.17.0-150000.3.86.2
- openSUSE Leap 15.4 (noarch):
java-11-openjdk-javadoc-11.0.17.0-150000.3.86.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-accessibility-11.0.17.0-150000.3.86.2
java-11-openjdk-accessibility-debuginfo-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
java-11-openjdk-jmods-11.0.17.0-150000.3.86.2
java-11-openjdk-src-11.0.17.0-150000.3.86.2
- openSUSE Leap 15.3 (noarch):
java-11-openjdk-javadoc-11.0.17.0-150000.3.86.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Manager Proxy 4.1 (x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
java-11-openjdk-javadoc-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-jmods-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
java-11-openjdk-javadoc-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE Enterprise Storage 6 (aarch64 x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
- SUSE CaaS Platform 4.0 (x86_64):
java-11-openjdk-11.0.17.0-150000.3.86.2
java-11-openjdk-debugsource-11.0.17.0-150000.3.86.2
java-11-openjdk-demo-11.0.17.0-150000.3.86.2
java-11-openjdk-devel-11.0.17.0-150000.3.86.2
java-11-openjdk-headless-11.0.17.0-150000.3.86.2
References:
https://www.suse.com/security/cve/CVE-2022-21618.html
https://www.suse.com/security/cve/CVE-2022-21619.html
https://www.suse.com/security/cve/CVE-2022-21624.html
https://www.suse.com/security/cve/CVE-2022-21626.html
https://www.suse.com/security/cve/CVE-2022-21628.html
https://www.suse.com/security/cve/CVE-2022-39399.html
https://bugzilla.suse.com/1203476
https://bugzilla.suse.com/1204468
https://bugzilla.suse.com/1204471
https://bugzilla.suse.com/1204472
https://bugzilla.suse.com/1204473
https://bugzilla.suse.com/1204475
https://bugzilla.suse.com/1204480
https://bugzilla.suse.com/1204523
1
0
SUSE-SU-2022:4082-1: important: Security update for openjpeg
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for openjpeg
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4082-1
Rating: important
References: #1140205 #1149789 #1179821 #1180043 #1180044
#1180046
Cross-References: CVE-2018-20846 CVE-2018-21010 CVE-2020-27824
CVE-2020-27842 CVE-2020-27843 CVE-2020-27845
CVSS scores:
CVE-2018-20846 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20846 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-21010 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-21010 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-27824 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-27824 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2020-27842 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-27842 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2020-27843 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-27843 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2020-27845 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-27845 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for openjpeg fixes the following issues:
- CVE-2018-20846: Fixed an Out-of-bounds accesses in pi_next_lrcp,
pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and
pi_next_cprl in openmj2/pi. (bsc#1140205)
- CVE-2018-21010: Fixed a heap buffer overflow in color_apply_icc_profile
in bin/common/color.c (bsc#1149789)
- CVE-2020-27824: Fixed an OOB read in opj_dwt_calc_explicit_stepsizes()
(bsc#1179821)
- CVE-2020-27842: Fixed null pointer dereference in opj_tgt_reset
function in lib/openjp2/tgt.c (bsc#1180043)
- CVE-2020-27843: Fixed an out-of-bounds read in opj_t2_encode_packet
function in openjp2/t2.c (bsc#1180044)
- CVE-2020-27845: Fixed a heap-based buffer over-read in functions
opj_pi_next_rlcp, opj_pi_next_rpcl and opj_pi_next_lrcp in openjp2/pi.c
(bsc#1180046)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4082=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4082=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4082=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4082=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4082=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4082=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4082=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4082=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4082=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4082=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4082=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4082=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- openSUSE Leap 15.4 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.10.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.10.1
openjpeg-devel-32bit-1.5.2-150000.4.10.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- openSUSE Leap 15.3 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.10.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.10.1
openjpeg-devel-32bit-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.10.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-32bit-1.5.2-150000.4.10.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.10.1
libopenjpeg1-debuginfo-1.5.2-150000.4.10.1
openjpeg-debuginfo-1.5.2-150000.4.10.1
openjpeg-debugsource-1.5.2-150000.4.10.1
openjpeg-devel-1.5.2-150000.4.10.1
References:
https://www.suse.com/security/cve/CVE-2018-20846.html
https://www.suse.com/security/cve/CVE-2018-21010.html
https://www.suse.com/security/cve/CVE-2020-27824.html
https://www.suse.com/security/cve/CVE-2020-27842.html
https://www.suse.com/security/cve/CVE-2020-27843.html
https://www.suse.com/security/cve/CVE-2020-27845.html
https://bugzilla.suse.com/1140205
https://bugzilla.suse.com/1149789
https://bugzilla.suse.com/1179821
https://bugzilla.suse.com/1180043
https://bugzilla.suse.com/1180044
https://bugzilla.suse.com/1180046
1
0
SUSE-SU-2022:4085-1: important: Security update for MozillaThunderbird
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4085-1
Rating: important
References: #1204421 #1205270
Cross-References: CVE-2022-42927 CVE-2022-42928 CVE-2022-42929
CVE-2022-42932 CVE-2022-45403 CVE-2022-45404
CVE-2022-45405 CVE-2022-45406 CVE-2022-45408
CVE-2022-45409 CVE-2022-45410 CVE-2022-45411
CVE-2022-45412 CVE-2022-45416 CVE-2022-45418
CVE-2022-45420 CVE-2022-45421
CVSS scores:
CVE-2022-42927 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42928 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42929 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42932 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 17 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
- Fixed various security issues (MFSA 2022-49, bsc#1205270):
* CVE-2022-45403 (bmo#1762078) Service Workers might have learned size
of cross-origin media files
* CVE-2022-45404 (bmo#1790815) Fullscreen notification bypass
* CVE-2022-45405 (bmo#1791314) Use-after-free in InputStream
implementation
* CVE-2022-45406 (bmo#1791975) Use-after-free of a JavaScript Realm
* CVE-2022-45408 (bmo#1793829) Fullscreen notification bypass via
windowName
* CVE-2022-45409 (bmo#1796901) Use-after-free in Garbage Collection
* CVE-2022-45410 (bmo#1658869) ServiceWorker-intercepted requests
bypassed SameSite cookie policy
* CVE-2022-45411 (bmo#1790311) Cross-Site Tracing was possible via
non-standard override headers
* CVE-2022-45412 (bmo#1791029) Symlinks may resolve to partially
uninitialized buffers
* CVE-2022-45416 (bmo#1793676) Keystroke Side-Channel Leakage
* CVE-2022-45418 (bmo#1795815) Custom mouse cursor could have been drawn
over browser UI
* CVE-2022-45420 (bmo#1792643) Iframe contents could be rendered outside
the iframe
* CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061) Memory safety
bugs fixed in Thunderbird 102.5
- Fixed various security issues: (MFSA 2022-46, bsc#1204421):
* CVE-2022-42927 (bmo#1789128) Same-origin policy violation could have
leaked cross-origin URLs
* CVE-2022-42928 (bmo#1791520) Memory Corruption in JS Engine
* CVE-2022-42929 (bmo#1789439) Denial of Service via window.print
* CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041) Memory safety
bugs fixed in Thunderbird 102.4
- Mozilla Thunderbird 102.5
* changed: `Ctrl+N` shortcut to create new contacts from address book
restored (bmo#1751288)
* fixed: Account Settings UI did not update to reflect default identity
changes (bmo#1782646)
* fixed: New POP mail notifications were incorrectly shown for messages
marked by filters as read or junk (bmo#1787531)
* fixed: Connecting to an IMAP server configured to use `PREAUTH` caused
Thunderbird to hang (bmo#1798161)
* fixed: Error responses received in greeting header from NNTP servers
did not display error message (bmo#1792281)
* fixed: News messages sent using "Send Later" failed to send after
going back online (bmo#1794997)
* fixed: "Download/Sync Now..." did not completely sync all newsgroups
before going offline (bmo#1795547)
* fixed: Username was missing from error dialog on failed login to news
server (bmo#1796964)
* fixed: Thunderbird can now fetch RSS channel feeds with incomplete
channel URL (bmo#1794775)
* fixed: Add-on "Contribute" button in Add-ons Manager did not work
(bmo#1795751)
* fixed: Help text for `/part` Matrix command was incorrect (bmo#1795578)
* fixed: Invite Attendees dialog did not fetch free/busy info for
attendees with encoded characters in their name (bmo#1797927)
- Mozilla Thunderbird 102.4.2
* changed: "Address Book" button in Account Central will now create a
CardDAV address book instead of a local address book (bmo#1793903)
* fixed: Messages fetched from POP server in `Fetch headers
only` mode disappeared when moved to different folder by filter action
(bmo#1793374)
* fixed: Thunderbird re-downloaded locally deleted messages from a POP
server when "Leave messages on server" and "Until I delete them" were
enabled (bmo#1796903)
* fixed: Multiple password prompts for the same POP account could be
displayed (bmo#1786920)
* fixed: IMAP authentication failed on next startup if ImapMail folder
was deleted by user (bmo#1793599)
* fixed: Retrieving passwords for authenticated NNTP accounts could fail
due to obsolete preferences in a users profile on every startup
(bmo#1770594)
* fixed: `Get Next n Messages` did not consistently fetch all messages
requested from NNTP server (bmo#1794185)
* fixed: `Get Messages` button unable to fetch messages from NNTP server
if root folder not selected (bmo#1792362)
* fixed: Thunderbird text branding did not always match locale
of localized build (bmo#1786199)
* fixed: Thunderbird installer and Thunderbird updater created Windows
shortcuts with different names (bmo#1787264)
* fixed: LDAP search filters unable to work with non-ASCII characters
(bmo#1794306)
* fixed: "Today" highlighting in Calendar Month view did not update
after date change at midnight (bmo#1795176)
- Mozilla Thunderbird 102.4.1
* new: Thunderbird will now catch and report errors parsing vCards that
contain incorrectly formatted dates (bmo#1793415)
* fixed: Dynamic language switching did not update interface when
switched to right-to-left languages (bmo#1794289)
* fixed: Custom header data was discarded after messages were saved as
draft and reopened (bmo#195716)
* fixed: `-remote` command line argument did not work, affecting
integration with various applications such as LibreOffice (bmo#1793323)
* fixed: Messages received via some SMS-to-email services could not
display images (bmo#1774805)
* fixed: VCards with nickname field set could not be edited (bmo#1793877)
* fixed: Some recurring events were missing from Agenda on first load
(bmo#1771168)
* fixed: Download requests for remote ICS calendars incorrectly set
"Accept" header to text/xml (bmo#1793757)
* fixed: Monthly events created on the 31st of a month with <30 days
placed first occurrence 1-2 days after the beginning of the following
month (bmo#1266797)
* fixed: Various visual and UX improvements
(bmo#1781437,bmo#1785314,bmo#1794139,bmo#1794155,bmo#1794399)
* changed: Thunderbird will automatically detect and repair OpenPGP key
storage corruption caused by using the profile import tool in
Thunderbird 102 (bmo#1790610)
* fixed: POP message download into a large folder (~13000 messages)
caused Thunderbird to temporarily freeze (bmo#1792675)
* fixed: Forwarding messages with special characters in Subject failed
on Windows (bmo#1782173)
* fixed: Links for FileLink attachments were not added when attachment
filename contained Unicode characters (bmo#1789589)
* fixed: Address Book display pane continued to show contacts after
deletion (bmo#1777808)
* fixed: Printing address book did not include all contact details
(bmo#1782076)
* fixed: CardDAV contacts without a Name property did not save to Google
Contacts (bmo#1792101)
* fixed: "Publish Calendar" did not work (bmo#1794471)
* fixed: Calendar database storage improvements (bmo#1792124)
* fixed: Incorrectly handled error responses from CalDAV servers
sometimes caused events to disappear from calendar (bmo#1792923)
* fixed: Various visual and UX improvements (bmo#1776093,bmo#17
80040,bmo#1780425,bmo#1792876,bmo#1792872,bmo#1793466,bmo#179 3543)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4085=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4085=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-4085=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4085=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4085=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4085=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-102.5.0-150200.8.90.1
MozillaThunderbird-debuginfo-102.5.0-150200.8.90.1
MozillaThunderbird-debugsource-102.5.0-150200.8.90.1
MozillaThunderbird-translations-common-102.5.0-150200.8.90.1
MozillaThunderbird-translations-other-102.5.0-150200.8.90.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-102.5.0-150200.8.90.1
MozillaThunderbird-debuginfo-102.5.0-150200.8.90.1
MozillaThunderbird-debugsource-102.5.0-150200.8.90.1
MozillaThunderbird-translations-common-102.5.0-150200.8.90.1
MozillaThunderbird-translations-other-102.5.0-150200.8.90.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-102.5.0-150200.8.90.1
MozillaThunderbird-debuginfo-102.5.0-150200.8.90.1
MozillaThunderbird-debugsource-102.5.0-150200.8.90.1
MozillaThunderbird-translations-common-102.5.0-150200.8.90.1
MozillaThunderbird-translations-other-102.5.0-150200.8.90.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
MozillaThunderbird-102.5.0-150200.8.90.1
MozillaThunderbird-debuginfo-102.5.0-150200.8.90.1
MozillaThunderbird-debugsource-102.5.0-150200.8.90.1
MozillaThunderbird-translations-common-102.5.0-150200.8.90.1
MozillaThunderbird-translations-other-102.5.0-150200.8.90.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
MozillaThunderbird-102.5.0-150200.8.90.1
MozillaThunderbird-debuginfo-102.5.0-150200.8.90.1
MozillaThunderbird-debugsource-102.5.0-150200.8.90.1
MozillaThunderbird-translations-common-102.5.0-150200.8.90.1
MozillaThunderbird-translations-other-102.5.0-150200.8.90.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
MozillaThunderbird-102.5.0-150200.8.90.1
MozillaThunderbird-debuginfo-102.5.0-150200.8.90.1
MozillaThunderbird-debugsource-102.5.0-150200.8.90.1
MozillaThunderbird-translations-common-102.5.0-150200.8.90.1
MozillaThunderbird-translations-other-102.5.0-150200.8.90.1
References:
https://www.suse.com/security/cve/CVE-2022-42927.html
https://www.suse.com/security/cve/CVE-2022-42928.html
https://www.suse.com/security/cve/CVE-2022-42929.html
https://www.suse.com/security/cve/CVE-2022-42932.html
https://www.suse.com/security/cve/CVE-2022-45403.html
https://www.suse.com/security/cve/CVE-2022-45404.html
https://www.suse.com/security/cve/CVE-2022-45405.html
https://www.suse.com/security/cve/CVE-2022-45406.html
https://www.suse.com/security/cve/CVE-2022-45408.html
https://www.suse.com/security/cve/CVE-2022-45409.html
https://www.suse.com/security/cve/CVE-2022-45410.html
https://www.suse.com/security/cve/CVE-2022-45411.html
https://www.suse.com/security/cve/CVE-2022-45412.html
https://www.suse.com/security/cve/CVE-2022-45416.html
https://www.suse.com/security/cve/CVE-2022-45418.html
https://www.suse.com/security/cve/CVE-2022-45420.html
https://www.suse.com/security/cve/CVE-2022-45421.html
https://bugzilla.suse.com/1204421
https://bugzilla.suse.com/1205270
1
0
18 Nov '22
SUSE Security Update: Security update for dpkg
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4081-1
Rating: low
References: #1199944
Cross-References: CVE-2022-1664
CVSS scores:
CVE-2022-1664 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1664 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for dpkg fixes the following issues:
- CVE-2022-1664: Fixed a directory traversal vulnerability in
Dpkg::Source::Archive (bsc#1199944).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4081=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4081=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4081=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4081=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4081=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4081=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4081=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4081=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4081=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4081=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4081=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4081=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4081=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4081=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4081=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4081=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4081=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4081=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4081=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4081=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4081=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4081=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4081=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4081=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4081=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4081=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4081=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4081=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4081=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4081=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- openSUSE Leap 15.4 (noarch):
dpkg-lang-1.19.0.4-150000.4.4.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- openSUSE Leap 15.3 (noarch):
dpkg-lang-1.19.0.4-150000.4.4.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Manager Proxy 4.1 (x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
- SUSE CaaS Platform 4.0 (x86_64):
dpkg-1.19.0.4-150000.4.4.1
dpkg-debuginfo-1.19.0.4-150000.4.4.1
dpkg-debugsource-1.19.0.4-150000.4.4.1
dpkg-devel-1.19.0.4-150000.4.4.1
update-alternatives-1.19.0.4-150000.4.4.1
update-alternatives-debuginfo-1.19.0.4-150000.4.4.1
update-alternatives-debugsource-1.19.0.4-150000.4.4.1
References:
https://www.suse.com/security/cve/CVE-2022-1664.html
https://bugzilla.suse.com/1199944
1
0
SUSE-SU-2022:4077-1: important: Security update for sudo
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for sudo
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4077-1
Rating: important
References: #1190818 #1203201 #1204986
Cross-References: CVE-2022-43995
CVSS scores:
CVE-2022-43995 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-43995 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for sudo fixes the following issues:
- CVE-2022-43995: Fixed a potential heap-based buffer over-read when
entering a passwor dof seven characters or fewer and using the crypt()
password backend (bsc#1204986).
- Fix wrong information output in the error message (bsc#1190818).
- Make sure SIGCHLD is not ignored when sudo is executed; fixes race
condition (bsc#1203201).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4077=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4077=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4077=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4077=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4077=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
sudo-1.9.5p2-150300.3.13.1
sudo-debuginfo-1.9.5p2-150300.3.13.1
sudo-debugsource-1.9.5p2-150300.3.13.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
sudo-1.9.5p2-150300.3.13.1
sudo-debuginfo-1.9.5p2-150300.3.13.1
sudo-debugsource-1.9.5p2-150300.3.13.1
sudo-devel-1.9.5p2-150300.3.13.1
sudo-plugin-python-1.9.5p2-150300.3.13.1
sudo-plugin-python-debuginfo-1.9.5p2-150300.3.13.1
sudo-test-1.9.5p2-150300.3.13.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
sudo-1.9.5p2-150300.3.13.1
sudo-debuginfo-1.9.5p2-150300.3.13.1
sudo-debugsource-1.9.5p2-150300.3.13.1
sudo-devel-1.9.5p2-150300.3.13.1
sudo-plugin-python-1.9.5p2-150300.3.13.1
sudo-plugin-python-debuginfo-1.9.5p2-150300.3.13.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
sudo-1.9.5p2-150300.3.13.1
sudo-debuginfo-1.9.5p2-150300.3.13.1
sudo-debugsource-1.9.5p2-150300.3.13.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
sudo-1.9.5p2-150300.3.13.1
sudo-debuginfo-1.9.5p2-150300.3.13.1
sudo-debugsource-1.9.5p2-150300.3.13.1
References:
https://www.suse.com/security/cve/CVE-2022-43995.html
https://bugzilla.suse.com/1190818
https://bugzilla.suse.com/1203201
https://bugzilla.suse.com/1204986
1
0
SUSE-SU-2022:4072-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4072-1
Rating: important
References: #1065729 #1071995 #1152472 #1152489 #1188238
#1194869 #1196018 #1196632 #1199904 #1200567
#1200692 #1200788 #1202187 #1202686 #1202700
#1202914 #1203098 #1203229 #1203290 #1203435
#1203514 #1203699 #1203767 #1203802 #1203922
#1204017 #1204142 #1204166 #1204168 #1204171
#1204241 #1204353 #1204354 #1204355 #1204402
#1204413 #1204415 #1204417 #1204428 #1204431
#1204439 #1204470 #1204479 #1204498 #1204533
#1204569 #1204574 #1204575 #1204619 #1204635
#1204637 #1204646 #1204647 #1204650 #1204653
#1204693 #1204705 #1204719 #1204728 #1204753
#1204868 #1204926 #1204933 #1204934 #1204947
#1204957 #1204963 #1204970 PED-1082 PED-1084
PED-1085 PED-1096 PED-1211 PED-1649 PED-634
PED-676 PED-678 PED-679 PED-707 PED-732 PED-813
PED-817 PED-822 PED-825 PED-833 PED-842 PED-846
PED-850 PED-851 PED-856 PED-857 SLE-13847
SLE-9246
Cross-References: CVE-2022-1882 CVE-2022-2153 CVE-2022-28748
CVE-2022-2964 CVE-2022-2978 CVE-2022-3169
CVE-2022-33981 CVE-2022-3424 CVE-2022-3435
CVE-2022-3521 CVE-2022-3524 CVE-2022-3526
CVE-2022-3535 CVE-2022-3542 CVE-2022-3545
CVE-2022-3565 CVE-2022-3577 CVE-2022-3586
CVE-2022-3594 CVE-2022-3619 CVE-2022-3621
CVE-2022-3625 CVE-2022-3628 CVE-2022-3629
CVE-2022-3633 CVE-2022-3640 CVE-2022-3646
CVE-2022-3649 CVE-2022-40476 CVE-2022-40768
CVE-2022-42703 CVE-2022-43750
CVSS scores:
CVE-2022-1882 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1882 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3169 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3169 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-33981 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-33981 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3435 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-3435 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3526 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3526 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3619 (NVD) : 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3619 (SUSE): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3628 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3633 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3633 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-40476 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40476 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40768 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-40768 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Live Patching 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 32 vulnerabilities, contains 25
features and has 36 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-28748: Fixed a leak of kernel memory over the network by
ax88179_178a devices (bsc#1196018).
- CVE-2022-1882: Fixed a use-after-free flaw in free_pipe_info() that
could allow a local user to crash or potentially escalate their
privileges on the system (bsc#1199904).
- CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices
(bnc#1202686).
- CVE-2022-3169: Fixed an denial of service though request to
NVME_IOCTL_RESET and NVME_IOCTL_SUBSYS_RESET (bsc#1203290).
- CVE-2022-33981: Fixed a use-after-free in floppy driver (bnc#1200692).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
gru_fault() and gru_handle_user_call_os() that could lead to kernel
panic (bsc#1204166).
- CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file
net/ipv4/fib_semantics.c (bsc#1204171).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in
net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
handler (bnc#1204354).
- CVE-2022-3526: Fixed a memory leak in macvlan_handle_frame() from
drivers/net/macvlan.c (bnc#1204353).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in
drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3621: Fixed null pointer dereference in
nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in
devlink_param_set()/devlink_param_get() in net/core/devlink.c
(bnc#1204637).
- CVE-2022-3628: Fixed potential buffer overflow in
brcmf_fweh_event_worker() in wifi/brcmfmac (bsc#1204868).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-40476: Fixed a null pointer dereference in fs/io_uring.c
(bnc#1203435).
- CVE-2022-40768: Fixed information disclosure in stex_queuecommand_lck
(bnc#1203514).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- acpi: APEI: do not add task_work to kernel thread to avoid memory leak
(git-fixes).
- acpi: HMAT: Release platform device in case of
platform_device_add_data() fails (git-fixes).
- acpi: extlog: Handle multiple records (git-fixes).
- acpi: tables: FPDT: Do not call acpi_os_map_memory() on invalid phys
address (git-fixes).
- acpi: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- acpi: video: Make backlight class device registration a separate step
(v2) (git-fixes).
- acpi: x86: Add a quirk for Dell Inspiron 14 2-in-1 for StorageD3Enable
(git-fixes).
- alsa: Use del_timer_sync() before freeing timer (git-fixes).
- alsa: ac97: fix possible memory leak in snd_ac97_dev_register()
(git-fixes).
- alsa: aoa: Fix I2S device accounting (git-fixes).
- alsa: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
(git-fixes).
- alsa: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- alsa: au88x0: use explicitly signed char (git-fixes).
- alsa: dmaengine: increment buffer pointer atomically (git-fixes).
- alsa: hda/cs_dsp_ctl: Fix mutex inversion when creating controls
(bsc#1203699).
- alsa: hda/hdmi: Do not skip notification handling during PM operation
(git-fixes).
- alsa: hda/hdmi: Fix the converter allocation for the silent stream
(git-fixes).
- alsa: hda/hdmi: Fix the converter reuse for the silent stream
(git-fixes).
- alsa: hda/hdmi: change type for the 'assigned' variable (git-fixes).
- alsa: hda/realtek: Add Intel Reference SSID to support headset keys
(git-fixes).
- alsa: hda/realtek: Add another HP ZBook G9 model quirks (bsc#1203699).
- alsa: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- alsa: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
(bsc#1203922).
- alsa: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- alsa: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
(git-fixes).
- alsa: hda: Fix position reporting on Poulsbo (git-fixes).
- alsa: hda: cs35l41: Remove suspend/resume hda hooks (bsc#1203699).
- alsa: hda: cs35l41: Support System Suspend (bsc#1203699).
- alsa: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before
reading/writing controls (bsc#1203699).
- alsa: hda: hda_cs_dsp_ctl: Minor clean and redundant code removal
(bsc#1203699).
- alsa: hiface: fix repeated words in comments (git-fixes).
- alsa: line6: Replace sprintf() with sysfs_emit() (git-fixes).
- alsa: line6: remove line6_set_raw declaration (git-fixes).
- alsa: oss: Fix potential deadlock at unregistration (git-fixes).
- alsa: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- alsa: rme9652: use explicitly signed char (git-fixes).
- alsa: scarlett2: Add Focusrite Clarett+ 8Pre support (git-fixes).
- alsa: scarlett2: Add support for the internal "standalone" switch
(git-fixes).
- alsa: scarlett2: Split scarlett2_config_items[] into 3 sections
(git-fixes).
- alsa: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos
(git-fixes).
- alsa: usb-audio: Add quirk to enable Avid Mbox 3 support (git-fixes).
- alsa: usb-audio: Add quirks for M-Audio Fast Track C400/600 (git-fixes).
- alsa: usb-audio: Fix NULL dererence at error path (git-fixes).
- alsa: usb-audio: Fix last interface check for registration (git-fixes).
- alsa: usb-audio: Fix potential memory leaks (git-fixes).
- alsa: usb-audio: Fix regression with Dell Dock jack detection
(bsc#1204719).
- alsa: usb-audio: Register card at the last interface (git-fixes).
- alsa: usb-audio: make read-only array marker static const (git-fixes).
- alsa: usb-audio: remove redundant assignment to variable c (git-fixes).
- alsa: usb-audio: scarlett2: Use struct_size() helper in scarlett2_usb()
(git-fixes).
- alsa: usb/6fire: fix repeated words in comments (git-fixes).
- arm64/bti: Disable in kernel BTI when cross section thunks are broken
(git-fixes)
- arm64/mm: Consolidate TCR_EL1 fields (git-fixes).
- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to USB nodes
(git-fixes).
- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power supply
(git-fixes).
- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes).
- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes).
- arm64: ftrace: fix module PLTs with mcount (git-fixes).
- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
(git-fixes).
- arm64: topology: move store_cpu_topology() to shared code (git-fixes).
- arm: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
(git-fixes).
- arm: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes).
- arm: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE (git-fixes).
- arm: Drop CMDLINE_* dependency on ATAGS (git-fixes).
- arm: decompressor: Include .data.rel.ro.local (git-fixes).
- arm: defconfig: clean up multi_v4t and multi_v5 configs (git-fixes).
- arm: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes).
- arm: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes).
- arm: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes).
- arm: dts: armada-38x: Add gpio-ranges for pin muxing (git-fixes).
- arm: dts: exynos: correct s5k6a3 reset polarity on Midas family
(git-fixes).
- arm: dts: exynos: fix polarity of VBUS GPIO of Origen (git-fixes).
- arm: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
(git-fixes).
- arm: dts: imx6dl: add missing properties for sram (git-fixes).
- arm: dts: imx6q: add missing properties for sram (git-fixes).
- arm: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus (git-fixes).
- arm: dts: imx6qp: add missing properties for sram (git-fixes).
- arm: dts: imx6sl: add missing properties for sram (git-fixes).
- arm: dts: imx6sll: add missing properties for sram (git-fixes).
- arm: dts: imx6sx: add missing properties for sram (git-fixes).
- arm: dts: imx7d-sdb: config the max pressure for tsc2046 (git-fixes).
- arm: dts: integrator: Tag PCI host with device_type (git-fixes).
- arm: dts: kirkwood: lsxl: fix serial line (git-fixes).
- arm: dts: kirkwood: lsxl: remove first ethernet port (git-fixes).
- arm: dts: turris-omnia: Add label for wan port (git-fixes).
- arm: dts: turris-omnia: Fix mpp26 pin name and comment (git-fixes).
- asoc: SOF: pci: Change DMI match info to support all Chrome platforms
(git-fixes).
- asoc: codecs: tx-macro: fix kcontrol put (git-fixes).
- asoc: da7219: Fix an error handling path in da7219_register_dai_clks()
(git-fixes).
- asoc: eureka-tlv320: Hold reference returned from of_find_xxx API
(git-fixes).
- asoc: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- asoc: mt6359: fix tests for platform_get_irq() failure (git-fixes).
- asoc: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
(git-fixes).
- asoc: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
(git-fixes).
- asoc: qcom: lpass-cpu: mark HDMI TX registers as volatile (git-fixes).
- asoc: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- asoc: tas2764: Allow mono streams (git-fixes).
- asoc: tas2764: Drop conflicting set_bias_level power setting (git-fixes).
- asoc: tas2764: Fix mute/unmute (git-fixes).
- asoc: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- asoc: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- asoc: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- asoc: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- asoc: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- asoc: wm_adsp: Handle optional legacy support (git-fixes).
- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes).
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
(git-fixes).
- ata: pata_legacy: fix pdc20230_set_piomode() (git-fixes).
- bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
(git-fixes).
- bluetooth: L2CAP: Fix user-after-free (git-fixes).
- bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
(git-fixes).
- bluetooth: RFCOMM: Fix possible deadlock on socket shutdown/release
(git-fixes).
- bluetooth: btintel: Mark Intel controller to support LE_STATES quirk
(git-fixes).
- bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
(git-fixes).
- bluetooth: virtio_bt: Use skb_put to set length (git-fixes).
- bnxt_en: Fix bnxt_refclk_read() (git-fixes).
- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes).
- bnxt_en: fix livepatch query (git-fixes).
- bnxt_en: reclaim max resources if sriov enable fails (git-fixes).
- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes).
- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: j1939: transport: j1939_session_skb_drop_old():
spin_unlock_irqrestore() before kfree_skb() (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
(git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
(git-fixes).
- can: kvaser_usb: replace run-time checks with struct
kvaser_usb_driver_info (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in
error path (git-fixes).
- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness
conversion (git-fixes).
- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct length to
read dev_id (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: ast2600: BCLK comes from EPLL (git-fixes).
- clk: at91: fix the build with binutils 2.27 (git-fixes).
- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes).
- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
(git-fixes).
- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: Round UART input clock up (bsc#1188238)
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
(git-fixes).
- clk: bcm: rpi: Add support for VEC clock (bsc#1196632)
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: imx: scu: fix memleak on platform_device_add() fails (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
(git-fixes).
- clk: meson: Hold reference returned by of_get_parent() (git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
(git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
(git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: sprd: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
(git-fixes).
- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD (git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
(git-fixes).
- cpufreq: qcom: fix memory leak in error path (git-fixes).
- cpufreq: qcom: fix writes in read-only memory region (git-fixes).
- crypto: akcipher - default implementation for setting a private key
(git-fixes).
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
(git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- crypto: inside-secure - Change swab to swab32 (git-fixes).
- crypto: inside-secure - Replace generic aes with libaes (git-fixes).
- crypto: marvell/octeontx - prevent integer overflows (git-fixes).
- crypto: qat - fix default value of WDT timer (git-fixes).
- crypto: sahara - do not sleep when in softirq (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: hisilicon: Add multi-thread support for a DMA channel
(git-fixes).
- dmaengine: hisilicon: Disable channels when unregister hisi_dma
(git-fixes).
- dmaengine: hisilicon: Fix CQ head update (git-fixes).
- dmaengine: idxd: change bandwidth token to read buffers (jsc#PED-679).
- dmaengine: idxd: deprecate token sysfs attributes for read buffers
(jsc#PED-679).
- dmaengine: idxd: force wq context cleanup on device disable path
(git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
__cleanup() (git-fixes).
- dmaengine: mxs: use platform_driver_register (git-fixes).
- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent
overflow (git-fixes).
- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
(git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
(git-fixes).
- dpaa2-eth: trace the allocated address instead of page struct
(git-fixes).
- drivers: hv: vmbus: Fix handling of messages with transaction ID of zero
(bsc#1204017).
- drivers: hv: vmbus: Introduce vmbus_request_addr_match() (bsc#1204017).
- drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() (bsc#1204017).
- drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amd/display: Assume an LTTPR is always present on fixed_vs links
(git-fixes).
- drm/amd/display: Changed pipe split policy to allow for multi-display
(bsc#1152472) Backporting notes: * remove changes to non-existing 201
and 31 directories
- drm/amd/display: Correct MPC split policy for DCN301 (git-fixes).
- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n (git-fixes).
- drm/amd/display: Fix double cursor on non-video RGB MPO (git-fixes).
- drm/amd/display: Fix vblank refcount in vrr transition (git-fixes).
- drm/amd/display: Remove interface for periodic interrupt 1 (git-fixes).
- drm/amd/display: skip audio setup when audio stream is enabled
(git-fixes).
- drm/amd/display: update gamut remap if plane has changed (git-fixes).
- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in
'performance_levels' (git-fixes).
- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes).
- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes).
- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well
(bsc#1152472) Backporting notes: * also fix default branch
- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
(bsc#1152472) Backporting notes: * replace IP_VERSION() with CHIP_
constants
- drm/amdgpu: add missing pci_disable_device() in
amdgpu_pmops_runtime_resume() (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes).
- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/dp: Reset frl trained flag before restarting FRL training
(git-fixes).
- drm/i915/ehl: Update MOCS table for EHL (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915
(bsc#1152489)
- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes).
- drm/komeda: Fix handling of atomic commits in the atomic_commit_tail
hook (git-fixes).
- drm/meson: explicitly remove aggregate driver at module unload time
(git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dp: Silence inconsistent indent warning (git-fixes).
- drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa()
(git-fixes).
- drm/msm/dp: fix IRQ lifetime (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/msm: fix use-after-free on probe deferral (git-fixes).
- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
(git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
(git-fixes).
- drm/nouveau: wait for the exclusive fence after the shared ones v2
(bsc#1152472) Backporting notes: * context changes
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/virtio: Check whether transferred 2D BO is shmem (git-fixes).
- drm/virtio: Unlock reservations on virtio_gpu_object_shmem_init() error
(git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
(git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
(git-fixes).
- drm: bridge: dw_hdmi: only trigger hotplug event on link change
(git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
for_each_available_child_of_node() (git-fixes).
- drop Dell Dock regression fix patch again (bsc#1204719)
- drop verbose nvme logging feature (bsc#1200567)
- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property (git-fixes).
- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table
(git-fixes).
- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table
(git-fixes).
- dt-bindings: mtd: intel: lgm-nand: Fix compatible string (git-fixes).
- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value
(git-fixes).
- dt-bindings: pci: microchip,pcie-host: fix missing clocks properties
(git-fixes).
- dt-bindings: pci: microchip,pcie-host: fix missing dma-ranges
(git-fixes).
- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells property
(git-fixes).
- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: fix static_branch manipulation (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- fec: Fix timer capture timing in `fec_ptp_enable_pps()` (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: arm_scmi: Harden accesses to the sensor domains (git-fixes).
- firmware: arm_scmi: Improve checks in the info_get operations
(git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups
(git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
(git-fixes).
- fs/binfmt_elf: Fix memory leak in load_elf_binary() (git-fixes).
- ftrace: Fix char print issue in print_ip_ins() (git-fixes).
- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
- fuse: fix deadlock between atomic O_TRUNC and page invalidation
(bsc#1204533).
- gcov: support GCC 12.1 and newer compilers (git-fixes).
- gpu: lontium-lt9611: Fix NULL pointer dereference in
lt9611_connector_init() (git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
hidpp_connect_event (git-fixes).
- hid: hidraw: fix memory leak in hidraw_release() (git-fixes).
- hid: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- hid: multitouch: Add memory barriers (git-fixes).
- hid: roccat: Fix use-after-free in roccat_read() (git-fixes).
- hinic: Avoid some over memory allocation (git-fixes).
- hsi: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- hsi: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- hwmon: (sht4x) do not overflow clamping operation on 32-bit platforms
(git-fixes).
- i2c: designware: Fix handling of real but unexpected device interrupts
(git-fixes).
- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634).
- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732).
- i2c: i801: Add support for Intel Raptor Lake PCH-S (jsc#PED-634).
- i2c: i801: Improve handling of chip-specific feature definitions
(jsc#PED-634).
- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
(git-fixes).
- i40e: Fix call trace in setup_tx_descriptors (git-fixes).
- i40e: Fix dropped jumbo frames statistics (git-fixes).
- i40e: Fix to stop tx_timeout recovery if GLOBR fails (git-fixes).
- iavf: Fix adminq error handling (git-fixes).
- iavf: Fix handling of dummy receive descriptors (git-fixes).
- iavf: Fix reset error handling (git-fixes).
- ib/core: Fix a nested dead lock as part of ODP flow (git-fixes)
- ib/rdmavt: Add __init/__exit annotations to module init/exit funcs
(git-fixes)
- ice: Fix switchdev rules book keeping (git-fixes).
- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
(git-fixes).
- ice: do not setup vlan for loopback VSI (git-fixes).
- igb: Make DMA faster when CPU is active on the PCIe link (git-fixes).
- igb: fix a use-after-free issue in igb_clean_tx_ring (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI
(git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch
(git-fixes).
- iio: adc: at91-sama5d2_adc: disable/prepare buffer on suspend/resume
(git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
(git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: adxl372: Fix unsafe buffer attributes (git-fixes).
- iio: bmc150-accel-core: Fix unsafe buffer attributes (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: fix return value in devm_of_iio_channel_get_by_name()
(git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: ltc2497: Fix reading conversion results (git-fixes).
- iio: magnetometer: yas530: Change data type of hard_offsets to signed
(git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- iio: temperature: ltc2983: allocate iio channels once (git-fixes).
- ima: fix blocking of security.ima xattrs of unsupported algorithms
(git-fixes).
- input: i8042 - fix refount leak on sparc (git-fixes).
- input: synaptics-rmi4 - fix firmware update operations with bootloader
v8 (git-fixes).
- input: xpad - add supported devices as contributed on github (git-fixes).
- input: xpad - fix wireless 360 controller breaking after suspend
(git-fixes).
- iommu/vt-d: Do not falsely log intel_iommu is unsupported kernel option
(bsc#1204947).
- ip: Fix data-races around sysctl_ip_fwd_update_priority (git-fixes).
- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
(git-fixes).
- isdn: mISDN: netjet: fix wrong check of device registration (git-fixes).
- ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
(git-fixes).
- ixgbe: fix bcast packets Rx on VF after promisc removal (git-fixes).
- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
- kABI: Fix after adding trace_iterator.wait_index (git-fixes).
- kABI: Fix kABI after backport Add pmc->intr to refactor
kvm_perf_overflow{_intr}() (git-fixes).
- kABI: Fix kABI after backport Always set kvm_run->if_flag (git-fixes).
- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state
is toggled (git-fixes).
- kABI: Fix kABI after backport Refactoring find_arch_event() to
pmc_perf_hw_id() (git-fixes).
- kABI: Fix kABI after backport Update vPMCs when retiring branch
instructions (git-fixes).
- kabi/severities: ignore CS35L41-specific exports (bsc#1203699)
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes).
- kernfs: fix use-after-free in __kernfs_remove (git-fixes).
- kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT
(git-fixes).
- kvm: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors (git-fixes).
- kvm: VMX: Inject #PF on ENCLS as "emulated" #PF (git-fixes).
- kvm: fix avic_set_running for preemptable kernels (git-fixes).
- kvm: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in WFS
(git-fixes).
- kvm: nVMX: Unconditionally purge queued/injected events on nested "exit"
(git-fixes).
- kvm: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- kvm: s390: pv: do not present the ecall interrupt twice (bsc#1203229
LTC#199905).
- kvm: s390x: fix SCK locking (git-fixes).
- kvm: x86/emulator: Fix handing of POP SS to correctly set
interruptibility (git-fixes).
- kvm: x86/mmu: Do not advance iterator after restart due to yielding
(git-fixes).
- kvm: x86/mmu: Retry page fault if root is invalidated by memslot update
(git-fixes).
- kvm: x86/pmu: Add pmc->intr to refactor kvm_perf_overflow{_intr}()
(git-fixes).
- kvm: x86/pmu: Do not truncate the PerfEvtSeln MSR when creating a perf
event (git-fixes).
- kvm: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES event
(git-fixes).
- kvm: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
(git-fixes).
- kvm: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes).
- kvm: x86: Add compat handler for KVM_X86_SET_MSR_FILTER (git-fixes).
- kvm: x86: Always set kvm_run->if_flag (git-fixes).
- kvm: x86: Forcibly leave nested virt when SMM state is toggled
(git-fixes).
- kvm: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled
(git-fixes).
- kvm: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes).
- kvm: x86: Register perf callbacks after calling vendor's
hardware_setup() (git-fixes).
- kvm: x86: Sync the states size with the XCR0/IA32_XSS at, any time
(git-fixes).
- kvm: x86: Update vPMCs when retiring branch instructions (git-fixes).
- kvm: x86: Update vPMCs when retiring instructions (git-fixes).
- kvm: x86: do not report preemption if the steal time cache is stale
(git-fixes).
- kvm: x86: nSVM/nVMX: set nested_run_pending on VM entry which is a
result of RSM (git-fixes).
- kvm: x86: nSVM: fix potential NULL derefernce on nested migration
(git-fixes).
- kvm: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved state
(git-fixes).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
(git-fixes).
- livepatch: Add a missing newline character in klp_module_coming()
(bsc#1071995).
- livepatch: fix race between fork and KLP transition (bsc#1071995).
- mISDN: fix possible memory leak in mISDN_register_device() (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- macvlan: enforce a consistent minimal mtu (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- mailbox: mpfs: account for mbox offsets while sending (git-fixes).
- mailbox: mpfs: fix handling of the reg property (git-fixes).
- media: atomisp: prevent integer overflow in sh_css_set_black_frame()
(git-fixes).
- media: cedrus: Fix endless loop in cedrus_h265_skip_bits() (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: ipu3-imgu: Fix NULL pointer dereference in active selection
access (git-fixes).
- media: mceusb: set timeout to at least timeout provided (git-fixes).
- media: meson: vdec: add missing clk_disable_unprepare on error in
vdec_hevc_start() (git-fixes).
- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes).
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes).
- media: v4l2-compat-ioctl32.c: zero buffer passed to
v4l2_compat_get_array_args() (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
(git-fixes).
- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
(git-fixes).
- media: venus: dec: Handle the case where find_format fails (git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
(git-fixes).
- media: vivid: dev->bitmap_cap wasn't freed in all cases (git-fixes).
- media: vivid: s_fbuf: add more sanity checks (git-fixes).
- media: vivid: set num_in/outputs to 0 if not supported (git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
(git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
(git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
(git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
(git-fixes).
- mfd: fsl-imx25: Fix check for platform_get_irq() errors (git-fixes).
- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs (jsc#PED-634).
- mfd: intel_soc_pmic: Fix an error handling path in
intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- misc: pci_endpoint_test: Aggregate params checking for xfer (git-fixes).
- misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic
(git-fixes).
- mlxsw: spectrum: Clear PTP configuration after unregistering the
netdevice (git-fixes).
- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes).
- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication (git-fixes).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
(bsc#1204575).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
(git-fixes).
- mmc: core: Replace with already defined values for readability
(git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus
(git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
(git-fixes).
- move upstreamed BT fixes into sorted section
- move upstreamed patches into sorted section
- move upstreamed sound patches into sorted section
- mtd: devices: docg3: check the return value of devm_ioremap() in the
probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes).
- mtd: rawnand: intel: Do not re-define NAND_DATA_IFACE_CHECK_ONLY
(git-fixes).
- mtd: rawnand: intel: Read the chip-select line from the correct OF node
(git-fixes).
- mtd: rawnand: intel: Remove undocumented compatible string (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
(git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
(git-fixes).
- net/dsa/hirschmann: Add missing of_node_get() in hellcreek_led_setup()
(git-fixes).
- net/ice: fix initializing the bitmap in the switch code (git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
(git-fixes).
- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race condition
(git-fixes).
- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded
(git-fixes).
- net/mlx5e: Properly disable vlan strip on non-UL reps (git-fixes).
- net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
cipher/version (git-fixes).
- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes).
- net/mlx5e: TC, fix decap fallback to uplink when int port not supported
(git-fixes).
- net/mlx5e: Update netdev features after changing XDP state (git-fixes).
- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ size
(git-fixes).
- net: altera: Fix refcount leak in altera_tse_mdio_create (git-fixes).
- net: atlantic: fix aq_vec index out of range error (git-fixes).
- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes).
- net: bgmac: Fix a BUG triggered by wrong bytes_compl (git-fixes).
- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (git-fixes).
- net: bgmac: support MDIO described in DT (git-fixes).
- net: bonding: fix possible NULL deref in rlb code (git-fixes).
- net: bonding: fix use-after-free after 802.3ad slave unbind (git-fixes).
- net: chelsio: cxgb4: Avoid potential negative array offset (git-fixes).
- net: dp83822: disable false carrier interrupt (git-fixes).
- net: dp83822: disable rx error interrupt (git-fixes).
- net: dsa: bcm_sf2: force pause link settings (git-fixes).
- net: dsa: ksz9477: port mirror sniffing limited to one port (git-fixes).
- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
(git-fixes).
- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
(git-fixes).
- net: dsa: microchip: ksz_common: Fix refcount leak bug (git-fixes).
- net: dsa: mv88e6060: prevent crash on an unused port (git-fixes).
- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling an_complete
(git-fixes).
- net: dsa: sja1105: fix buffer overflow in
sja1105_setup_devlink_regions() (git-fixes).
- net: dsa: sja1105: silent spi_device_id warnings (git-fixes).
- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings (git-fixes).
- net: ethernet: bgmac: Fix refcount leak in bcma_mdio_mii_register
(git-fixes).
- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence
(git-fixes).
- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
(git-fixes).
- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
(git-fixes).
- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes).
- net: ftgmac100: Hold reference returned by of_get_child_by_name()
(git-fixes).
- net: hns3: do not push link state to VF if unalive (git-fixes).
- net: hns3: set port base vlan tbl_sta to false before removing old vlan
(git-fixes).
- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
(git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: ipa: do not assume SMEM is page-aligned (git-fixes).
- net: ipvtap - add __init/__exit annotations to module init/exit funcs
(git-fixes).
- net: moxa: get rid of asymmetry in DMA mapping/unmapping (git-fixes).
- net: moxa: pass pdev instead of ndev to DMA functions (git-fixes).
- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter (git-fixes).
- net: pcs: xpcs: propagate xpcs_read error to xpcs_get_state_c37_sgmii
(git-fixes).
- net: phy: dp83822: disable MDI crossover status change interrupt
(git-fixes).
- net: phy: dp83867: Extend RX strap quirk for SGMII mode (git-fixes).
- net: stmmac: fix dma queue left shift overflow issue (git-fixes).
- net: stmmac: fix leaks in probe (git-fixes).
- net: stmmac: fix pm runtime issue in stmmac_dvr_remove() (git-fixes).
- net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
(git-fixes).
- net: stmmac: remove redunctant disable xPCS EEE call (git-fixes).
- net: sungem_phy: Add of_node_put() for reference returned by
of_get_parent() (git-fixes).
- net: tap: NULL pointer derefence in dev_parse_header_protocol when
skb->dev is null (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: r8152: Add in new Devices that are supported for Mac-Passthru
(git-fixes).
- netdevsim: fib: Fix reference count leak on route deletion failure
(git-fixes).
- nfc: fdp: Fix potential memory leak in fdp_nci_send() (git-fixes).
- nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
(git-fixes).
- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (git-fixes).
- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
(git-fixes).
- nfp: ethtool: fix the display error of `ethtool -m DEVNAME` (git-fixes).
- nfs: Fix another fsync() issue after a server reboot (git-fixes).
- nfsv4: Fixes for nfs4_inode_return_delegation() (git-fixes).
- nvme: do not print verbose errors for internal passthrough requests
(bsc#1202187).
- nvmem: core: Check input parameter for NULL in nvmem_unregister()
(bsc#1204241).
- octeontx2-af: Apply tx nibble fixup always (git-fixes).
- octeontx2-af: Fix key checking for source mac (git-fixes).
- octeontx2-af: Fix mcam entry resource leak (git-fixes).
- octeontx2-af: suppress external profile loading warning (git-fixes).
- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register configuration
(git-fixes).
- octeontx2-pf: Fix UDP/TCP src and dst port tc filters (git-fixes).
- octeontx2-pf: cn10k: Fix egress ratelimit configuration (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: add nf_ct_is_confirmed check before assigning the helper
(git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- overflow.h: restore __ab_c_size (git-fixes).
- overflow: Implement size_t saturating arithmetic helpers (jsc#PED-1211).
- pci/aspm: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
- pci/aspm: Ignore L1 PM Substates if device lacks capability (git-fixes).
- pci: Fix used_buses calculation in pci_scan_child_bus_extend()
(git-fixes).
- pci: Sanitise firmware BAR assignments behind a PCI-PCI bridge
(git-fixes).
- pci: hv: Fix synchronization between channel callback and
hv_compose_msi_msg() (bsc#1204017).
- pci: hv: Fix synchronization between channel callback and
hv_pci_bus_exit() (bsc#1204017).
- pci: hv: Use vmbus_requestor to generate transaction IDs for VMbus
hardening (bsc#1204017).
- pci: mediatek-gen3: Change driver name to mtk-pcie-gen3 (git-fixes).
- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference returned by
of_get_parent() (git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling
(git-fixes).
- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes).
- pinctrl: alderlake: Add Intel Alder Lake-N pin controller support
(jsc#PED-676).
- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634).
- pinctrl: alderlake: Fix register offsets for ADL-N variant (jsc#PED-676).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
(git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return value
check (git-fixes).
- platform/chrome: cros_ec: Notify the PM of wake events during resume
(git-fixes).
- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure
(git-fixes).
- platform/chrome: cros_ec_typec: Correct alt mode index (git-fixes).
- platform/chrome: fix double-free in chromeos_laptop_prepare()
(git-fixes).
- platform/chrome: fix memory corruption in ioctl (git-fixes).
- platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute
(git-fixes).
- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute
(git-fixes).
- platform/x86: asus-wmi: Document the panel_od sysfs attribute
(git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module
autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering
(git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- plip: avoid rcu debug splat (git-fixes).
- pm: domains: Fix handling of unavailable/disabled idle states
(git-fixes).
- pm: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
(git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e or radix
(bsc#1204413 ltc#200176).
- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU is not set
(bsc#1204413 ltc#200176).
- powerpc/64s: Make flush_and_reload_slb a no-op when radix is enabled
(bsc#1204413 ltc#200176).
- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176).
- powerpc/64s: Move and rename do_bad_slb_fault as it is not hash specific
(bsc#1204413 ltc#200176).
- powerpc/64s: Move hash MMU support code under CONFIG_PPC_64S_HASH_MMU
(bsc#1204413 ltc#200176).
- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c (bsc#1204413
ltc#200176).
- powerpc/fadump: align destination address to pagesize (bsc#1204728
ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
(jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs()
(bsc#1065729).
- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413
ltc#200176).
- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413
ltc#200176).
- powerpc/pseries: lparcfg do not include slb_size line in radix mode
(bsc#1204413 ltc#200176).
- powerpc: Ignore DSI error caused by the copy/paste instruction
(bsc#1204413 ltc#200176).
- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413
ltc#200176). Update config files.
- powerpc: make memremap_compat_align 64s-only (bsc#1204413 ltc#200176).
- printk: add missing memory barrier to wake_up_klogd() (bsc#1204934).
- printk: use atomic updates for klogd work (bsc#1204934).
- printk: wake waiters for safe and NMI contexts (bsc#1204934).
- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
- rdma/cma: Fix arguments order in net device validation (git-fixes)
- rdma/hfi1: Fix potential integer multiplication overflow errors
(git-fixes)
- rdma/hns: Add the detection for CMDQ status in the device initialization
process (git-fixes)
- rdma/irdma: Add support for address handle re-use (git-fixes)
- rdma/irdma: Align AE id codes to correct flush code and event (git-fixes)
- rdma/irdma: Do not advertise 1GB page size for x722 (git-fixes)
- rdma/irdma: Fix VLAN connection with wildcard address (git-fixes)
- rdma/irdma: Fix a window for use-after-free (git-fixes)
- rdma/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes)
- rdma/irdma: Fix sleep from invalid context BUG (git-fixes)
- rdma/irdma: Move union irdma_sockaddr to header file (git-fixes)
- rdma/irdma: Remove the unnecessary variable saddr (git-fixes)
- rdma/irdma: Report RNR NAK generation in device caps (git-fixes)
- rdma/irdma: Report the correct max cqes from query device (git-fixes)
- rdma/irdma: Return correct WC error for bind operation failure
(git-fixes)
- rdma/irdma: Return error on MR deregister CQP failure (git-fixes)
- rdma/irdma: Use net_type to check network type (git-fixes)
- rdma/irdma: Validate udata inlen and outlen (git-fixes)
- rdma/mlx5: Add missing check for return value in get namespace flow
(git-fixes)
- rdma/mlx5: Do not compare mkey tags in DEVX indirect mkey (git-fixes)
- rdma/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- rdma/qedr: Fix reporting QP timeout attribute (git-fixes)
- rdma/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
- rdma/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes)
- rdma/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- rdma/rxe: Fix mw bind to allow any consumer key portion (git-fixes)
- rdma/rxe: Fix resize_finish() in rxe_queue.c (git-fixes)
- rdma/rxe: Fix rnr retry behavior (git-fixes)
- rdma/rxe: Fix the error caused by qp->sk (git-fixes)
- rdma/rxe: For invalidate compare according to set keys in mr (git-fixes)
- rdma/rxe: Generate a completion for unsupported/invalid opcode
(git-fixes)
- rdma/siw: Always consume all skbuf data in sk_data_ready() upcall.
(git-fixes)
- rdma/siw: Fix QP destroy to wait for all references dropped. (git-fixes)
- rdma/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
(git-fixes)
- rdma/siw: Pass a pointer to virt_to_page() (git-fixes)
- rdma/srp: Fix srp_abort() (git-fixes)
- rdma/srp: Handle dev_set_name() failure (git-fixes)
- rdma/srp: Rework the srp_add_port() error path (git-fixes)
- rdma/srp: Set scmnd->result only when scmnd is not NULL (git-fixes)
- rdma/srp: Support more than 255 rdma ports (git-fixes)
- rdma/srp: Use the attribute group mechanism for sysfs attributes
(git-fixes)
- rdma/srpt: Duplicate port name members (git-fixes)
- rdma/srpt: Fix a use-after-free (git-fixes)
- rdma/srpt: Introduce a reference count in struct srpt_device (git-fixes)
- rdma/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- rdma: remove useless condition in siw_create_cq() (git-fixes)
- regulator: core: Prevent integer underflow (git-fixes).
- remoteproc: imx_rproc: Simplify some error message (git-fixes).
- revert "SUNRPC: Remove unreachable error condition" (git-fixes).
- revert "crypto: qat - reduce size of mapped region" (git-fixes).
- revert "drm/amdgpu: use dirty framebuffer helper" (git-fixes).
- revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- revert "workqueue: remove unused cancel_work()" (bsc#1204933).
- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
- ring-buffer: Allow splice to read previous partially read pages
(git-fixes).
- ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
(bsc#1204705).
- ring-buffer: Check pending waiters when doing wake ups as well
(git-fixes).
- ring-buffer: Fix race between reset page and reading page (git-fixes).
- ring-buffer: Have the shortest_full queue be the shortest not longest
(git-fixes).
- rose: Fix NULL pointer dereference in rose_send_frame() (git-fixes).
- rpm/check-for-config-changes: loosen pattern for AS_HAS_* This is needed
to handle CONFIG_AS_HAS_NON_CONST_LEB128.
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
(git-fixes).
- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
(git-fixes).
- s390/smp: enforce lowcore protection on CPU restart (git-fixes).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
(git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
(git-fixes).
- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for transceiver
info (bsc#1204957).
- scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs
(bsc#1204957).
- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
- scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited"
(bsc#1204957).
- scsi: lpfc: Log when congestion management limits are in effect
(bsc#1204957).
- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is turned off
(bsc#1204957).
- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
- scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels (bnc#1204498).
- scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
- scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
(bsc#1204963).
- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914).
- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707).
- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732).
- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
(git-fixes).
- selftests/livepatch: better synchronize test_klp_callbacks_busy
(bsc#1071995).
- selftests/pidfd_test: Remove the erroneous ',' (git-fixes).
- selftests/powerpc: Skip energy_scale_info test on older firmware
(git-fixes).
- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1 (git-fixes).
- selinux: allow FIOCLEX and FIONCLEX with policy capability (git-fixes).
- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in
convert_context() (git-fixes).
- selinux: use "grep -E" instead of "egrep" (git-fixes).
- serial: 8250: Fix restoring termios speed after suspend (git-fixes).
- serial: core: move RS485 configuration tasks from drivers into core
(git-fixes).
- sfc: disable softirqs for ptp TX (git-fixes).
- sfc: fix kernel panic when creating VF (git-fixes).
- sfc: fix use after free when disabling sriov (git-fixes).
- signal: break out of wait loops on kthread_stop() (bsc#1204926).
- slimbus: qcom-ngd: cleanup in probe error path (git-fixes).
- slimbus: qcom-ngd: use correct error in message of pdr_add_lookup()
failure (git-fixes).
- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA (git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
(git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi: sram: Fix probe function ordering issues (git-fixes).
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- soundwire: cadence: Do not overwrite msg->buf during write commands
(git-fixes).
- soundwire: intel: fix error handling on dai registration issues
(git-fixes).
- spi: Ensure that sg_table won't be used after being freed (git-fixes).
- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732).
- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S (jsc#PED-634).
- spmi: pmic-arb: correct duplicate APID to PPID mapping logic (git-fixes).
- spmi: pmic-arb: do not ack and clear peripheral interrupts in
cleanup_irq (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
(git-fixes).
- staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()
(git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- stmmac: intel: Add a missing clk_disable_unprepare() call in
intel_eth_pci_remove() (git-fixes).
- stmmac: intel: Fix an error handling path in intel_eth_pci_probe()
(git-fixes).
- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
(git-fixes).
- thermal: cpufreq_cooling: Check the policy first in
cpufreq_cooling_register() (git-fixes).
- thermal: int340x: Mode setting with new OS handshake (jsc#PED-678).
- thermal: int340x: Update OS policy capability handshake (jsc#PED-678).
- thermal: intel_powerclamp: Use first online CPU as control_cpu
(git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
to avoid crash (git-fixes).
- thunderbolt: Add back Intel Falcon Ridge end-to-end flow control
workaround (git-fixes).
- thunderbolt: Add missing device ID to tb_switch_is_alpine_ridge()
(git-fixes).
- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634).
- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes).
- thunderbolt: Explicitly enable lane adapter hotplug events at startup
(git-fixes).
- thunderbolt: Explicitly reset plug events delay back to USB4 spec value
(git-fixes).
- thunderbolt: Fix buffer allocation of devices with no DisplayPort
adapters (git-fixes).
- tracing/osnoise: Fix possible recursive locking in stop_per_cpu_kthreads
(git-fixes).
- tracing: Add "(fault)" name injection to kernel probes (git-fixes).
- tracing: Add ioctl() to force ring buffer waiters to wake up (git-fixes).
- tracing: Disable interrupt or preemption before acquiring
arch_spinlock_t (git-fixes).
- tracing: Do not free snapshot if tracer is on cmdline (git-fixes).
- tracing: Fix reading strings from synthetic events (git-fixes).
- tracing: Move duplicate code of trace_kprobe/eprobe.c into header
(git-fixes).
- tracing: Replace deprecated CPU-hotplug functions (git-fixes).
- tracing: Simplify conditional compilation code in tracing_set_tracer()
(git-fixes).
- tracing: Wake up ring buffer waiters on closing of the file (git-fixes).
- tracing: Wake up waiters when tracing is disabled (git-fixes).
- tracing: kprobe: Fix kprobe event gen test module on exit (git-fixes).++
kernel-source.spec (revision 4)Release:
<RELEASE>.g76cfe60Provides:
%name-srchash-76cfe60e3ab724313d9fba4cf5ebaf12ad49ea0e
- tracing: kprobe: Make gen test module work in arm and riscv (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
(git-fixes).
- update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1
- update
patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
(bsc#1204693).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb/hcd: Fix dma_map_sg error check (git-fixes).
- usb: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair
(git-fixes).
- usb: common: debug: Check non-standard control requests (git-fixes).
- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination error after
resume bug (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: ehci: Fix a function name in comments (git-fixes).
- usb: gadget: bdc: fix typo in comment (git-fixes).
- usb: gadget: f_fs: stricter integer overflow checks (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c
(git-fixes).
- usb: host: xhci-plat: suspend and resume clocks (git-fixes).
- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
(git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: mtu3: fix failed runtime suspend in host only mode (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- usb: serial: console: move mutex_unlock() before usb_serial_put()
(git-fixes).
- usb: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- usb: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- usb: typec: tcpm: fix typo in comment (git-fixes).
- usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
controller (git-fixes).
- virt: vbox: convert to use dev_groups (git-fixes).
- vsock: fix possible infinite sleep in vsock_connectible_wait_data()
(git-fixes).
- vsock: remove the unused 'wait' in vsock_connectible_recvmsg()
(git-fixes).
- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
(git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
(git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level
(git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
(git-fixes).
- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes).
- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of small
packets (git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(other cases) (git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
fast-rx (git-fixes).
- wifi: mac80211: fix decap offload for stations on AP_VLAN interfaces
(git-fixes).
- wifi: mac80211: fix probe req HE capabilities access (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up hw value
(git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() (git-fixes).
- x86/boot: Do not propagate uninitialized boot_params->cc_blob_address
(bsc#1204970).
- x86/boot: Fix the setup data types max limit (bsc#1204970).
- x86/compressed/64: Add identity mappings for setup_data entries
(bsc#1204970).
- x86/sev: Annotate stack change in the #VC handler (bsc#1204970).
- x86/sev: Do not use cc_platform_has() for early SEV-SNP calls
(bsc#1204970).
- x86/sev: Remove duplicated assignment to variable info (bsc#1204970).
- xen/gntdev: Prevent leaking grants (git-fixes).
- xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later
devices (git-fixes).
- xhci: Add quirk to reset host back to default state at shutdown
(git-fixes).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
- xhci: Remove device endpoints from bandwidth list when freeing the
device (git-fixes).
- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4072=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-4072=1
- SUSE Linux Enterprise Module for Live Patching 15-SP4:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2022-4072=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-4072=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4072=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4072=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4072=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-4072=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.33.2
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.33.2
dlm-kmp-default-5.14.21-150400.24.33.2
dlm-kmp-default-debuginfo-5.14.21-150400.24.33.2
gfs2-kmp-default-5.14.21-150400.24.33.2
gfs2-kmp-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-5.14.21-150400.24.33.2
kernel-default-base-5.14.21-150400.24.33.2.150400.24.11.4
kernel-default-base-rebuild-5.14.21-150400.24.33.2.150400.24.11.4
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
kernel-default-devel-5.14.21-150400.24.33.2
kernel-default-devel-debuginfo-5.14.21-150400.24.33.2
kernel-default-extra-5.14.21-150400.24.33.2
kernel-default-extra-debuginfo-5.14.21-150400.24.33.2
kernel-default-livepatch-5.14.21-150400.24.33.2
kernel-default-livepatch-devel-5.14.21-150400.24.33.2
kernel-default-optional-5.14.21-150400.24.33.2
kernel-default-optional-debuginfo-5.14.21-150400.24.33.2
kernel-obs-build-5.14.21-150400.24.33.1
kernel-obs-build-debugsource-5.14.21-150400.24.33.1
kernel-obs-qa-5.14.21-150400.24.33.1
kernel-syms-5.14.21-150400.24.33.1
kselftests-kmp-default-5.14.21-150400.24.33.2
kselftests-kmp-default-debuginfo-5.14.21-150400.24.33.2
ocfs2-kmp-default-5.14.21-150400.24.33.2
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.33.2
reiserfs-kmp-default-5.14.21-150400.24.33.2
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.33.2
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
kernel-kvmsmall-5.14.21-150400.24.33.2
kernel-kvmsmall-debuginfo-5.14.21-150400.24.33.2
kernel-kvmsmall-debugsource-5.14.21-150400.24.33.2
kernel-kvmsmall-devel-5.14.21-150400.24.33.2
kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.33.2
kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.33.2
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-5.14.21-150400.24.33.2
kernel-debug-debuginfo-5.14.21-150400.24.33.2
kernel-debug-debugsource-5.14.21-150400.24.33.2
kernel-debug-devel-5.14.21-150400.24.33.2
kernel-debug-devel-debuginfo-5.14.21-150400.24.33.2
kernel-debug-livepatch-devel-5.14.21-150400.24.33.2
- openSUSE Leap 15.4 (aarch64):
cluster-md-kmp-64kb-5.14.21-150400.24.33.2
cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.33.2
dlm-kmp-64kb-5.14.21-150400.24.33.2
dlm-kmp-64kb-debuginfo-5.14.21-150400.24.33.2
dtb-allwinner-5.14.21-150400.24.33.1
dtb-altera-5.14.21-150400.24.33.1
dtb-amazon-5.14.21-150400.24.33.1
dtb-amd-5.14.21-150400.24.33.1
dtb-amlogic-5.14.21-150400.24.33.1
dtb-apm-5.14.21-150400.24.33.1
dtb-apple-5.14.21-150400.24.33.1
dtb-arm-5.14.21-150400.24.33.1
dtb-broadcom-5.14.21-150400.24.33.1
dtb-cavium-5.14.21-150400.24.33.1
dtb-exynos-5.14.21-150400.24.33.1
dtb-freescale-5.14.21-150400.24.33.1
dtb-hisilicon-5.14.21-150400.24.33.1
dtb-lg-5.14.21-150400.24.33.1
dtb-marvell-5.14.21-150400.24.33.1
dtb-mediatek-5.14.21-150400.24.33.1
dtb-nvidia-5.14.21-150400.24.33.1
dtb-qcom-5.14.21-150400.24.33.1
dtb-renesas-5.14.21-150400.24.33.1
dtb-rockchip-5.14.21-150400.24.33.1
dtb-socionext-5.14.21-150400.24.33.1
dtb-sprd-5.14.21-150400.24.33.1
dtb-xilinx-5.14.21-150400.24.33.1
gfs2-kmp-64kb-5.14.21-150400.24.33.2
gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.33.2
kernel-64kb-5.14.21-150400.24.33.2
kernel-64kb-debuginfo-5.14.21-150400.24.33.2
kernel-64kb-debugsource-5.14.21-150400.24.33.2
kernel-64kb-devel-5.14.21-150400.24.33.2
kernel-64kb-devel-debuginfo-5.14.21-150400.24.33.2
kernel-64kb-extra-5.14.21-150400.24.33.2
kernel-64kb-extra-debuginfo-5.14.21-150400.24.33.2
kernel-64kb-livepatch-devel-5.14.21-150400.24.33.2
kernel-64kb-optional-5.14.21-150400.24.33.2
kernel-64kb-optional-debuginfo-5.14.21-150400.24.33.2
kselftests-kmp-64kb-5.14.21-150400.24.33.2
kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.33.2
ocfs2-kmp-64kb-5.14.21-150400.24.33.2
ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.33.2
reiserfs-kmp-64kb-5.14.21-150400.24.33.2
reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.33.2
- openSUSE Leap 15.4 (noarch):
kernel-devel-5.14.21-150400.24.33.1
kernel-docs-5.14.21-150400.24.33.2
kernel-docs-html-5.14.21-150400.24.33.2
kernel-macros-5.14.21-150400.24.33.1
kernel-source-5.14.21-150400.24.33.1
kernel-source-vanilla-5.14.21-150400.24.33.1
- openSUSE Leap 15.4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.33.2
kernel-zfcpdump-debuginfo-5.14.21-150400.24.33.2
kernel-zfcpdump-debugsource-5.14.21-150400.24.33.2
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
kernel-default-extra-5.14.21-150400.24.33.2
kernel-default-extra-debuginfo-5.14.21-150400.24.33.2
- SUSE Linux Enterprise Module for Live Patching 15-SP4 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
kernel-default-livepatch-5.14.21-150400.24.33.2
kernel-default-livepatch-devel-5.14.21-150400.24.33.2
kernel-livepatch-5_14_21-150400_24_33-default-1-150400.9.3.4
kernel-livepatch-5_14_21-150400_24_33-default-debuginfo-1-150400.9.3.4
kernel-livepatch-SLE15-SP4_Update_5-debugsource-1-150400.9.3.4
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
reiserfs-kmp-default-5.14.21-150400.24.33.2
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.33.2
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.14.21-150400.24.33.1
kernel-obs-build-debugsource-5.14.21-150400.24.33.1
kernel-syms-5.14.21-150400.24.33.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
kernel-docs-5.14.21-150400.24.33.2
kernel-source-5.14.21-150400.24.33.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-5.14.21-150400.24.33.2
kernel-default-base-5.14.21-150400.24.33.2.150400.24.11.4
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
kernel-default-devel-5.14.21-150400.24.33.2
kernel-default-devel-debuginfo-5.14.21-150400.24.33.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64):
kernel-64kb-5.14.21-150400.24.33.2
kernel-64kb-debuginfo-5.14.21-150400.24.33.2
kernel-64kb-debugsource-5.14.21-150400.24.33.2
kernel-64kb-devel-5.14.21-150400.24.33.2
kernel-64kb-devel-debuginfo-5.14.21-150400.24.33.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
kernel-devel-5.14.21-150400.24.33.1
kernel-macros-5.14.21-150400.24.33.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.33.2
kernel-zfcpdump-debuginfo-5.14.21-150400.24.33.2
kernel-zfcpdump-debugsource-5.14.21-150400.24.33.2
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
kernel-default-5.14.21-150400.24.33.2
kernel-default-base-5.14.21-150400.24.33.2.150400.24.11.4
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.33.2
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.33.2
dlm-kmp-default-5.14.21-150400.24.33.2
dlm-kmp-default-debuginfo-5.14.21-150400.24.33.2
gfs2-kmp-default-5.14.21-150400.24.33.2
gfs2-kmp-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debuginfo-5.14.21-150400.24.33.2
kernel-default-debugsource-5.14.21-150400.24.33.2
ocfs2-kmp-default-5.14.21-150400.24.33.2
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.33.2
References:
https://www.suse.com/security/cve/CVE-2022-1882.html
https://www.suse.com/security/cve/CVE-2022-2153.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-2964.html
https://www.suse.com/security/cve/CVE-2022-2978.html
https://www.suse.com/security/cve/CVE-2022-3169.html
https://www.suse.com/security/cve/CVE-2022-33981.html
https://www.suse.com/security/cve/CVE-2022-3424.html
https://www.suse.com/security/cve/CVE-2022-3435.html
https://www.suse.com/security/cve/CVE-2022-3521.html
https://www.suse.com/security/cve/CVE-2022-3524.html
https://www.suse.com/security/cve/CVE-2022-3526.html
https://www.suse.com/security/cve/CVE-2022-3535.html
https://www.suse.com/security/cve/CVE-2022-3542.html
https://www.suse.com/security/cve/CVE-2022-3545.html
https://www.suse.com/security/cve/CVE-2022-3565.html
https://www.suse.com/security/cve/CVE-2022-3577.html
https://www.suse.com/security/cve/CVE-2022-3586.html
https://www.suse.com/security/cve/CVE-2022-3594.html
https://www.suse.com/security/cve/CVE-2022-3619.html
https://www.suse.com/security/cve/CVE-2022-3621.html
https://www.suse.com/security/cve/CVE-2022-3625.html
https://www.suse.com/security/cve/CVE-2022-3628.html
https://www.suse.com/security/cve/CVE-2022-3629.html
https://www.suse.com/security/cve/CVE-2022-3633.html
https://www.suse.com/security/cve/CVE-2022-3640.html
https://www.suse.com/security/cve/CVE-2022-3646.html
https://www.suse.com/security/cve/CVE-2022-3649.html
https://www.suse.com/security/cve/CVE-2022-40476.html
https://www.suse.com/security/cve/CVE-2022-40768.html
https://www.suse.com/security/cve/CVE-2022-42703.html
https://www.suse.com/security/cve/CVE-2022-43750.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1188238
https://bugzilla.suse.com/1194869
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196632
https://bugzilla.suse.com/1199904
https://bugzilla.suse.com/1200567
https://bugzilla.suse.com/1200692
https://bugzilla.suse.com/1200788
https://bugzilla.suse.com/1202187
https://bugzilla.suse.com/1202686
https://bugzilla.suse.com/1202700
https://bugzilla.suse.com/1202914
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203229
https://bugzilla.suse.com/1203290
https://bugzilla.suse.com/1203435
https://bugzilla.suse.com/1203514
https://bugzilla.suse.com/1203699
https://bugzilla.suse.com/1203767
https://bugzilla.suse.com/1203802
https://bugzilla.suse.com/1203922
https://bugzilla.suse.com/1204017
https://bugzilla.suse.com/1204142
https://bugzilla.suse.com/1204166
https://bugzilla.suse.com/1204168
https://bugzilla.suse.com/1204171
https://bugzilla.suse.com/1204241
https://bugzilla.suse.com/1204353
https://bugzilla.suse.com/1204354
https://bugzilla.suse.com/1204355
https://bugzilla.suse.com/1204402
https://bugzilla.suse.com/1204413
https://bugzilla.suse.com/1204415
https://bugzilla.suse.com/1204417
https://bugzilla.suse.com/1204428
https://bugzilla.suse.com/1204431
https://bugzilla.suse.com/1204439
https://bugzilla.suse.com/1204470
https://bugzilla.suse.com/1204479
https://bugzilla.suse.com/1204498
https://bugzilla.suse.com/1204533
https://bugzilla.suse.com/1204569
https://bugzilla.suse.com/1204574
https://bugzilla.suse.com/1204575
https://bugzilla.suse.com/1204619
https://bugzilla.suse.com/1204635
https://bugzilla.suse.com/1204637
https://bugzilla.suse.com/1204646
https://bugzilla.suse.com/1204647
https://bugzilla.suse.com/1204650
https://bugzilla.suse.com/1204653
https://bugzilla.suse.com/1204693
https://bugzilla.suse.com/1204705
https://bugzilla.suse.com/1204719
https://bugzilla.suse.com/1204728
https://bugzilla.suse.com/1204753
https://bugzilla.suse.com/1204868
https://bugzilla.suse.com/1204926
https://bugzilla.suse.com/1204933
https://bugzilla.suse.com/1204934
https://bugzilla.suse.com/1204947
https://bugzilla.suse.com/1204957
https://bugzilla.suse.com/1204963
https://bugzilla.suse.com/1204970
1
0
SUSE-SU-2022:4071-1: important: Security update for python39
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for python39
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4071-1
Rating: important
References: #1204886 #1205244
Cross-References: CVE-2022-42919 CVE-2022-45061
CVSS scores:
CVE-2022-42919 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42919 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-45061 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-45061 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for python39 fixes the following issues:
Security fixes:
- CVE-2022-42919: Fixed local privilege escalation via the multiprocessing
forkserver start method (bsc#1204886).
- CVE-2022-45061: Fixed a quadratic IDNA decoding time (bsc#1205244).
Other fixes:
- Allow building of documentation with the latest Sphinx 5.3.0
(gh#python/cpython#98366).
- Update to 3.9.15:
- Fix multiplying a list by an integer (list *= int): detect the integer
overflow when the new allocated length is close to the maximum size.
- Fix a shell code injection vulnerability in the
get-remote-certificate.py example script. The script no longer uses a
shell to run openssl commands. (originally filed as CVE-2022-37460,
later withdrawn)
- Fix command line parsing: reject -X int_max_str_digits option with no
value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is
set to a valid limit.
- When ValueError is raised if an integer is larger than the limit,
mention the sys.set_int_max_str_digits() function in the error message.
- Update bundled libexpat to 2.4.9
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4071=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4071=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4071=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4071=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpython3_9-1_0-3.9.15-150300.4.21.1
libpython3_9-1_0-debuginfo-3.9.15-150300.4.21.1
python39-3.9.15-150300.4.21.1
python39-base-3.9.15-150300.4.21.1
python39-base-debuginfo-3.9.15-150300.4.21.1
python39-core-debugsource-3.9.15-150300.4.21.1
python39-curses-3.9.15-150300.4.21.1
python39-curses-debuginfo-3.9.15-150300.4.21.1
python39-dbm-3.9.15-150300.4.21.1
python39-dbm-debuginfo-3.9.15-150300.4.21.1
python39-debuginfo-3.9.15-150300.4.21.1
python39-debugsource-3.9.15-150300.4.21.1
python39-devel-3.9.15-150300.4.21.1
python39-doc-3.9.15-150300.4.21.1
python39-doc-devhelp-3.9.15-150300.4.21.1
python39-idle-3.9.15-150300.4.21.1
python39-testsuite-3.9.15-150300.4.21.1
python39-testsuite-debuginfo-3.9.15-150300.4.21.1
python39-tk-3.9.15-150300.4.21.1
python39-tk-debuginfo-3.9.15-150300.4.21.1
python39-tools-3.9.15-150300.4.21.1
- openSUSE Leap 15.4 (x86_64):
libpython3_9-1_0-32bit-3.9.15-150300.4.21.1
libpython3_9-1_0-32bit-debuginfo-3.9.15-150300.4.21.1
python39-32bit-3.9.15-150300.4.21.1
python39-32bit-debuginfo-3.9.15-150300.4.21.1
python39-base-32bit-3.9.15-150300.4.21.1
python39-base-32bit-debuginfo-3.9.15-150300.4.21.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpython3_9-1_0-3.9.15-150300.4.21.1
libpython3_9-1_0-debuginfo-3.9.15-150300.4.21.1
python39-3.9.15-150300.4.21.1
python39-base-3.9.15-150300.4.21.1
python39-base-debuginfo-3.9.15-150300.4.21.1
python39-core-debugsource-3.9.15-150300.4.21.1
python39-curses-3.9.15-150300.4.21.1
python39-curses-debuginfo-3.9.15-150300.4.21.1
python39-dbm-3.9.15-150300.4.21.1
python39-dbm-debuginfo-3.9.15-150300.4.21.1
python39-debuginfo-3.9.15-150300.4.21.1
python39-debugsource-3.9.15-150300.4.21.1
python39-devel-3.9.15-150300.4.21.1
python39-doc-3.9.15-150300.4.21.1
python39-doc-devhelp-3.9.15-150300.4.21.1
python39-idle-3.9.15-150300.4.21.1
python39-testsuite-3.9.15-150300.4.21.1
python39-testsuite-debuginfo-3.9.15-150300.4.21.1
python39-tk-3.9.15-150300.4.21.1
python39-tk-debuginfo-3.9.15-150300.4.21.1
python39-tools-3.9.15-150300.4.21.1
- openSUSE Leap 15.3 (x86_64):
libpython3_9-1_0-32bit-3.9.15-150300.4.21.1
libpython3_9-1_0-32bit-debuginfo-3.9.15-150300.4.21.1
python39-32bit-3.9.15-150300.4.21.1
python39-32bit-debuginfo-3.9.15-150300.4.21.1
python39-base-32bit-3.9.15-150300.4.21.1
python39-base-32bit-debuginfo-3.9.15-150300.4.21.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
python39-core-debugsource-3.9.15-150300.4.21.1
python39-tools-3.9.15-150300.4.21.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpython3_9-1_0-3.9.15-150300.4.21.1
libpython3_9-1_0-debuginfo-3.9.15-150300.4.21.1
python39-3.9.15-150300.4.21.1
python39-base-3.9.15-150300.4.21.1
python39-base-debuginfo-3.9.15-150300.4.21.1
python39-core-debugsource-3.9.15-150300.4.21.1
python39-curses-3.9.15-150300.4.21.1
python39-curses-debuginfo-3.9.15-150300.4.21.1
python39-dbm-3.9.15-150300.4.21.1
python39-dbm-debuginfo-3.9.15-150300.4.21.1
python39-debuginfo-3.9.15-150300.4.21.1
python39-debugsource-3.9.15-150300.4.21.1
python39-devel-3.9.15-150300.4.21.1
python39-idle-3.9.15-150300.4.21.1
python39-tk-3.9.15-150300.4.21.1
python39-tk-debuginfo-3.9.15-150300.4.21.1
References:
https://www.suse.com/security/cve/CVE-2022-42919.html
https://www.suse.com/security/cve/CVE-2022-45061.html
https://bugzilla.suse.com/1204886
https://bugzilla.suse.com/1205244
1
0
SUSE-SU-2022:4073-1: moderate: Security update for sccache
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for sccache
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4073-1
Rating: moderate
References: #1181400 #1194119 #1196972
Cross-References: CVE-2021-45710 CVE-2022-24713
CVSS scores:
CVE-2021-45710 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45710 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for sccache fixes the following issues:
Updated to version 0.3.0:
- CVE-2022-24713: Fixed Regex denial of service (bsc#1196972).
- CVE-2021-45710: Fixed tokio data race with memory corruption
(bsc#1194119).
- Added hardening to systemd service(s) (bsc#1181400).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4073=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4073=1
Package List:
- openSUSE Leap 15.3 (aarch64 x86_64):
sccache-0.3.0~git5.14a4b8b-150300.7.9.1
sccache-debuginfo-0.3.0~git5.14a4b8b-150300.7.9.1
sccache-debugsource-0.3.0~git5.14a4b8b-150300.7.9.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
sccache-0.3.0~git5.14a4b8b-150300.7.9.1
sccache-debuginfo-0.3.0~git5.14a4b8b-150300.7.9.1
sccache-debugsource-0.3.0~git5.14a4b8b-150300.7.9.1
References:
https://www.suse.com/security/cve/CVE-2021-45710.html
https://www.suse.com/security/cve/CVE-2022-24713.html
https://bugzilla.suse.com/1181400
https://bugzilla.suse.com/1194119
https://bugzilla.suse.com/1196972
1
0
SUSE-SU-2022:4069-1: important: Security update for php7
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4069-1
Rating: important
References: #1203867 #1203870 #1204577 #1204979 SLE-23639
Cross-References: CVE-2017-8923 CVE-2020-7068 CVE-2020-7069
CVE-2020-7070 CVE-2020-7071 CVE-2021-21702
CVE-2021-21703 CVE-2021-21704 CVE-2021-21705
CVE-2021-21706 CVE-2021-21707 CVE-2021-21708
CVE-2022-31625 CVE-2022-31626 CVE-2022-31628
CVE-2022-31629 CVE-2022-31630 CVE-2022-37454
CVSS scores:
CVE-2017-8923 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2017-8923 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-7068 (NVD) : 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2020-7068 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-7069 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-7069 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-7070 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2020-7070 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2020-7071 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2020-7071 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21702 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21702 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21703 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21703 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21704 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21704 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21705 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21705 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21706 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-21707 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-21707 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21708 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21708 (SUSE): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
CVE-2022-31625 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31625 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-31626 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31626 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31628 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31628 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31629 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-31630 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2022-31630 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-37454 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37454 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 18 vulnerabilities, contains one
feature is now available.
Description:
This update for php7 fixes the following issues:
- Version update to 7.4.33:
- CVE-2022-31630: Fixed out-of-bounds read due to insufficient input
validation in imageloadfont() (bsc#1204979).
- CVE-2022-37454: Fixed buffer overflow in hash_update() on long parameter
(bsc#1204577).
- Version update to 7.4.32 (jsc#SLE-23639)
- CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor
while decompressing "quines" gzip files. (bsc#1203867)
- CVE-2022-31629: Fixed a bug which could lead an attacker to set an
insecure cookie that will treated as secure in the victim's browser.
(bsc#1203870)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4069=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4069=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4069=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4069=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4069=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4069=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4069=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4069=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-4069=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4069=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4069=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4069=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4069=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
php7-firebird-7.4.33-150200.3.46.2
php7-firebird-debuginfo-7.4.33-150200.3.46.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-embed-7.4.33-150200.3.46.2
php7-embed-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-firebird-7.4.33-150200.3.46.2
php7-firebird-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-test-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Manager Proxy 4.1 (x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-embed-7.4.33-150200.3.46.2
php7-embed-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
apache2-mod_php7-7.4.33-150200.3.46.2
apache2-mod_php7-debuginfo-7.4.33-150200.3.46.2
php7-7.4.33-150200.3.46.2
php7-bcmath-7.4.33-150200.3.46.2
php7-bcmath-debuginfo-7.4.33-150200.3.46.2
php7-bz2-7.4.33-150200.3.46.2
php7-bz2-debuginfo-7.4.33-150200.3.46.2
php7-calendar-7.4.33-150200.3.46.2
php7-calendar-debuginfo-7.4.33-150200.3.46.2
php7-ctype-7.4.33-150200.3.46.2
php7-ctype-debuginfo-7.4.33-150200.3.46.2
php7-curl-7.4.33-150200.3.46.2
php7-curl-debuginfo-7.4.33-150200.3.46.2
php7-dba-7.4.33-150200.3.46.2
php7-dba-debuginfo-7.4.33-150200.3.46.2
php7-debuginfo-7.4.33-150200.3.46.2
php7-debugsource-7.4.33-150200.3.46.2
php7-devel-7.4.33-150200.3.46.2
php7-dom-7.4.33-150200.3.46.2
php7-dom-debuginfo-7.4.33-150200.3.46.2
php7-enchant-7.4.33-150200.3.46.2
php7-enchant-debuginfo-7.4.33-150200.3.46.2
php7-exif-7.4.33-150200.3.46.2
php7-exif-debuginfo-7.4.33-150200.3.46.2
php7-fastcgi-7.4.33-150200.3.46.2
php7-fastcgi-debuginfo-7.4.33-150200.3.46.2
php7-fileinfo-7.4.33-150200.3.46.2
php7-fileinfo-debuginfo-7.4.33-150200.3.46.2
php7-fpm-7.4.33-150200.3.46.2
php7-fpm-debuginfo-7.4.33-150200.3.46.2
php7-ftp-7.4.33-150200.3.46.2
php7-ftp-debuginfo-7.4.33-150200.3.46.2
php7-gd-7.4.33-150200.3.46.2
php7-gd-debuginfo-7.4.33-150200.3.46.2
php7-gettext-7.4.33-150200.3.46.2
php7-gettext-debuginfo-7.4.33-150200.3.46.2
php7-gmp-7.4.33-150200.3.46.2
php7-gmp-debuginfo-7.4.33-150200.3.46.2
php7-iconv-7.4.33-150200.3.46.2
php7-iconv-debuginfo-7.4.33-150200.3.46.2
php7-intl-7.4.33-150200.3.46.2
php7-intl-debuginfo-7.4.33-150200.3.46.2
php7-json-7.4.33-150200.3.46.2
php7-json-debuginfo-7.4.33-150200.3.46.2
php7-ldap-7.4.33-150200.3.46.2
php7-ldap-debuginfo-7.4.33-150200.3.46.2
php7-mbstring-7.4.33-150200.3.46.2
php7-mbstring-debuginfo-7.4.33-150200.3.46.2
php7-mysql-7.4.33-150200.3.46.2
php7-mysql-debuginfo-7.4.33-150200.3.46.2
php7-odbc-7.4.33-150200.3.46.2
php7-odbc-debuginfo-7.4.33-150200.3.46.2
php7-opcache-7.4.33-150200.3.46.2
php7-opcache-debuginfo-7.4.33-150200.3.46.2
php7-openssl-7.4.33-150200.3.46.2
php7-openssl-debuginfo-7.4.33-150200.3.46.2
php7-pcntl-7.4.33-150200.3.46.2
php7-pcntl-debuginfo-7.4.33-150200.3.46.2
php7-pdo-7.4.33-150200.3.46.2
php7-pdo-debuginfo-7.4.33-150200.3.46.2
php7-pgsql-7.4.33-150200.3.46.2
php7-pgsql-debuginfo-7.4.33-150200.3.46.2
php7-phar-7.4.33-150200.3.46.2
php7-phar-debuginfo-7.4.33-150200.3.46.2
php7-posix-7.4.33-150200.3.46.2
php7-posix-debuginfo-7.4.33-150200.3.46.2
php7-readline-7.4.33-150200.3.46.2
php7-readline-debuginfo-7.4.33-150200.3.46.2
php7-shmop-7.4.33-150200.3.46.2
php7-shmop-debuginfo-7.4.33-150200.3.46.2
php7-snmp-7.4.33-150200.3.46.2
php7-snmp-debuginfo-7.4.33-150200.3.46.2
php7-soap-7.4.33-150200.3.46.2
php7-soap-debuginfo-7.4.33-150200.3.46.2
php7-sockets-7.4.33-150200.3.46.2
php7-sockets-debuginfo-7.4.33-150200.3.46.2
php7-sodium-7.4.33-150200.3.46.2
php7-sodium-debuginfo-7.4.33-150200.3.46.2
php7-sqlite-7.4.33-150200.3.46.2
php7-sqlite-debuginfo-7.4.33-150200.3.46.2
php7-sysvmsg-7.4.33-150200.3.46.2
php7-sysvmsg-debuginfo-7.4.33-150200.3.46.2
php7-sysvsem-7.4.33-150200.3.46.2
php7-sysvsem-debuginfo-7.4.33-150200.3.46.2
php7-sysvshm-7.4.33-150200.3.46.2
php7-sysvshm-debuginfo-7.4.33-150200.3.46.2
php7-tidy-7.4.33-150200.3.46.2
php7-tidy-debuginfo-7.4.33-150200.3.46.2
php7-tokenizer-7.4.33-150200.3.46.2
php7-tokenizer-debuginfo-7.4.33-150200.3.46.2
php7-xmlreader-7.4.33-150200.3.46.2
php7-xmlreader-debuginfo-7.4.33-150200.3.46.2
php7-xmlrpc-7.4.33-150200.3.46.2
php7-xmlrpc-debuginfo-7.4.33-150200.3.46.2
php7-xmlwriter-7.4.33-150200.3.46.2
php7-xmlwriter-debuginfo-7.4.33-150200.3.46.2
php7-xsl-7.4.33-150200.3.46.2
php7-xsl-debuginfo-7.4.33-150200.3.46.2
php7-zip-7.4.33-150200.3.46.2
php7-zip-debuginfo-7.4.33-150200.3.46.2
php7-zlib-7.4.33-150200.3.46.2
php7-zlib-debuginfo-7.4.33-150200.3.46.2
References:
https://www.suse.com/security/cve/CVE-2017-8923.html
https://www.suse.com/security/cve/CVE-2020-7068.html
https://www.suse.com/security/cve/CVE-2020-7069.html
https://www.suse.com/security/cve/CVE-2020-7070.html
https://www.suse.com/security/cve/CVE-2020-7071.html
https://www.suse.com/security/cve/CVE-2021-21702.html
https://www.suse.com/security/cve/CVE-2021-21703.html
https://www.suse.com/security/cve/CVE-2021-21704.html
https://www.suse.com/security/cve/CVE-2021-21705.html
https://www.suse.com/security/cve/CVE-2021-21706.html
https://www.suse.com/security/cve/CVE-2021-21707.html
https://www.suse.com/security/cve/CVE-2021-21708.html
https://www.suse.com/security/cve/CVE-2022-31625.html
https://www.suse.com/security/cve/CVE-2022-31626.html
https://www.suse.com/security/cve/CVE-2022-31628.html
https://www.suse.com/security/cve/CVE-2022-31629.html
https://www.suse.com/security/cve/CVE-2022-31630.html
https://www.suse.com/security/cve/CVE-2022-37454.html
https://bugzilla.suse.com/1203867
https://bugzilla.suse.com/1203870
https://bugzilla.suse.com/1204577
https://bugzilla.suse.com/1204979
1
0
SUSE-SU-2022:4067-1: important: Security update for php7
by opensuse-security@opensuse.org 18 Nov '22
by opensuse-security@opensuse.org 18 Nov '22
18 Nov '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4067-1
Rating: important
References: #1204577 SLE-23639
Cross-References: CVE-2015-9253 CVE-2017-8923 CVE-2017-9120
CVE-2018-1000222 CVE-2018-12882 CVE-2018-14851
CVE-2018-17082 CVE-2018-19935 CVE-2018-20783
CVE-2019-11034 CVE-2019-11035 CVE-2019-11036
CVE-2019-11039 CVE-2019-11040 CVE-2019-11041
CVE-2019-11042 CVE-2019-11043 CVE-2019-11045
CVE-2019-11046 CVE-2019-11047 CVE-2019-11048
CVE-2019-11050 CVE-2019-9020 CVE-2019-9021
CVE-2019-9022 CVE-2019-9023 CVE-2019-9024
CVE-2019-9637 CVE-2019-9638 CVE-2019-9640
CVE-2019-9641 CVE-2019-9675 CVE-2020-7059
CVE-2020-7060 CVE-2020-7062 CVE-2020-7063
CVE-2020-7064 CVE-2020-7066 CVE-2020-7068
CVE-2020-7069 CVE-2020-7070 CVE-2020-7071
CVE-2021-21702 CVE-2021-21703 CVE-2021-21704
CVE-2021-21705 CVE-2021-21707 CVE-2022-31625
CVE-2022-31626 CVE-2022-31628 CVE-2022-31629
CVE-2022-37454
CVSS scores:
CVE-2015-9253 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2015-9253 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-8923 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2017-8923 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2017-9120 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2017-9120 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-1000222 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-1000222 (SUSE): 7 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-12882 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-12882 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2018-14851 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-14851 (SUSE): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-17082 (NVD) : 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2018-17082 (SUSE): 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2018-19935 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-19935 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20783 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2018-20783 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-11034 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2019-11034 (SUSE): 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-11035 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2019-11035 (SUSE): 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-11036 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2019-11036 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-11039 (NVD) : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2019-11039 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-11040 (NVD) : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2019-11040 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2019-11041 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CVE-2019-11041 (SUSE): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-11042 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CVE-2019-11042 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2019-11043 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-11043 (SUSE): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-11045 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-11045 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-11046 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-11046 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-11047 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-11047 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-11048 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-11050 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-11050 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-9020 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-9020 (SUSE): 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-9021 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-9021 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2019-9022 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-9022 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2019-9023 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-9023 (SUSE): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2019-9024 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-9024 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-9637 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-9637 (SUSE): 3.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2019-9638 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-9638 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-9640 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-9640 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-9641 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-9641 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2019-9675 (NVD) : 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-9675 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-7059 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2020-7059 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-7060 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2020-7060 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-7062 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-7062 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-7063 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2020-7063 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-7064 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2020-7064 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-7066 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2020-7066 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-7068 (NVD) : 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2020-7068 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-7069 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-7069 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-7070 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2020-7070 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2020-7071 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2020-7071 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21702 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21702 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21703 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21703 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21704 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21704 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21705 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21705 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21707 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-21707 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-31625 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31625 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-31626 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31626 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31628 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31628 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31629 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-37454 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37454 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 52 vulnerabilities, contains one
feature is now available.
Description:
This update for php7 fixes the following issues:
- Version update to 7.2.34 [jsc#SLE-23639]
- CVE-2022-37454: Fixed SHA-3 buffer overflow (bsc#1204577).
- Fix integer overflow in PHP_SHA3##bits (bsc#1204577#c26).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4067=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4067=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4067=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4067=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4067=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4067=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4067=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4067=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4067=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4067=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4067=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE Enterprise Storage 6 (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
- SUSE CaaS Platform 4.0 (x86_64):
apache2-mod_php7-7.2.34-150000.4.103.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.103.1
php7-7.2.34-150000.4.103.1
php7-bcmath-7.2.34-150000.4.103.1
php7-bcmath-debuginfo-7.2.34-150000.4.103.1
php7-bz2-7.2.34-150000.4.103.1
php7-bz2-debuginfo-7.2.34-150000.4.103.1
php7-calendar-7.2.34-150000.4.103.1
php7-calendar-debuginfo-7.2.34-150000.4.103.1
php7-ctype-7.2.34-150000.4.103.1
php7-ctype-debuginfo-7.2.34-150000.4.103.1
php7-curl-7.2.34-150000.4.103.1
php7-curl-debuginfo-7.2.34-150000.4.103.1
php7-dba-7.2.34-150000.4.103.1
php7-dba-debuginfo-7.2.34-150000.4.103.1
php7-debuginfo-7.2.34-150000.4.103.1
php7-debugsource-7.2.34-150000.4.103.1
php7-devel-7.2.34-150000.4.103.1
php7-dom-7.2.34-150000.4.103.1
php7-dom-debuginfo-7.2.34-150000.4.103.1
php7-enchant-7.2.34-150000.4.103.1
php7-enchant-debuginfo-7.2.34-150000.4.103.1
php7-exif-7.2.34-150000.4.103.1
php7-exif-debuginfo-7.2.34-150000.4.103.1
php7-fastcgi-7.2.34-150000.4.103.1
php7-fastcgi-debuginfo-7.2.34-150000.4.103.1
php7-fileinfo-7.2.34-150000.4.103.1
php7-fileinfo-debuginfo-7.2.34-150000.4.103.1
php7-fpm-7.2.34-150000.4.103.1
php7-fpm-debuginfo-7.2.34-150000.4.103.1
php7-ftp-7.2.34-150000.4.103.1
php7-ftp-debuginfo-7.2.34-150000.4.103.1
php7-gd-7.2.34-150000.4.103.1
php7-gd-debuginfo-7.2.34-150000.4.103.1
php7-gettext-7.2.34-150000.4.103.1
php7-gettext-debuginfo-7.2.34-150000.4.103.1
php7-gmp-7.2.34-150000.4.103.1
php7-gmp-debuginfo-7.2.34-150000.4.103.1
php7-iconv-7.2.34-150000.4.103.1
php7-iconv-debuginfo-7.2.34-150000.4.103.1
php7-intl-7.2.34-150000.4.103.1
php7-intl-debuginfo-7.2.34-150000.4.103.1
php7-json-7.2.34-150000.4.103.1
php7-json-debuginfo-7.2.34-150000.4.103.1
php7-ldap-7.2.34-150000.4.103.1
php7-ldap-debuginfo-7.2.34-150000.4.103.1
php7-mbstring-7.2.34-150000.4.103.1
php7-mbstring-debuginfo-7.2.34-150000.4.103.1
php7-mysql-7.2.34-150000.4.103.1
php7-mysql-debuginfo-7.2.34-150000.4.103.1
php7-odbc-7.2.34-150000.4.103.1
php7-odbc-debuginfo-7.2.34-150000.4.103.1
php7-opcache-7.2.34-150000.4.103.1
php7-opcache-debuginfo-7.2.34-150000.4.103.1
php7-openssl-7.2.34-150000.4.103.1
php7-openssl-debuginfo-7.2.34-150000.4.103.1
php7-pcntl-7.2.34-150000.4.103.1
php7-pcntl-debuginfo-7.2.34-150000.4.103.1
php7-pdo-7.2.34-150000.4.103.1
php7-pdo-debuginfo-7.2.34-150000.4.103.1
php7-pgsql-7.2.34-150000.4.103.1
php7-pgsql-debuginfo-7.2.34-150000.4.103.1
php7-phar-7.2.34-150000.4.103.1
php7-phar-debuginfo-7.2.34-150000.4.103.1
php7-posix-7.2.34-150000.4.103.1
php7-posix-debuginfo-7.2.34-150000.4.103.1
php7-readline-7.2.34-150000.4.103.1
php7-readline-debuginfo-7.2.34-150000.4.103.1
php7-shmop-7.2.34-150000.4.103.1
php7-shmop-debuginfo-7.2.34-150000.4.103.1
php7-snmp-7.2.34-150000.4.103.1
php7-snmp-debuginfo-7.2.34-150000.4.103.1
php7-soap-7.2.34-150000.4.103.1
php7-soap-debuginfo-7.2.34-150000.4.103.1
php7-sockets-7.2.34-150000.4.103.1
php7-sockets-debuginfo-7.2.34-150000.4.103.1
php7-sodium-7.2.34-150000.4.103.1
php7-sodium-debuginfo-7.2.34-150000.4.103.1
php7-sqlite-7.2.34-150000.4.103.1
php7-sqlite-debuginfo-7.2.34-150000.4.103.1
php7-sysvmsg-7.2.34-150000.4.103.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.103.1
php7-sysvsem-7.2.34-150000.4.103.1
php7-sysvsem-debuginfo-7.2.34-150000.4.103.1
php7-sysvshm-7.2.34-150000.4.103.1
php7-sysvshm-debuginfo-7.2.34-150000.4.103.1
php7-tidy-7.2.34-150000.4.103.1
php7-tidy-debuginfo-7.2.34-150000.4.103.1
php7-tokenizer-7.2.34-150000.4.103.1
php7-tokenizer-debuginfo-7.2.34-150000.4.103.1
php7-wddx-7.2.34-150000.4.103.1
php7-wddx-debuginfo-7.2.34-150000.4.103.1
php7-xmlreader-7.2.34-150000.4.103.1
php7-xmlreader-debuginfo-7.2.34-150000.4.103.1
php7-xmlrpc-7.2.34-150000.4.103.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.103.1
php7-xmlwriter-7.2.34-150000.4.103.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.103.1
php7-xsl-7.2.34-150000.4.103.1
php7-xsl-debuginfo-7.2.34-150000.4.103.1
php7-zip-7.2.34-150000.4.103.1
php7-zip-debuginfo-7.2.34-150000.4.103.1
php7-zlib-7.2.34-150000.4.103.1
php7-zlib-debuginfo-7.2.34-150000.4.103.1
- SUSE CaaS Platform 4.0 (noarch):
php7-pear-7.2.34-150000.4.103.1
php7-pear-Archive_Tar-7.2.34-150000.4.103.1
References:
https://www.suse.com/security/cve/CVE-2015-9253.html
https://www.suse.com/security/cve/CVE-2017-8923.html
https://www.suse.com/security/cve/CVE-2017-9120.html
https://www.suse.com/security/cve/CVE-2018-1000222.html
https://www.suse.com/security/cve/CVE-2018-12882.html
https://www.suse.com/security/cve/CVE-2018-14851.html
https://www.suse.com/security/cve/CVE-2018-17082.html
https://www.suse.com/security/cve/CVE-2018-19935.html
https://www.suse.com/security/cve/CVE-2018-20783.html
https://www.suse.com/security/cve/CVE-2019-11034.html
https://www.suse.com/security/cve/CVE-2019-11035.html
https://www.suse.com/security/cve/CVE-2019-11036.html
https://www.suse.com/security/cve/CVE-2019-11039.html
https://www.suse.com/security/cve/CVE-2019-11040.html
https://www.suse.com/security/cve/CVE-2019-11041.html
https://www.suse.com/security/cve/CVE-2019-11042.html
https://www.suse.com/security/cve/CVE-2019-11043.html
https://www.suse.com/security/cve/CVE-2019-11045.html
https://www.suse.com/security/cve/CVE-2019-11046.html
https://www.suse.com/security/cve/CVE-2019-11047.html
https://www.suse.com/security/cve/CVE-2019-11048.html
https://www.suse.com/security/cve/CVE-2019-11050.html
https://www.suse.com/security/cve/CVE-2019-9020.html
https://www.suse.com/security/cve/CVE-2019-9021.html
https://www.suse.com/security/cve/CVE-2019-9022.html
https://www.suse.com/security/cve/CVE-2019-9023.html
https://www.suse.com/security/cve/CVE-2019-9024.html
https://www.suse.com/security/cve/CVE-2019-9637.html
https://www.suse.com/security/cve/CVE-2019-9638.html
https://www.suse.com/security/cve/CVE-2019-9640.html
https://www.suse.com/security/cve/CVE-2019-9641.html
https://www.suse.com/security/cve/CVE-2019-9675.html
https://www.suse.com/security/cve/CVE-2020-7059.html
https://www.suse.com/security/cve/CVE-2020-7060.html
https://www.suse.com/security/cve/CVE-2020-7062.html
https://www.suse.com/security/cve/CVE-2020-7063.html
https://www.suse.com/security/cve/CVE-2020-7064.html
https://www.suse.com/security/cve/CVE-2020-7066.html
https://www.suse.com/security/cve/CVE-2020-7068.html
https://www.suse.com/security/cve/CVE-2020-7069.html
https://www.suse.com/security/cve/CVE-2020-7070.html
https://www.suse.com/security/cve/CVE-2020-7071.html
https://www.suse.com/security/cve/CVE-2021-21702.html
https://www.suse.com/security/cve/CVE-2021-21703.html
https://www.suse.com/security/cve/CVE-2021-21704.html
https://www.suse.com/security/cve/CVE-2021-21705.html
https://www.suse.com/security/cve/CVE-2021-21707.html
https://www.suse.com/security/cve/CVE-2022-31625.html
https://www.suse.com/security/cve/CVE-2022-31626.html
https://www.suse.com/security/cve/CVE-2022-31628.html
https://www.suse.com/security/cve/CVE-2022-31629.html
https://www.suse.com/security/cve/CVE-2022-37454.html
https://bugzilla.suse.com/1204577
1
0
17 Nov '22
SUSE Security Update: Security update for go1.18
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4055-1
Rating: low
References: #1193742 #1204941
Cross-References: CVE-2022-41716
CVSS scores:
CVE-2022-41716 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-41716 (SUSE): 0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for go1.18 fixes the following issues:
Update to go 1.18.8 (released 2022-11-01) (bsc#1193742):
Security fixes:
- CVE-2022-41716: Fixed unsanitized NUL in environment variables in
syscalls, os/exec (go#56327) (bsc#1204941).
Bugfixes:
- runtime: lock count" fatal error when cgo is enabled (go#56308).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4055=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4055=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4055=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4055=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.8-150000.1.37.1
go1.18-doc-1.18.8-150000.1.37.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.18-race-1.18.8-150000.1.37.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.8-150000.1.37.1
go1.18-doc-1.18.8-150000.1.37.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.18-race-1.18.8-150000.1.37.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.8-150000.1.37.1
go1.18-doc-1.18.8-150000.1.37.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.18-race-1.18.8-150000.1.37.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.8-150000.1.37.1
go1.18-doc-1.18.8-150000.1.37.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.18-race-1.18.8-150000.1.37.1
References:
https://www.suse.com/security/cve/CVE-2022-41716.html
https://bugzilla.suse.com/1193742
https://bugzilla.suse.com/1204941
1
0
SUSE-SU-2022:4057-1: Security update for python-Twisted
by opensuse-security@opensuse.org 17 Nov '22
by opensuse-security@opensuse.org 17 Nov '22
17 Nov '22
SUSE Security Update: Security update for python-Twisted
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4057-1
Rating: low
References: #1204781
Cross-References: CVE-2022-39348
CVSS scores:
CVE-2022-39348 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2022-39348 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Twisted fixes the following issues:
- CVE-2022-39348: Fixed NameVirtualHost Host header injection
(bsc#1204781).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4057=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4057=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-4057=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4057=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.18.1
python-Twisted-debugsource-19.10.0-150200.3.18.1
python3-Twisted-debuginfo-19.10.0-150200.3.18.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.18.1
python-Twisted-debugsource-19.10.0-150200.3.18.1
python-Twisted-doc-19.10.0-150200.3.18.1
python2-Twisted-19.10.0-150200.3.18.1
python2-Twisted-debuginfo-19.10.0-150200.3.18.1
python3-Twisted-19.10.0-150200.3.18.1
python3-Twisted-debuginfo-19.10.0-150200.3.18.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.18.1
python-Twisted-debugsource-19.10.0-150200.3.18.1
python3-Twisted-19.10.0-150200.3.18.1
python3-Twisted-debuginfo-19.10.0-150200.3.18.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debugsource-19.10.0-150200.3.18.1
python3-Twisted-19.10.0-150200.3.18.1
python3-Twisted-debuginfo-19.10.0-150200.3.18.1
References:
https://www.suse.com/security/cve/CVE-2022-39348.html
https://bugzilla.suse.com/1204781
1
0
SUSE-SU-2022:4056-1: moderate: Security update for systemd
by opensuse-security@opensuse.org 17 Nov '22
by opensuse-security@opensuse.org 17 Nov '22
17 Nov '22
SUSE Security Update: Security update for systemd
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4056-1
Rating: moderate
References: #1204179 #1204968
Cross-References: CVE-2022-3821
CVSS scores:
CVE-2022-3821 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3821 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for systemd fixes the following issues:
- CVE-2022-3821: Fixed buffer overrun in format_timespan() function
(bsc#1204968).
- Import commit 56bee38fd0da18dad5fc5c5d12c02238a22b50e2
* 8a70235d8a core: Add trigger limit for path units
* 93e544f3a0 core/mount: also add default before dependency for
automount mount units
* 5916a7748c logind: fix crash in logind on user-specified message string
- Document udev naming scheme (bsc#1204179).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4056=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4056=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4056=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4056=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4056=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4056=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libsystemd0-246.16-150300.7.54.1
libsystemd0-debuginfo-246.16-150300.7.54.1
libudev1-246.16-150300.7.54.1
libudev1-debuginfo-246.16-150300.7.54.1
systemd-246.16-150300.7.54.1
systemd-container-246.16-150300.7.54.1
systemd-container-debuginfo-246.16-150300.7.54.1
systemd-debuginfo-246.16-150300.7.54.1
systemd-debugsource-246.16-150300.7.54.1
systemd-journal-remote-246.16-150300.7.54.1
systemd-journal-remote-debuginfo-246.16-150300.7.54.1
systemd-sysvinit-246.16-150300.7.54.1
udev-246.16-150300.7.54.1
udev-debuginfo-246.16-150300.7.54.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nss-mymachines-246.16-150300.7.54.1
nss-mymachines-debuginfo-246.16-150300.7.54.1
nss-resolve-246.16-150300.7.54.1
nss-resolve-debuginfo-246.16-150300.7.54.1
systemd-logger-246.16-150300.7.54.1
- openSUSE Leap 15.4 (x86_64):
nss-mymachines-32bit-246.16-150300.7.54.1
nss-mymachines-32bit-debuginfo-246.16-150300.7.54.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsystemd0-246.16-150300.7.54.1
libsystemd0-debuginfo-246.16-150300.7.54.1
libudev-devel-246.16-150300.7.54.1
libudev1-246.16-150300.7.54.1
libudev1-debuginfo-246.16-150300.7.54.1
nss-myhostname-246.16-150300.7.54.1
nss-myhostname-debuginfo-246.16-150300.7.54.1
nss-mymachines-246.16-150300.7.54.1
nss-mymachines-debuginfo-246.16-150300.7.54.1
nss-resolve-246.16-150300.7.54.1
nss-resolve-debuginfo-246.16-150300.7.54.1
nss-systemd-246.16-150300.7.54.1
nss-systemd-debuginfo-246.16-150300.7.54.1
systemd-246.16-150300.7.54.1
systemd-container-246.16-150300.7.54.1
systemd-container-debuginfo-246.16-150300.7.54.1
systemd-coredump-246.16-150300.7.54.1
systemd-coredump-debuginfo-246.16-150300.7.54.1
systemd-debuginfo-246.16-150300.7.54.1
systemd-debugsource-246.16-150300.7.54.1
systemd-devel-246.16-150300.7.54.1
systemd-doc-246.16-150300.7.54.1
systemd-journal-remote-246.16-150300.7.54.1
systemd-journal-remote-debuginfo-246.16-150300.7.54.1
systemd-logger-246.16-150300.7.54.1
systemd-network-246.16-150300.7.54.1
systemd-network-debuginfo-246.16-150300.7.54.1
systemd-sysvinit-246.16-150300.7.54.1
udev-246.16-150300.7.54.1
udev-debuginfo-246.16-150300.7.54.1
- openSUSE Leap 15.3 (x86_64):
libsystemd0-32bit-246.16-150300.7.54.1
libsystemd0-32bit-debuginfo-246.16-150300.7.54.1
libudev-devel-32bit-246.16-150300.7.54.1
libudev1-32bit-246.16-150300.7.54.1
libudev1-32bit-debuginfo-246.16-150300.7.54.1
nss-myhostname-32bit-246.16-150300.7.54.1
nss-myhostname-32bit-debuginfo-246.16-150300.7.54.1
nss-mymachines-32bit-246.16-150300.7.54.1
nss-mymachines-32bit-debuginfo-246.16-150300.7.54.1
systemd-32bit-246.16-150300.7.54.1
systemd-32bit-debuginfo-246.16-150300.7.54.1
- openSUSE Leap 15.3 (noarch):
systemd-lang-246.16-150300.7.54.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsystemd0-246.16-150300.7.54.1
libsystemd0-debuginfo-246.16-150300.7.54.1
libudev-devel-246.16-150300.7.54.1
libudev1-246.16-150300.7.54.1
libudev1-debuginfo-246.16-150300.7.54.1
systemd-246.16-150300.7.54.1
systemd-container-246.16-150300.7.54.1
systemd-container-debuginfo-246.16-150300.7.54.1
systemd-coredump-246.16-150300.7.54.1
systemd-coredump-debuginfo-246.16-150300.7.54.1
systemd-debuginfo-246.16-150300.7.54.1
systemd-debugsource-246.16-150300.7.54.1
systemd-devel-246.16-150300.7.54.1
systemd-doc-246.16-150300.7.54.1
systemd-journal-remote-246.16-150300.7.54.1
systemd-journal-remote-debuginfo-246.16-150300.7.54.1
systemd-sysvinit-246.16-150300.7.54.1
udev-246.16-150300.7.54.1
udev-debuginfo-246.16-150300.7.54.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libsystemd0-32bit-246.16-150300.7.54.1
libsystemd0-32bit-debuginfo-246.16-150300.7.54.1
libudev1-32bit-246.16-150300.7.54.1
libudev1-32bit-debuginfo-246.16-150300.7.54.1
systemd-32bit-246.16-150300.7.54.1
systemd-32bit-debuginfo-246.16-150300.7.54.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
systemd-lang-246.16-150300.7.54.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libsystemd0-246.16-150300.7.54.1
libsystemd0-debuginfo-246.16-150300.7.54.1
libudev1-246.16-150300.7.54.1
libudev1-debuginfo-246.16-150300.7.54.1
systemd-246.16-150300.7.54.1
systemd-container-246.16-150300.7.54.1
systemd-container-debuginfo-246.16-150300.7.54.1
systemd-debuginfo-246.16-150300.7.54.1
systemd-debugsource-246.16-150300.7.54.1
systemd-journal-remote-246.16-150300.7.54.1
systemd-journal-remote-debuginfo-246.16-150300.7.54.1
systemd-sysvinit-246.16-150300.7.54.1
udev-246.16-150300.7.54.1
udev-debuginfo-246.16-150300.7.54.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libsystemd0-246.16-150300.7.54.1
libsystemd0-debuginfo-246.16-150300.7.54.1
libudev1-246.16-150300.7.54.1
libudev1-debuginfo-246.16-150300.7.54.1
systemd-246.16-150300.7.54.1
systemd-container-246.16-150300.7.54.1
systemd-container-debuginfo-246.16-150300.7.54.1
systemd-debuginfo-246.16-150300.7.54.1
systemd-debugsource-246.16-150300.7.54.1
systemd-journal-remote-246.16-150300.7.54.1
systemd-journal-remote-debuginfo-246.16-150300.7.54.1
systemd-sysvinit-246.16-150300.7.54.1
udev-246.16-150300.7.54.1
udev-debuginfo-246.16-150300.7.54.1
References:
https://www.suse.com/security/cve/CVE-2022-3821.html
https://bugzilla.suse.com/1204179
https://bugzilla.suse.com/1204968
1
0
SUSE-SU-2022:4053-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 17 Nov '22
by opensuse-security@opensuse.org 17 Nov '22
17 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4053-1
Rating: important
References: #1032323 #1065729 #1152489 #1198702 #1200465
#1200788 #1201725 #1202638 #1202686 #1202700
#1203066 #1203098 #1203387 #1203391 #1203496
#1203802 #1204053 #1204166 #1204168 #1204354
#1204355 #1204382 #1204402 #1204415 #1204417
#1204431 #1204439 #1204470 #1204479 #1204574
#1204575 #1204619 #1204635 #1204637 #1204646
#1204647 #1204653 #1204728 #1204753 #1204754
PED-1931 SLE-13847 SLE-24559 SLE-9246
Cross-References: CVE-2021-4037 CVE-2022-2153 CVE-2022-2964
CVE-2022-2978 CVE-2022-3176 CVE-2022-3424
CVE-2022-3521 CVE-2022-3524 CVE-2022-3535
CVE-2022-3542 CVE-2022-3545 CVE-2022-3565
CVE-2022-3577 CVE-2022-3586 CVE-2022-3594
CVE-2022-3621 CVE-2022-3625 CVE-2022-3629
CVE-2022-3640 CVE-2022-3646 CVE-2022-3649
CVE-2022-39189 CVE-2022-42703 CVE-2022-43750
CVSS scores:
CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4037 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39189 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-39189 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves 24 vulnerabilities, contains four
features and has 16 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2021-4037: Fixed function logic vulnerability that allowed local
users to create files for the XFS file-system with an unintended group
ownership and with group execution and SGID permission bits set
(bnc#1198702).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an
unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices
(bnc#1202686).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE
(bnc#1203391).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
gru_fault() and gru_handle_user_call_os() that could lead to kernel
panic (bsc#1204166).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in
net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
handler (bnc#1204354).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in
drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
driver that could lead to local privilege escalation or DoS
(bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
allow a local unprivileged user to cause a denial of service
(bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in
drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3621: Fixed null pointer dereference in
nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in
devlink_param_set()/devlink_param_get() in net/core/devlink.c
(bnc#1204637).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in
net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow
unprivileged guest users to compromise the guest kernel via TLB flush
operations on preempted vCPU (bnc#1203066).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
anon_vma double reuse (bnc#1204168).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
(git-fixes).
- ACPI: HMAT: Release platform device in case of
platform_device_add_data() fails (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- ACPI: processor idle: Practically limit "Dummy wait" workaround to old
Intel systems (bnc#1203802).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
(git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
(git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
- ALSA: hda/hdmi: Do not skip notification handling during PM operation
(git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
(git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
(git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
(git-fixes).
- ALSA: hda/sigmatel: Fix unused variable warning for beep power change
(git-fixes).
- ALSA: hda/sigmatel: Keep power up while beep is enabled (git-fixes).
- ALSA: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
(git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
(git-fixes).
- ASoC: nau8824: Fix semaphore unbalance at error paths (git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: tas2770: Reinit regcache on reset (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
(git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly
(git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
(git-fixes).
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD
(git-fixes)
- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
- IB/core: Only update PKEY and GID caches on respective events (git-fixes)
- IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
- IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
- IB/hfi1: Fix possible null-pointer dereference in
_extend_sdma_tx_descs() (git-fixes)
- IB/mlx4: Add support for REJ due to timeout (git-fixes)
- IB/mlx4: Use port iterator and validation APIs (git-fixes)
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
(git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs
(git-fixes)
- IB/srpt: Remove redundant assignment to ret (git-fixes)
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: xpad - add supported devices as contributed on github (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend
(git-fixes).
- KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
(git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
- KVM: s390: clear kicked_mask before sleeping again (git-fixes).
- KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
(git-fixes).
- KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).
- KVM: s390: split kvm_s390_real_to_abs (git-fixes).
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: x86/emulator: Fix handing of POP SS to correctly set
interruptibility (git-fixes).
- PCI: Dynamically map ECAM regions (bsc#1204382).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
(git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
(git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states
(git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)
- RDMA/bnxt_re: Fix query SRQ failure (git-fixes)
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
(git-fixes)
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- RDMA/core: Sanitize WQ state received from the userspace (git-fixes)
- RDMA/cxgb4: Remove MW support (git-fixes)
- RDMA/efa: Free IRQ vectors on error flow (git-fixes)
- RDMA/efa: Remove double QP type assignment (git-fixes)
- RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/hfi1: Fix potential integer multiplication overflow errors
(git-fixes)
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP
(git-fixes)
- RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/iwcm: Release resources if iw_cm module initialization fails
(git-fixes)
- RDMA/mlx4: Return missed an error if device does not support steering
(git-fixes)
- RDMA/mlx5: Add missing check for return value in get namespace flow
(git-fixes)
- RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
(git-fixes)
- RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled
(git-fixes)
- RDMA/mlx5: Set user priority for DCT (git-fixes)
- RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create()
(git-fixes)
- RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
- RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL
(git-fixes)
- RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
- RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
- RDMA/rxe: Fix failure during driver load (git-fixes)
- RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
- RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
- RDMA/rxe: Fix redundant skb_put_zero (git-fixes)
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode
(git-fixes)
- RDMA/rxe: Remove unused pkt->offset (git-fixes)
- RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
- RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
(git-fixes)
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
(git-fixes)
- RDMA/siw: Fix a condition race issue in MPA request processing
(git-fixes)
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
(git-fixes)
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMA: Verify port when creating flow rule (git-fixes)
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- Revert "drivers/video/backlight/platform_lcd.c: add support for
(bsc#1152489)
- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
suspend/resume time" (git-fixes).
- Revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes).
- Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- USB: serial: console: move mutex_unlock() before usb_serial_put()
(git-fixes).
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- USB: serial: option: add Quectel RM520N (git-fixes).
- USB: serial: option: add Quectel RM520N (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- arm64: assembler: add cond_yield macro (git-fixes)
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
(git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: gs_usb: gs_can_open(): fix race dev->can.state condition
(git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
(git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
(git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
(git-fixes).
- clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
(git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
(git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
(git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
(git-fixes).
- crypto: akcipher - default implementation for setting a private key
(git-fixes).
- crypto: arm64/sha - fix function types (git-fixes)
- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
(git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
__cleanup() (git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
(git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amd/display: Limit user regamma to a valid value (git-fixes).
- drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/amdgpu: use dirty framebuffer helper (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
(git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
(git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/udl: Restore display mode on resume (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
(git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
(git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
for_each_available_child_of_node() (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053
bsc#1201725).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups
(git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
(git-fixes).
- gpio: rockchip: request GPIO mux to pinctrl when setting direction
(git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
hidpp_connect_event (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI
(git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch
(git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
(git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
(git-fixes).
- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: sink stdout from cmd for silent build (git-fixes).
- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
(jsc#SLE-24559).
- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
(git-fixes).
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
(git-fixes).
- locking/csd_lock: Change csdlock_debug from early_param to __setup
(git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- media: aspeed-video: ignore interrupts that are not enabled (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: coda: Add more H264 levels for CODA960 (git-fixes).
- media: coda: Fix reported H264 profile (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: dvb_vb2: fix possible out of bound access (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
(git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
(git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
(git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
(git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
(git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in
intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- mm, memcg: avoid stale protection values when cgroup is above protection
(bsc#1204754).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
(bsc#1204575).
- mm: memcontrol: fix occasional OOMs due to proportional memory.low
reclaim (bsc#1204754).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
(git-fixes).
- mmc: core: Replace with already defined values for readability
(git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
(git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the
probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
(git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
(git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).
- padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).
- parisc/sticon: fix reverse colors (bsc#1152489) Backporting notes: *
context changes
- parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)
- phy: qualcomm: call clk_disable_unprepare in the error handling
(git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
(git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
(git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module
autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering
(git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
(git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/fadump: align destination address to pagesize (bsc#1204728
ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
(jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h
(bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs()
(bsc#1065729).
- powerpc/pseries: Interface to represent PAPR firmware attributes
(bsc#1200465 ltc#197256 jsc#PED-1931).
- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
- regulator: pfuze100: Fix the global-out-of-bounds access in
pfuze100_regulator_probe() (git-fixes).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
(git-fixes).
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
(git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
(git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask()
(git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465
ltc#197256 jsc#PED-1931).
- selftests/powerpc: Skip energy_scale_info test on older firmware
(git-fixes).
- serial: Create uart_xmit_advance() (git-fixes).
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
(git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
- soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
(git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in
spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
(git-fixes).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
(git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- struct pci_config_window kABI workaround (bsc#1204382).
- thermal: intel_powerclamp: Use first online CPU as control_cpu
(git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
to avoid crash (git-fixes).
- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data
(git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
(git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c
(git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
(git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- usb: typec: ucsi: Remove incorrect warning (git-fixes).
- usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).
- usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).
- usb: xhci-mtk: add some schedule error number (git-fixes).
- usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).
- usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).
- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule
(git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
(git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
(git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in
ath10k_sta_state() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level
(git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
(git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(other cases) (git-fixes).
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh
(git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
fast-rx (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
(git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
(git-fixes).
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
- xfs: enable big timestamps (bsc#1203387).
- xfs: enable new inode btree counters feature (bsc#1203387).
- xfs: explicitly define inode timestamp range (bsc#1203387).
- xfs: fix memory corruption during remote attr value buffer invalidation
(git-fixes).
- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
- xfs: move incore structures out of xfs_da_format.h (git-fixes).
- xfs: quota: move to time64_t interfaces (bsc#1203387).
- xfs: redefine xfs_ictimestamp_t (bsc#1203387).
- xfs: redefine xfs_timestamp_t (bsc#1203387).
- xfs: refactor remote attr value buffer invalidation (git-fixes).
- xfs: remove obsolete AGF counter debugging (git-fixes).
- xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
- xfs: store inode btree block counts in AGI header (bsc#1203387).
- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
- xfs: use the finobt block counts to speed up mount times (bsc#1203387).
- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
- xfs: widen ondisk quota expiration timestamps to handle y2038+
(bsc#1203387).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4053=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4053=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4053=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4053=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-4053=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-4053=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4053=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4053=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4053=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4053=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-4053=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
kernel-default-5.3.18-150300.59.101.1
kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.101.1
dtb-zte-5.3.18-150300.59.101.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.101.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.101.1
dlm-kmp-default-5.3.18-150300.59.101.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.101.1
gfs2-kmp-default-5.3.18-150300.59.101.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-5.3.18-150300.59.101.1
kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
kernel-default-base-rebuild-5.3.18-150300.59.101.1.150300.18.58.1
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
kernel-default-devel-5.3.18-150300.59.101.1
kernel-default-devel-debuginfo-5.3.18-150300.59.101.1
kernel-default-extra-5.3.18-150300.59.101.1
kernel-default-extra-debuginfo-5.3.18-150300.59.101.1
kernel-default-livepatch-5.3.18-150300.59.101.1
kernel-default-livepatch-devel-5.3.18-150300.59.101.1
kernel-default-optional-5.3.18-150300.59.101.1
kernel-default-optional-debuginfo-5.3.18-150300.59.101.1
kernel-obs-build-5.3.18-150300.59.101.1
kernel-obs-build-debugsource-5.3.18-150300.59.101.1
kernel-obs-qa-5.3.18-150300.59.101.1
kernel-syms-5.3.18-150300.59.101.1
kselftests-kmp-default-5.3.18-150300.59.101.1
kselftests-kmp-default-debuginfo-5.3.18-150300.59.101.1
ocfs2-kmp-default-5.3.18-150300.59.101.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
reiserfs-kmp-default-5.3.18-150300.59.101.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.101.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.101.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
dlm-kmp-preempt-5.3.18-150300.59.101.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
gfs2-kmp-preempt-5.3.18-150300.59.101.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-5.3.18-150300.59.101.1
kernel-preempt-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-debugsource-5.3.18-150300.59.101.1
kernel-preempt-devel-5.3.18-150300.59.101.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-extra-5.3.18-150300.59.101.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.101.1
kernel-preempt-optional-5.3.18-150300.59.101.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.101.1
kselftests-kmp-preempt-5.3.18-150300.59.101.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
ocfs2-kmp-preempt-5.3.18-150300.59.101.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
reiserfs-kmp-preempt-5.3.18-150300.59.101.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-150300.59.101.1
kernel-debug-debuginfo-5.3.18-150300.59.101.1
kernel-debug-debugsource-5.3.18-150300.59.101.1
kernel-debug-devel-5.3.18-150300.59.101.1
kernel-debug-devel-debuginfo-5.3.18-150300.59.101.1
kernel-debug-livepatch-devel-5.3.18-150300.59.101.1
kernel-kvmsmall-5.3.18-150300.59.101.1
kernel-kvmsmall-debuginfo-5.3.18-150300.59.101.1
kernel-kvmsmall-debugsource-5.3.18-150300.59.101.1
kernel-kvmsmall-devel-5.3.18-150300.59.101.1
kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.101.1
kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.101.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-150300.59.101.1
cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
dlm-kmp-64kb-5.3.18-150300.59.101.1
dlm-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
dtb-al-5.3.18-150300.59.101.1
dtb-allwinner-5.3.18-150300.59.101.1
dtb-altera-5.3.18-150300.59.101.1
dtb-amd-5.3.18-150300.59.101.1
dtb-amlogic-5.3.18-150300.59.101.1
dtb-apm-5.3.18-150300.59.101.1
dtb-arm-5.3.18-150300.59.101.1
dtb-broadcom-5.3.18-150300.59.101.1
dtb-cavium-5.3.18-150300.59.101.1
dtb-exynos-5.3.18-150300.59.101.1
dtb-freescale-5.3.18-150300.59.101.1
dtb-hisilicon-5.3.18-150300.59.101.1
dtb-lg-5.3.18-150300.59.101.1
dtb-marvell-5.3.18-150300.59.101.1
dtb-mediatek-5.3.18-150300.59.101.1
dtb-nvidia-5.3.18-150300.59.101.1
dtb-qcom-5.3.18-150300.59.101.1
dtb-renesas-5.3.18-150300.59.101.1
dtb-rockchip-5.3.18-150300.59.101.1
dtb-socionext-5.3.18-150300.59.101.1
dtb-sprd-5.3.18-150300.59.101.1
dtb-xilinx-5.3.18-150300.59.101.1
dtb-zte-5.3.18-150300.59.101.1
gfs2-kmp-64kb-5.3.18-150300.59.101.1
gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
kernel-64kb-5.3.18-150300.59.101.1
kernel-64kb-debuginfo-5.3.18-150300.59.101.1
kernel-64kb-debugsource-5.3.18-150300.59.101.1
kernel-64kb-devel-5.3.18-150300.59.101.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.101.1
kernel-64kb-extra-5.3.18-150300.59.101.1
kernel-64kb-extra-debuginfo-5.3.18-150300.59.101.1
kernel-64kb-livepatch-devel-5.3.18-150300.59.101.1
kernel-64kb-optional-5.3.18-150300.59.101.1
kernel-64kb-optional-debuginfo-5.3.18-150300.59.101.1
kselftests-kmp-64kb-5.3.18-150300.59.101.1
kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
ocfs2-kmp-64kb-5.3.18-150300.59.101.1
ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
reiserfs-kmp-64kb-5.3.18-150300.59.101.1
reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-150300.59.101.1
kernel-docs-5.3.18-150300.59.101.1
kernel-docs-html-5.3.18-150300.59.101.1
kernel-macros-5.3.18-150300.59.101.1
kernel-source-5.3.18-150300.59.101.1
kernel-source-vanilla-5.3.18-150300.59.101.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.101.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.101.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
kernel-default-extra-5.3.18-150300.59.101.1
kernel-default-extra-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-debugsource-5.3.18-150300.59.101.1
kernel-preempt-extra-5.3.18-150300.59.101.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
kernel-default-livepatch-5.3.18-150300.59.101.1
kernel-default-livepatch-devel-5.3.18-150300.59.101.1
kernel-livepatch-5_3_18-150300_59_101-default-1-150300.7.3.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
reiserfs-kmp-default-5.3.18-150300.59.101.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.3.18-150300.59.101.1
kernel-obs-build-debugsource-5.3.18-150300.59.101.1
kernel-syms-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
kernel-preempt-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-debugsource-5.3.18-150300.59.101.1
kernel-preempt-devel-5.3.18-150300.59.101.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
kernel-docs-5.3.18-150300.59.101.1
kernel-source-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.101.1
kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
kernel-default-devel-5.3.18-150300.59.101.1
kernel-default-devel-debuginfo-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.101.1
kernel-preempt-debuginfo-5.3.18-150300.59.101.1
kernel-preempt-debugsource-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):
kernel-64kb-5.3.18-150300.59.101.1
kernel-64kb-debuginfo-5.3.18-150300.59.101.1
kernel-64kb-debugsource-5.3.18-150300.59.101.1
kernel-64kb-devel-5.3.18-150300.59.101.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.101.1
kernel-macros-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.101.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.101.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.101.1
kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.101.1
kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.101.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.101.1
dlm-kmp-default-5.3.18-150300.59.101.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.101.1
gfs2-kmp-default-5.3.18-150300.59.101.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debuginfo-5.3.18-150300.59.101.1
kernel-default-debugsource-5.3.18-150300.59.101.1
ocfs2-kmp-default-5.3.18-150300.59.101.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
References:
https://www.suse.com/security/cve/CVE-2021-4037.html
https://www.suse.com/security/cve/CVE-2022-2153.html
https://www.suse.com/security/cve/CVE-2022-2964.html
https://www.suse.com/security/cve/CVE-2022-2978.html
https://www.suse.com/security/cve/CVE-2022-3176.html
https://www.suse.com/security/cve/CVE-2022-3424.html
https://www.suse.com/security/cve/CVE-2022-3521.html
https://www.suse.com/security/cve/CVE-2022-3524.html
https://www.suse.com/security/cve/CVE-2022-3535.html
https://www.suse.com/security/cve/CVE-2022-3542.html
https://www.suse.com/security/cve/CVE-2022-3545.html
https://www.suse.com/security/cve/CVE-2022-3565.html
https://www.suse.com/security/cve/CVE-2022-3577.html
https://www.suse.com/security/cve/CVE-2022-3586.html
https://www.suse.com/security/cve/CVE-2022-3594.html
https://www.suse.com/security/cve/CVE-2022-3621.html
https://www.suse.com/security/cve/CVE-2022-3625.html
https://www.suse.com/security/cve/CVE-2022-3629.html
https://www.suse.com/security/cve/CVE-2022-3640.html
https://www.suse.com/security/cve/CVE-2022-3646.html
https://www.suse.com/security/cve/CVE-2022-3649.html
https://www.suse.com/security/cve/CVE-2022-39189.html
https://www.suse.com/security/cve/CVE-2022-42703.html
https://www.suse.com/security/cve/CVE-2022-43750.html
https://bugzilla.suse.com/1032323
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1198702
https://bugzilla.suse.com/1200465
https://bugzilla.suse.com/1200788
https://bugzilla.suse.com/1201725
https://bugzilla.suse.com/1202638
https://bugzilla.suse.com/1202686
https://bugzilla.suse.com/1202700
https://bugzilla.suse.com/1203066
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203387
https://bugzilla.suse.com/1203391
https://bugzilla.suse.com/1203496
https://bugzilla.suse.com/1203802
https://bugzilla.suse.com/1204053
https://bugzilla.suse.com/1204166
https://bugzilla.suse.com/1204168
https://bugzilla.suse.com/1204354
https://bugzilla.suse.com/1204355
https://bugzilla.suse.com/1204382
https://bugzilla.suse.com/1204402
https://bugzilla.suse.com/1204415
https://bugzilla.suse.com/1204417
https://bugzilla.suse.com/1204431
https://bugzilla.suse.com/1204439
https://bugzilla.suse.com/1204470
https://bugzilla.suse.com/1204479
https://bugzilla.suse.com/1204574
https://bugzilla.suse.com/1204575
https://bugzilla.suse.com/1204619
https://bugzilla.suse.com/1204635
https://bugzilla.suse.com/1204637
https://bugzilla.suse.com/1204646
https://bugzilla.suse.com/1204647
https://bugzilla.suse.com/1204653
https://bugzilla.suse.com/1204728
https://bugzilla.suse.com/1204753
https://bugzilla.suse.com/1204754
1
0
SUSE-SU-2022:4058-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 17 Nov '22
by opensuse-security@opensuse.org 17 Nov '22
17 Nov '22
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4058-1
Rating: important
References: #1205270
Cross-References: CVE-2022-45403 CVE-2022-45404 CVE-2022-45405
CVE-2022-45406 CVE-2022-45408 CVE-2022-45409
CVE-2022-45410 CVE-2022-45411 CVE-2022-45412
CVE-2022-45416 CVE-2022-45418 CVE-2022-45420
CVE-2022-45421
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
Update to Firefox Extended Support Release 102.5.0 ESR (MFSA 2022-48,
bsc#1205270):
- CVE-2022-45403: Service Workers might have learned size of cross-origin
media files
- CVE-2022-45404: Fullscreen notification bypass
- CVE-2022-45405: Use-after-free in InputStream implementation
- CVE-2022-45406: Use-after-free of a JavaScript Realm
- CVE-2022-45408: Fullscreen notification bypass via windowName
- CVE-2022-45409: Use-after-free in Garbage Collection
- CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite
cookie policy
- CVE-2022-45411: Cross-Site Tracing was possible via non-standard
override headers
- CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers
- CVE-2022-45416: Keystroke Side-Channel Leakage
- CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI
- CVE-2022-45420: Iframe contents could be rendered outside the iframe
- CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR
102.5
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4058=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4058=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4058=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4058=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4058=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4058=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4058=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4058=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4058=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4058=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4058=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4058=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4058=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-branding-upstream-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-branding-upstream-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Manager Retail Branch Server 4.1 (x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Manager Proxy 4.1 (x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-102.5.0-150200.152.67.3
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
- SUSE Enterprise Storage 7 (aarch64 x86_64):
MozillaFirefox-102.5.0-150200.152.67.3
MozillaFirefox-debuginfo-102.5.0-150200.152.67.3
MozillaFirefox-debugsource-102.5.0-150200.152.67.3
MozillaFirefox-devel-102.5.0-150200.152.67.3
MozillaFirefox-translations-common-102.5.0-150200.152.67.3
MozillaFirefox-translations-other-102.5.0-150200.152.67.3
References:
https://www.suse.com/security/cve/CVE-2022-45403.html
https://www.suse.com/security/cve/CVE-2022-45404.html
https://www.suse.com/security/cve/CVE-2022-45405.html
https://www.suse.com/security/cve/CVE-2022-45406.html
https://www.suse.com/security/cve/CVE-2022-45408.html
https://www.suse.com/security/cve/CVE-2022-45409.html
https://www.suse.com/security/cve/CVE-2022-45410.html
https://www.suse.com/security/cve/CVE-2022-45411.html
https://www.suse.com/security/cve/CVE-2022-45412.html
https://www.suse.com/security/cve/CVE-2022-45416.html
https://www.suse.com/security/cve/CVE-2022-45418.html
https://www.suse.com/security/cve/CVE-2022-45420.html
https://www.suse.com/security/cve/CVE-2022-45421.html
https://bugzilla.suse.com/1205270
1
0
17 Nov '22
SUSE Security Update: Security update for go1.19
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4054-1
Rating: low
References: #1200441 #1204941
Cross-References: CVE-2022-41716
CVSS scores:
CVE-2022-41716 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-41716 (SUSE): 0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for go1.19 fixes the following issues:
Update to go 1.19.3 (released 2022-11-01) (bsc#1200441):
Security fixes:
- CVE-2022-41716: Fixed unsanitized NUL in environment variables in
syscalls, os/exec (go#56327) (bsc#1204941).
Bugfixes:
- runtime: lock count" fatal error when cgo is enabled (go#56308).
- cmd/compile: libFuzzer instrumentation fakePC overflow on 386 arch
(go#56168).
- internal/fuzz: array literal initialization causes ICE "unhandled stmt
ASOP" while fuzzing (go#56106).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4054=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4054=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4054=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4054=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.19-1.19.3-150000.1.15.1
go1.19-doc-1.19.3-150000.1.15.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.19-race-1.19.3-150000.1.15.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.19-1.19.3-150000.1.15.1
go1.19-doc-1.19.3-150000.1.15.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.19-race-1.19.3-150000.1.15.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.19-1.19.3-150000.1.15.1
go1.19-doc-1.19.3-150000.1.15.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.19-race-1.19.3-150000.1.15.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.19-1.19.3-150000.1.15.1
go1.19-doc-1.19.3-150000.1.15.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.19-race-1.19.3-150000.1.15.1
References:
https://www.suse.com/security/cve/CVE-2022-41716.html
https://bugzilla.suse.com/1200441
https://bugzilla.suse.com/1204941
1
0
SUSE-SU-2022:4044-1: important: Security update for python-cryptography, python-cryptography-vectors
by opensuse-security@opensuse.org 17 Nov '22
by opensuse-security@opensuse.org 17 Nov '22
17 Nov '22
SUSE Security Update: Security update for python-cryptography, python-cryptography-vectors
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4044-1
Rating: important
References: #1101820 #1149792 #1176785 #1177083 ECO-3105
PM-2352 PM-2730 SLE-18312
Cross-References: CVE-2018-10903
CVSS scores:
CVE-2018-10903 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2018-10903 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves one vulnerability, contains four
features and has three fixes is now available.
Description:
This update for python-cryptography, python-cryptography-vectors fixes the
following issues:
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Refresh patches for new version
- Update in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
- update to 2.9.2
* 2.9.2 - 2020-04-22
- Updated the macOS wheel to fix an issue where it would not run on
macOS versions older than 10.15.
* 2.9.1 - 2020-04-21
- Updated Windows, macOS, and manylinux wheels to be compiled with
OpenSSL 1.1.1g.
* 2.9 - 2020-04-02
- BACKWARDS INCOMPATIBLE: Support for Python 3.4 has been removed due
to low usage and maintenance burden.
- BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.0.1 has been removed.
Users on older version of OpenSSL will need to upgrade.
- BACKWARDS INCOMPATIBLE: Support for LibreSSL 2.6.x has been removed.
- Removed support for calling public_bytes() with no arguments, as per
our deprecation policy. You must now pass encoding and format.
- BACKWARDS INCOMPATIBLE: Reversed the order in which rfc4514_string()
returns the RDNs as required by RFC 4514.
- Updated Windows, macOS, and manylinux wheels to be compiled with
OpenSSL 1.1.1f.
- Added support for parsing single_extensions in an OCSP response.
- NameAttribute values can now be empty strings.
- Add openSSL_111d.patch to make this version of the package compatible
with OpenSSL 1.1.1d, thus fixing bsc#1149792.
- bsc#1101820 CVE-2018-10903 GCM tag forgery via truncated tag in
finalize_with_tag API
- Update in SLE-15 (bsc#1177083, jsc#PM-2730, jsc#SLE-18312)
- Include in SLE-15 (bsc#1176785, jsc#ECO-3105, jsc#PM-2352)
- update to 2.9.2:
* updated vectors for the cryptography 2.9.2 testing
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4044=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4044=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4044=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4044=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4044=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4044=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4044=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4044=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-4044=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4044=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4044=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4044=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4044=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4044=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4044=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- openSUSE Leap 15.3 (noarch):
python2-cryptography-vectors-2.9.2-150200.3.3.1
python3-cryptography-vectors-2.9.2-150200.3.3.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Manager Proxy 4.1 (x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (aarch64 ppc64le s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
python-cryptography-debuginfo-2.9.2-150200.13.1
python-cryptography-debugsource-2.9.2-150200.13.1
python2-cryptography-2.9.2-150200.13.1
python2-cryptography-debuginfo-2.9.2-150200.13.1
python3-cryptography-2.9.2-150200.13.1
python3-cryptography-debuginfo-2.9.2-150200.13.1
References:
https://www.suse.com/security/cve/CVE-2018-10903.html
https://bugzilla.suse.com/1101820
https://bugzilla.suse.com/1149792
https://bugzilla.suse.com/1176785
https://bugzilla.suse.com/1177083
1
0
SUSE-SU-2022:4016-1: important: Security update for rubygem-nokogiri
by opensuse-security@opensuse.org 16 Nov '22
by opensuse-security@opensuse.org 16 Nov '22
16 Nov '22
SUSE Security Update: Security update for rubygem-nokogiri
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4016-1
Rating: important
References: #1198408 #1199782
Cross-References: CVE-2022-24836 CVE-2022-29181
CVSS scores:
CVE-2022-24836 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24836 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-29181 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-29181 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rubygem-nokogiri fixes the following issues:
- CVE-2022-24836: Fixes possibility to DoS because of inefficient RE in
HTML encoding. (bsc#1198408)
- CVE-2022-29181: Fixes Improper Handling of Unexpected Data Typesi.
(bsc#1199782)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4016=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4016=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150400.14.3.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.3.1
ruby2.5-rubygem-nokogiri-doc-1.8.5-150400.14.3.1
ruby2.5-rubygem-nokogiri-testsuite-1.8.5-150400.14.3.1
rubygem-nokogiri-debugsource-1.8.5-150400.14.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150400.14.3.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.3.1
rubygem-nokogiri-debugsource-1.8.5-150400.14.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24836.html
https://www.suse.com/security/cve/CVE-2022-29181.html
https://bugzilla.suse.com/1198408
https://bugzilla.suse.com/1199782
1
0
SUSE-SU-2022:4015-1: important: Security update for rubygem-nokogiri
by opensuse-security@opensuse.org 16 Nov '22
by opensuse-security@opensuse.org 16 Nov '22
16 Nov '22
SUSE Security Update: Security update for rubygem-nokogiri
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4015-1
Rating: important
References: #1198408 #1199782
Cross-References: CVE-2022-24836 CVE-2022-29181
CVSS scores:
CVE-2022-24836 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24836 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-29181 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-29181 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Affected Products:
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rubygem-nokogiri fixes the following issues:
- CVE-2022-24836: Fixes possibility to DoS because of inefficient RE in
HTML encoding. (bsc#1198408)
- CVE-2022-29181: Fixes Improper Handling of Unexpected Data Typesi.
(bsc#1199782)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4015=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4015=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-4015=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-4015=1
- SUSE Linux Enterprise High Availability 15:
zypper in -t patch SUSE-SLE-Product-HA-15-2022-4015=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-doc-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-testsuite-1.8.5-150000.3.9.1
rubygem-nokogiri-debugsource-1.8.5-150000.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150000.3.9.1
rubygem-nokogiri-debugsource-1.8.5-150000.3.9.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150000.3.9.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150000.3.9.1
- SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-nokogiri-1.8.5-150000.3.9.1
ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150000.3.9.1
References:
https://www.suse.com/security/cve/CVE-2022-24836.html
https://www.suse.com/security/cve/CVE-2022-29181.html
https://bugzilla.suse.com/1198408
https://bugzilla.suse.com/1199782
1
0
SUSE-SU-2022:4011-1: moderate: Security update for jsoup
by opensuse-security@opensuse.org 16 Nov '22
by opensuse-security@opensuse.org 16 Nov '22
16 Nov '22
SUSE Security Update: Security update for jsoup
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4011-1
Rating: moderate
References: #1203459
Cross-References: CVE-2022-36033
CVSS scores:
CVE-2022-36033 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-36033 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jsoup fixes the following issues:
Updated to version 1.15.3:
- CVE-2022-36033: Fixed incorrect sanitization of user input in
SafeList.preserveRelativeLinks (bsc#1203459).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4011=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4011=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4011=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4011=1
Package List:
- openSUSE Leap 15.4 (noarch):
jsoup-1.15.3-150200.3.6.1
jsoup-javadoc-1.15.3-150200.3.6.1
- openSUSE Leap 15.3 (noarch):
jsoup-1.15.3-150200.3.6.1
jsoup-javadoc-1.15.3-150200.3.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
jsoup-1.15.3-150200.3.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
jsoup-1.15.3-150200.3.6.1
References:
https://www.suse.com/security/cve/CVE-2022-36033.html
https://bugzilla.suse.com/1203459
1
0
SUSE-SU-2022:4010-1: moderate: Security update for apache2-mod_wsgi
by opensuse-security@opensuse.org 16 Nov '22
by opensuse-security@opensuse.org 16 Nov '22
16 Nov '22
SUSE Security Update: Security update for apache2-mod_wsgi
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4010-1
Rating: moderate
References: #1201634
Cross-References: CVE-2022-2255
CVSS scores:
CVE-2022-2255 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-2255 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for apache2-mod_wsgi fixes the following issues:
- CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass.
(bsc#1201634)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4010=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-4010=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_wsgi-4.7.1-150400.3.3.1
apache2-mod_wsgi-debuginfo-4.7.1-150400.3.3.1
apache2-mod_wsgi-debugsource-4.7.1-150400.3.3.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_wsgi-4.7.1-150400.3.3.1
apache2-mod_wsgi-debuginfo-4.7.1-150400.3.3.1
apache2-mod_wsgi-debugsource-4.7.1-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-2255.html
https://bugzilla.suse.com/1201634
1
0
SUSE-SU-2022:4007-1: important: Security update for xen
by opensuse-security@opensuse.org 16 Nov '22
by opensuse-security@opensuse.org 16 Nov '22
16 Nov '22
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4007-1
Rating: important
References: #1027519 #1193923 #1203806 #1203807 #1204482
#1204483 #1204485 #1204487 #1204488 #1204489
#1204490 #1204494 #1204496
Cross-References: CVE-2022-33746 CVE-2022-33747 CVE-2022-33748
CVE-2022-42309 CVE-2022-42310 CVE-2022-42311
CVE-2022-42312 CVE-2022-42313 CVE-2022-42314
CVE-2022-42315 CVE-2022-42316 CVE-2022-42317
CVE-2022-42318 CVE-2022-42319 CVE-2022-42320
CVE-2022-42321 CVE-2022-42322 CVE-2022-42323
CVE-2022-42325 CVE-2022-42326 CVE-2022-42327
CVSS scores:
CVE-2022-33746 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33746 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33747 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
CVE-2022-33748 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33748 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42309 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2022-42309 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-42310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42310 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42311 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42311 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42312 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42312 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42313 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42313 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42314 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42314 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42315 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42315 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42316 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42316 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42317 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42317 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42318 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42318 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42319 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42319 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42320 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42320 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-42321 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42321 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42322 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42322 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42323 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42323 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42325 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42325 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42326 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42326 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42327 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-42327 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 21 vulnerabilities is now available.
Description:
This update for xen fixes the following issues:
- CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing
(bsc#1203806).
- CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807).
- CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen:
Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
- CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
- CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes
(bsc#1204487)
- CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free
temporary memory (bsc#1204488)
- CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes
of deleted domains (bsc#1204489)
- CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting
the stack (bsc#1204490)
- CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can
create arbitrary numbers of nodes (bsc#1204494)
- CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create
arbitrary number of nodes via transactions (bsc#1204496)
- xen: Frontends vulnerable to backends (bsc#1193923).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4007=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4007=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4007=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4007=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
xen-4.16.2_08-150400.4.16.1
xen-debugsource-4.16.2_08-150400.4.16.1
xen-devel-4.16.2_08-150400.4.16.1
xen-doc-html-4.16.2_08-150400.4.16.1
xen-libs-4.16.2_08-150400.4.16.1
xen-libs-debuginfo-4.16.2_08-150400.4.16.1
xen-tools-4.16.2_08-150400.4.16.1
xen-tools-debuginfo-4.16.2_08-150400.4.16.1
xen-tools-domU-4.16.2_08-150400.4.16.1
xen-tools-domU-debuginfo-4.16.2_08-150400.4.16.1
- openSUSE Leap 15.4 (noarch):
xen-tools-xendomains-wait-disk-4.16.2_08-150400.4.16.1
- openSUSE Leap 15.4 (x86_64):
xen-libs-32bit-4.16.2_08-150400.4.16.1
xen-libs-32bit-debuginfo-4.16.2_08-150400.4.16.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (x86_64):
xen-4.16.2_08-150400.4.16.1
xen-debugsource-4.16.2_08-150400.4.16.1
xen-devel-4.16.2_08-150400.4.16.1
xen-tools-4.16.2_08-150400.4.16.1
xen-tools-debuginfo-4.16.2_08-150400.4.16.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
xen-tools-xendomains-wait-disk-4.16.2_08-150400.4.16.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
xen-debugsource-4.16.2_08-150400.4.16.1
xen-libs-4.16.2_08-150400.4.16.1
xen-libs-debuginfo-4.16.2_08-150400.4.16.1
xen-tools-domU-4.16.2_08-150400.4.16.1
xen-tools-domU-debuginfo-4.16.2_08-150400.4.16.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
xen-debugsource-4.16.2_08-150400.4.16.1
xen-libs-4.16.2_08-150400.4.16.1
xen-libs-debuginfo-4.16.2_08-150400.4.16.1
References:
https://www.suse.com/security/cve/CVE-2022-33746.html
https://www.suse.com/security/cve/CVE-2022-33747.html
https://www.suse.com/security/cve/CVE-2022-33748.html
https://www.suse.com/security/cve/CVE-2022-42309.html
https://www.suse.com/security/cve/CVE-2022-42310.html
https://www.suse.com/security/cve/CVE-2022-42311.html
https://www.suse.com/security/cve/CVE-2022-42312.html
https://www.suse.com/security/cve/CVE-2022-42313.html
https://www.suse.com/security/cve/CVE-2022-42314.html
https://www.suse.com/security/cve/CVE-2022-42315.html
https://www.suse.com/security/cve/CVE-2022-42316.html
https://www.suse.com/security/cve/CVE-2022-42317.html
https://www.suse.com/security/cve/CVE-2022-42318.html
https://www.suse.com/security/cve/CVE-2022-42319.html
https://www.suse.com/security/cve/CVE-2022-42320.html
https://www.suse.com/security/cve/CVE-2022-42321.html
https://www.suse.com/security/cve/CVE-2022-42322.html
https://www.suse.com/security/cve/CVE-2022-42323.html
https://www.suse.com/security/cve/CVE-2022-42325.html
https://www.suse.com/security/cve/CVE-2022-42326.html
https://www.suse.com/security/cve/CVE-2022-42327.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1193923
https://bugzilla.suse.com/1203806
https://bugzilla.suse.com/1203807
https://bugzilla.suse.com/1204482
https://bugzilla.suse.com/1204483
https://bugzilla.suse.com/1204485
https://bugzilla.suse.com/1204487
https://bugzilla.suse.com/1204488
https://bugzilla.suse.com/1204489
https://bugzilla.suse.com/1204490
https://bugzilla.suse.com/1204494
https://bugzilla.suse.com/1204496
1
0
SUSE-SU-2022:4003-1: important: Security update for nodejs16
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for nodejs16
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4003-1
Rating: important
References: #1205119
Cross-References: CVE-2022-43548
CVSS scores:
CVE-2022-43548 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for nodejs16 fixes the following issues:
- Update to LTS versino 16.18.1:
- CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP
address (bsc#1205119).
- Update to LTS version 16.18.0:
* http: throw error on content-length mismatch
* stream: add ReadableByteStream.tee()
* deps: npm updated to 8.19.2
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4003=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-4003=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack16-16.18.1-150400.3.12.1
nodejs16-16.18.1-150400.3.12.1
nodejs16-debuginfo-16.18.1-150400.3.12.1
nodejs16-debugsource-16.18.1-150400.3.12.1
nodejs16-devel-16.18.1-150400.3.12.1
npm16-16.18.1-150400.3.12.1
- openSUSE Leap 15.4 (noarch):
nodejs16-docs-16.18.1-150400.3.12.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
nodejs16-16.18.1-150400.3.12.1
nodejs16-debuginfo-16.18.1-150400.3.12.1
nodejs16-debugsource-16.18.1-150400.3.12.1
nodejs16-devel-16.18.1-150400.3.12.1
npm16-16.18.1-150400.3.12.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch):
nodejs16-docs-16.18.1-150400.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1205119
1
0
SUSE-SU-2022:4004-1: important: Security update for python310
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for python310
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4004-1
Rating: important
References: #1204886 #1205244
Cross-References: CVE-2022-42919 CVE-2022-45061
CVSS scores:
CVE-2022-42919 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42919 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-45061 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-45061 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Python3 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for python310 fixes the following issues:
Security fixes:
- CVE-2022-42919: Fixed local privilege escalation via the multiprocessing
forkserver start method (bsc#1204886).
- CVE-2022-45061: Fixed a quadratic IDNA decoding time (bsc#1205244).
Other fixes:
- allow building of documentation with the latest Sphinx 5.3.0
(gh#python/cpython#98366).
- Update to 3.10.8:
- Fix multiplying a list by an integer (list *= int): detect the integer
overflow when the new allocated length is close to the maximum size.
- Fix a shell code injection vulnerability in the
get-remote-certificate.py example script. The script no longer uses a
shell to run openssl commands. (originally filed as CVE-2022-37460,
later withdrawn)
- Fix command line parsing: reject -X int_max_str_digits option with no
value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is
set to a valid limit.
- When ValueError is raised if an integer is larger than the limit,
mention the sys.set_int_max_str_digits() function in the error message.
- The deprecated mailcap module now refuses to inject unsafe text
(filenames, MIME types, parameters) into shell commands. Instead of
using such text, it will warn and act as if a match was not found (or
for test commands, as if the test failed).
- os.sched_yield() now release the GIL while calling sched_yield(2).
- Bugfix: PyFunction_GetAnnotations() should return a borrowed
reference. It was returning a new reference.
- Fixed a missing incref/decref pair in Exception.__setstate__().
- Fix overly-broad source position information for chained comparisons
used as branching conditions.
- Fix undefined behaviour in _testcapimodule.c.
- At Python exit, sometimes a thread holding the GIL can wait forever
for a thread (usually a daemon thread) which requested to drop the
GIL, whereas the thread already exited. To fix the race condition, the
thread which requested the GIL drop now resets its request before
exiting.
- Fix a possible assertion failure, fatal error, or SystemError if a
line tracing event raises an exception while opcode tracing is enabled.
- Fix undefined behaviour in C code of null pointer arithmetic.
- Do not expose KeyWrapper in _functools.
- When loading a file with invalid UTF-8 inside a multi-line string, a
correct SyntaxError is emitted.
- Disable incorrect pickling of the C implemented classmethod
descriptors.
- Fix AttributeError missing name and obj attributes in .
object.__getattribute__() bpo-42316: Document some places . where an
assignment expression needs parentheses .
- Wrap network errors consistently in urllib FTP support, so the test
suite doesn���t fail when a network is available but the public
internet is not reachable.
- Fixes AttributeError when subprocess.check_output() is used with
argument input=None and either of the arguments encoding
or errors are used.
- Avoid spurious tracebacks from asyncio when default executor cleanup
is delayed until after the event loop is closed (e.g. as the result of
a keyboard interrupt).
- Avoid a crash in the C version of
asyncio.Future.remove_done_callback() when an evil argument is passed.
- Remove tokenize.NL check from tabnanny.
- Make Semaphore run faster.
- Fix generation of the default name of tkinter.Checkbutton. Previously,
checkbuttons in different parent widgets could have the same short
name and share the same state if arguments ���name��� and
���variable��� are not specified. Now they are globally unique.
- Update bundled libexpat to 2.4.9
- Fix race condition in asyncio where process_exited() called before the
pipe_data_received() leading to inconsistent
output.
- Fixed check in multiprocessing.resource_tracker that guarantees that
the length of a write to a pipe is not greater than PIPE_BUF.
- Corrected type annotation for dataclass attribute
pstats.FunctionProfile.ncalls to be str.
- Fix the faulthandler implementation of faulthandler.register(signal,
chain=True) if the sigaction() function is not available: don���t call
the previous signal handler if it���s NULL.
- In inspect, fix overeager replacement of ���typing.��� in formatting
annotations.
- Fix asyncio.streams.StreamReaderProtocol to keep a strong reference to
the created task, so that it���s not garbage collected
- Fix handling compiler warnings (SyntaxWarning and DeprecationWarning)
in codeop.compile_command() when checking for incomplete input.
Previously it emitted warnings and raised a SyntaxError. Now it always
returns None for incomplete input without emitting any warnings.
- Fixed flickering of the turtle window when the tracer is turned off.
- Allow asyncio.StreamWriter.drain() to be awaited concurrently by
multiple tasks.
- Fix broken asyncio.Semaphore when acquire is cancelled.
- Fix ast.unparse() when ImportFrom.level is None
- Improve performance of urllib.request.getproxies_environment when
there are many environment variables
- Fix ! in c domain ref target syntax via a conf.py patch, so it works
as intended to disable ref target resolution.
- Clarified the conflicting advice given in the ast documentation about
ast.literal_eval() being ���safe��� for use
on untrusted input while at the same time warning that it can crash
the process. The latter statement is true and is deemed unfixable
without a large amount of work unsuitable for a bugfix. So we keep
the warning and no longer claim that literal_eval is safe.
- Update tutorial introduction output to use 3.10+ SyntaxError invalid
range.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4004=1
- SUSE Linux Enterprise Module for Python3 15-SP4:
zypper in -t patch SUSE-SLE-Module-Python3-15-SP4-2022-4004=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpython3_10-1_0-3.10.8-150400.4.15.1
libpython3_10-1_0-debuginfo-3.10.8-150400.4.15.1
python310-3.10.8-150400.4.15.1
python310-base-3.10.8-150400.4.15.1
python310-base-debuginfo-3.10.8-150400.4.15.1
python310-core-debugsource-3.10.8-150400.4.15.1
python310-curses-3.10.8-150400.4.15.1
python310-curses-debuginfo-3.10.8-150400.4.15.1
python310-dbm-3.10.8-150400.4.15.1
python310-dbm-debuginfo-3.10.8-150400.4.15.1
python310-debuginfo-3.10.8-150400.4.15.1
python310-debugsource-3.10.8-150400.4.15.1
python310-devel-3.10.8-150400.4.15.1
python310-doc-3.10.8-150400.4.15.1
python310-doc-devhelp-3.10.8-150400.4.15.1
python310-idle-3.10.8-150400.4.15.1
python310-testsuite-3.10.8-150400.4.15.1
python310-testsuite-debuginfo-3.10.8-150400.4.15.1
python310-tk-3.10.8-150400.4.15.1
python310-tk-debuginfo-3.10.8-150400.4.15.1
python310-tools-3.10.8-150400.4.15.1
- openSUSE Leap 15.4 (x86_64):
libpython3_10-1_0-32bit-3.10.8-150400.4.15.1
libpython3_10-1_0-32bit-debuginfo-3.10.8-150400.4.15.1
python310-32bit-3.10.8-150400.4.15.1
python310-32bit-debuginfo-3.10.8-150400.4.15.1
python310-base-32bit-3.10.8-150400.4.15.1
python310-base-32bit-debuginfo-3.10.8-150400.4.15.1
- SUSE Linux Enterprise Module for Python3 15-SP4 (aarch64 ppc64le s390x x86_64):
libpython3_10-1_0-3.10.8-150400.4.15.1
libpython3_10-1_0-debuginfo-3.10.8-150400.4.15.1
python310-3.10.8-150400.4.15.1
python310-base-3.10.8-150400.4.15.1
python310-base-debuginfo-3.10.8-150400.4.15.1
python310-core-debugsource-3.10.8-150400.4.15.1
python310-curses-3.10.8-150400.4.15.1
python310-curses-debuginfo-3.10.8-150400.4.15.1
python310-dbm-3.10.8-150400.4.15.1
python310-dbm-debuginfo-3.10.8-150400.4.15.1
python310-debuginfo-3.10.8-150400.4.15.1
python310-debugsource-3.10.8-150400.4.15.1
python310-devel-3.10.8-150400.4.15.1
python310-idle-3.10.8-150400.4.15.1
python310-tk-3.10.8-150400.4.15.1
python310-tk-debuginfo-3.10.8-150400.4.15.1
python310-tools-3.10.8-150400.4.15.1
References:
https://www.suse.com/security/cve/CVE-2022-42919.html
https://www.suse.com/security/cve/CVE-2022-45061.html
https://bugzilla.suse.com/1204886
https://bugzilla.suse.com/1205244
1
0
SUSE-SU-2022:4001-1: important: Security update for sudo
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for sudo
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4001-1
Rating: important
References: #1204986
Cross-References: CVE-2022-43995
CVSS scores:
CVE-2022-43995 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-43995 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for sudo fixes the following issues:
- CVE-2022-43995: Fixed a potential heap-based buffer over-read when
entering a password of seven characters or fewer and using the crypt()
password backend (bsc#1204986).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4001=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4001=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4001=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
sudo-1.9.9-150400.4.6.1
sudo-debuginfo-1.9.9-150400.4.6.1
sudo-debugsource-1.9.9-150400.4.6.1
sudo-devel-1.9.9-150400.4.6.1
sudo-plugin-python-1.9.9-150400.4.6.1
sudo-plugin-python-debuginfo-1.9.9-150400.4.6.1
sudo-test-1.9.9-150400.4.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
sudo-1.9.9-150400.4.6.1
sudo-debuginfo-1.9.9-150400.4.6.1
sudo-debugsource-1.9.9-150400.4.6.1
sudo-devel-1.9.9-150400.4.6.1
sudo-plugin-python-1.9.9-150400.4.6.1
sudo-plugin-python-debuginfo-1.9.9-150400.4.6.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
sudo-1.9.9-150400.4.6.1
sudo-debuginfo-1.9.9-150400.4.6.1
sudo-debugsource-1.9.9-150400.4.6.1
References:
https://www.suse.com/security/cve/CVE-2022-43995.html
https://bugzilla.suse.com/1204986
1
0
SUSE-SU-2022:3997-1: important: Security update for php7
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3997-1
Rating: important
References: #1203867 #1203870 #1204577 #1204979 SLE-23639
Cross-References: CVE-2021-21707 CVE-2021-21708 CVE-2022-31625
CVE-2022-31626 CVE-2022-31628 CVE-2022-31629
CVE-2022-31630 CVE-2022-37454
CVSS scores:
CVE-2021-21707 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-21707 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-21708 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21708 (SUSE): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
CVE-2022-31625 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31625 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-31626 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31626 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31628 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31628 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31629 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-31630 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-37454 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37454 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 8 vulnerabilities, contains one
feature is now available.
Description:
This update for php7 fixes the following issues:
- Version update to 7.4.33:
- CVE-2022-31630: Fixed out-of-bounds read due to insufficient input
validation in imageloadfont() (bsc#1204979).
- CVE-2022-37454: Fixed buffer overflow in hash_update() on long parameter
(bsc#1204577).
- Version update to 7.4.32 (jsc#SLE-23639)
- CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor
while decompressing "quines" gzip files. (bsc#1203867)
- CVE-2022-31629: Fixed a bug which could lead an attacker to set an
insecure cookie that will treated as secure in the victim's browser.
(bsc#1203870)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3997=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3997=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-3997=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150400.4.13.1
apache2-mod_php7-debuginfo-7.4.33-150400.4.13.1
apache2-mod_php7-debugsource-7.4.33-150400.4.13.1
php7-7.4.33-150400.4.13.1
php7-bcmath-7.4.33-150400.4.13.1
php7-bcmath-debuginfo-7.4.33-150400.4.13.1
php7-bz2-7.4.33-150400.4.13.1
php7-bz2-debuginfo-7.4.33-150400.4.13.1
php7-calendar-7.4.33-150400.4.13.1
php7-calendar-debuginfo-7.4.33-150400.4.13.1
php7-cli-7.4.33-150400.4.13.1
php7-cli-debuginfo-7.4.33-150400.4.13.1
php7-ctype-7.4.33-150400.4.13.1
php7-ctype-debuginfo-7.4.33-150400.4.13.1
php7-curl-7.4.33-150400.4.13.1
php7-curl-debuginfo-7.4.33-150400.4.13.1
php7-dba-7.4.33-150400.4.13.1
php7-dba-debuginfo-7.4.33-150400.4.13.1
php7-debuginfo-7.4.33-150400.4.13.1
php7-debugsource-7.4.33-150400.4.13.1
php7-devel-7.4.33-150400.4.13.1
php7-dom-7.4.33-150400.4.13.1
php7-dom-debuginfo-7.4.33-150400.4.13.1
php7-embed-7.4.33-150400.4.13.1
php7-embed-debuginfo-7.4.33-150400.4.13.1
php7-embed-debugsource-7.4.33-150400.4.13.1
php7-enchant-7.4.33-150400.4.13.1
php7-enchant-debuginfo-7.4.33-150400.4.13.1
php7-exif-7.4.33-150400.4.13.1
php7-exif-debuginfo-7.4.33-150400.4.13.1
php7-fastcgi-7.4.33-150400.4.13.1
php7-fastcgi-debuginfo-7.4.33-150400.4.13.1
php7-fastcgi-debugsource-7.4.33-150400.4.13.1
php7-fileinfo-7.4.33-150400.4.13.1
php7-fileinfo-debuginfo-7.4.33-150400.4.13.1
php7-fpm-7.4.33-150400.4.13.1
php7-fpm-debuginfo-7.4.33-150400.4.13.1
php7-fpm-debugsource-7.4.33-150400.4.13.1
php7-ftp-7.4.33-150400.4.13.1
php7-ftp-debuginfo-7.4.33-150400.4.13.1
php7-gd-7.4.33-150400.4.13.1
php7-gd-debuginfo-7.4.33-150400.4.13.1
php7-gettext-7.4.33-150400.4.13.1
php7-gettext-debuginfo-7.4.33-150400.4.13.1
php7-gmp-7.4.33-150400.4.13.1
php7-gmp-debuginfo-7.4.33-150400.4.13.1
php7-iconv-7.4.33-150400.4.13.1
php7-iconv-debuginfo-7.4.33-150400.4.13.1
php7-intl-7.4.33-150400.4.13.1
php7-intl-debuginfo-7.4.33-150400.4.13.1
php7-json-7.4.33-150400.4.13.1
php7-json-debuginfo-7.4.33-150400.4.13.1
php7-ldap-7.4.33-150400.4.13.1
php7-ldap-debuginfo-7.4.33-150400.4.13.1
php7-mbstring-7.4.33-150400.4.13.1
php7-mbstring-debuginfo-7.4.33-150400.4.13.1
php7-mysql-7.4.33-150400.4.13.1
php7-mysql-debuginfo-7.4.33-150400.4.13.1
php7-odbc-7.4.33-150400.4.13.1
php7-odbc-debuginfo-7.4.33-150400.4.13.1
php7-opcache-7.4.33-150400.4.13.1
php7-opcache-debuginfo-7.4.33-150400.4.13.1
php7-openssl-7.4.33-150400.4.13.1
php7-openssl-debuginfo-7.4.33-150400.4.13.1
php7-pcntl-7.4.33-150400.4.13.1
php7-pcntl-debuginfo-7.4.33-150400.4.13.1
php7-pdo-7.4.33-150400.4.13.1
php7-pdo-debuginfo-7.4.33-150400.4.13.1
php7-pgsql-7.4.33-150400.4.13.1
php7-pgsql-debuginfo-7.4.33-150400.4.13.1
php7-phar-7.4.33-150400.4.13.1
php7-phar-debuginfo-7.4.33-150400.4.13.1
php7-posix-7.4.33-150400.4.13.1
php7-posix-debuginfo-7.4.33-150400.4.13.1
php7-readline-7.4.33-150400.4.13.1
php7-readline-debuginfo-7.4.33-150400.4.13.1
php7-shmop-7.4.33-150400.4.13.1
php7-shmop-debuginfo-7.4.33-150400.4.13.1
php7-snmp-7.4.33-150400.4.13.1
php7-snmp-debuginfo-7.4.33-150400.4.13.1
php7-soap-7.4.33-150400.4.13.1
php7-soap-debuginfo-7.4.33-150400.4.13.1
php7-sockets-7.4.33-150400.4.13.1
php7-sockets-debuginfo-7.4.33-150400.4.13.1
php7-sodium-7.4.33-150400.4.13.1
php7-sodium-debuginfo-7.4.33-150400.4.13.1
php7-sqlite-7.4.33-150400.4.13.1
php7-sqlite-debuginfo-7.4.33-150400.4.13.1
php7-sysvmsg-7.4.33-150400.4.13.1
php7-sysvmsg-debuginfo-7.4.33-150400.4.13.1
php7-sysvsem-7.4.33-150400.4.13.1
php7-sysvsem-debuginfo-7.4.33-150400.4.13.1
php7-sysvshm-7.4.33-150400.4.13.1
php7-sysvshm-debuginfo-7.4.33-150400.4.13.1
php7-test-7.4.33-150400.4.13.2
php7-tidy-7.4.33-150400.4.13.1
php7-tidy-debuginfo-7.4.33-150400.4.13.1
php7-tokenizer-7.4.33-150400.4.13.1
php7-tokenizer-debuginfo-7.4.33-150400.4.13.1
php7-xmlreader-7.4.33-150400.4.13.1
php7-xmlreader-debuginfo-7.4.33-150400.4.13.1
php7-xmlrpc-7.4.33-150400.4.13.1
php7-xmlrpc-debuginfo-7.4.33-150400.4.13.1
php7-xmlwriter-7.4.33-150400.4.13.1
php7-xmlwriter-debuginfo-7.4.33-150400.4.13.1
php7-xsl-7.4.33-150400.4.13.1
php7-xsl-debuginfo-7.4.33-150400.4.13.1
php7-zip-7.4.33-150400.4.13.1
php7-zip-debuginfo-7.4.33-150400.4.13.1
php7-zlib-7.4.33-150400.4.13.1
php7-zlib-debuginfo-7.4.33-150400.4.13.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
php7-embed-7.4.33-150400.4.13.1
php7-embed-debuginfo-7.4.33-150400.4.13.1
php7-embed-debugsource-7.4.33-150400.4.13.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150400.4.13.1
apache2-mod_php7-debuginfo-7.4.33-150400.4.13.1
apache2-mod_php7-debugsource-7.4.33-150400.4.13.1
php7-7.4.33-150400.4.13.1
php7-bcmath-7.4.33-150400.4.13.1
php7-bcmath-debuginfo-7.4.33-150400.4.13.1
php7-bz2-7.4.33-150400.4.13.1
php7-bz2-debuginfo-7.4.33-150400.4.13.1
php7-calendar-7.4.33-150400.4.13.1
php7-calendar-debuginfo-7.4.33-150400.4.13.1
php7-cli-7.4.33-150400.4.13.1
php7-cli-debuginfo-7.4.33-150400.4.13.1
php7-ctype-7.4.33-150400.4.13.1
php7-ctype-debuginfo-7.4.33-150400.4.13.1
php7-curl-7.4.33-150400.4.13.1
php7-curl-debuginfo-7.4.33-150400.4.13.1
php7-dba-7.4.33-150400.4.13.1
php7-dba-debuginfo-7.4.33-150400.4.13.1
php7-debuginfo-7.4.33-150400.4.13.1
php7-debugsource-7.4.33-150400.4.13.1
php7-devel-7.4.33-150400.4.13.1
php7-dom-7.4.33-150400.4.13.1
php7-dom-debuginfo-7.4.33-150400.4.13.1
php7-enchant-7.4.33-150400.4.13.1
php7-enchant-debuginfo-7.4.33-150400.4.13.1
php7-exif-7.4.33-150400.4.13.1
php7-exif-debuginfo-7.4.33-150400.4.13.1
php7-fastcgi-7.4.33-150400.4.13.1
php7-fastcgi-debuginfo-7.4.33-150400.4.13.1
php7-fastcgi-debugsource-7.4.33-150400.4.13.1
php7-fileinfo-7.4.33-150400.4.13.1
php7-fileinfo-debuginfo-7.4.33-150400.4.13.1
php7-fpm-7.4.33-150400.4.13.1
php7-fpm-debuginfo-7.4.33-150400.4.13.1
php7-fpm-debugsource-7.4.33-150400.4.13.1
php7-ftp-7.4.33-150400.4.13.1
php7-ftp-debuginfo-7.4.33-150400.4.13.1
php7-gd-7.4.33-150400.4.13.1
php7-gd-debuginfo-7.4.33-150400.4.13.1
php7-gettext-7.4.33-150400.4.13.1
php7-gettext-debuginfo-7.4.33-150400.4.13.1
php7-gmp-7.4.33-150400.4.13.1
php7-gmp-debuginfo-7.4.33-150400.4.13.1
php7-iconv-7.4.33-150400.4.13.1
php7-iconv-debuginfo-7.4.33-150400.4.13.1
php7-intl-7.4.33-150400.4.13.1
php7-intl-debuginfo-7.4.33-150400.4.13.1
php7-json-7.4.33-150400.4.13.1
php7-json-debuginfo-7.4.33-150400.4.13.1
php7-ldap-7.4.33-150400.4.13.1
php7-ldap-debuginfo-7.4.33-150400.4.13.1
php7-mbstring-7.4.33-150400.4.13.1
php7-mbstring-debuginfo-7.4.33-150400.4.13.1
php7-mysql-7.4.33-150400.4.13.1
php7-mysql-debuginfo-7.4.33-150400.4.13.1
php7-odbc-7.4.33-150400.4.13.1
php7-odbc-debuginfo-7.4.33-150400.4.13.1
php7-opcache-7.4.33-150400.4.13.1
php7-opcache-debuginfo-7.4.33-150400.4.13.1
php7-openssl-7.4.33-150400.4.13.1
php7-openssl-debuginfo-7.4.33-150400.4.13.1
php7-pcntl-7.4.33-150400.4.13.1
php7-pcntl-debuginfo-7.4.33-150400.4.13.1
php7-pdo-7.4.33-150400.4.13.1
php7-pdo-debuginfo-7.4.33-150400.4.13.1
php7-pgsql-7.4.33-150400.4.13.1
php7-pgsql-debuginfo-7.4.33-150400.4.13.1
php7-phar-7.4.33-150400.4.13.1
php7-phar-debuginfo-7.4.33-150400.4.13.1
php7-posix-7.4.33-150400.4.13.1
php7-posix-debuginfo-7.4.33-150400.4.13.1
php7-readline-7.4.33-150400.4.13.1
php7-readline-debuginfo-7.4.33-150400.4.13.1
php7-shmop-7.4.33-150400.4.13.1
php7-shmop-debuginfo-7.4.33-150400.4.13.1
php7-snmp-7.4.33-150400.4.13.1
php7-snmp-debuginfo-7.4.33-150400.4.13.1
php7-soap-7.4.33-150400.4.13.1
php7-soap-debuginfo-7.4.33-150400.4.13.1
php7-sockets-7.4.33-150400.4.13.1
php7-sockets-debuginfo-7.4.33-150400.4.13.1
php7-sodium-7.4.33-150400.4.13.1
php7-sodium-debuginfo-7.4.33-150400.4.13.1
php7-sqlite-7.4.33-150400.4.13.1
php7-sqlite-debuginfo-7.4.33-150400.4.13.1
php7-sysvmsg-7.4.33-150400.4.13.1
php7-sysvmsg-debuginfo-7.4.33-150400.4.13.1
php7-sysvsem-7.4.33-150400.4.13.1
php7-sysvsem-debuginfo-7.4.33-150400.4.13.1
php7-sysvshm-7.4.33-150400.4.13.1
php7-sysvshm-debuginfo-7.4.33-150400.4.13.1
php7-tidy-7.4.33-150400.4.13.1
php7-tidy-debuginfo-7.4.33-150400.4.13.1
php7-tokenizer-7.4.33-150400.4.13.1
php7-tokenizer-debuginfo-7.4.33-150400.4.13.1
php7-xmlreader-7.4.33-150400.4.13.1
php7-xmlreader-debuginfo-7.4.33-150400.4.13.1
php7-xmlrpc-7.4.33-150400.4.13.1
php7-xmlrpc-debuginfo-7.4.33-150400.4.13.1
php7-xmlwriter-7.4.33-150400.4.13.1
php7-xmlwriter-debuginfo-7.4.33-150400.4.13.1
php7-xsl-7.4.33-150400.4.13.1
php7-xsl-debuginfo-7.4.33-150400.4.13.1
php7-zip-7.4.33-150400.4.13.1
php7-zip-debuginfo-7.4.33-150400.4.13.1
php7-zlib-7.4.33-150400.4.13.1
php7-zlib-debuginfo-7.4.33-150400.4.13.1
References:
https://www.suse.com/security/cve/CVE-2021-21707.html
https://www.suse.com/security/cve/CVE-2021-21708.html
https://www.suse.com/security/cve/CVE-2022-31625.html
https://www.suse.com/security/cve/CVE-2022-31626.html
https://www.suse.com/security/cve/CVE-2022-31628.html
https://www.suse.com/security/cve/CVE-2022-31629.html
https://www.suse.com/security/cve/CVE-2022-31630.html
https://www.suse.com/security/cve/CVE-2022-37454.html
https://bugzilla.suse.com/1203867
https://bugzilla.suse.com/1203870
https://bugzilla.suse.com/1204577
https://bugzilla.suse.com/1204979
1
0
SUSE-SU-2022:3995-1: important: Security update for jackson-databind
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for jackson-databind
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3995-1
Rating: important
References: #1204369 #1204370
Cross-References: CVE-2022-42003 CVE-2022-42004
CVSS scores:
CVE-2022-42003 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42003 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42004 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42004 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for SUSE Manager Server 4.3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for jackson-databind fixes the following issues:
Update to version 2.13.4.2:
- CVE-2022-42003: Fixed missing check in primitive value deserializers
to avoid deep wrapper array nesting wrt 'UNWRAP_SINGLE_VALUE_ARRAYS'
(bsc#1204370).
- CVE-2022-42004: Fixed missing check in
'BeanDeserializer._deserializeFromArray()' to prevent use of deeply
nested arrays (bsc#1204369).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3995=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3995=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3995=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3995=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3995=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3995=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3995=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3995=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3995=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3995=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3995=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3995=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3995=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3995=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3995=1
Package List:
- openSUSE Leap 15.4 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
jackson-databind-javadoc-2.13.4.2-150200.3.12.1
- openSUSE Leap 15.3 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
jackson-databind-javadoc-2.13.4.2-150200.3.12.1
- SUSE Manager Server 4.1 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Manager Proxy 4.1 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
jackson-databind-javadoc-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
- SUSE Enterprise Storage 7 (noarch):
jackson-databind-2.13.4.2-150200.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-42003.html
https://www.suse.com/security/cve/CVE-2022-42004.html
https://bugzilla.suse.com/1204369
https://bugzilla.suse.com/1204370
1
0
SUSE-SU-2022:4005-1: important: Security update for php8
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for php8
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4005-1
Rating: important
References: #1204577 #1204979
Cross-References: CVE-2022-31630 CVE-2022-37454
CVSS scores:
CVE-2022-31630 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-37454 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37454 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for php8 fixes the following issues:
- CVE-2022-37454: Fixed buffer overflow in hash_update() on long parameter
(bug#81738) (bsc#1204577).
- CVE-2022-31630: Fixed OOB read due to insufficient input validation in
imageloadfont() (bug#81739) (bsc#1204979).
- version update to 8.0.25 (27 Oct 2022)
* Session: Fixed bug GH-9583 (session_create_id() fails with user
defined save handler that doesn't have a validateId() method).
* Streams: Fixed bug GH-9590 (stream_select does not abort upon
exception or empty valid fd set).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4005=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-4005=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php8-8.0.25-150400.4.17.1
apache2-mod_php8-debuginfo-8.0.25-150400.4.17.1
apache2-mod_php8-debugsource-8.0.25-150400.4.17.1
php8-8.0.25-150400.4.17.1
php8-bcmath-8.0.25-150400.4.17.1
php8-bcmath-debuginfo-8.0.25-150400.4.17.1
php8-bz2-8.0.25-150400.4.17.1
php8-bz2-debuginfo-8.0.25-150400.4.17.1
php8-calendar-8.0.25-150400.4.17.1
php8-calendar-debuginfo-8.0.25-150400.4.17.1
php8-cli-8.0.25-150400.4.17.1
php8-cli-debuginfo-8.0.25-150400.4.17.1
php8-ctype-8.0.25-150400.4.17.1
php8-ctype-debuginfo-8.0.25-150400.4.17.1
php8-curl-8.0.25-150400.4.17.1
php8-curl-debuginfo-8.0.25-150400.4.17.1
php8-dba-8.0.25-150400.4.17.1
php8-dba-debuginfo-8.0.25-150400.4.17.1
php8-debuginfo-8.0.25-150400.4.17.1
php8-debugsource-8.0.25-150400.4.17.1
php8-devel-8.0.25-150400.4.17.1
php8-dom-8.0.25-150400.4.17.1
php8-dom-debuginfo-8.0.25-150400.4.17.1
php8-embed-8.0.25-150400.4.17.1
php8-embed-debuginfo-8.0.25-150400.4.17.1
php8-embed-debugsource-8.0.25-150400.4.17.1
php8-enchant-8.0.25-150400.4.17.1
php8-enchant-debuginfo-8.0.25-150400.4.17.1
php8-exif-8.0.25-150400.4.17.1
php8-exif-debuginfo-8.0.25-150400.4.17.1
php8-fastcgi-8.0.25-150400.4.17.1
php8-fastcgi-debuginfo-8.0.25-150400.4.17.1
php8-fastcgi-debugsource-8.0.25-150400.4.17.1
php8-fileinfo-8.0.25-150400.4.17.1
php8-fileinfo-debuginfo-8.0.25-150400.4.17.1
php8-fpm-8.0.25-150400.4.17.1
php8-fpm-debuginfo-8.0.25-150400.4.17.1
php8-fpm-debugsource-8.0.25-150400.4.17.1
php8-ftp-8.0.25-150400.4.17.1
php8-ftp-debuginfo-8.0.25-150400.4.17.1
php8-gd-8.0.25-150400.4.17.1
php8-gd-debuginfo-8.0.25-150400.4.17.1
php8-gettext-8.0.25-150400.4.17.1
php8-gettext-debuginfo-8.0.25-150400.4.17.1
php8-gmp-8.0.25-150400.4.17.1
php8-gmp-debuginfo-8.0.25-150400.4.17.1
php8-iconv-8.0.25-150400.4.17.1
php8-iconv-debuginfo-8.0.25-150400.4.17.1
php8-intl-8.0.25-150400.4.17.1
php8-intl-debuginfo-8.0.25-150400.4.17.1
php8-ldap-8.0.25-150400.4.17.1
php8-ldap-debuginfo-8.0.25-150400.4.17.1
php8-mbstring-8.0.25-150400.4.17.1
php8-mbstring-debuginfo-8.0.25-150400.4.17.1
php8-mysql-8.0.25-150400.4.17.1
php8-mysql-debuginfo-8.0.25-150400.4.17.1
php8-odbc-8.0.25-150400.4.17.1
php8-odbc-debuginfo-8.0.25-150400.4.17.1
php8-opcache-8.0.25-150400.4.17.1
php8-opcache-debuginfo-8.0.25-150400.4.17.1
php8-openssl-8.0.25-150400.4.17.1
php8-openssl-debuginfo-8.0.25-150400.4.17.1
php8-pcntl-8.0.25-150400.4.17.1
php8-pcntl-debuginfo-8.0.25-150400.4.17.1
php8-pdo-8.0.25-150400.4.17.1
php8-pdo-debuginfo-8.0.25-150400.4.17.1
php8-pgsql-8.0.25-150400.4.17.1
php8-pgsql-debuginfo-8.0.25-150400.4.17.1
php8-phar-8.0.25-150400.4.17.1
php8-phar-debuginfo-8.0.25-150400.4.17.1
php8-posix-8.0.25-150400.4.17.1
php8-posix-debuginfo-8.0.25-150400.4.17.1
php8-readline-8.0.25-150400.4.17.1
php8-readline-debuginfo-8.0.25-150400.4.17.1
php8-shmop-8.0.25-150400.4.17.1
php8-shmop-debuginfo-8.0.25-150400.4.17.1
php8-snmp-8.0.25-150400.4.17.1
php8-snmp-debuginfo-8.0.25-150400.4.17.1
php8-soap-8.0.25-150400.4.17.1
php8-soap-debuginfo-8.0.25-150400.4.17.1
php8-sockets-8.0.25-150400.4.17.1
php8-sockets-debuginfo-8.0.25-150400.4.17.1
php8-sodium-8.0.25-150400.4.17.1
php8-sodium-debuginfo-8.0.25-150400.4.17.1
php8-sqlite-8.0.25-150400.4.17.1
php8-sqlite-debuginfo-8.0.25-150400.4.17.1
php8-sysvmsg-8.0.25-150400.4.17.1
php8-sysvmsg-debuginfo-8.0.25-150400.4.17.1
php8-sysvsem-8.0.25-150400.4.17.1
php8-sysvsem-debuginfo-8.0.25-150400.4.17.1
php8-sysvshm-8.0.25-150400.4.17.1
php8-sysvshm-debuginfo-8.0.25-150400.4.17.1
php8-test-8.0.25-150400.4.17.1
php8-tidy-8.0.25-150400.4.17.1
php8-tidy-debuginfo-8.0.25-150400.4.17.1
php8-tokenizer-8.0.25-150400.4.17.1
php8-tokenizer-debuginfo-8.0.25-150400.4.17.1
php8-xmlreader-8.0.25-150400.4.17.1
php8-xmlreader-debuginfo-8.0.25-150400.4.17.1
php8-xmlwriter-8.0.25-150400.4.17.1
php8-xmlwriter-debuginfo-8.0.25-150400.4.17.1
php8-xsl-8.0.25-150400.4.17.1
php8-xsl-debuginfo-8.0.25-150400.4.17.1
php8-zip-8.0.25-150400.4.17.1
php8-zip-debuginfo-8.0.25-150400.4.17.1
php8-zlib-8.0.25-150400.4.17.1
php8-zlib-debuginfo-8.0.25-150400.4.17.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php8-8.0.25-150400.4.17.1
apache2-mod_php8-debuginfo-8.0.25-150400.4.17.1
apache2-mod_php8-debugsource-8.0.25-150400.4.17.1
php8-8.0.25-150400.4.17.1
php8-bcmath-8.0.25-150400.4.17.1
php8-bcmath-debuginfo-8.0.25-150400.4.17.1
php8-bz2-8.0.25-150400.4.17.1
php8-bz2-debuginfo-8.0.25-150400.4.17.1
php8-calendar-8.0.25-150400.4.17.1
php8-calendar-debuginfo-8.0.25-150400.4.17.1
php8-cli-8.0.25-150400.4.17.1
php8-cli-debuginfo-8.0.25-150400.4.17.1
php8-ctype-8.0.25-150400.4.17.1
php8-ctype-debuginfo-8.0.25-150400.4.17.1
php8-curl-8.0.25-150400.4.17.1
php8-curl-debuginfo-8.0.25-150400.4.17.1
php8-dba-8.0.25-150400.4.17.1
php8-dba-debuginfo-8.0.25-150400.4.17.1
php8-debuginfo-8.0.25-150400.4.17.1
php8-debugsource-8.0.25-150400.4.17.1
php8-devel-8.0.25-150400.4.17.1
php8-dom-8.0.25-150400.4.17.1
php8-dom-debuginfo-8.0.25-150400.4.17.1
php8-embed-8.0.25-150400.4.17.1
php8-embed-debuginfo-8.0.25-150400.4.17.1
php8-embed-debugsource-8.0.25-150400.4.17.1
php8-enchant-8.0.25-150400.4.17.1
php8-enchant-debuginfo-8.0.25-150400.4.17.1
php8-exif-8.0.25-150400.4.17.1
php8-exif-debuginfo-8.0.25-150400.4.17.1
php8-fastcgi-8.0.25-150400.4.17.1
php8-fastcgi-debuginfo-8.0.25-150400.4.17.1
php8-fastcgi-debugsource-8.0.25-150400.4.17.1
php8-fileinfo-8.0.25-150400.4.17.1
php8-fileinfo-debuginfo-8.0.25-150400.4.17.1
php8-fpm-8.0.25-150400.4.17.1
php8-fpm-debuginfo-8.0.25-150400.4.17.1
php8-fpm-debugsource-8.0.25-150400.4.17.1
php8-ftp-8.0.25-150400.4.17.1
php8-ftp-debuginfo-8.0.25-150400.4.17.1
php8-gd-8.0.25-150400.4.17.1
php8-gd-debuginfo-8.0.25-150400.4.17.1
php8-gettext-8.0.25-150400.4.17.1
php8-gettext-debuginfo-8.0.25-150400.4.17.1
php8-gmp-8.0.25-150400.4.17.1
php8-gmp-debuginfo-8.0.25-150400.4.17.1
php8-iconv-8.0.25-150400.4.17.1
php8-iconv-debuginfo-8.0.25-150400.4.17.1
php8-intl-8.0.25-150400.4.17.1
php8-intl-debuginfo-8.0.25-150400.4.17.1
php8-ldap-8.0.25-150400.4.17.1
php8-ldap-debuginfo-8.0.25-150400.4.17.1
php8-mbstring-8.0.25-150400.4.17.1
php8-mbstring-debuginfo-8.0.25-150400.4.17.1
php8-mysql-8.0.25-150400.4.17.1
php8-mysql-debuginfo-8.0.25-150400.4.17.1
php8-odbc-8.0.25-150400.4.17.1
php8-odbc-debuginfo-8.0.25-150400.4.17.1
php8-opcache-8.0.25-150400.4.17.1
php8-opcache-debuginfo-8.0.25-150400.4.17.1
php8-openssl-8.0.25-150400.4.17.1
php8-openssl-debuginfo-8.0.25-150400.4.17.1
php8-pcntl-8.0.25-150400.4.17.1
php8-pcntl-debuginfo-8.0.25-150400.4.17.1
php8-pdo-8.0.25-150400.4.17.1
php8-pdo-debuginfo-8.0.25-150400.4.17.1
php8-pgsql-8.0.25-150400.4.17.1
php8-pgsql-debuginfo-8.0.25-150400.4.17.1
php8-phar-8.0.25-150400.4.17.1
php8-phar-debuginfo-8.0.25-150400.4.17.1
php8-posix-8.0.25-150400.4.17.1
php8-posix-debuginfo-8.0.25-150400.4.17.1
php8-readline-8.0.25-150400.4.17.1
php8-readline-debuginfo-8.0.25-150400.4.17.1
php8-shmop-8.0.25-150400.4.17.1
php8-shmop-debuginfo-8.0.25-150400.4.17.1
php8-snmp-8.0.25-150400.4.17.1
php8-snmp-debuginfo-8.0.25-150400.4.17.1
php8-soap-8.0.25-150400.4.17.1
php8-soap-debuginfo-8.0.25-150400.4.17.1
php8-sockets-8.0.25-150400.4.17.1
php8-sockets-debuginfo-8.0.25-150400.4.17.1
php8-sodium-8.0.25-150400.4.17.1
php8-sodium-debuginfo-8.0.25-150400.4.17.1
php8-sqlite-8.0.25-150400.4.17.1
php8-sqlite-debuginfo-8.0.25-150400.4.17.1
php8-sysvmsg-8.0.25-150400.4.17.1
php8-sysvmsg-debuginfo-8.0.25-150400.4.17.1
php8-sysvsem-8.0.25-150400.4.17.1
php8-sysvsem-debuginfo-8.0.25-150400.4.17.1
php8-sysvshm-8.0.25-150400.4.17.1
php8-sysvshm-debuginfo-8.0.25-150400.4.17.1
php8-test-8.0.25-150400.4.17.1
php8-tidy-8.0.25-150400.4.17.1
php8-tidy-debuginfo-8.0.25-150400.4.17.1
php8-tokenizer-8.0.25-150400.4.17.1
php8-tokenizer-debuginfo-8.0.25-150400.4.17.1
php8-xmlreader-8.0.25-150400.4.17.1
php8-xmlreader-debuginfo-8.0.25-150400.4.17.1
php8-xmlwriter-8.0.25-150400.4.17.1
php8-xmlwriter-debuginfo-8.0.25-150400.4.17.1
php8-xsl-8.0.25-150400.4.17.1
php8-xsl-debuginfo-8.0.25-150400.4.17.1
php8-zip-8.0.25-150400.4.17.1
php8-zip-debuginfo-8.0.25-150400.4.17.1
php8-zlib-8.0.25-150400.4.17.1
php8-zlib-debuginfo-8.0.25-150400.4.17.1
References:
https://www.suse.com/security/cve/CVE-2022-31630.html
https://www.suse.com/security/cve/CVE-2022-37454.html
https://bugzilla.suse.com/1204577
https://bugzilla.suse.com/1204979
1
0
SUSE-SU-2022:4000-1: Security update for python-Twisted
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for python-Twisted
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4000-1
Rating: low
References: #1204781
Cross-References: CVE-2022-39348
CVSS scores:
CVE-2022-39348 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2022-39348 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Twisted fixes the following issues:
- CVE-2022-39348: Fixed NameVirtualHost Host header injection
(bsc#1204781).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4000=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-4000=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-Twisted-doc-22.2.0-150400.5.7.1
python3-Twisted-22.2.0-150400.5.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
python3-Twisted-22.2.0-150400.5.7.1
References:
https://www.suse.com/security/cve/CVE-2022-39348.html
https://bugzilla.suse.com/1204781
1
0
15 Nov '22
SUSE Security Update: Security update for 389-ds
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3996-1
Rating: low
References: #1194119 #1204493 #1204748 #1205146
Cross-References: CVE-2021-45710
CVSS scores:
CVE-2021-45710 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45710 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has three fixes
is now available.
Description:
This update for 389-ds fixes the following issues:
- CVE-2021-45710: Fixed tokio data race with memory corruption
(bsc#1194119).
- Update to version 2.0.16~git56.d15a0a7:
- Failure to migrate from openldap if pwdPolicyChecker present
(bsc#1205146).
- Resolve issue with checklist post migration when dds is present
(bsc#1204748).
- Improve reliability of migrations from openldap when dynamic directory
services is configured (bsc#1204493).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3996=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-3996=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
389-ds-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-debuginfo-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-debugsource-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-devel-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-snmp-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-snmp-debuginfo-2.0.16~git56.d15a0a7-150400.3.15.1
lib389-2.0.16~git56.d15a0a7-150400.3.15.1
libsvrcore0-2.0.16~git56.d15a0a7-150400.3.15.1
libsvrcore0-debuginfo-2.0.16~git56.d15a0a7-150400.3.15.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
389-ds-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-debuginfo-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-debugsource-2.0.16~git56.d15a0a7-150400.3.15.1
389-ds-devel-2.0.16~git56.d15a0a7-150400.3.15.1
lib389-2.0.16~git56.d15a0a7-150400.3.15.1
libsvrcore0-2.0.16~git56.d15a0a7-150400.3.15.1
libsvrcore0-debuginfo-2.0.16~git56.d15a0a7-150400.3.15.1
References:
https://www.suse.com/security/cve/CVE-2021-45710.html
https://bugzilla.suse.com/1194119
https://bugzilla.suse.com/1204493
https://bugzilla.suse.com/1204748
https://bugzilla.suse.com/1205146
1
0
SUSE-SU-2022:3998-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3998-1
Rating: important
References: #1065729 #1071995 #1152472 #1152489 #1188238
#1194869 #1196018 #1196632 #1199904 #1200567
#1200692 #1200788 #1202187 #1202686 #1202700
#1202914 #1203098 #1203229 #1203290 #1203435
#1203514 #1203699 #1203701 #1203767 #1203770
#1203802 #1203922 #1203979 #1204017 #1204051
#1204059 #1204060 #1204125 #1204142 #1204166
#1204168 #1204171 #1204241 #1204353 #1204354
#1204355 #1204402 #1204413 #1204415 #1204417
#1204428 #1204431 #1204439 #1204470 #1204479
#1204498 #1204533 #1204569 #1204574 #1204575
#1204619 #1204635 #1204637 #1204646 #1204647
#1204650 #1204653 #1204693 #1204705 #1204719
#1204728 #1204753 #1204868 #1204926 #1204933
#1204934 #1204947 #1204957 #1204963 #1204970
PED-1082 PED-1084 PED-1085 PED-1096 PED-1211
PED-1649 PED-634 PED-676 PED-678 PED-679
PED-707 PED-732 PED-813 PED-817 PED-822 PED-825
PED-833 PED-842 PED-846 PED-850 PED-851 PED-856
PED-857 SLE-13847 SLE-9246
Cross-References: CVE-2022-1882 CVE-2022-2153 CVE-2022-28748
CVE-2022-2964 CVE-2022-2978 CVE-2022-3169
CVE-2022-33981 CVE-2022-3424 CVE-2022-3435
CVE-2022-3521 CVE-2022-3524 CVE-2022-3526
CVE-2022-3535 CVE-2022-3542 CVE-2022-3545
CVE-2022-3565 CVE-2022-3577 CVE-2022-3586
CVE-2022-3594 CVE-2022-3619 CVE-2022-3621
CVE-2022-3625 CVE-2022-3628 CVE-2022-3629
CVE-2022-3633 CVE-2022-3640 CVE-2022-3646
CVE-2022-3649 CVE-2022-40476 CVE-2022-40768
CVE-2022-41674 CVE-2022-42703 CVE-2022-42719
CVE-2022-42720 CVE-2022-42721 CVE-2022-42722
CVE-2022-43750
CVSS scores:
CVE-2022-1882 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1882 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3169 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3169 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-33981 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-33981 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3435 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-3435 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3526 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3526 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3619 (NVD) : 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3619 (SUSE): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3628 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3633 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3633 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-40476 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40476 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40768 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-40768 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-41674 (NVD) : 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-41674 (SUSE): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42721 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42721 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42722 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42722 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 37 vulnerabilities, contains 25
features and has 38 fixes is now available.
Description:
The SUSE Linux Enterprise 15-SP4 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-1882: Fixed a use-after-free flaw in free_pipe_info() that
could allow a local user to crash or potentially escalate their
privileges on the system (bsc#1199904).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an
unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in
ax88179_178a devices (bnc#1202686 bsc#1196018).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3169: Fixed a denial of service flaw which occurs when
consecutive requests to NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET
are sent (bnc#1203290).
- CVE-2022-33981: Fixed a use-after-free in floppy driver (bnc#1200692).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
gru_fault() and gru_handle_user_call_os() that could lead to kernel
panic (bsc#1204166).
- CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file
net/ipv4/fib_semantics.c (bsc#1204171).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in
net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
handler (bnc#1204354).
- CVE-2022-3526: Fixed a memory leak in macvlan_handle_frame() from
drivers/net/macvlan.c (bnc#1204353).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in
drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
driver that could lead to local privilege escalation or DoS
(bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
allow a local unprivileged user to cause a denial of service
(bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in
drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3619: Fixed memory leak in l2cap_recv_acldata() in
net/bluetooth/l2cap_core.c of the component (bnc#1204569).
- CVE-2022-3621: Fixed null pointer dereference in
nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in
devlink_param_set()/devlink_param_get() in net/core/devlink.c
(bnc#1204637).
- CVE-2022-3628: Fixed potential buffer overflow in
brcmf_fweh_event_worker() in wifi/brcmfmac (bsc#1204868).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in
net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3633: Fixed memory leak in j1939_session_destroy() in
net/can/j1939/transport.c (bnc#1204650).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-40476: Fixed a null pointer dereference in fs/io_uring.c
(bnc#1203435).
- CVE-2022-40768: Fixed information leak in the scsi driver which allowed
local users to obtain sensitive information from kernel memory
(bnc#1203514).
- CVE-2022-41674: Fixed a DoS issue where kernel can crash on the
reception of specific WiFi Frames (bsc#1203770).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
anon_vma double reuse (bnc#1204168).
- CVE-2022-42719: Fixed MBSSID parsing use-after-free. (bsc#1204051)
- CVE-2022-42720: Fixed BSS refcounting bugs. (bsc#1204059)
- CVE-2022-42721: Avoid nontransmitted BSS list corruption. (bsc#1204060)
- CVE-2022-42722: Fixed crash in beacon protection for P2P-device.
(bsc#1204125)
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
(git-fixes).
- ACPI: HMAT: Release platform device in case of
platform_device_add_data() fails (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- ACPI: tables: FPDT: Do not call acpi_os_map_memory() on invalid phys
address (git-fixes).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- ACPI: video: Make backlight class device registration a separate step
(v2) (git-fixes).
- ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for StorageD3Enable
(git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
(git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
(git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
- ALSA: hda/cs_dsp_ctl: Fix mutex inversion when creating controls
(bsc#1203699).
- ALSA: hda/hdmi: Do not skip notification handling during PM operation
(git-fixes).
- ALSA: hda/hdmi: Fix the converter allocation for the silent stream
(git-fixes).
- ALSA: hda/hdmi: Fix the converter reuse for the silent stream
(git-fixes).
- ALSA: hda/hdmi: change type for the 'assigned' variable (git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
(git-fixes).
- ALSA: hda/realtek: Add another HP ZBook G9 model quirks (bsc#1203699).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
(bsc#1203922).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
(git-fixes).
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: hda: cs35l41: Remove suspend/resume hda hooks (bsc#1203699).
- ALSA: hda: cs35l41: Support System Suspend (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before
reading/writing controls (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Minor clean and redundant code removal
(bsc#1203699).
- ALSA: hiface: fix repeated words in comments (git-fixes).
- ALSA: line6: Replace sprintf() with sysfs_emit() (git-fixes).
- ALSA: line6: remove line6_set_raw declaration (git-fixes).
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 8Pre support (git-fixes).
- ALSA: scarlett2: Add support for the internal "standalone" switch
(git-fixes).
- ALSA: scarlett2: Split scarlett2_config_items[] into 3 sections
(git-fixes).
- ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos
(git-fixes).
- ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support (git-fixes).
- ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600 (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- ALSA: usb-audio: Fix last interface check for registration (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ALSA: usb-audio: Fix regression with Dell Dock jack detection
(bsc#1204719).
- ALSA: usb-audio: Register card at the last interface (git-fixes).
- ALSA: usb-audio: make read-only array marker static const (git-fixes).
- ALSA: usb-audio: remove redundant assignment to variable c (git-fixes).
- ALSA: usb-audio: scarlett2: Use struct_size() helper in scarlett2_usb()
(git-fixes).
- ALSA: usb/6fire: fix repeated words in comments (git-fixes).
- ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
(git-fixes).
- ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes).
- ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE (git-fixes).
- ARM: Drop CMDLINE_* dependency on ATAGS (git-fixes).
- ARM: decompressor: Include .data.rel.ro.local (git-fixes).
- ARM: defconfig: clean up multi_v4t and multi_v5 configs (git-fixes).
- ARM: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes).
- ARM: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes).
- ARM: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes).
- ARM: dts: armada-38x: Add gpio-ranges for pin muxing (git-fixes).
- ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
(git-fixes).
- ARM: dts: exynos: fix polarity of VBUS GPIO of Origen (git-fixes).
- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
(git-fixes).
- ARM: dts: imx6dl: add missing properties for sram (git-fixes).
- ARM: dts: imx6q: add missing properties for sram (git-fixes).
- ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset
(git-fixes).
- ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus (git-fixes).
- ARM: dts: imx6qp: add missing properties for sram (git-fixes).
- ARM: dts: imx6sl: add missing properties for sram (git-fixes).
- ARM: dts: imx6sll: add missing properties for sram (git-fixes).
- ARM: dts: imx6sx: add missing properties for sram (git-fixes).
- ARM: dts: imx7d-sdb: config the max pressure for tsc2046 (git-fixes).
- ARM: dts: integrator: Tag PCI host with device_type (git-fixes).
- ARM: dts: kirkwood: lsxl: fix serial line (git-fixes).
- ARM: dts: kirkwood: lsxl: remove first ethernet port (git-fixes).
- ARM: dts: turris-omnia: Add label for wan port (git-fixes).
- ARM: dts: turris-omnia: Fix mpp26 pin name and comment (git-fixes).
- ASoC: SOF: pci: Change DMI match info to support all Chrome platforms
(git-fixes).
- ASoC: codecs: tx-macro: fix kcontrol put (git-fixes).
- ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
(git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
(git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6359: fix tests for platform_get_irq() failure (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
(git-fixes).
- ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
(git-fixes).
- ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile (git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: tas2764: Allow mono streams (git-fixes).
- ASoC: tas2764: Drop conflicting set_bias_level power setting (git-fixes).
- ASoC: tas2764: Fix mute/unmute (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- ASoC: wm_adsp: Handle optional legacy support (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
(git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
(git-fixes).
- Bluetooth: RFCOMM: Fix possible deadlock on socket shutdown/release
(git-fixes).
- Bluetooth: btintel: Mark Intel controller to support LE_STATES quirk
(git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
(git-fixes).
- Bluetooth: virtio_bt: Use skb_put to set length (git-fixes).
- Documentation: devres: add missing I2C helper (git-fixes).
- Drivers: hv: vmbus: Fix handling of messages with transaction ID of zero
(bsc#1204017).
- Drivers: hv: vmbus: Introduce vmbus_request_addr_match() (bsc#1204017).
- Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() (bsc#1204017).
- Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017).
- Drop verbose nvme logging feature (bsc#1200567).
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- IB/core: Fix a nested dead lock as part of ODP flow (git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs
(git-fixes)
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: synaptics-rmi4 - fix firmware update operations with bootloader
v8 (git-fixes).
- Input: xpad - add supported devices as contributed on github (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend
(git-fixes).
- KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors (git-fixes).
- KVM: VMX: Inject #PF on ENCLS as "emulated" #PF (git-fixes).
- KVM: fix avic_set_running for preemptable kernels (git-fixes).
- KVM: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in WFS
(git-fixes).
- KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
(git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- KVM: s390: pv: do not present the ecall interrupt twice (bsc#1203229
LTC#199905).
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: x86/emulator: Fix handing of POP SS to correctly set
interruptibility (git-fixes).
- KVM: x86/mmu: Do not advance iterator after restart due to yielding
(git-fixes).
- KVM: x86/mmu: Retry page fault if root is invalidated by memslot update
(git-fixes).
- KVM: x86/pmu: Add pmc->intr to refactor kvm_perf_overflow{_intr}()
(git-fixes).
- KVM: x86/pmu: Do not truncate the PerfEvtSeln MSR when creating a perf
event (git-fixes).
- KVM: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES event
(git-fixes).
- KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
(git-fixes).
- KVM: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes).
- KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER (git-fixes).
- KVM: x86: Always set kvm_run->if_flag (git-fixes).
- KVM: x86: Forcibly leave nested virt when SMM state is toggled
(git-fixes).
- KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled
(git-fixes).
- KVM: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes).
- KVM: x86: Register perf callbacks after calling vendor's
hardware_setup() (git-fixes).
- KVM: x86: Sync the states size with the XCR0/IA32_XSS at, any time
(git-fixes).
- KVM: x86: Update vPMCs when retiring branch instructions (git-fixes).
- KVM: x86: Update vPMCs when retiring instructions (git-fixes).
- KVM: x86: do not report preemption if the steal time cache is stale
(git-fixes).
- KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which is a
result of RSM (git-fixes).
- KVM: x86: nSVM: fix potential NULL derefernce on nested migration
(git-fixes).
- KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved state
(git-fixes).
- NFS: Fix another fsync() issue after a server reboot (git-fixes).
- NFSv4: Fixes for nfs4_inode_return_delegation() (git-fixes).
- PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
- PCI/ASPM: Ignore L1 PM Substates if device lacks capability (git-fixes).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
(git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
(git-fixes).
- PCI: hv: Fix synchronization between channel callback and
hv_compose_msi_msg() (bsc#1204017).
- PCI: hv: Fix synchronization between channel callback and
hv_pci_bus_exit() (bsc#1204017).
- PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus
hardening (bsc#1204017).
- PCI: mediatek-gen3: Change driver name to mtk-pcie-gen3 (git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states
(git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- RDMA/hfi1: Fix potential integer multiplication overflow errors
(git-fixes)
- RDMA/hns: Add the detection for CMDQ status in the device initialization
process (git-fixes)
- RDMA/irdma: Add support for address handle re-use (git-fixes)
- RDMA/irdma: Align AE id codes to correct flush code and event (git-fixes)
- RDMA/irdma: Do not advertise 1GB page size for x722 (git-fixes)
- RDMA/irdma: Fix VLAN connection with wildcard address (git-fixes)
- RDMA/irdma: Fix a window for use-after-free (git-fixes)
- RDMA/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes)
- RDMA/irdma: Fix sleep from invalid context BUG (git-fixes)
- RDMA/irdma: Move union irdma_sockaddr to header file (git-fixes)
- RDMA/irdma: Remove the unnecessary variable saddr (git-fixes)
- RDMA/irdma: Report RNR NAK generation in device caps (git-fixes)
- RDMA/irdma: Report the correct max cqes from query device (git-fixes)
- RDMA/irdma: Return correct WC error for bind operation failure
(git-fixes)
- RDMA/irdma: Return error on MR deregister CQP failure (git-fixes)
- RDMA/irdma: Use net_type to check network type (git-fixes)
- RDMA/irdma: Validate udata inlen and outlen (git-fixes)
- RDMA/mlx5: Add missing check for return value in get namespace flow
(git-fixes)
- RDMA/mlx5: Do not compare mkey tags in DEVX indirect mkey (git-fixes)
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
- RDMA/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes)
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- RDMA/rxe: Fix mw bind to allow any consumer key portion (git-fixes)
- RDMA/rxe: Fix resize_finish() in rxe_queue.c (git-fixes)
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- RDMA/rxe: For invalidate compare according to set keys in mr (git-fixes)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode
(git-fixes)
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
(git-fixes)
- RDMA/siw: Fix QP destroy to wait for all references dropped. (git-fixes)
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
(git-fixes)
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- RDMA/srp: Fix srp_abort() (git-fixes)
- RDMA/srp: Handle dev_set_name() failure (git-fixes)
- RDMA/srp: Rework the srp_add_port() error path (git-fixes)
- RDMA/srp: Set scmnd->result only when scmnd is not NULL (git-fixes)
- RDMA/srp: Support more than 255 rdma ports (git-fixes)
- RDMA/srp: Use the attribute group mechanism for sysfs attributes
(git-fixes)
- RDMA/srpt: Duplicate port name members (git-fixes)
- RDMA/srpt: Fix a use-after-free (git-fixes)
- RDMA/srpt: Introduce a reference count in struct srpt_device (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- Revert "workqueue: remove unused cancel_work()" (bsc#1204933).
- arm64/bti: Disable in kernel BTI when cross section thunks are broken
(git-fixes)
- arm64/mm: Consolidate TCR_EL1 fields (git-fixes).
- arm64: dts: imx8: correct clock order (git-fixes).
- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to USB nodes
(git-fixes).
- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power supply
(git-fixes).
- arm64: dts: juno: Add thermal critical trip points (git-fixes).
- arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers
(git-fixes).
- arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers
(git-fixes).
- arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers
(git-fixes).
- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes).
- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes).
- arm64: entry: avoid kprobe recursion (git-fixes).
- arm64: ftrace: fix module PLTs with mcount (git-fixes).
- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored
(git-fixes).
- arm64: topology: move store_cpu_topology() to shared code (git-fixes).
- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes).
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
(git-fixes).
- ata: pata_legacy: fix pdc20230_set_piomode() (git-fixes).
- bnxt_en: Fix bnxt_refclk_read() (git-fixes).
- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes).
- bnxt_en: fix livepatch query (git-fixes).
- bnxt_en: reclaim max resources if sriov enable fails (git-fixes).
- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes).
- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (git-fixes).
- build mlx in arm64/azure as modules again (bsc#1203701) There is little
gain by having the drivers built into the kernel. Having them as modules
allows easy replacement by third party drivers. Change mlx4, mlx5 and
mlxfw from built-in to module.
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: j1939: transport: j1939_session_skb_drop_old():
spin_unlock_irqrestore() before kfree_skb() (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
(git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
(git-fixes).
- can: kvaser_usb: replace run-time checks with struct
kvaser_usb_driver_info (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in
error path (git-fixes).
- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness
conversion (git-fixes).
- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct length to
read dev_id (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: ast2600: BCLK comes from EPLL (git-fixes).
- clk: at91: fix the build with binutils 2.27 (git-fixes).
- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes).
- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
(git-fixes).
- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: Round UART input clock up (bsc#1188238)
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
(git-fixes).
- clk: bcm: rpi: Add support for VEC clock (bsc#1196632)
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: imx: scu: fix memleak on platform_device_add() fails (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
(git-fixes).
- clk: meson: Hold reference returned by of_get_parent() (git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
(git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
(git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: sprd: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
(git-fixes).
- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD (git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
(git-fixes).
- cpufreq: qcom: fix memory leak in error path (git-fixes).
- cpufreq: qcom: fix writes in read-only memory region (git-fixes).
- crypto: akcipher - default implementation for setting a private key
(git-fixes).
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
(git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- crypto: inside-secure - Change swab to swab32 (git-fixes).
- crypto: inside-secure - Replace generic aes with libaes (git-fixes).
- crypto: marvell/octeontx - prevent integer overflows (git-fixes).
- crypto: qat - fix default value of WDT timer (git-fixes).
- crypto: sahara - do not sleep when in softirq (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: hisilicon: Add multi-thread support for a DMA channel
(git-fixes).
- dmaengine: hisilicon: Disable channels when unregister hisi_dma
(git-fixes).
- dmaengine: hisilicon: Fix CQ head update (git-fixes).
- dmaengine: idxd: change bandwidth token to read buffers (jsc#PED-679).
- dmaengine: idxd: deprecate token sysfs attributes for read buffers
(jsc#PED-679).
- dmaengine: idxd: force wq context cleanup on device disable path
(git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
__cleanup() (git-fixes).
- dmaengine: mxs: use platform_driver_register (git-fixes).
- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent
overflow (git-fixes).
- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
(git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
(git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- dpaa2-eth: trace the allocated address instead of page struct
(git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amd/display: Assume an LTTPR is always present on fixed_vs links
(git-fixes).
- drm/amd/display: Changed pipe split policy to allow for multi-display
(bsc#1152472) Backporting notes: * remove changes to non-existing 201
and 31 directories
- drm/amd/display: Correct MPC split policy for DCN301 (git-fixes).
- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n (git-fixes).
- drm/amd/display: Fix double cursor on non-video RGB MPO (git-fixes).
- drm/amd/display: Fix vblank refcount in vrr transition (git-fixes).
- drm/amd/display: Remove interface for periodic interrupt 1 (git-fixes).
- drm/amd/display: skip audio setup when audio stream is enabled
(git-fixes).
- drm/amd/display: update gamut remap if plane has changed (git-fixes).
- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in
'performance_levels' (git-fixes).
- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes).
- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes).
- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well
(bsc#1152472)
- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472)
- drm/amdgpu: add missing pci_disable_device() in
amdgpu_pmops_runtime_resume() (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes).
- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/dp: Reset frl trained flag before restarting FRL training
(git-fixes).
- drm/i915/ehl: Update MOCS table for EHL (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915
(bsc#1152489)
- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes).
- drm/komeda: Fix handling of atomic commit in the atomic_commit_tail hook
(git-fixes).
- drm/meson: explicitly remove aggregate driver at module unload time
(git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dp: Silence inconsistent indent warning (git-fixes).
- drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa()
(git-fixes).
- drm/msm/dp: fix IRQ lifetime (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/msm: fix use-after-free on probe deferral (git-fixes).
- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
(git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
(git-fixes).
- drm/nouveau: wait for the exclusive fence after the shared ones v2
(bsc#1152472)
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/virtio: Check whether transferred 2D BO is shmem (git-fixes).
- drm/virtio: Unlock reservations on virtio_gpu_object_shmem_init() error
(git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
(git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
(git-fixes).
- drm: bridge: dw_hdmi: only trigger hotplug event on link change
(git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
for_each_available_child_of_node() (git-fixes).
- dt-bindings: PCI: microchip,pcie-host: fix missing clocks properties
(git-fixes).
- dt-bindings: PCI: microchip,pcie-host: fix missing dma-ranges
(git-fixes).
- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property (git-fixes).
- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table
(git-fixes).
- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table
(git-fixes).
- dt-bindings: mtd: intel: lgm-nand: Fix compatible string (git-fixes).
- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value
(git-fixes).
- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells property
(git-fixes).
- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property (git-fixes).
- dt-bindings: power: gpcv2: add power-domains property (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: fix static_branch manipulation (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi/tpm: Pass correct address to memblock_reserve (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- fec: Fix timer capture timing in `fec_ptp_enable_pps()` (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: arm_scmi: Harden accesses to the sensor domains (git-fixes).
- firmware: arm_scmi: Improve checks in the info_get operations
(git-fixes).
- firmware: arm_scmi: Make Rx chan_setup fail on memory errors (git-fixes).
- firmware: arm_scmi: Suppress the driver's bind attributes (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups
(git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
(git-fixes).
- fs/binfmt_elf: Fix memory leak in load_elf_binary() (git-fixes).
- ftrace: Fix char print issue in print_ip_ins() (git-fixes).
- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
- fuse: fix deadlock between atomic O_TRUNC and page invalidation
(bsc#1204533).
- gcov: support GCC 12.1 and newer compilers (git-fixes).
- gpu: lontium-lt9611: Fix NULL pointer dereference in
lt9611_connector_init() (git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
hidpp_connect_event (git-fixes).
- hinic: Avoid some over memory allocation (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- hwmon: (sht4x) do not overflow clamping operation on 32-bit platforms
(git-fixes).
- i2c: designware: Fix handling of real but unexpected device interrupts
(git-fixes).
- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634).
- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732).
- i2c: i801: Add support for Intel Raptor Lake PCH-S (jsc#PED-634).
- i2c: i801: Improve handling of chip-specific feature definitions
(jsc#PED-634).
- i2c: piix4: Fix adapter not be removed in piix4_remove() (git-fixes).
- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
(git-fixes).
- i40e: Fix call trace in setup_tx_descriptors (git-fixes).
- i40e: Fix dropped jumbo frames statistics (git-fixes).
- i40e: Fix to stop tx_timeout recovery if GLOBR fails (git-fixes).
- iavf: Fix adminq error handling (git-fixes).
- iavf: Fix handling of dummy receive descriptors (git-fixes).
- iavf: Fix reset error handling (git-fixes).
- ice: Fix switchdev rules book keeping (git-fixes).
- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
(git-fixes).
- ice: do not setup vlan for loopback VSI (git-fixes).
- igb: Make DMA faster when CPU is active on the PCIe link (git-fixes).
- igb: fix a use-after-free issue in igb_clean_tx_ring (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI
(git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch
(git-fixes).
- iio: adc: at91-sama5d2_adc: disable/prepare buffer on suspend/resume
(git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
(git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: adxl372: Fix unsafe buffer attributes (git-fixes).
- iio: bmc150-accel-core: Fix unsafe buffer attributes (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: fix return value in devm_of_iio_channel_get_by_name()
(git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: ltc2497: Fix reading conversion results (git-fixes).
- iio: magnetometer: yas530: Change data type of hard_offsets to signed
(git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- iio: temperature: ltc2983: allocate iio channels once (git-fixes).
- ima: fix blocking of security.ima xattrs of unsupported algorithms
(git-fixes).
- increase NR_CPUS on azure and follow kernel-default (bsc#1203979)
- iommu/vt-d: Do not falsely log intel_iommu is unsupported kernel option
(bsc#1204947).
- ip: Fix data-races around sysctl_ip_fwd_update_priority (git-fixes).
- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
(git-fixes).
- isdn: mISDN: netjet: fix wrong check of device registration (git-fixes).
- ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
(git-fixes).
- ixgbe: fix bcast packets Rx on VF after promisc removal (git-fixes).
- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
- kABI: Fix after adding trace_iterator.wait_index (git-fixes).
- kABI: Fix kABI after backport Add pmc->intr to refactor
kvm_perf_overflow{_intr}() (git-fixes).
- kABI: Fix kABI after backport Always set kvm_run->if_flag (git-fixes).
- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state
is toggled (git-fixes).
- kABI: Fix kABI after backport Refactoring find_arch_event() to
pmc_perf_hw_id() (git-fixes).
- kABI: Fix kABI after backport Update vPMCs when retiring branch
instructions (git-fixes).
- kabi/severities: ignore CS35L41-specific exports (bsc#1203699)
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes).
- kernfs: fix use-after-free in __kernfs_remove (git-fixes).
- kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT
(git-fixes).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
(git-fixes).
- livepatch: Add a missing newline character in klp_module_coming()
(bsc#1071995).
- livepatch: fix race between fork and KLP transition (bsc#1071995).
- mISDN: fix possible memory leak in mISDN_register_device() (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- macvlan: enforce a consistent minimal mtu (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- mailbox: mpfs: account for mbox offsets while sending (git-fixes).
- mailbox: mpfs: fix handling of the reg property (git-fixes).
- media: atomisp: prevent integer overflow in sh_css_set_black_frame()
(git-fixes).
- media: cedrus: Fix endless loop in cedrus_h265_skip_bits() (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: ipu3-imgu: Fix NULL pointer dereference in active selection
access (git-fixes).
- media: mceusb: set timeout to at least timeout provided (git-fixes).
- media: meson: vdec: add missing clk_disable_unprepare on error in
vdec_hevc_start() (git-fixes).
- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes).
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes).
- media: v4l2-compat-ioctl32.c: zero buffer passed to
v4l2_compat_get_array_args() (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
(git-fixes).
- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
(git-fixes).
- media: venus: dec: Handle the case where find_format fails (git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
(git-fixes).
- media: vivid: dev->bitmap_cap wasn't freed in all cases (git-fixes).
- media: vivid: s_fbuf: add more sanity checks (git-fixes).
- media: vivid: set num_in/outputs to 0 if not supported (git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
(git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
(git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
(git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
(git-fixes).
- mfd: fsl-imx25: Fix check for platform_get_irq() errors (git-fixes).
- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs (jsc#PED-634).
- mfd: intel_soc_pmic: Fix an error handling path in
intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- misc: pci_endpoint_test: Aggregate params checking for xfer (git-fixes).
- misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic
(git-fixes).
- mlxsw: spectrum: Clear PTP configuration after unregistering the
netdevice (git-fixes).
- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes).
- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication (git-fixes).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
(bsc#1204575).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
(git-fixes).
- mmc: core: Replace with already defined values for readability
(git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit bus
(git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
(git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the
probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes).
- mtd: rawnand: intel: Do not re-define NAND_DATA_IFACE_CHECK_ONLY
(git-fixes).
- mtd: rawnand: intel: Read the chip-select line from the correct OF node
(git-fixes).
- mtd: rawnand: intel: Remove undocumented compatible string (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
(git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
(git-fixes).
- net/dsa/hirschmann: Add missing of_node_get() in hellcreek_led_setup()
(git-fixes).
- net/ice: fix initializing the bitmap in the switch code (git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
(git-fixes).
- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race condition
(git-fixes).
- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded
(git-fixes).
- net/mlx5e: Properly disable vlan strip on non-UL reps (git-fixes).
- net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS
cipher/version (git-fixes).
- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes).
- net/mlx5e: TC, fix decap fallback to uplink when int port not supported
(git-fixes).
- net/mlx5e: Update netdev features after changing XDP state (git-fixes).
- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ size
(git-fixes).
- net: altera: Fix refcount leak in altera_tse_mdio_create (git-fixes).
- net: atlantic: fix aq_vec index out of range error (git-fixes).
- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes).
- net: bgmac: Fix a BUG triggered by wrong bytes_compl (git-fixes).
- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (git-fixes).
- net: bgmac: support MDIO described in DT (git-fixes).
- net: bonding: fix possible NULL deref in rlb code (git-fixes).
- net: bonding: fix use-after-free after 802.3ad slave unbind (git-fixes).
- net: chelsio: cxgb4: Avoid potential negative array offset (git-fixes).
- net: dp83822: disable false carrier interrupt (git-fixes).
- net: dp83822: disable rx error interrupt (git-fixes).
- net: dsa: bcm_sf2: force pause link settings (git-fixes).
- net: dsa: ksz9477: port mirror sniffing limited to one port (git-fixes).
- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
(git-fixes).
- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
(git-fixes).
- net: dsa: microchip: ksz_common: Fix refcount leak bug (git-fixes).
- net: dsa: mv88e6060: prevent crash on an unused port (git-fixes).
- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling an_complete
(git-fixes).
- net: dsa: sja1105: fix buffer overflow in
sja1105_setup_devlink_regions() (git-fixes).
- net: dsa: sja1105: silent spi_device_id warnings (git-fixes).
- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings (git-fixes).
- net: ethernet: bgmac: Fix refcount leak in bcma_mdio_mii_register
(git-fixes).
- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence
(git-fixes).
- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
(git-fixes).
- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
(git-fixes).
- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes).
- net: ftgmac100: Hold reference returned by of_get_child_by_name()
(git-fixes).
- net: hns3: do not push link state to VF if unalive (git-fixes).
- net: hns3: set port base vlan tbl_sta to false before removing old vlan
(git-fixes).
- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
(git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: ipa: do not assume SMEM is page-aligned (git-fixes).
- net: ipvtap - add __init/__exit annotations to module init/exit funcs
(git-fixes).
- net: moxa: get rid of asymmetry in DMA mapping/unmapping (git-fixes).
- net: moxa: pass pdev instead of ndev to DMA functions (git-fixes).
- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter (git-fixes).
- net: pcs: xpcs: propagate xpcs_read error to xpcs_get_state_c37_sgmii
(git-fixes).
- net: phy: dp83822: disable MDI crossover status change interrupt
(git-fixes).
- net: phy: dp83867: Extend RX strap quirk for SGMII mode (git-fixes).
- net: stmmac: fix dma queue left shift overflow issue (git-fixes).
- net: stmmac: fix leaks in probe (git-fixes).
- net: stmmac: fix pm runtime issue in stmmac_dvr_remove() (git-fixes).
- net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
(git-fixes).
- net: stmmac: remove redunctant disable xPCS EEE call (git-fixes).
- net: sungem_phy: Add of_node_put() for reference returned by
of_get_parent() (git-fixes).
- net: tap: NULL pointer derefence in dev_parse_header_protocol when
skb->dev is null (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: r8152: Add in new Devices that are supported for Mac-Passthru
(git-fixes).
- netdevsim: fib: Fix reference count leak on route deletion failure
(git-fixes).
- nfc: fdp: Fix potential memory leak in fdp_nci_send() (git-fixes).
- nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
(git-fixes).
- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (git-fixes).
- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
(git-fixes).
- nfp: ethtool: fix the display error of `ethtool -m DEVNAME` (git-fixes).
- nvme: do not print verbose errors for internal passthrough requests
(bsc#1202187).
- nvmem: core: Check input parameter for NULL in nvmem_unregister()
(bsc#1204241).
- octeontx2-af: Apply tx nibble fixup always (git-fixes).
- octeontx2-af: Fix key checking for source mac (git-fixes).
- octeontx2-af: Fix mcam entry resource leak (git-fixes).
- octeontx2-af: suppress external profile loading warning (git-fixes).
- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register configuration
(git-fixes).
- octeontx2-pf: Fix UDP/TCP src and dst port tc filters (git-fixes).
- octeontx2-pf: cn10k: Fix egress ratelimit configuration (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: add nf_ct_is_confirmed check before assigning the helper
(git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- overflow.h: restore __ab_c_size (git-fixes).
- overflow: Implement size_t saturating arithmetic helpers (jsc#PED-1211).
- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference returned by
of_get_parent() (git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling
(git-fixes).
- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes).
- pinctrl: alderlake: Add Intel Alder Lake-N pin controller support
(jsc#PED-676).
- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634).
- pinctrl: alderlake: Fix register offsets for ADL-N variant (jsc#PED-676).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
(git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return value
check (git-fixes).
- platform/chrome: cros_ec: Notify the PM of wake events during resume
(git-fixes).
- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure
(git-fixes).
- platform/chrome: cros_ec_typec: Correct alt mode index (git-fixes).
- platform/chrome: fix double-free in chromeos_laptop_prepare()
(git-fixes).
- platform/chrome: fix memory corruption in ioctl (git-fixes).
- platform/x86: asus-wmi: Document the dgpu_disable sysfs attribute
(git-fixes).
- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute
(git-fixes).
- platform/x86: asus-wmi: Document the panel_od sysfs attribute
(git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module
autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering
(git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- plip: avoid rcu debug splat (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
(git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e or radix
(bsc#1204413 ltc#200176).
- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU is not set
(bsc#1204413 ltc#200176).
- powerpc/64s: Make flush_and_reload_slb a no-op when radix is enabled
(bsc#1204413 ltc#200176).
- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176).
- powerpc/64s: Move and rename do_bad_slb_fault as it is not hash specific
(bsc#1204413 ltc#200176).
- powerpc/64s: Move hash MMU support code under CONFIG_PPC_64S_HASH_MMU
(bsc#1204413 ltc#200176).
- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c (bsc#1204413
ltc#200176).
- powerpc/fadump: align destination address to pagesize (bsc#1204728
ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
(jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs()
(bsc#1065729).
- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413
ltc#200176).
- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413
ltc#200176).
- powerpc/pseries: lparcfg do not include slb_size line in radix mode
(bsc#1204413 ltc#200176).
- powerpc: Ignore DSI error caused by the copy/paste instruction
(bsc#1204413 ltc#200176).
- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413
ltc#200176). Update config files.
- powerpc: make memremap_compat_align 64s-only (bsc#1204413 ltc#200176).
- printk: add missing memory barrier to wake_up_klogd() (bsc#1204934).
- printk: use atomic updates for klogd work (bsc#1204934).
- printk: wake waiters for safe and NMI contexts (bsc#1204934).
- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
- regulator: core: Prevent integer underflow (git-fixes).
- remoteproc: imx_rproc: Simplify some error message (git-fixes).
- remove unused CONFIG_MAXSMP from arm64/azure
- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
- ring-buffer: Allow splice to read previous partially read pages
(git-fixes).
- ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
(bsc#1204705).
- ring-buffer: Check pending waiters when doing wake ups as well
(git-fixes).
- ring-buffer: Fix race between reset page and reading page (git-fixes).
- ring-buffer: Have the shortest_full queue be the shortest not longest
(git-fixes).
- rose: Fix NULL pointer dereference in rose_send_frame() (git-fixes).
- rpm/check-for-config-changes: loosen pattern for AS_HAS_* This is needed
to handle CONFIG_AS_HAS_NON_CONST_LEB128.
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
(git-fixes).
- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
(git-fixes).
- s390/smp: enforce lowcore protection on CPU restart (git-fixes).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
(git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
(git-fixes).
- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for transceiver
info (bsc#1204957).
- scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs
(bsc#1204957).
- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
- scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited"
(bsc#1204957).
- scsi: lpfc: Log when congestion management limits are in effect
(bsc#1204957).
- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is turned off
(bsc#1204957).
- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
- scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels (bnc#1204498).
- scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
- scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
(bsc#1204963).
- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914).
- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707).
- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732).
- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
(git-fixes).
- selftests/livepatch: better synchronize test_klp_callbacks_busy
(bsc#1071995).
- selftests/pidfd_test: Remove the erroneous ',' (git-fixes).
- selftests/powerpc: Skip energy_scale_info test on older firmware
(git-fixes).
- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1 (git-fixes).
- selinux: allow FIOCLEX and FIONCLEX with policy capability (git-fixes).
- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in
convert_context() (git-fixes).
- selinux: use "grep -E" instead of "egrep" (git-fixes).
- serial: 8250: Fix restoring termios speed after suspend (git-fixes).
- serial: core: move RS485 configuration tasks from drivers into core
(git-fixes).
- sfc: disable softirqs for ptp TX (git-fixes).
- sfc: fix kernel panic when creating VF (git-fixes).
- sfc: fix use after free when disabling sriov (git-fixes).
- signal: break out of wait loops on kthread_stop() (bsc#1204926).
- slimbus: qcom-ngd: cleanup in probe error path (git-fixes).
- slimbus: qcom-ngd: use correct error in message of pdr_add_lookup()
failure (git-fixes).
- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA (git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
(git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi: sram: Fix probe function ordering issues (git-fixes).
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- soundwire: cadence: Do not overwrite msg->buf during write commands
(git-fixes).
- soundwire: intel: fix error handling on dai registration issues
(git-fixes).
- spi: Ensure that sg_table won't be used after being freed (git-fixes).
- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732).
- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S (jsc#PED-634).
- spmi: pmic-arb: correct duplicate APID to PPID mapping logic (git-fixes).
- spmi: pmic-arb: do not ack and clear peripheral interrupts in
cleanup_irq (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
(git-fixes).
- staging: rtl8723bs: fix potential memory leak in rtw_init_drv_sw()
(git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- stmmac: intel: Add a missing clk_disable_unprepare() call in
intel_eth_pci_remove() (git-fixes).
- stmmac: intel: Fix an error handling path in intel_eth_pci_probe()
(git-fixes).
- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
(git-fixes).
- thermal: cpufreq_cooling: Check the policy first in
cpufreq_cooling_register() (git-fixes).
- thermal: int340x: Mode setting with new OS handshake (jsc#PED-678).
- thermal: int340x: Update OS policy capability handshake (jsc#PED-678).
- thermal: intel_powerclamp: Use first online CPU as control_cpu
(git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
to avoid crash (git-fixes).
- thunderbolt: Add back Intel Falcon Ridge end-to-end flow control
workaround (git-fixes).
- thunderbolt: Add missing device ID to tb_switch_is_alpine_ridge()
(git-fixes).
- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634).
- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes).
- thunderbolt: Explicitly enable lane adapter hotplug events at startup
(git-fixes).
- thunderbolt: Explicitly reset plug events delay back to USB4 spec value
(git-fixes).
- thunderbolt: Fix buffer allocation of devices with no DisplayPort
adapters (git-fixes).
- tracing/osnoise: Fix possible recursive locking in stop_per_cpu_kthreads
(git-fixes).
- tracing: Add "(fault)" name injection to kernel probes (git-fixes).
- tracing: Add ioctl() to force ring buffer waiters to wake up (git-fixes).
- tracing: Disable interrupt or preemption before acquiring
arch_spinlock_t (git-fixes).
- tracing: Do not free snapshot if tracer is on cmdline (git-fixes).
- tracing: Fix reading strings from synthetic events (git-fixes).
- tracing: Move duplicate code of trace_kprobe/eprobe.c into header
(git-fixes).
- tracing: Replace deprecated CPU-hotplug functions (git-fixes).
- tracing: Simplify conditional compilation code in tracing_set_tracer()
(git-fixes).
- tracing: Wake up ring buffer waiters on closing of the file (git-fixes).
- tracing: Wake up waiters when tracing is disabled (git-fixes).
- tracing: kprobe: Fix kprobe event gen test module on exit (git-fixes).
- tracing: kprobe: Make gen test module work in arm and riscv (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
(git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb/hcd: Fix dma_map_sg error check (git-fixes).
- usb: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair
(git-fixes).
- usb: common: debug: Check non-standard control requests (git-fixes).
- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination error after
resume bug (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: ehci: Fix a function name in comments (git-fixes).
- usb: gadget: bdc: fix typo in comment (git-fixes).
- usb: gadget: f_fs: stricter integer overflow checks (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c
(git-fixes).
- usb: host: xhci-plat: suspend and resume clocks (git-fixes).
- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
(git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: mtu3: fix failed runtime suspend in host only mode (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- usb: serial: console: move mutex_unlock() before usb_serial_put()
(git-fixes).
- usb: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- usb: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- usb: typec: tcpm: fix typo in comment (git-fixes).
- usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96
controller (git-fixes).
- virt: vbox: convert to use dev_groups (git-fixes).
- vsock: fix possible infinite sleep in vsock_connectible_wait_data()
(git-fixes).
- vsock: remove the unused 'wait' in vsock_connectible_recvmsg()
(git-fixes).
- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
(git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
(git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level
(git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
(git-fixes).
- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes).
- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of small
packets (git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(other cases) (git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
fast-rx (git-fixes).
- wifi: mac80211: fix decap offload for stations on AP_VLAN interfaces
(git-fixes).
- wifi: mac80211: fix probe req HE capabilities access (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up hw value
(git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() (git-fixes).
- x86/boot: Do not propagate uninitialized boot_params->cc_blob_address
(bsc#1204970).
- x86/boot: Fix the setup data types max limit (bsc#1204970).
- x86/compressed/64: Add identity mappings for setup_data entries
(bsc#1204970).
- x86/sev: Annotate stack change in the #VC handler (bsc#1204970).
- x86/sev: Do not use cc_platform_has() for early SEV-SNP calls
(bsc#1204970).
- x86/sev: Remove duplicated assignment to variable info (bsc#1204970).
- xen/gntdev: Prevent leaking grants (git-fixes).
- xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later
devices (git-fixes).
- xhci: Add quirk to reset host back to default state at shutdown
(git-fixes).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
- xhci: Remove device endpoints from bandwidth list when freeing the
device (git-fixes).
- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3998=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-3998=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-azure-5.14.21-150400.14.21.2
cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.21.2
dlm-kmp-azure-5.14.21-150400.14.21.2
dlm-kmp-azure-debuginfo-5.14.21-150400.14.21.2
gfs2-kmp-azure-5.14.21-150400.14.21.2
gfs2-kmp-azure-debuginfo-5.14.21-150400.14.21.2
kernel-azure-5.14.21-150400.14.21.2
kernel-azure-debuginfo-5.14.21-150400.14.21.2
kernel-azure-debugsource-5.14.21-150400.14.21.2
kernel-azure-devel-5.14.21-150400.14.21.2
kernel-azure-devel-debuginfo-5.14.21-150400.14.21.2
kernel-azure-extra-5.14.21-150400.14.21.2
kernel-azure-extra-debuginfo-5.14.21-150400.14.21.2
kernel-azure-livepatch-devel-5.14.21-150400.14.21.2
kernel-azure-optional-5.14.21-150400.14.21.2
kernel-azure-optional-debuginfo-5.14.21-150400.14.21.2
kernel-syms-azure-5.14.21-150400.14.21.1
kselftests-kmp-azure-5.14.21-150400.14.21.2
kselftests-kmp-azure-debuginfo-5.14.21-150400.14.21.2
ocfs2-kmp-azure-5.14.21-150400.14.21.2
ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.21.2
reiserfs-kmp-azure-5.14.21-150400.14.21.2
reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.21.2
- openSUSE Leap 15.4 (noarch):
kernel-devel-azure-5.14.21-150400.14.21.1
kernel-source-azure-5.14.21-150400.14.21.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 x86_64):
kernel-azure-5.14.21-150400.14.21.2
kernel-azure-debuginfo-5.14.21-150400.14.21.2
kernel-azure-debugsource-5.14.21-150400.14.21.2
kernel-azure-devel-5.14.21-150400.14.21.2
kernel-azure-devel-debuginfo-5.14.21-150400.14.21.2
kernel-syms-azure-5.14.21-150400.14.21.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (noarch):
kernel-devel-azure-5.14.21-150400.14.21.1
kernel-source-azure-5.14.21-150400.14.21.1
References:
https://www.suse.com/security/cve/CVE-2022-1882.html
https://www.suse.com/security/cve/CVE-2022-2153.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-2964.html
https://www.suse.com/security/cve/CVE-2022-2978.html
https://www.suse.com/security/cve/CVE-2022-3169.html
https://www.suse.com/security/cve/CVE-2022-33981.html
https://www.suse.com/security/cve/CVE-2022-3424.html
https://www.suse.com/security/cve/CVE-2022-3435.html
https://www.suse.com/security/cve/CVE-2022-3521.html
https://www.suse.com/security/cve/CVE-2022-3524.html
https://www.suse.com/security/cve/CVE-2022-3526.html
https://www.suse.com/security/cve/CVE-2022-3535.html
https://www.suse.com/security/cve/CVE-2022-3542.html
https://www.suse.com/security/cve/CVE-2022-3545.html
https://www.suse.com/security/cve/CVE-2022-3565.html
https://www.suse.com/security/cve/CVE-2022-3577.html
https://www.suse.com/security/cve/CVE-2022-3586.html
https://www.suse.com/security/cve/CVE-2022-3594.html
https://www.suse.com/security/cve/CVE-2022-3619.html
https://www.suse.com/security/cve/CVE-2022-3621.html
https://www.suse.com/security/cve/CVE-2022-3625.html
https://www.suse.com/security/cve/CVE-2022-3628.html
https://www.suse.com/security/cve/CVE-2022-3629.html
https://www.suse.com/security/cve/CVE-2022-3633.html
https://www.suse.com/security/cve/CVE-2022-3640.html
https://www.suse.com/security/cve/CVE-2022-3646.html
https://www.suse.com/security/cve/CVE-2022-3649.html
https://www.suse.com/security/cve/CVE-2022-40476.html
https://www.suse.com/security/cve/CVE-2022-40768.html
https://www.suse.com/security/cve/CVE-2022-41674.html
https://www.suse.com/security/cve/CVE-2022-42703.html
https://www.suse.com/security/cve/CVE-2022-42719.html
https://www.suse.com/security/cve/CVE-2022-42720.html
https://www.suse.com/security/cve/CVE-2022-42721.html
https://www.suse.com/security/cve/CVE-2022-42722.html
https://www.suse.com/security/cve/CVE-2022-43750.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1188238
https://bugzilla.suse.com/1194869
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196632
https://bugzilla.suse.com/1199904
https://bugzilla.suse.com/1200567
https://bugzilla.suse.com/1200692
https://bugzilla.suse.com/1200788
https://bugzilla.suse.com/1202187
https://bugzilla.suse.com/1202686
https://bugzilla.suse.com/1202700
https://bugzilla.suse.com/1202914
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203229
https://bugzilla.suse.com/1203290
https://bugzilla.suse.com/1203435
https://bugzilla.suse.com/1203514
https://bugzilla.suse.com/1203699
https://bugzilla.suse.com/1203701
https://bugzilla.suse.com/1203767
https://bugzilla.suse.com/1203770
https://bugzilla.suse.com/1203802
https://bugzilla.suse.com/1203922
https://bugzilla.suse.com/1203979
https://bugzilla.suse.com/1204017
https://bugzilla.suse.com/1204051
https://bugzilla.suse.com/1204059
https://bugzilla.suse.com/1204060
https://bugzilla.suse.com/1204125
https://bugzilla.suse.com/1204142
https://bugzilla.suse.com/1204166
https://bugzilla.suse.com/1204168
https://bugzilla.suse.com/1204171
https://bugzilla.suse.com/1204241
https://bugzilla.suse.com/1204353
https://bugzilla.suse.com/1204354
https://bugzilla.suse.com/1204355
https://bugzilla.suse.com/1204402
https://bugzilla.suse.com/1204413
https://bugzilla.suse.com/1204415
https://bugzilla.suse.com/1204417
https://bugzilla.suse.com/1204428
https://bugzilla.suse.com/1204431
https://bugzilla.suse.com/1204439
https://bugzilla.suse.com/1204470
https://bugzilla.suse.com/1204479
https://bugzilla.suse.com/1204498
https://bugzilla.suse.com/1204533
https://bugzilla.suse.com/1204569
https://bugzilla.suse.com/1204574
https://bugzilla.suse.com/1204575
https://bugzilla.suse.com/1204619
https://bugzilla.suse.com/1204635
https://bugzilla.suse.com/1204637
https://bugzilla.suse.com/1204646
https://bugzilla.suse.com/1204647
https://bugzilla.suse.com/1204650
https://bugzilla.suse.com/1204653
https://bugzilla.suse.com/1204693
https://bugzilla.suse.com/1204705
https://bugzilla.suse.com/1204719
https://bugzilla.suse.com/1204728
https://bugzilla.suse.com/1204753
https://bugzilla.suse.com/1204868
https://bugzilla.suse.com/1204926
https://bugzilla.suse.com/1204933
https://bugzilla.suse.com/1204934
https://bugzilla.suse.com/1204947
https://bugzilla.suse.com/1204957
https://bugzilla.suse.com/1204963
https://bugzilla.suse.com/1204970
1
0
SUSE-SU-2022:3999-1: moderate: Security update for systemd
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for systemd
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3999-1
Rating: moderate
References: #1204179 #1204968
Cross-References: CVE-2022-3821
CVSS scores:
CVE-2022-3821 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3821 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for systemd fixes the following issues:
- CVE-2022-3821: Fixed buffer overrun in format_timespan() function
(bsc#1204968).
- Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428
* 0469b9f2bc pstore: do not try to load all known pstore modules
* ad05f54439 pstore: Run after modules are loaded
* ccad817445 core: Add trigger limit for path units
* 281d818fe3 core/mount: also add default before dependency for
automount mount units
* ffe5b4afa8 logind: fix crash in logind on user-specified message string
- Document udev naming scheme (bsc#1204179)
- Make "sle15-sp3" net naming scheme still available for backward
compatibility reason
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3999=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3999=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3999=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libsystemd0-249.12-150400.8.13.1
libsystemd0-debuginfo-249.12-150400.8.13.1
libudev1-249.12-150400.8.13.1
libudev1-debuginfo-249.12-150400.8.13.1
nss-myhostname-249.12-150400.8.13.1
nss-myhostname-debuginfo-249.12-150400.8.13.1
nss-systemd-249.12-150400.8.13.1
nss-systemd-debuginfo-249.12-150400.8.13.1
systemd-249.12-150400.8.13.1
systemd-container-249.12-150400.8.13.1
systemd-container-debuginfo-249.12-150400.8.13.1
systemd-coredump-249.12-150400.8.13.1
systemd-coredump-debuginfo-249.12-150400.8.13.1
systemd-debuginfo-249.12-150400.8.13.1
systemd-debugsource-249.12-150400.8.13.1
systemd-devel-249.12-150400.8.13.1
systemd-doc-249.12-150400.8.13.1
systemd-experimental-249.12-150400.8.13.1
systemd-experimental-debuginfo-249.12-150400.8.13.1
systemd-journal-remote-249.12-150400.8.13.1
systemd-journal-remote-debuginfo-249.12-150400.8.13.1
systemd-network-249.12-150400.8.13.1
systemd-network-debuginfo-249.12-150400.8.13.1
systemd-portable-249.12-150400.8.13.1
systemd-portable-debuginfo-249.12-150400.8.13.1
systemd-sysvinit-249.12-150400.8.13.1
systemd-testsuite-249.12-150400.8.13.1
systemd-testsuite-debuginfo-249.12-150400.8.13.1
udev-249.12-150400.8.13.1
udev-debuginfo-249.12-150400.8.13.1
- openSUSE Leap 15.4 (noarch):
systemd-lang-249.12-150400.8.13.1
- openSUSE Leap 15.4 (x86_64):
libsystemd0-32bit-249.12-150400.8.13.1
libsystemd0-32bit-debuginfo-249.12-150400.8.13.1
libudev1-32bit-249.12-150400.8.13.1
libudev1-32bit-debuginfo-249.12-150400.8.13.1
nss-myhostname-32bit-249.12-150400.8.13.1
nss-myhostname-32bit-debuginfo-249.12-150400.8.13.1
systemd-32bit-249.12-150400.8.13.1
systemd-32bit-debuginfo-249.12-150400.8.13.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libsystemd0-249.12-150400.8.13.1
libsystemd0-debuginfo-249.12-150400.8.13.1
libudev1-249.12-150400.8.13.1
libudev1-debuginfo-249.12-150400.8.13.1
systemd-249.12-150400.8.13.1
systemd-container-249.12-150400.8.13.1
systemd-container-debuginfo-249.12-150400.8.13.1
systemd-coredump-249.12-150400.8.13.1
systemd-coredump-debuginfo-249.12-150400.8.13.1
systemd-debuginfo-249.12-150400.8.13.1
systemd-debugsource-249.12-150400.8.13.1
systemd-devel-249.12-150400.8.13.1
systemd-doc-249.12-150400.8.13.1
systemd-sysvinit-249.12-150400.8.13.1
udev-249.12-150400.8.13.1
udev-debuginfo-249.12-150400.8.13.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
systemd-lang-249.12-150400.8.13.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libsystemd0-32bit-249.12-150400.8.13.1
libsystemd0-32bit-debuginfo-249.12-150400.8.13.1
libudev1-32bit-249.12-150400.8.13.1
libudev1-32bit-debuginfo-249.12-150400.8.13.1
systemd-32bit-249.12-150400.8.13.1
systemd-32bit-debuginfo-249.12-150400.8.13.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libsystemd0-249.12-150400.8.13.1
libsystemd0-debuginfo-249.12-150400.8.13.1
libudev1-249.12-150400.8.13.1
libudev1-debuginfo-249.12-150400.8.13.1
systemd-249.12-150400.8.13.1
systemd-container-249.12-150400.8.13.1
systemd-container-debuginfo-249.12-150400.8.13.1
systemd-debuginfo-249.12-150400.8.13.1
systemd-debugsource-249.12-150400.8.13.1
systemd-journal-remote-249.12-150400.8.13.1
systemd-journal-remote-debuginfo-249.12-150400.8.13.1
systemd-sysvinit-249.12-150400.8.13.1
udev-249.12-150400.8.13.1
udev-debuginfo-249.12-150400.8.13.1
References:
https://www.suse.com/security/cve/CVE-2022-3821.html
https://bugzilla.suse.com/1204179
https://bugzilla.suse.com/1204968
1
0
SUSE-SU-2022:3990-1: moderate: Security update for LibVNCServer
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for LibVNCServer
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3990-1
Rating: moderate
References: #1203106
Cross-References: CVE-2020-29260
CVSS scores:
CVE-2020-29260 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-29260 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for LibVNCServer fixes the following issues:
- CVE-2020-29260: Fixed memory leakage via rfbClientCleanup()
(bsc#1203106).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3990=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3990=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3990=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3990=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3990=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libvncclient0-0.9.10-150000.4.29.1
libvncclient0-debuginfo-0.9.10-150000.4.29.1
libvncserver0-0.9.10-150000.4.29.1
libvncserver0-debuginfo-0.9.10-150000.4.29.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
LibVNCServer-debugsource-0.9.10-150000.4.29.1
LibVNCServer-devel-0.9.10-150000.4.29.1
libvncclient0-0.9.10-150000.4.29.1
libvncclient0-debuginfo-0.9.10-150000.4.29.1
libvncserver0-0.9.10-150000.4.29.1
libvncserver0-debuginfo-0.9.10-150000.4.29.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
LibVNCServer-debugsource-0.9.10-150000.4.29.1
libvncclient0-0.9.10-150000.4.29.1
libvncclient0-debuginfo-0.9.10-150000.4.29.1
libvncserver0-0.9.10-150000.4.29.1
libvncserver0-debuginfo-0.9.10-150000.4.29.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
LibVNCServer-debugsource-0.9.10-150000.4.29.1
libvncserver0-0.9.10-150000.4.29.1
libvncserver0-debuginfo-0.9.10-150000.4.29.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
LibVNCServer-debugsource-0.9.10-150000.4.29.1
libvncserver0-0.9.10-150000.4.29.1
libvncserver0-debuginfo-0.9.10-150000.4.29.1
References:
https://www.suse.com/security/cve/CVE-2020-29260.html
https://bugzilla.suse.com/1203106
1
0
SUSE-SU-2022:3991-1: moderate: Security update for dhcp
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for dhcp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3991-1
Rating: moderate
References: #1203988 #1203989
Cross-References: CVE-2022-2928 CVE-2022-2929
CVSS scores:
CVE-2022-2928 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2928 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2929 (NVD) : 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2929 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for dhcp fixes the following issues:
- CVE-2022-2928: Fixed an option refcount overflow (bsc#1203988).
- CVE-2022-2929: Fixed a DHCP memory leak (bsc#1203989).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3991=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3991=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-3991=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-3991=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3991=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3991=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dhcp-4.3.6.P1-150000.6.17.1
dhcp-client-4.3.6.P1-150000.6.17.1
dhcp-client-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debugsource-4.3.6.P1-150000.6.17.1
dhcp-devel-4.3.6.P1-150000.6.17.1
dhcp-doc-4.3.6.P1-150000.6.17.1
dhcp-relay-4.3.6.P1-150000.6.17.1
dhcp-relay-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-server-4.3.6.P1-150000.6.17.1
dhcp-server-debuginfo-4.3.6.P1-150000.6.17.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dhcp-4.3.6.P1-150000.6.17.1
dhcp-client-4.3.6.P1-150000.6.17.1
dhcp-client-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debugsource-4.3.6.P1-150000.6.17.1
dhcp-devel-4.3.6.P1-150000.6.17.1
dhcp-doc-4.3.6.P1-150000.6.17.1
dhcp-relay-4.3.6.P1-150000.6.17.1
dhcp-relay-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-server-4.3.6.P1-150000.6.17.1
dhcp-server-debuginfo-4.3.6.P1-150000.6.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
dhcp-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debugsource-4.3.6.P1-150000.6.17.1
dhcp-relay-4.3.6.P1-150000.6.17.1
dhcp-relay-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-server-4.3.6.P1-150000.6.17.1
dhcp-server-debuginfo-4.3.6.P1-150000.6.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
dhcp-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debugsource-4.3.6.P1-150000.6.17.1
dhcp-relay-4.3.6.P1-150000.6.17.1
dhcp-relay-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-server-4.3.6.P1-150000.6.17.1
dhcp-server-debuginfo-4.3.6.P1-150000.6.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
dhcp-4.3.6.P1-150000.6.17.1
dhcp-client-4.3.6.P1-150000.6.17.1
dhcp-client-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debugsource-4.3.6.P1-150000.6.17.1
dhcp-devel-4.3.6.P1-150000.6.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
dhcp-4.3.6.P1-150000.6.17.1
dhcp-client-4.3.6.P1-150000.6.17.1
dhcp-client-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debuginfo-4.3.6.P1-150000.6.17.1
dhcp-debugsource-4.3.6.P1-150000.6.17.1
dhcp-devel-4.3.6.P1-150000.6.17.1
References:
https://www.suse.com/security/cve/CVE-2022-2928.html
https://www.suse.com/security/cve/CVE-2022-2929.html
https://bugzilla.suse.com/1203988
https://bugzilla.suse.com/1203989
1
0
SUSE-SU-2022:3986-1: moderate: Security update for libX11
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for libX11
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3986-1
Rating: moderate
References: #1204422 #1204425
Cross-References: CVE-2022-3554 CVE-2022-3555
CVSS scores:
CVE-2022-3554 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3554 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3555 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3555 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for libX11 fixes the following issues:
- CVE-2022-3554: Fixed memory leak in XRegisterIMInstantiateCallback()
(bsc#1204422).
- CVE-2022-3555: Fixed memory leak in _XFreeX11XCBStructure()
(bsc#1204425).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3986=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3986=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3986=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3986=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3986=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3986=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3986=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- openSUSE Leap Micro 5.2 (noarch):
libX11-data-1.6.5-150000.3.24.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-devel-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- openSUSE Leap 15.4 (noarch):
libX11-data-1.6.5-150000.3.24.1
- openSUSE Leap 15.4 (x86_64):
libX11-6-32bit-1.6.5-150000.3.24.1
libX11-6-32bit-debuginfo-1.6.5-150000.3.24.1
libX11-devel-32bit-1.6.5-150000.3.24.1
libX11-xcb1-32bit-1.6.5-150000.3.24.1
libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.24.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-devel-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- openSUSE Leap 15.3 (noarch):
libX11-data-1.6.5-150000.3.24.1
- openSUSE Leap 15.3 (x86_64):
libX11-6-32bit-1.6.5-150000.3.24.1
libX11-6-32bit-debuginfo-1.6.5-150000.3.24.1
libX11-devel-32bit-1.6.5-150000.3.24.1
libX11-xcb1-32bit-1.6.5-150000.3.24.1
libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-devel-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
libX11-data-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libX11-6-32bit-1.6.5-150000.3.24.1
libX11-6-32bit-debuginfo-1.6.5-150000.3.24.1
libX11-xcb1-32bit-1.6.5-150000.3.24.1
libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-devel-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libX11-data-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libX11-6-32bit-1.6.5-150000.3.24.1
libX11-6-32bit-debuginfo-1.6.5-150000.3.24.1
libX11-xcb1-32bit-1.6.5-150000.3.24.1
libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
libX11-data-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libX11-6-1.6.5-150000.3.24.1
libX11-6-debuginfo-1.6.5-150000.3.24.1
libX11-debugsource-1.6.5-150000.3.24.1
libX11-xcb1-1.6.5-150000.3.24.1
libX11-xcb1-debuginfo-1.6.5-150000.3.24.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
libX11-data-1.6.5-150000.3.24.1
References:
https://www.suse.com/security/cve/CVE-2022-3554.html
https://www.suse.com/security/cve/CVE-2022-3555.html
https://bugzilla.suse.com/1204422
https://bugzilla.suse.com/1204425
1
0
SUSE-SU-2022:3979-1: moderate: Security update for python-Mako
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for python-Mako
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3979-1
Rating: moderate
References: #1203246
Cross-References: CVE-2022-40023
CVSS scores:
CVE-2022-40023 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40023 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Mako fixes the following issues:
- CVE-2022-40023: Fixed regular expression Denial of Service when using
the Lexer class to parse (bsc#1203246).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3979=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3979=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3979=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3979=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3979=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3979=1
Package List:
- openSUSE Leap 15.4 (noarch):
python3-Mako-1.0.7-150000.3.3.1
- openSUSE Leap 15.3 (noarch):
python2-Mako-1.0.7-150000.3.3.1
python3-Mako-1.0.7-150000.3.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
python2-Mako-1.0.7-150000.3.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
python2-Mako-1.0.7-150000.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-Mako-1.0.7-150000.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-Mako-1.0.7-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-40023.html
https://bugzilla.suse.com/1203246
1
0
SUSE-SU-2022:3983-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3983-1
Rating: moderate
References: #1204257 #1204258
Cross-References: CVE-2022-39282 CVE-2022-39283
CVSS scores:
CVE-2022-39282 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-39282 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-39283 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-39283 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39282: Fix to init data read by `/parallel` command line
switch. (bsc#1204258)
- CVE-2022-39283: Fix to prevent video channel from reading uninitialized
data. (bsc#1204257)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3983=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3983=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3983=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
freerdp-2.4.0-150400.3.9.1
freerdp-debuginfo-2.4.0-150400.3.9.1
freerdp-debugsource-2.4.0-150400.3.9.1
freerdp-devel-2.4.0-150400.3.9.1
freerdp-proxy-2.4.0-150400.3.9.1
freerdp-proxy-debuginfo-2.4.0-150400.3.9.1
freerdp-server-2.4.0-150400.3.9.1
freerdp-server-debuginfo-2.4.0-150400.3.9.1
freerdp-wayland-2.4.0-150400.3.9.1
freerdp-wayland-debuginfo-2.4.0-150400.3.9.1
libfreerdp2-2.4.0-150400.3.9.1
libfreerdp2-debuginfo-2.4.0-150400.3.9.1
libuwac0-0-2.4.0-150400.3.9.1
libuwac0-0-debuginfo-2.4.0-150400.3.9.1
libwinpr2-2.4.0-150400.3.9.1
libwinpr2-debuginfo-2.4.0-150400.3.9.1
uwac0-0-devel-2.4.0-150400.3.9.1
winpr2-devel-2.4.0-150400.3.9.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
freerdp-2.4.0-150400.3.9.1
freerdp-debuginfo-2.4.0-150400.3.9.1
freerdp-debugsource-2.4.0-150400.3.9.1
freerdp-devel-2.4.0-150400.3.9.1
freerdp-proxy-2.4.0-150400.3.9.1
freerdp-proxy-debuginfo-2.4.0-150400.3.9.1
libfreerdp2-2.4.0-150400.3.9.1
libfreerdp2-debuginfo-2.4.0-150400.3.9.1
libwinpr2-2.4.0-150400.3.9.1
libwinpr2-debuginfo-2.4.0-150400.3.9.1
winpr2-devel-2.4.0-150400.3.9.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
freerdp-2.4.0-150400.3.9.1
freerdp-debuginfo-2.4.0-150400.3.9.1
freerdp-debugsource-2.4.0-150400.3.9.1
freerdp-devel-2.4.0-150400.3.9.1
freerdp-proxy-2.4.0-150400.3.9.1
freerdp-proxy-debuginfo-2.4.0-150400.3.9.1
libfreerdp2-2.4.0-150400.3.9.1
libfreerdp2-debuginfo-2.4.0-150400.3.9.1
libwinpr2-2.4.0-150400.3.9.1
libwinpr2-debuginfo-2.4.0-150400.3.9.1
winpr2-devel-2.4.0-150400.3.9.1
References:
https://www.suse.com/security/cve/CVE-2022-39282.html
https://www.suse.com/security/cve/CVE-2022-39283.html
https://bugzilla.suse.com/1204257
https://bugzilla.suse.com/1204258
1
0
SUSE-SU-2022:3982-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3982-1
Rating: moderate
References: #1204257 #1204258
Cross-References: CVE-2022-39282 CVE-2022-39283
CVSS scores:
CVE-2022-39282 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-39282 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-39283 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-39283 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39282: Fix to init data read by `/parallel` command line
switch. (bsc#1204258)
- CVE-2022-39283: Fix to prevent video channel from reading uninitialized
data. (bsc#1204257)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3982=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3982=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3982=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
freerdp-2.1.2-150200.15.21.1
freerdp-debuginfo-2.1.2-150200.15.21.1
freerdp-debugsource-2.1.2-150200.15.21.1
freerdp-devel-2.1.2-150200.15.21.1
freerdp-proxy-2.1.2-150200.15.21.1
freerdp-proxy-debuginfo-2.1.2-150200.15.21.1
freerdp-server-2.1.2-150200.15.21.1
freerdp-server-debuginfo-2.1.2-150200.15.21.1
freerdp-wayland-2.1.2-150200.15.21.1
freerdp-wayland-debuginfo-2.1.2-150200.15.21.1
libfreerdp2-2.1.2-150200.15.21.1
libfreerdp2-debuginfo-2.1.2-150200.15.21.1
libuwac0-0-2.1.2-150200.15.21.1
libuwac0-0-debuginfo-2.1.2-150200.15.21.1
libwinpr2-2.1.2-150200.15.21.1
libwinpr2-debuginfo-2.1.2-150200.15.21.1
uwac0-0-devel-2.1.2-150200.15.21.1
winpr2-devel-2.1.2-150200.15.21.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
freerdp-2.1.2-150200.15.21.1
freerdp-debuginfo-2.1.2-150200.15.21.1
freerdp-debugsource-2.1.2-150200.15.21.1
freerdp-devel-2.1.2-150200.15.21.1
freerdp-proxy-2.1.2-150200.15.21.1
freerdp-proxy-debuginfo-2.1.2-150200.15.21.1
libfreerdp2-2.1.2-150200.15.21.1
libfreerdp2-debuginfo-2.1.2-150200.15.21.1
libwinpr2-2.1.2-150200.15.21.1
libwinpr2-debuginfo-2.1.2-150200.15.21.1
winpr2-devel-2.1.2-150200.15.21.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
freerdp-2.1.2-150200.15.21.1
freerdp-debuginfo-2.1.2-150200.15.21.1
freerdp-debugsource-2.1.2-150200.15.21.1
freerdp-devel-2.1.2-150200.15.21.1
freerdp-proxy-2.1.2-150200.15.21.1
freerdp-proxy-debuginfo-2.1.2-150200.15.21.1
libfreerdp2-2.1.2-150200.15.21.1
libfreerdp2-debuginfo-2.1.2-150200.15.21.1
libwinpr2-2.1.2-150200.15.21.1
libwinpr2-debuginfo-2.1.2-150200.15.21.1
winpr2-devel-2.1.2-150200.15.21.1
References:
https://www.suse.com/security/cve/CVE-2022-39282.html
https://www.suse.com/security/cve/CVE-2022-39283.html
https://bugzilla.suse.com/1204257
https://bugzilla.suse.com/1204258
1
0
SUSE-SU-2022:3981-1: moderate: Security update for bluez
by opensuse-security@opensuse.org 15 Nov '22
by opensuse-security@opensuse.org 15 Nov '22
15 Nov '22
SUSE Security Update: Security update for bluez
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3981-1
Rating: moderate
References: #1188859 #1192394
Cross-References: CVE-2021-3658 CVE-2021-43400
CVSS scores:
CVE-2021-3658 (NVD) : 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-3658 (SUSE): 4.6 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-43400 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-43400 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for bluez fixes the following issues:
- CVE-2021-43400: Fixed use-after-free in gatt-database.c (bsc#1192394).
- CVE-2021-3658: Fixed adapter incorrectly restoring discoverable state
after powered down (bsc#1188859).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3981=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3981=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-3981=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3981=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
bluez-5.55-150300.3.14.1
bluez-cups-5.55-150300.3.14.1
bluez-cups-debuginfo-5.55-150300.3.14.1
bluez-debuginfo-5.55-150300.3.14.1
bluez-debugsource-5.55-150300.3.14.1
bluez-deprecated-5.55-150300.3.14.1
bluez-deprecated-debuginfo-5.55-150300.3.14.1
bluez-devel-5.55-150300.3.14.1
bluez-test-5.55-150300.3.14.1
bluez-test-debuginfo-5.55-150300.3.14.1
libbluetooth3-5.55-150300.3.14.1
libbluetooth3-debuginfo-5.55-150300.3.14.1
- openSUSE Leap 15.3 (noarch):
bluez-auto-enable-devices-5.55-150300.3.14.1
- openSUSE Leap 15.3 (x86_64):
bluez-devel-32bit-5.55-150300.3.14.1
libbluetooth3-32bit-5.55-150300.3.14.1
libbluetooth3-32bit-debuginfo-5.55-150300.3.14.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
bluez-cups-5.55-150300.3.14.1
bluez-cups-debuginfo-5.55-150300.3.14.1
bluez-debuginfo-5.55-150300.3.14.1
bluez-debugsource-5.55-150300.3.14.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
bluez-debuginfo-5.55-150300.3.14.1
bluez-debugsource-5.55-150300.3.14.1
bluez-devel-5.55-150300.3.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
bluez-5.55-150300.3.14.1
bluez-debuginfo-5.55-150300.3.14.1
bluez-debugsource-5.55-150300.3.14.1
bluez-deprecated-5.55-150300.3.14.1
bluez-deprecated-debuginfo-5.55-150300.3.14.1
libbluetooth3-5.55-150300.3.14.1
libbluetooth3-debuginfo-5.55-150300.3.14.1
References:
https://www.suse.com/security/cve/CVE-2021-3658.html
https://www.suse.com/security/cve/CVE-2021-43400.html
https://bugzilla.suse.com/1188859
https://bugzilla.suse.com/1192394
1
0
openSUSE-SU-2022:10203-1: important: Security update for jhead
by opensuse-security@opensuse.org 14 Nov '22
by opensuse-security@opensuse.org 14 Nov '22
14 Nov '22
openSUSE Security Update: Security update for jhead
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10203-1
Rating: important
References: #1205167
Cross-References: CVE-2021-34055
CVSS scores:
CVE-2021-34055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jhead fixes the following issues:
* CVE-2021-34055: Fix out of bounds write in ClearOrientation() due to
unchecked error (boo#1205167)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10203=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
jhead-3.00-bp153.3.6.1
References:
https://www.suse.com/security/cve/CVE-2021-34055.html
https://bugzilla.suse.com/1205167
1
0
openSUSE-SU-2022:10202-1: important: Security update for jhead
by opensuse-security@opensuse.org 14 Nov '22
by opensuse-security@opensuse.org 14 Nov '22
14 Nov '22
openSUSE Security Update: Security update for jhead
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10202-1
Rating: important
References: #1205167
Cross-References: CVE-2021-34055
CVSS scores:
CVE-2021-34055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jhead fixes the following issues:
* CVE-2021-34055: Fix out of bounds write in ClearOrientation() due to
unchecked error (boo#1205167)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10202=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
jhead-3.06.0.1-bp154.2.6.1
References:
https://www.suse.com/security/cve/CVE-2021-34055.html
https://bugzilla.suse.com/1205167
1
0
SUSE-SU-2022:3970-1: important: Security update for containerized-data-importer
by opensuse-security@opensuse.org 14 Nov '22
by opensuse-security@opensuse.org 14 Nov '22
14 Nov '22
SUSE Security Update: Security update for containerized-data-importer
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3970-1
Rating: important
References:
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update rebuilds the current containeried data importer images against
current base images, to fix security issues.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3970=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3970=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3970=1
Package List:
- openSUSE Leap 15.4 (x86_64):
containerized-data-importer-api-1.51.0-150400.4.5.1
containerized-data-importer-api-debuginfo-1.51.0-150400.4.5.1
containerized-data-importer-cloner-1.51.0-150400.4.5.1
containerized-data-importer-cloner-debuginfo-1.51.0-150400.4.5.1
containerized-data-importer-controller-1.51.0-150400.4.5.1
containerized-data-importer-controller-debuginfo-1.51.0-150400.4.5.1
containerized-data-importer-importer-1.51.0-150400.4.5.1
containerized-data-importer-importer-debuginfo-1.51.0-150400.4.5.1
containerized-data-importer-manifests-1.51.0-150400.4.5.1
containerized-data-importer-operator-1.51.0-150400.4.5.1
containerized-data-importer-operator-debuginfo-1.51.0-150400.4.5.1
containerized-data-importer-uploadproxy-1.51.0-150400.4.5.1
containerized-data-importer-uploadproxy-debuginfo-1.51.0-150400.4.5.1
containerized-data-importer-uploadserver-1.51.0-150400.4.5.1
containerized-data-importer-uploadserver-debuginfo-1.51.0-150400.4.5.1
obs-service-cdi_containers_meta-1.51.0-150400.4.5.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64):
containerized-data-importer-manifests-1.51.0-150400.4.5.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
containerized-data-importer-manifests-1.51.0-150400.4.5.1
References:
1
0
SUSE-SU-2022:3969-1: important: Security update for kubevirt stack
by opensuse-security@opensuse.org 14 Nov '22
by opensuse-security@opensuse.org 14 Nov '22
14 Nov '22
SUSE Security Update: Security update for kubevirt stack
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3969-1
Rating: important
References:
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update provides rebuilds of the kubevirt containers with up to date
base images, fixing various security issues.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3969=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3969=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3969=1
Package List:
- openSUSE Leap 15.4 (x86_64):
kubevirt-container-disk-0.54.0-150400.3.5.1
kubevirt-container-disk-debuginfo-0.54.0-150400.3.5.1
kubevirt-manifests-0.54.0-150400.3.5.1
kubevirt-tests-0.54.0-150400.3.5.1
kubevirt-tests-debuginfo-0.54.0-150400.3.5.1
kubevirt-virt-api-0.54.0-150400.3.5.1
kubevirt-virt-api-debuginfo-0.54.0-150400.3.5.1
kubevirt-virt-controller-0.54.0-150400.3.5.1
kubevirt-virt-controller-debuginfo-0.54.0-150400.3.5.1
kubevirt-virt-handler-0.54.0-150400.3.5.1
kubevirt-virt-handler-debuginfo-0.54.0-150400.3.5.1
kubevirt-virt-launcher-0.54.0-150400.3.5.1
kubevirt-virt-launcher-debuginfo-0.54.0-150400.3.5.1
kubevirt-virt-operator-0.54.0-150400.3.5.1
kubevirt-virt-operator-debuginfo-0.54.0-150400.3.5.1
kubevirt-virtctl-0.54.0-150400.3.5.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.5.1
obs-service-kubevirt_containers_meta-0.54.0-150400.3.5.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (x86_64):
kubevirt-manifests-0.54.0-150400.3.5.1
kubevirt-virtctl-0.54.0-150400.3.5.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.5.1
- SUSE Linux Enterprise Micro 5.3 (x86_64):
kubevirt-manifests-0.54.0-150400.3.5.1
kubevirt-virtctl-0.54.0-150400.3.5.1
kubevirt-virtctl-debuginfo-0.54.0-150400.3.5.1
References:
1
0
openSUSE-SU-2022:10201-1: important: Security update for chromium
by opensuse-security@opensuse.org 14 Nov '22
by opensuse-security@opensuse.org 14 Nov '22
14 Nov '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10201-1
Rating: important
References: #1205221
Cross-References: CVE-2022-3885 CVE-2022-3886 CVE-2022-3887
CVE-2022-3888 CVE-2022-3889 CVE-2022-3890
CVSS scores:
CVE-2022-3885 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3886 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3887 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3888 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3889 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3890 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
- Chromium 107.0.5304.110 (boo#1205221)
* CVE-2022-3885: Use after free in V8
* CVE-2022-3886: Use after free in Speech Recognition
* CVE-2022-3887: Use after free in Web Workers
* CVE-2022-3888: Use after free in WebCodecs
* CVE-2022-3889: Type Confusion in V8
* CVE-2022-3890: Heap buffer overflow in Crashpad
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10201=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10201=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-107.0.5304.110-bp154.2.43.1
chromedriver-debuginfo-107.0.5304.110-bp154.2.43.1
chromium-107.0.5304.110-bp154.2.43.1
chromium-debuginfo-107.0.5304.110-bp154.2.43.1
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-107.0.5304.110-bp153.2.136.1
chromium-107.0.5304.110-bp153.2.136.1
References:
https://www.suse.com/security/cve/CVE-2022-3885.html
https://www.suse.com/security/cve/CVE-2022-3886.html
https://www.suse.com/security/cve/CVE-2022-3887.html
https://www.suse.com/security/cve/CVE-2022-3888.html
https://www.suse.com/security/cve/CVE-2022-3889.html
https://www.suse.com/security/cve/CVE-2022-3890.html
https://bugzilla.suse.com/1205221
1
0
openSUSE-SU-2022:10198-1: important: Security update for varnish
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
openSUSE Security Update: Security update for varnish
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10198-1
Rating: important
References: #1205242 #1205243
Cross-References: CVE-2022-45059 CVE-2022-45060
CVSS scores:
CVE-2022-45059 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-45060 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for varnish fixes the following issues:
Update to 7.2.1:
- CVE-2022-45059: Fixed a HTTP request smuggling via hop-by-hop headers
(boo#1205243).
- CVE-2022-45060: Fixed a HTTP request forgery via character injection
through HTTP/2 pseudo-headers (boo#1205242).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10198=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
libvarnishapi3-7.2.1-bp154.2.9.1
varnish-7.2.1-bp154.2.9.1
varnish-devel-7.2.1-bp154.2.9.1
References:
https://www.suse.com/security/cve/CVE-2022-45059.html
https://www.suse.com/security/cve/CVE-2022-45060.html
https://bugzilla.suse.com/1205242
https://bugzilla.suse.com/1205243
1
0
SUSE-SU-2022:3947-1: important: Security update for xen
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3947-1
Rating: important
References: #1027519 #1193923 #1203806 #1203807 #1204482
#1204485 #1204487 #1204488 #1204489 #1204490
#1204494 #1204496
Cross-References: CVE-2022-33746 CVE-2022-33747 CVE-2022-33748
CVE-2022-42309 CVE-2022-42310 CVE-2022-42311
CVE-2022-42312 CVE-2022-42313 CVE-2022-42314
CVE-2022-42315 CVE-2022-42316 CVE-2022-42317
CVE-2022-42318 CVE-2022-42319 CVE-2022-42320
CVE-2022-42321 CVE-2022-42322 CVE-2022-42323
CVE-2022-42325 CVE-2022-42326
CVSS scores:
CVE-2022-33746 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33746 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33747 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
CVE-2022-33748 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-33748 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42309 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2022-42309 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-42310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42310 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42311 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42311 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42312 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42312 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42313 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42313 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42314 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42314 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42315 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42315 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42316 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42316 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42317 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42317 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42318 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42318 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42319 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42319 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42320 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42320 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-42321 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42321 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42322 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42322 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42323 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42323 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42325 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42325 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2022-42326 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42326 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes 20 vulnerabilities is now available.
Description:
This update for xen fixes the following issues:
- CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing
(bsc#1203806)
- CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807)
- CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314,
CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen:
Xenstore: Guests can let xenstored run out of memory (bsc#1204482)
- CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485)
- CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes
(bsc#1204487)
- CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free
temporary memory (bsc#1204488)
- CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes
of deleted domains (bsc#1204489)
- CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting
the stack (bsc#1204490)
- CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can
create arbitrary numbers of nodes (bsc#1204494)
- CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create
arbitrary number of nodes via transactions (bsc#1204496)
- xen: Frontends vulnerable to backends (bsc#1193923)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3947=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3947=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-3947=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3947=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3947=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3947=1
Package List:
- openSUSE Leap Micro 5.2 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
- openSUSE Leap 15.3 (aarch64 x86_64):
xen-4.14.5_08-150300.3.40.1
xen-debugsource-4.14.5_08-150300.3.40.1
xen-devel-4.14.5_08-150300.3.40.1
xen-doc-html-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
xen-tools-4.14.5_08-150300.3.40.1
xen-tools-debuginfo-4.14.5_08-150300.3.40.1
xen-tools-domU-4.14.5_08-150300.3.40.1
xen-tools-domU-debuginfo-4.14.5_08-150300.3.40.1
- openSUSE Leap 15.3 (x86_64):
xen-libs-32bit-4.14.5_08-150300.3.40.1
xen-libs-32bit-debuginfo-4.14.5_08-150300.3.40.1
- openSUSE Leap 15.3 (noarch):
xen-tools-xendomains-wait-disk-4.14.5_08-150300.3.40.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
xen-tools-xendomains-wait-disk-4.14.5_08-150300.3.40.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64):
xen-4.14.5_08-150300.3.40.1
xen-debugsource-4.14.5_08-150300.3.40.1
xen-devel-4.14.5_08-150300.3.40.1
xen-tools-4.14.5_08-150300.3.40.1
xen-tools-debuginfo-4.14.5_08-150300.3.40.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
xen-tools-domU-4.14.5_08-150300.3.40.1
xen-tools-domU-debuginfo-4.14.5_08-150300.3.40.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
xen-debugsource-4.14.5_08-150300.3.40.1
xen-libs-4.14.5_08-150300.3.40.1
xen-libs-debuginfo-4.14.5_08-150300.3.40.1
References:
https://www.suse.com/security/cve/CVE-2022-33746.html
https://www.suse.com/security/cve/CVE-2022-33747.html
https://www.suse.com/security/cve/CVE-2022-33748.html
https://www.suse.com/security/cve/CVE-2022-42309.html
https://www.suse.com/security/cve/CVE-2022-42310.html
https://www.suse.com/security/cve/CVE-2022-42311.html
https://www.suse.com/security/cve/CVE-2022-42312.html
https://www.suse.com/security/cve/CVE-2022-42313.html
https://www.suse.com/security/cve/CVE-2022-42314.html
https://www.suse.com/security/cve/CVE-2022-42315.html
https://www.suse.com/security/cve/CVE-2022-42316.html
https://www.suse.com/security/cve/CVE-2022-42317.html
https://www.suse.com/security/cve/CVE-2022-42318.html
https://www.suse.com/security/cve/CVE-2022-42319.html
https://www.suse.com/security/cve/CVE-2022-42320.html
https://www.suse.com/security/cve/CVE-2022-42321.html
https://www.suse.com/security/cve/CVE-2022-42322.html
https://www.suse.com/security/cve/CVE-2022-42323.html
https://www.suse.com/security/cve/CVE-2022-42325.html
https://www.suse.com/security/cve/CVE-2022-42326.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1193923
https://bugzilla.suse.com/1203806
https://bugzilla.suse.com/1203807
https://bugzilla.suse.com/1204482
https://bugzilla.suse.com/1204485
https://bugzilla.suse.com/1204487
https://bugzilla.suse.com/1204488
https://bugzilla.suse.com/1204489
https://bugzilla.suse.com/1204490
https://bugzilla.suse.com/1204494
https://bugzilla.suse.com/1204496
1
0
SUSE-SU-2022:3955-1: important: Security update for samba
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
SUSE Security Update: Security update for samba
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3955-1
Rating: important
References: #1200102 #1202803 #1202976
Cross-References: CVE-2022-1615 CVE-2022-32743
CVSS scores:
CVE-2022-1615 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1615 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32743 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-32743 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for samba fixes the following issues:
- CVE-2022-1615: Fixed error handling in random number generation
(bso#15103)(bsc#1202976).
- CVE-2022-32743: Implement validated dnsHostName write rights
(bso#14833)(bsc#1202803).
Bugfixes:
- Fixed use after free when iterating smbd_server_connection->connections
after tree disconnect failure (bso#15128)(bsc#1200102).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3955=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3955=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-3955=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3955=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3955=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3955=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2022-3955=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-pcp-pmda-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-pcp-pmda-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy-python3-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-gpupdate-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-test-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-test-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-tool-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- openSUSE Leap 15.3 (aarch64 x86_64):
samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- openSUSE Leap 15.3 (aarch64_ilp32):
libsamba-policy0-python3-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-64bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-64bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- openSUSE Leap 15.3 (x86_64):
libsamba-policy0-python3-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- openSUSE Leap 15.3 (noarch):
samba-doc-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Linux Enterprise Module for Python2 15-SP3 (aarch64 ppc64le s390x x86_64):
samba-ad-dc-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsamba-policy-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy-python3-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
libsamba-policy0-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-dsdb-modules-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-gpupdate-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ldb-ldap-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-tool-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
samba-ad-dc-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ad-dc-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-devel-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-libs-32bit-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
samba-client-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
ctdb-4.15.8+git.527.8d0c05d313e-150300.3.40.2
ctdb-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-ceph-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-client-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-debugsource-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-libs-python3-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-4.15.8+git.527.8d0c05d313e-150300.3.40.2
samba-winbind-debuginfo-4.15.8+git.527.8d0c05d313e-150300.3.40.2
References:
https://www.suse.com/security/cve/CVE-2022-1615.html
https://www.suse.com/security/cve/CVE-2022-32743.html
https://bugzilla.suse.com/1200102
https://bugzilla.suse.com/1202803
https://bugzilla.suse.com/1202976
1
0
SUSE-SU-2022:3959-1: important: Security update for busybox
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
SUSE Security Update: Security update for busybox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3959-1
Rating: important
References: #1064976 #1064978 #1069412 #1099260 #1099263
#1102912 #1121426 #1121428 #1184522 #1192869
#951562 #970662 #970663 #991940
Cross-References: CVE-2011-5325 CVE-2015-9261 CVE-2016-2147
CVE-2016-2148 CVE-2016-6301 CVE-2017-15873
CVE-2017-15874 CVE-2017-16544 CVE-2018-1000500
CVE-2018-1000517 CVE-2018-20679 CVE-2019-5747
CVE-2021-28831 CVE-2021-42373 CVE-2021-42374
CVE-2021-42375 CVE-2021-42376 CVE-2021-42377
CVE-2021-42378 CVE-2021-42379 CVE-2021-42380
CVE-2021-42381 CVE-2021-42382 CVE-2021-42383
CVE-2021-42384 CVE-2021-42385 CVE-2021-42386
CVSS scores:
CVE-2011-5325 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2015-9261 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2015-9261 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2016-2147 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2016-2148 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2016-6301 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-15873 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-15873 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2017-15874 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-15874 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2017-16544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2017-16544 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-1000500 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000500 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2018-1000517 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000517 (SUSE): 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2018-20679 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2018-20679 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-5747 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2019-5747 (SUSE): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-28831 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28831 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42374 (NVD) : 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2021-42374 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2021-42375 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42375 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42376 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42376 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42377 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42377 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42378 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42378 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42379 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42379 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42380 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42380 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42381 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42381 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42382 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42382 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42383 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42383 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42384 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42384 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42385 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42385 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42386 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42386 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 27 vulnerabilities is now available.
Description:
This update for busybox fixes the following issues:
- Enable switch_root With this change virtme --force-initramfs works as
expected.
- Enable udhcpc
busybox was updated to 1.35.0
- Adjust busybox.config for new features in find, date and cpio
- Annotate CVEs already fixed in upstream, but not mentioned in .changes
yet:
* CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames
when autocompleting
* CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing
segfaults
* CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer
underflow in udhcpc
* CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD
parsing
* CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
* CVE-2017-15873 (bsc#1064976): The get_next_block function in
archival/libarchive/decompress_bunzip2.c has an Integer Overflow
* CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c
has an Integer Underflow
* CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
* CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376,
CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380,
CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384,
CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes
* CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via
malformed gzip data
* CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp
* CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the
retrieve_file_data()
* CVE-2011-5325 (bsc#951562): tar directory traversal
* CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3959=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3959=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150400.3.3.1
busybox-static-1.35.0-150400.3.3.1
busybox-testsuite-1.35.0-150400.3.3.1
- openSUSE Leap 15.4 (aarch64 x86_64):
busybox-warewulf3-1.35.0-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
busybox-1.35.0-150400.3.3.1
busybox-static-1.35.0-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2011-5325.html
https://www.suse.com/security/cve/CVE-2015-9261.html
https://www.suse.com/security/cve/CVE-2016-2147.html
https://www.suse.com/security/cve/CVE-2016-2148.html
https://www.suse.com/security/cve/CVE-2016-6301.html
https://www.suse.com/security/cve/CVE-2017-15873.html
https://www.suse.com/security/cve/CVE-2017-15874.html
https://www.suse.com/security/cve/CVE-2017-16544.html
https://www.suse.com/security/cve/CVE-2018-1000500.html
https://www.suse.com/security/cve/CVE-2018-1000517.html
https://www.suse.com/security/cve/CVE-2018-20679.html
https://www.suse.com/security/cve/CVE-2019-5747.html
https://www.suse.com/security/cve/CVE-2021-28831.html
https://www.suse.com/security/cve/CVE-2021-42373.html
https://www.suse.com/security/cve/CVE-2021-42374.html
https://www.suse.com/security/cve/CVE-2021-42375.html
https://www.suse.com/security/cve/CVE-2021-42376.html
https://www.suse.com/security/cve/CVE-2021-42377.html
https://www.suse.com/security/cve/CVE-2021-42378.html
https://www.suse.com/security/cve/CVE-2021-42379.html
https://www.suse.com/security/cve/CVE-2021-42380.html
https://www.suse.com/security/cve/CVE-2021-42381.html
https://www.suse.com/security/cve/CVE-2021-42382.html
https://www.suse.com/security/cve/CVE-2021-42383.html
https://www.suse.com/security/cve/CVE-2021-42384.html
https://www.suse.com/security/cve/CVE-2021-42385.html
https://www.suse.com/security/cve/CVE-2021-42386.html
https://bugzilla.suse.com/1064976
https://bugzilla.suse.com/1064978
https://bugzilla.suse.com/1069412
https://bugzilla.suse.com/1099260
https://bugzilla.suse.com/1099263
https://bugzilla.suse.com/1102912
https://bugzilla.suse.com/1121426
https://bugzilla.suse.com/1121428
https://bugzilla.suse.com/1184522
https://bugzilla.suse.com/1192869
https://bugzilla.suse.com/951562
https://bugzilla.suse.com/970662
https://bugzilla.suse.com/970663
https://bugzilla.suse.com/991940
1
0
openSUSE-SU-2022:10196-1: important: Security update for libmodbus
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
openSUSE Security Update: Security update for libmodbus
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10196-1
Rating: important
References: #1195124
Cross-References: CVE-2022-0367
CVSS scores:
CVE-2022-0367 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libmodbus fixes the following issues:
- CVE-2022-0367: Fixed heap-based Buffer Overflow in modbus_reply
(boo#1195124).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10196=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
libmodbus-devel-3.1.6-bp154.2.3.1
libmodbus5-3.1.6-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-0367.html
https://bugzilla.suse.com/1195124
1
0
openSUSE-SU-2022:10197-1: important: Security update for autotrace
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
openSUSE Security Update: Security update for autotrace
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10197-1
Rating: important
References: #1201529
Cross-References: CVE-2022-32323
CVSS scores:
CVE-2022-32323 (NVD) : 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for autotrace fixes the following issues:
- CVE-2022-32323: Fixed Heap overflow in ReadImage() (boo#1201529).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10197=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
autotrace-0.31.1-bp154.3.3.1
autotrace-devel-0.31.1-bp154.3.3.1
libautotrace3-0.31.1-bp154.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-32323.html
https://bugzilla.suse.com/1201529
1
0
SUSE-SU-2022:3953-1: moderate: Security update for xterm
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
SUSE Security Update: Security update for xterm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3953-1
Rating: moderate
References: #1195387
Cross-References: CVE-2022-24130
CVSS scores:
CVE-2022-24130 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-24130 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xterm fixes the following issues:
- CVE-2022-24130: Fixed buffer overflow in set_sixel when Sixel support
is enabled (bsc#1195387).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3953=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3953=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3953=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3953=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.6.1
xterm-bin-330-150200.11.6.1
xterm-bin-debuginfo-330-150200.11.6.1
xterm-debugsource-330-150200.11.6.1
References:
https://www.suse.com/security/cve/CVE-2022-24130.html
https://bugzilla.suse.com/1195387
1
0
openSUSE-SU-2022:10199-1: important: Security update for autotrace
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
openSUSE Security Update: Security update for autotrace
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10199-1
Rating: important
References: #1201529
Cross-References: CVE-2022-32323
CVSS scores:
CVE-2022-32323 (NVD) : 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for autotrace fixes the following issues:
- CVE-2022-32323: Fixed Heap overflow in ReadImage() (boo#1201529).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10199=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
autotrace-0.31.1-bp153.2.6.1
autotrace-devel-0.31.1-bp153.2.6.1
libautotrace3-0.31.1-bp153.2.6.1
References:
https://www.suse.com/security/cve/CVE-2022-32323.html
https://bugzilla.suse.com/1201529
1
0
SUSE-SU-2022:3949-1: moderate: Security update for rustup
by opensuse-security@opensuse.org 11 Nov '22
by opensuse-security@opensuse.org 11 Nov '22
11 Nov '22
SUSE Security Update: Security update for rustup
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3949-1
Rating: moderate
References: #1194119 #1196972
Cross-References: CVE-2021-45710 CVE-2022-24713
CVSS scores:
CVE-2021-45710 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45710 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rustup fixes the following issues:
Updated to version 1.25.1~0:
- CVE-2022-24713: Fixed Regex denial of service (bsc#1196972).
- CVE-2021-45710: Fixed tokio data race with memory corruption
(bsc#1194119).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3949=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3949=1
Package List:
- openSUSE Leap 15.3 (aarch64 x86_64):
rustup-1.25.1~0-150300.7.13.2
rustup-debuginfo-1.25.1~0-150300.7.13.2
rustup-debugsource-1.25.1~0-150300.7.13.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
rustup-1.25.1~0-150300.7.13.2
rustup-debuginfo-1.25.1~0-150300.7.13.2
rustup-debugsource-1.25.1~0-150300.7.13.2
References:
https://www.suse.com/security/cve/CVE-2021-45710.html
https://www.suse.com/security/cve/CVE-2022-24713.html
https://bugzilla.suse.com/1194119
https://bugzilla.suse.com/1196972
1
0
SUSE-SU-2022:3935-1: moderate: Security update for libarchive
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for libarchive
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3935-1
Rating: moderate
References: #1192426 #1192427
Cross-References: CVE-2021-31566
CVSS scores:
CVE-2021-31566 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-31566 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for libarchive fixes the following issues:
- CVE-2021-31566: Fixed incorrect usage of file flags (bsc#1192426).
- Fixed issues where postprocessing alters symlink targets instead of
actual file (bsc#1192427).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3935=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3935=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3935=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
bsdtar-3.4.2-150200.4.12.1
bsdtar-debuginfo-3.4.2-150200.4.12.1
libarchive-debugsource-3.4.2-150200.4.12.1
libarchive-devel-3.4.2-150200.4.12.1
libarchive13-3.4.2-150200.4.12.1
libarchive13-debuginfo-3.4.2-150200.4.12.1
- openSUSE Leap 15.3 (x86_64):
libarchive13-32bit-3.4.2-150200.4.12.1
libarchive13-32bit-debuginfo-3.4.2-150200.4.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
bsdtar-3.4.2-150200.4.12.1
bsdtar-debuginfo-3.4.2-150200.4.12.1
libarchive-debugsource-3.4.2-150200.4.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libarchive-debugsource-3.4.2-150200.4.12.1
libarchive-devel-3.4.2-150200.4.12.1
libarchive13-3.4.2-150200.4.12.1
libarchive13-debuginfo-3.4.2-150200.4.12.1
References:
https://www.suse.com/security/cve/CVE-2021-31566.html
https://bugzilla.suse.com/1192426
https://bugzilla.suse.com/1192427
1
0
SUSE-SU-2022:3936-1: moderate: Security update for libarchive
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for libarchive
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3936-1
Rating: moderate
References: #1192426 #1192427
Cross-References: CVE-2021-31566
CVSS scores:
CVE-2021-31566 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-31566 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for libarchive fixes the following issues:
- CVE-2021-31566: Fixed vulnerability where libarchive modifies file
flags of symlink target (bsc#1192426)
- Fixed issue where processing fixup entries may follow symbolic links
(bsc#1192427).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3936=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3936=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3936=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3936=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
bsdtar-3.5.1-150400.3.9.1
bsdtar-debuginfo-3.5.1-150400.3.9.1
libarchive-debugsource-3.5.1-150400.3.9.1
libarchive-devel-3.5.1-150400.3.9.1
libarchive13-3.5.1-150400.3.9.1
libarchive13-debuginfo-3.5.1-150400.3.9.1
- openSUSE Leap 15.4 (x86_64):
libarchive13-32bit-3.5.1-150400.3.9.1
libarchive13-32bit-debuginfo-3.5.1-150400.3.9.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
bsdtar-3.5.1-150400.3.9.1
bsdtar-debuginfo-3.5.1-150400.3.9.1
libarchive-debugsource-3.5.1-150400.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libarchive-debugsource-3.5.1-150400.3.9.1
libarchive-devel-3.5.1-150400.3.9.1
libarchive13-3.5.1-150400.3.9.1
libarchive13-debuginfo-3.5.1-150400.3.9.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libarchive-debugsource-3.5.1-150400.3.9.1
libarchive13-3.5.1-150400.3.9.1
libarchive13-debuginfo-3.5.1-150400.3.9.1
References:
https://www.suse.com/security/cve/CVE-2021-31566.html
https://bugzilla.suse.com/1192426
https://bugzilla.suse.com/1192427
1
0
SUSE-SU-2022:3941-1: important: Security update for xwayland
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for xwayland
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3941-1
Rating: important
References: #1204412 #1204416
Cross-References: CVE-2022-3550 CVE-2022-3551
CVSS scores:
CVE-2022-3550 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3550 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3551 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3551 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xwayland fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString()
(bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of
GetComponentSpec() (bsc#1204416).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3941=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3941=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xwayland-21.1.4-150400.3.3.1
xwayland-debuginfo-21.1.4-150400.3.3.1
xwayland-debugsource-21.1.4-150400.3.3.1
xwayland-devel-21.1.4-150400.3.3.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
xwayland-21.1.4-150400.3.3.1
xwayland-debuginfo-21.1.4-150400.3.3.1
xwayland-debugsource-21.1.4-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-3550.html
https://www.suse.com/security/cve/CVE-2022-3551.html
https://bugzilla.suse.com/1204412
https://bugzilla.suse.com/1204416
1
0
SUSE-SU-2022:3932-1: moderate: Security update for python-rsa
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for python-rsa
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3932-1
Rating: moderate
References: #1178676
Cross-References: CVE-2020-25658
CVSS scores:
CVE-2020-25658 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-25658 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-rsa fixes the following issues:
- CVE-2020-25658: Fixed bleichenbacher timing oracle attack against RSA
decryption (bsc#1178676).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3932=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3932=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3932=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3932=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3932=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3932=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3932=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3932=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3932=1
Package List:
- openSUSE Leap Micro 5.2 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- openSUSE Leap 15.4 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- openSUSE Leap 15.3 (noarch):
python2-rsa-3.4.2-150000.3.7.1
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
python2-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
python2-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
python3-rsa-3.4.2-150000.3.7.1
References:
https://www.suse.com/security/cve/CVE-2020-25658.html
https://bugzilla.suse.com/1178676
1
0
10 Nov '22
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3931-1
Rating: moderate
References: #1204455 #1204456
Cross-References: CVE-2022-39253 CVE-2022-39260
CVSS scores:
CVE-2022-39253 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-39253 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-39260 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-39260 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for git fixes the following issues:
- CVE-2022-39260: Fixed overflow in split_cmdline() (bsc#1204456).
- CVE-2022-39253: Fixed dereference issue with symbolic links via the
`--local` clone mechanism (bsc#1204455).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3931=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3931=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3931=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3931=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3931=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3931=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-credential-gnome-keyring-2.35.3-150300.10.18.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.18.1
git-credential-libsecret-2.35.3-150300.10.18.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-p4-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
- openSUSE Leap 15.4 (noarch):
git-doc-2.35.3-150300.10.18.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-credential-gnome-keyring-2.35.3-150300.10.18.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.18.1
git-credential-libsecret-2.35.3-150300.10.18.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-p4-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
- openSUSE Leap 15.3 (noarch):
git-doc-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
git-doc-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
git-doc-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
References:
https://www.suse.com/security/cve/CVE-2022-39253.html
https://www.suse.com/security/cve/CVE-2022-39260.html
https://bugzilla.suse.com/1204455
https://bugzilla.suse.com/1204456
1
0
SUSE-SU-2022:3929-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3929-1
Rating: important
References: #1032323 #1065729 #1196018 #1198702 #1200465
#1200788 #1201725 #1202686 #1202700 #1203066
#1203098 #1203387 #1203391 #1203496 #1204053
#1204166 #1204168 #1204354 #1204355 #1204382
#1204402 #1204415 #1204417 #1204431 #1204439
#1204470 #1204479 #1204574 #1204575 #1204619
#1204635 #1204637 #1204646 #1204647 #1204653
#1204728 #1204753 #1204754 PED-1931 SLE-13847
SLE-24559 SLE-9246
Cross-References: CVE-2021-4037 CVE-2022-2153 CVE-2022-28748
CVE-2022-2964 CVE-2022-2978 CVE-2022-3176
CVE-2022-3424 CVE-2022-3521 CVE-2022-3524
CVE-2022-3535 CVE-2022-3542 CVE-2022-3545
CVE-2022-3565 CVE-2022-3577 CVE-2022-3586
CVE-2022-3594 CVE-2022-3621 CVE-2022-3625
CVE-2022-3629 CVE-2022-3640 CVE-2022-3646
CVE-2022-3649 CVE-2022-39189 CVE-2022-42703
CVE-2022-43750
CVSS scores:
CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4037 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39189 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-39189 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Realtime 15-SP3
SUSE Linux Enterprise Real Time 15-SP3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves 25 vulnerabilities, contains four
features and has 13 fixes is now available.
Description:
The SUSE Linux Enterprise 15-SP3 RT kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in
ax88179_178a devices (bnc#1202686 bsc#1196018).
- CVE-2021-4037: Fixed function logic vulnerability that allowed local
users to create files for the XFS file-system with an unintended group
ownership and with group execution and SGID permission bits set
(bnc#1198702).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an
unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
handler (bnc#1204354).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE
(bnc#1203391).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in
net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
gru_fault() and gru_handle_user_call_os() that could lead to kernel
panic (bsc#1204166).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in
drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
driver that could lead to local privilege escalation or DoS
(bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
allow a local unprivileged user to cause a denial of service
(bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in
drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3621: Fixed null pointer dereference in
nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in
devlink_param_set()/devlink_param_get() in net/core/devlink.c
(bnc#1204637).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in
net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow
unprivileged guest users to compromise the guest kernel via TLB flush
operations on preempted vCPU (bnc#1203066).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
anon_vma double reuse (bnc#1204168).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
(git-fixes).
- ACPI: HMAT: Release platform device in case of
platform_device_add_data() fails (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
(git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
(git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
- ALSA: hda/hdmi: Do not skip notification handling during PM operation
(git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
(git-fixes).
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
(git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
(git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
(git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly
(git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
(git-fixes).
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD
(git-fixes)
- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
- IB/core: Only update PKEY and GID caches on respective events (git-fixes)
- IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
- IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
- IB/hfi1: Fix possible null-pointer dereference in
_extend_sdma_tx_descs() (git-fixes)
- IB/mlx4: Add support for REJ due to timeout (git-fixes)
- IB/mlx4: Use port iterator and validation APIs (git-fixes)
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
(git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs
(git-fixes)
- IB/srpt: Remove redundant assignment to ret (git-fixes)
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: xpad - add supported devices as contributed on github (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend
(git-fixes).
- KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
(git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
- KVM: s390: clear kicked_mask before sleeping again (git-fixes).
- KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
(git-fixes).
- KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).
- KVM: s390: split kvm_s390_real_to_abs (git-fixes).
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: x86/emulator: Fix handing of POP SS to correctly set
interruptibility (git-fixes).
- PCI: Dynamically map ECAM regions (bsc#1204382).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
(git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
(git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states
(git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)
- RDMA/bnxt_re: Fix query SRQ failure (git-fixes)
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
(git-fixes)
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- RDMA/core: Sanitize WQ state received from the userspace (git-fixes)
- RDMA/cxgb4: Remove MW support (git-fixes)
- RDMA/efa: Free IRQ vectors on error flow (git-fixes)
- RDMA/efa: Remove double QP type assignment (git-fixes)
- RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/hfi1: Fix potential integer multiplication overflow errors
(git-fixes)
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP
(git-fixes)
- RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/iwcm: Release resources if iw_cm module initialization fails
(git-fixes)
- RDMA/mlx4: Return missed an error if device does not support steering
(git-fixes)
- RDMA/mlx5: Add missing check for return value in get namespace flow
(git-fixes)
- RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
(git-fixes)
- RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled
(git-fixes)
- RDMA/mlx5: Set user priority for DCT (git-fixes)
- RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create()
(git-fixes)
- RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
- RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL
(git-fixes)
- RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
- RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
- RDMA/rxe: Fix failure during driver load (git-fixes)
- RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
- RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
- RDMA/rxe: Fix redundant skb_put_zero (git-fixes)
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode
(git-fixes)
- RDMA/rxe: Remove unused pkt->offset (git-fixes)
- RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
- RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
(git-fixes)
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
(git-fixes)
- RDMA/siw: Fix a condition race issue in MPA request processing
(git-fixes)
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
(git-fixes)
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMA: Verify port when creating flow rule (git-fixes)
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- USB: serial: console: move mutex_unlock() before usb_serial_put()
(git-fixes).
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- arm64: assembler: add cond_yield macro (git-fixes)
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
(git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
(git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
(git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
(git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
(git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
(git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
(git-fixes).
- crypto: akcipher - default implementation for setting a private key
(git-fixes).
- crypto: arm64/sha - fix function types (git-fixes)
- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
(git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
__cleanup() (git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
(git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
(git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
(git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/udl: Restore display mode on resume (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
(git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
(git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
for_each_available_child_of_node() (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053
bsc#1201725).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups
(git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
(git-fixes).
- gpio: rockchip: request GPIO mux to pinctrl when setting direction
(git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
hidpp_connect_event (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI
(git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch
(git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
(git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
(git-fixes).
- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: sink stdout from cmd for silent build (git-fixes).
- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
(jsc#SLE-24559).
- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
(git-fixes).
- locking/csd_lock: Change csdlock_debug from early_param to __setup
(git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
(git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
(git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
(git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
(git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
(git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in
intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- mm, memcg: avoid stale protection values when cgroup is above protection
(bsc#1204754).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
(bsc#1204575).
- mm: memcontrol: fix occasional OOMs due to proportional memory.low
reclaim (bsc#1204754).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
(git-fixes).
- mmc: core: Replace with already defined values for readability
(git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
(git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the
probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
(git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
(git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling
(git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
(git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
(git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module
autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering
(git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
(git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/fadump: align destination address to pagesize (bsc#1204728
ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
(jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h
(bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs()
(bsc#1065729).
- powerpc/pseries: Interface to represent PAPR firmware attributes
(bsc#1200465 ltc#197256 jsc#PED-1931).
- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
(git-fixes).
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
(git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
(git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask()
(git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465
ltc#197256 jsc#PED-1931).
- selftests/powerpc: Skip energy_scale_info test on older firmware
(git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
(git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
(git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in
spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
(git-fixes).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
(git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- struct pci_config_window kABI workaround (bsc#1204382).
- thermal: intel_powerclamp: Use first online CPU as control_cpu
(git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
to avoid crash (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c
(git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
(git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
(git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in
ath10k_sta_state() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level
(git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
(git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(other cases) (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh
(git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
fast-rx (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
(git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
(git-fixes).
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
- xfs: enable big timestamps (bsc#1203387).
- xfs: enable new inode btree counters feature (bsc#1203387).
- xfs: explicitly define inode timestamp range (bsc#1203387).
- xfs: fix memory corruption during remote attr value buffer invalidation
(git-fixes).
- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
- xfs: move incore structures out of xfs_da_format.h (git-fixes).
- xfs: quota: move to time64_t interfaces (bsc#1203387).
- xfs: redefine xfs_ictimestamp_t (bsc#1203387).
- xfs: redefine xfs_timestamp_t (bsc#1203387).
- xfs: refactor remote attr value buffer invalidation (git-fixes).
- xfs: remove obsolete AGF counter debugging (git-fixes).
- xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
- xfs: store inode btree block counts in AGI header (bsc#1203387).
- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
- xfs: use the finobt block counts to speed up mount times (bsc#1203387).
- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
- xfs: widen ondisk quota expiration timestamps to handle y2038+
(bsc#1203387).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3929=1
- SUSE Linux Enterprise Module for Realtime 15-SP3:
zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-3929=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3929=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3929=1
Package List:
- openSUSE Leap Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64):
cluster-md-kmp-rt-5.3.18-150300.109.1
cluster-md-kmp-rt-debuginfo-5.3.18-150300.109.1
dlm-kmp-rt-5.3.18-150300.109.1
dlm-kmp-rt-debuginfo-5.3.18-150300.109.1
gfs2-kmp-rt-5.3.18-150300.109.1
gfs2-kmp-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
kernel-rt-devel-5.3.18-150300.109.1
kernel-rt-devel-debuginfo-5.3.18-150300.109.1
kernel-rt_debug-debuginfo-5.3.18-150300.109.1
kernel-rt_debug-debugsource-5.3.18-150300.109.1
kernel-rt_debug-devel-5.3.18-150300.109.1
kernel-rt_debug-devel-debuginfo-5.3.18-150300.109.1
kernel-syms-rt-5.3.18-150300.109.1
ocfs2-kmp-rt-5.3.18-150300.109.1
ocfs2-kmp-rt-debuginfo-5.3.18-150300.109.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch):
kernel-devel-rt-5.3.18-150300.109.1
kernel-source-rt-5.3.18-150300.109.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
References:
https://www.suse.com/security/cve/CVE-2021-4037.html
https://www.suse.com/security/cve/CVE-2022-2153.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-2964.html
https://www.suse.com/security/cve/CVE-2022-2978.html
https://www.suse.com/security/cve/CVE-2022-3176.html
https://www.suse.com/security/cve/CVE-2022-3424.html
https://www.suse.com/security/cve/CVE-2022-3521.html
https://www.suse.com/security/cve/CVE-2022-3524.html
https://www.suse.com/security/cve/CVE-2022-3535.html
https://www.suse.com/security/cve/CVE-2022-3542.html
https://www.suse.com/security/cve/CVE-2022-3545.html
https://www.suse.com/security/cve/CVE-2022-3565.html
https://www.suse.com/security/cve/CVE-2022-3577.html
https://www.suse.com/security/cve/CVE-2022-3586.html
https://www.suse.com/security/cve/CVE-2022-3594.html
https://www.suse.com/security/cve/CVE-2022-3621.html
https://www.suse.com/security/cve/CVE-2022-3625.html
https://www.suse.com/security/cve/CVE-2022-3629.html
https://www.suse.com/security/cve/CVE-2022-3640.html
https://www.suse.com/security/cve/CVE-2022-3646.html
https://www.suse.com/security/cve/CVE-2022-3649.html
https://www.suse.com/security/cve/CVE-2022-39189.html
https://www.suse.com/security/cve/CVE-2022-42703.html
https://www.suse.com/security/cve/CVE-2022-43750.html
https://bugzilla.suse.com/1032323
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1198702
https://bugzilla.suse.com/1200465
https://bugzilla.suse.com/1200788
https://bugzilla.suse.com/1201725
https://bugzilla.suse.com/1202686
https://bugzilla.suse.com/1202700
https://bugzilla.suse.com/1203066
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203387
https://bugzilla.suse.com/1203391
https://bugzilla.suse.com/1203496
https://bugzilla.suse.com/1204053
https://bugzilla.suse.com/1204166
https://bugzilla.suse.com/1204168
https://bugzilla.suse.com/1204354
https://bugzilla.suse.com/1204355
https://bugzilla.suse.com/1204382
https://bugzilla.suse.com/1204402
https://bugzilla.suse.com/1204415
https://bugzilla.suse.com/1204417
https://bugzilla.suse.com/1204431
https://bugzilla.suse.com/1204439
https://bugzilla.suse.com/1204470
https://bugzilla.suse.com/1204479
https://bugzilla.suse.com/1204574
https://bugzilla.suse.com/1204575
https://bugzilla.suse.com/1204619
https://bugzilla.suse.com/1204635
https://bugzilla.suse.com/1204637
https://bugzilla.suse.com/1204646
https://bugzilla.suse.com/1204647
https://bugzilla.suse.com/1204653
https://bugzilla.suse.com/1204728
https://bugzilla.suse.com/1204753
https://bugzilla.suse.com/1204754
1
0
SUSE-SU-2022:3922-1: important: Security update for protobuf
by opensuse-security@opensuse.org 09 Nov '22
by opensuse-security@opensuse.org 09 Nov '22
09 Nov '22
SUSE Security Update: Security update for protobuf
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3922-1
Rating: important
References: #1194530 #1203681 #1204256
Cross-References: CVE-2021-22569 CVE-2022-1941 CVE-2022-3171
CVSS scores:
CVE-2021-22569 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-22569 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-1941 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1941 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3171 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3171 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP2
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Installer 15-SP2
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Module for SUSE Manager Server 4.1
SUSE Linux Enterprise Module for SUSE Manager Server 4.2
SUSE Linux Enterprise Module for SUSE Manager Server 4.3
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for protobuf fixes the following issues:
- CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing
procedure for binary data (bsc#1194530).
- CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and
protobuf-python (bsc#1203681)
- CVE-2022-3171: Fix a potential DoS issue when parsing with binary data
in protobuf-java (bsc#1204256)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3922=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3922=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3922=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3922=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3922=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3922=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3922=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3922=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3922=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3922=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3922=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-3922=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-3922=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-3922=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3922=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3922=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3922=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3922=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3922=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3922=1
- SUSE Linux Enterprise Installer 15-SP2:
zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2022-3922=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3922=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3922=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3922=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- openSUSE Leap 15.4 (noarch):
protobuf-source-3.9.2-150200.4.19.2
- openSUSE Leap 15.4 (x86_64):
libprotobuf-lite20-32bit-3.9.2-150200.4.19.2
libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-32bit-3.9.2-150200.4.19.2
libprotobuf20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotoc20-32bit-3.9.2-150200.4.19.2
libprotoc20-32bit-debuginfo-3.9.2-150200.4.19.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- openSUSE Leap 15.3 (x86_64):
libprotobuf-lite20-32bit-3.9.2-150200.4.19.2
libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-32bit-3.9.2-150200.4.19.2
libprotobuf20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotoc20-32bit-3.9.2-150200.4.19.2
libprotoc20-32bit-debuginfo-3.9.2-150200.4.19.2
- openSUSE Leap 15.3 (noarch):
protobuf-source-3.9.2-150200.4.19.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Manager Proxy 4.1 (x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (aarch64 ppc64le s390x x86_64):
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Installer 15-SP2 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
References:
https://www.suse.com/security/cve/CVE-2021-22569.html
https://www.suse.com/security/cve/CVE-2022-1941.html
https://www.suse.com/security/cve/CVE-2022-3171.html
https://bugzilla.suse.com/1194530
https://bugzilla.suse.com/1203681
https://bugzilla.suse.com/1204256
1
0
openSUSE-SU-2022:10191-1: important: Security update for exim
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
openSUSE Security Update: Security update for exim
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10191-1
Rating: important
References: #1204427
Cross-References: CVE-2022-3559
CVSS scores:
CVE-2022-3559 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for exim fixes the following issues:
- CVE-2022-3559: Fixed use after free in processing of the component Regex
Handler (boo#1204427, Bug 2915)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10191=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
exim-4.94.2-bp153.5.1
eximon-4.94.2-bp153.5.1
eximstats-html-4.94.2-bp153.5.1
References:
https://www.suse.com/security/cve/CVE-2022-3559.html
https://bugzilla.suse.com/1204427
1
0
SUSE-SU-2022:3919-1: important: Security update for kubevirt
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for kubevirt
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3919-1
Rating: important
References:
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update rebuilds the kubevirt stack to include recent security updates
in its basecontainers.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3919=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3919=1
Package List:
- openSUSE Leap 15.3 (x86_64):
kubevirt-container-disk-0.49.0-150300.8.15.1
kubevirt-container-disk-debuginfo-0.49.0-150300.8.15.1
kubevirt-manifests-0.49.0-150300.8.15.1
kubevirt-tests-0.49.0-150300.8.15.1
kubevirt-tests-debuginfo-0.49.0-150300.8.15.1
kubevirt-virt-api-0.49.0-150300.8.15.1
kubevirt-virt-api-debuginfo-0.49.0-150300.8.15.1
kubevirt-virt-controller-0.49.0-150300.8.15.1
kubevirt-virt-controller-debuginfo-0.49.0-150300.8.15.1
kubevirt-virt-handler-0.49.0-150300.8.15.1
kubevirt-virt-handler-debuginfo-0.49.0-150300.8.15.1
kubevirt-virt-launcher-0.49.0-150300.8.15.1
kubevirt-virt-launcher-debuginfo-0.49.0-150300.8.15.1
kubevirt-virt-operator-0.49.0-150300.8.15.1
kubevirt-virt-operator-debuginfo-0.49.0-150300.8.15.1
kubevirt-virtctl-0.49.0-150300.8.15.1
kubevirt-virtctl-debuginfo-0.49.0-150300.8.15.1
obs-service-kubevirt_containers_meta-0.49.0-150300.8.15.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (x86_64):
kubevirt-manifests-0.49.0-150300.8.15.1
kubevirt-virtctl-0.49.0-150300.8.15.1
kubevirt-virtctl-debuginfo-0.49.0-150300.8.15.1
References:
1
0
SUSE-SU-2022:3920-1: important: Security update for containerized data importer
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for containerized data importer
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3920-1
Rating: important
References:
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update of containerized data importer images rebases the containers
against the current base images to resolve security issues.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3920=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3920=1
Package List:
- openSUSE Leap 15.3 (x86_64):
containerized-data-importer-api-1.43.2-150300.8.11.1
containerized-data-importer-api-debuginfo-1.43.2-150300.8.11.1
containerized-data-importer-cloner-1.43.2-150300.8.11.1
containerized-data-importer-cloner-debuginfo-1.43.2-150300.8.11.1
containerized-data-importer-controller-1.43.2-150300.8.11.1
containerized-data-importer-controller-debuginfo-1.43.2-150300.8.11.1
containerized-data-importer-importer-1.43.2-150300.8.11.1
containerized-data-importer-importer-debuginfo-1.43.2-150300.8.11.1
containerized-data-importer-manifests-1.43.2-150300.8.11.1
containerized-data-importer-operator-1.43.2-150300.8.11.1
containerized-data-importer-operator-debuginfo-1.43.2-150300.8.11.1
containerized-data-importer-uploadproxy-1.43.2-150300.8.11.1
containerized-data-importer-uploadproxy-debuginfo-1.43.2-150300.8.11.1
containerized-data-importer-uploadserver-1.43.2-150300.8.11.1
containerized-data-importer-uploadserver-debuginfo-1.43.2-150300.8.11.1
obs-service-cdi_containers_meta-1.43.2-150300.8.11.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (x86_64):
containerized-data-importer-manifests-1.43.2-150300.8.11.1
References:
1
0
SUSE-SU-2022:3915-1: moderate: Security update for vsftpd
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for vsftpd
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3915-1
Rating: moderate
References: #1196918 SLE-24275
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes and contains one
feature can now be installed.
Description:
This update for vsftpd fixes the following issues:
Bugfixes:
- Removed unsupported systemd hardening options (bsc#1196918).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3915=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-3915=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
vsftpd-3.0.5-150400.3.6.1
vsftpd-debuginfo-3.0.5-150400.3.6.1
vsftpd-debugsource-3.0.5-150400.3.6.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
vsftpd-3.0.5-150400.3.6.1
vsftpd-debuginfo-3.0.5-150400.3.6.1
vsftpd-debugsource-3.0.5-150400.3.6.1
References:
https://bugzilla.suse.com/1196918
1
0
SUSE-SU-2022:3912-1: important: Security update for expat
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for expat
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3912-1
Rating: important
References: #1204708
Cross-References: CVE-2022-43680
CVSS scores:
CVE-2022-43680 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-43680 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction
of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3912=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3912=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3912=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3912=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3912=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3912=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3912=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3912=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3912=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3912=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3912=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3912=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3912=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3912=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3912=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3912=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3912=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3912=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3912=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3912=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3912=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3912=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3912=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3912=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- openSUSE Leap 15.3 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat-devel-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Manager Server 4.1 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
expat-2.2.5-150000.3.25.1
expat-32bit-debuginfo-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Manager Proxy 4.1 (x86_64):
expat-2.2.5-150000.3.25.1
expat-32bit-debuginfo-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
expat-2.2.5-150000.3.25.1
expat-32bit-debuginfo-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
expat-2.2.5-150000.3.25.1
expat-32bit-debuginfo-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Enterprise Storage 7 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
expat-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
- SUSE Enterprise Storage 6 (x86_64):
expat-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
- SUSE CaaS Platform 4.0 (x86_64):
expat-2.2.5-150000.3.25.1
expat-32bit-debuginfo-2.2.5-150000.3.25.1
expat-debuginfo-2.2.5-150000.3.25.1
expat-debugsource-2.2.5-150000.3.25.1
libexpat-devel-2.2.5-150000.3.25.1
libexpat1-2.2.5-150000.3.25.1
libexpat1-32bit-2.2.5-150000.3.25.1
libexpat1-32bit-debuginfo-2.2.5-150000.3.25.1
libexpat1-debuginfo-2.2.5-150000.3.25.1
References:
https://www.suse.com/security/cve/CVE-2022-43680.html
https://bugzilla.suse.com/1204708
1
0
SUSE-SU-2022:3913-1: moderate: Security update for vsftpd
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for vsftpd
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3913-1
Rating: moderate
References: #1196918 SLE-24275
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes and contains one
feature can now be installed.
Description:
This update for vsftpd fixes the following issues:
Bugfixes:
- Removed unsupported systemd hardening options (bsc#1196918).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3913=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3913=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3913=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3913=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3913=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3913=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3913=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-3913=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3913=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3913=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3913=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Manager Proxy 4.1 (x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
vsftpd-3.0.5-150200.12.12.1
vsftpd-debuginfo-3.0.5-150200.12.12.1
vsftpd-debugsource-3.0.5-150200.12.12.1
References:
https://bugzilla.suse.com/1196918
1
0
SUSE-SU-2022:3907-1: moderate: Security update for gstreamer-plugins-base
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for gstreamer-plugins-base
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3907-1
Rating: moderate
References: #1185448
Cross-References: CVE-2021-3522
CVSS scores:
CVE-2021-3522 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3522 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for gstreamer-plugins-base fixes the following issues:
- CVE-2021-3522: Fixed ID3v2 tag frame size check and potential invalid
reads (bsc#1185448).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3907=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3907=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3907=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3907=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3907=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3907=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
gstreamer-plugins-base-1.16.3-150200.4.6.2
gstreamer-plugins-base-debuginfo-1.16.3-150200.4.6.2
gstreamer-plugins-base-debugsource-1.16.3-150200.4.6.2
libgstallocators-1_0-0-1.16.3-150200.4.6.2
libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstapp-1_0-0-1.16.3-150200.4.6.2
libgstapp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstaudio-1_0-0-1.16.3-150200.4.6.2
libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstgl-1_0-0-1.16.3-150200.4.6.2
libgstgl-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstriff-1_0-0-1.16.3-150200.4.6.2
libgstriff-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgsttag-1_0-0-1.16.3-150200.4.6.2
libgsttag-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstvideo-1_0-0-1.16.3-150200.4.6.2
libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.6.2
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-base-doc-1.16.3-150200.4.6.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-base-1.16.3-150200.4.6.2
gstreamer-plugins-base-debuginfo-1.16.3-150200.4.6.2
gstreamer-plugins-base-debugsource-1.16.3-150200.4.6.2
gstreamer-plugins-base-devel-1.16.3-150200.4.6.2
gstreamer-plugins-base-doc-1.16.3-150200.4.6.2
libgstallocators-1_0-0-1.16.3-150200.4.6.2
libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstapp-1_0-0-1.16.3-150200.4.6.2
libgstapp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstaudio-1_0-0-1.16.3-150200.4.6.2
libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstfft-1_0-0-1.16.3-150200.4.6.2
libgstfft-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstgl-1_0-0-1.16.3-150200.4.6.2
libgstgl-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstriff-1_0-0-1.16.3-150200.4.6.2
libgstriff-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstrtp-1_0-0-1.16.3-150200.4.6.2
libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstrtsp-1_0-0-1.16.3-150200.4.6.2
libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstsdp-1_0-0-1.16.3-150200.4.6.2
libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgsttag-1_0-0-1.16.3-150200.4.6.2
libgsttag-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstvideo-1_0-0-1.16.3-150200.4.6.2
libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.6.2
typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstApp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstAudio-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstGL-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstRtp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstSdp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstTag-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstVideo-1_0-1.16.3-150200.4.6.2
- openSUSE Leap 15.3 (noarch):
gstreamer-plugins-base-lang-1.16.3-150200.4.6.2
- openSUSE Leap 15.3 (x86_64):
gstreamer-plugins-base-32bit-1.16.3-150200.4.6.2
gstreamer-plugins-base-32bit-debuginfo-1.16.3-150200.4.6.2
gstreamer-plugins-base-devel-32bit-1.16.3-150200.4.6.2
libgstallocators-1_0-0-32bit-1.16.3-150200.4.6.2
libgstallocators-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstapp-1_0-0-32bit-1.16.3-150200.4.6.2
libgstapp-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstaudio-1_0-0-32bit-1.16.3-150200.4.6.2
libgstaudio-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstfft-1_0-0-32bit-1.16.3-150200.4.6.2
libgstfft-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstgl-1_0-0-32bit-1.16.3-150200.4.6.2
libgstgl-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-32bit-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstriff-1_0-0-32bit-1.16.3-150200.4.6.2
libgstriff-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstrtp-1_0-0-32bit-1.16.3-150200.4.6.2
libgstrtp-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstrtsp-1_0-0-32bit-1.16.3-150200.4.6.2
libgstrtsp-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstsdp-1_0-0-32bit-1.16.3-150200.4.6.2
libgstsdp-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgsttag-1_0-0-32bit-1.16.3-150200.4.6.2
libgsttag-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstvideo-1_0-0-32bit-1.16.3-150200.4.6.2
libgstvideo-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
gstreamer-plugins-base-32bit-debuginfo-1.16.3-150200.4.6.2
gstreamer-plugins-base-debugsource-1.16.3-150200.4.6.2
libgstaudio-1_0-0-32bit-1.16.3-150200.4.6.2
libgstaudio-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgsttag-1_0-0-32bit-1.16.3-150200.4.6.2
libgsttag-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
libgstvideo-1_0-0-32bit-1.16.3-150200.4.6.2
libgstvideo-1_0-0-32bit-debuginfo-1.16.3-150200.4.6.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-base-1.16.3-150200.4.6.2
gstreamer-plugins-base-debuginfo-1.16.3-150200.4.6.2
gstreamer-plugins-base-debugsource-1.16.3-150200.4.6.2
gstreamer-plugins-base-devel-1.16.3-150200.4.6.2
libgstallocators-1_0-0-1.16.3-150200.4.6.2
libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstapp-1_0-0-1.16.3-150200.4.6.2
libgstapp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstaudio-1_0-0-1.16.3-150200.4.6.2
libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstfft-1_0-0-1.16.3-150200.4.6.2
libgstfft-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstgl-1_0-0-1.16.3-150200.4.6.2
libgstgl-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstriff-1_0-0-1.16.3-150200.4.6.2
libgstriff-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstrtp-1_0-0-1.16.3-150200.4.6.2
libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstrtsp-1_0-0-1.16.3-150200.4.6.2
libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstsdp-1_0-0-1.16.3-150200.4.6.2
libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgsttag-1_0-0-1.16.3-150200.4.6.2
libgsttag-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstvideo-1_0-0-1.16.3-150200.4.6.2
libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.6.2
typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstApp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstAudio-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstGL-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstRtp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstSdp-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstTag-1_0-1.16.3-150200.4.6.2
typelib-1_0-GstVideo-1_0-1.16.3-150200.4.6.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
gstreamer-plugins-base-lang-1.16.3-150200.4.6.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
gstreamer-plugins-base-1.16.3-150200.4.6.2
gstreamer-plugins-base-debuginfo-1.16.3-150200.4.6.2
gstreamer-plugins-base-debugsource-1.16.3-150200.4.6.2
libgstallocators-1_0-0-1.16.3-150200.4.6.2
libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstapp-1_0-0-1.16.3-150200.4.6.2
libgstapp-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstaudio-1_0-0-1.16.3-150200.4.6.2
libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstgl-1_0-0-1.16.3-150200.4.6.2
libgstgl-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-1.16.3-150200.4.6.2
libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstriff-1_0-0-1.16.3-150200.4.6.2
libgstriff-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgsttag-1_0-0-1.16.3-150200.4.6.2
libgsttag-1_0-0-debuginfo-1.16.3-150200.4.6.2
libgstvideo-1_0-0-1.16.3-150200.4.6.2
libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.6.2
References:
https://www.suse.com/security/cve/CVE-2021-3522.html
https://bugzilla.suse.com/1185448
1
0
SUSE-SU-2022:3908-1: moderate: Security update for gstreamer-plugins-good
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for gstreamer-plugins-good
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3908-1
Rating: moderate
References: #1201688 #1201693 #1201702 #1201704 #1201706
#1201707 #1201708
Cross-References: CVE-2022-1920 CVE-2022-1921 CVE-2022-1922
CVE-2022-1923 CVE-2022-1924 CVE-2022-1925
CVE-2022-2122
CVSS scores:
CVE-2022-1920 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1920 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CVE-2022-1921 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1921 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CVE-2022-1922 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1922 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
CVE-2022-1923 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1923 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
CVE-2022-1924 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1924 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
CVE-2022-1925 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1925 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
CVE-2022-2122 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2122 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 7 vulnerabilities is now available.
Description:
This update for gstreamer-plugins-good fixes the following issues:
- CVE-2022-1920: Fixed integer overflow in WavPack header handling code
(bsc#1201688).
- CVE-2022-1921: Fixed integer overflow resulting in heap corruption in
avidemux element (bsc#1201693).
- CVE-2022-1922: Fixed integer overflows in mkv demuxing (bsc#1201702).
- CVE-2022-1923: Fixed integer overflows in mkv demuxing using bzip
(bsc#1201704).
- CVE-2022-1924: Fixed integer overflows in mkv demuxing using lzo
(bsc#1201706).
- CVE-2022-1925: Fixed integer overflows in mkv demuxing using HEADERSTRIP
(bsc#1201707).
- CVE-2022-2122: Fixed integer overflows in qtdemux using zlib
(bsc#1201708).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3908=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3908=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-good-1.20.1-150400.3.3.1
gstreamer-plugins-good-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-debugsource-1.20.1-150400.3.3.1
gstreamer-plugins-good-extra-1.20.1-150400.3.3.1
gstreamer-plugins-good-extra-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-gtk-1.20.1-150400.3.3.1
gstreamer-plugins-good-gtk-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-jack-1.20.1-150400.3.3.1
gstreamer-plugins-good-jack-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-qtqml-1.20.1-150400.3.3.1
gstreamer-plugins-good-qtqml-debuginfo-1.20.1-150400.3.3.1
- openSUSE Leap 15.4 (noarch):
gstreamer-plugins-good-lang-1.20.1-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
gstreamer-plugins-good-32bit-1.20.1-150400.3.3.1
gstreamer-plugins-good-32bit-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-extra-32bit-1.20.1-150400.3.3.1
gstreamer-plugins-good-extra-32bit-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-jack-32bit-1.20.1-150400.3.3.1
gstreamer-plugins-good-jack-32bit-debuginfo-1.20.1-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
gstreamer-plugins-good-1.20.1-150400.3.3.1
gstreamer-plugins-good-debuginfo-1.20.1-150400.3.3.1
gstreamer-plugins-good-debugsource-1.20.1-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
gstreamer-plugins-good-lang-1.20.1-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1920.html
https://www.suse.com/security/cve/CVE-2022-1921.html
https://www.suse.com/security/cve/CVE-2022-1922.html
https://www.suse.com/security/cve/CVE-2022-1923.html
https://www.suse.com/security/cve/CVE-2022-1924.html
https://www.suse.com/security/cve/CVE-2022-1925.html
https://www.suse.com/security/cve/CVE-2022-2122.html
https://bugzilla.suse.com/1201688
https://bugzilla.suse.com/1201693
https://bugzilla.suse.com/1201702
https://bugzilla.suse.com/1201704
https://bugzilla.suse.com/1201706
https://bugzilla.suse.com/1201707
https://bugzilla.suse.com/1201708
1
0
SUSE-SU-2022:3899-1: important: Security update for sendmail
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for sendmail
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3899-1
Rating: important
References: #1202937 #1204696
Cross-References: CVE-2022-31256
CVSS scores:
CVE-2022-31256 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31256 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for sendmail fixes the following issues:
- CVE-2022-31256: Fixed mail to root privilege escalation via
sm-client.pre script (bsc#1204696, bsc#1202937).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3899=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3899=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3899=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3899=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3899=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3899=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3899=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3899=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3899=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3899=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3899=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3899=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3899=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3899=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3899=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3899=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3899=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3899=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3899=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3899=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3899=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3899=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3899=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3899=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3899=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
rmail-8.15.2-150000.8.9.1
rmail-debuginfo-8.15.2-150000.8.9.1
sendmail-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
sendmail-devel-8.15.2-150000.8.9.1
- openSUSE Leap 15.4 (noarch):
libmilter-doc-8.15.2-150000.8.9.1
sendmail-starttls-8.15.2-150000.8.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
rmail-8.15.2-150000.8.9.1
rmail-debuginfo-8.15.2-150000.8.9.1
sendmail-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
sendmail-devel-8.15.2-150000.8.9.1
- openSUSE Leap 15.3 (noarch):
libmilter-doc-8.15.2-150000.8.9.1
sendmail-starttls-8.15.2-150000.8.9.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Manager Proxy 4.1 (x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
rmail-8.15.2-150000.8.9.1
rmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
rmail-8.15.2-150000.8.9.1
rmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
- SUSE CaaS Platform 4.0 (x86_64):
libmilter1_0-8.15.2-150000.8.9.1
libmilter1_0-debuginfo-8.15.2-150000.8.9.1
sendmail-debuginfo-8.15.2-150000.8.9.1
sendmail-debugsource-8.15.2-150000.8.9.1
References:
https://www.suse.com/security/cve/CVE-2022-31256.html
https://bugzilla.suse.com/1202937
https://bugzilla.suse.com/1204696
1
0
SUSE-SU-2022:3897-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3897-1
Rating: important
References: #1032323 #1065729 #1152489 #1196018 #1198702
#1200465 #1200788 #1201725 #1202638 #1202686
#1202700 #1203066 #1203098 #1203290 #1203387
#1203391 #1203496 #1203514 #1203770 #1203802
#1204051 #1204053 #1204059 #1204060 #1204125
#1204166 #1204168 #1204354 #1204355 #1204382
#1204402 #1204415 #1204417 #1204431 #1204439
#1204470 #1204479 #1204574 #1204575 #1204619
#1204635 #1204637 #1204646 #1204647 #1204653
#1204728 #1204753 #1204754 PED-1931
Cross-References: CVE-2021-4037 CVE-2022-2153 CVE-2022-28748
CVE-2022-2964 CVE-2022-2978 CVE-2022-3169
CVE-2022-3176 CVE-2022-3424 CVE-2022-3521
CVE-2022-3524 CVE-2022-3535 CVE-2022-3542
CVE-2022-3545 CVE-2022-3565 CVE-2022-3577
CVE-2022-3586 CVE-2022-3594 CVE-2022-3621
CVE-2022-3623 CVE-2022-3625 CVE-2022-3629
CVE-2022-3640 CVE-2022-3646 CVE-2022-3649
CVE-2022-39189 CVE-2022-40768 CVE-2022-41674
CVE-2022-42703 CVE-2022-42719 CVE-2022-42720
CVE-2022-42721 CVE-2022-42722 CVE-2022-43750
CVSS scores:
CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4037 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3169 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3169 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3176 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3623 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3623 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39189 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-39189 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-40768 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-40768 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-41674 (NVD) : 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-41674 (SUSE): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42721 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42721 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42722 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42722 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 33 vulnerabilities, contains one
feature and has 15 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-4037: Fixed function logic vulnerability that allowed local
users to create files for the XFS file-system with an unintended group
ownership and with group execution and SGID permission bits set
(bnc#1198702).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an
unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in
ax88179_178a devices (bnc#1202686 bsc#1196018).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3169: Fixed a denial of service flaw which occurs when
consecutive requests to NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET
are sent (bnc#1203290).
- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE
(bnc#1203391).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
gru_fault() and gru_handle_user_call_os() that could lead to kernel
panic (bsc#1204166).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in
net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
handler (bnc#1204354).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in
drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
driver that could lead to local privilege escalation or DoS
(bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
allow a local unprivileged user to cause a denial of service
(bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in
drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3621: Fixed null pointer dereference in
nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3623: Fixed race condition in follow_page_pte() (mm/gup.c)
(bsc#1204575).
- CVE-2022-3625: Fixed use-after-free in
devlink_param_set()/devlink_param_get() in net/core/devlink.c
(bnc#1204637).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in
net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow
unprivileged guest users to compromise the guest kernel via TLB flush
operations on preempted vCPU (bnc#1203066).
- CVE-2022-40768: Fixed information disclosure in stex_queuecommand_lck
(bnc#1203514).
- CVE-2022-41674: Fixed a DoS issue where kernel can crash on the
reception of specific WiFi Frames (bsc#1203770).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
anon_vma double reuse (bnc#1204168).
- CVE-2022-42719: Fixed MBSSID parsing use-after-free. (bsc#1204051)
- CVE-2022-42720: Fixed BSS refcounting bugs. (bsc#1204059)
- CVE-2022-42721: Avoid nontransmitted BSS list corruption. (bsc#1204060)
- CVE-2022-42722: Fixed crash in beacon protection for P2P-device.
(bsc#1204125)
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- acpi: APEI: do not add task_work to kernel thread to avoid memory leak
(git-fixes).
- acpi: HMAT: Release platform device in case of
platform_device_add_data() fails (git-fixes).
- acpi: extlog: Handle multiple records (git-fixes).
- acpi: processor idle: Practically limit "Dummy wait" workaround to old
Intel systems (bnc#1203802).
- acpi: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- alsa: Use del_timer_sync( before freeing timer (git-fixes).
- alsa: ac97: fix possible memory leak in snd_ac97_dev_register()
(git-fixes).
- alsa: aoa: Fix I2S device accounting (git-fixes).
- alsa: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
(git-fixes).
- alsa: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- alsa: au88x0: use explicitly signed char (git-fixes).
- alsa: dmaengine: increment buffer pointer atomically (git-fixes).
- alsa: hda/hdmi: Do not skip notification handling during PM operation
(git-fixes).
- alsa: hda/realtek: Add Intel Reference SSID to support headset keys
(git-fixes).
- alsa: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
- alsa: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
- alsa: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
- alsa: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- alsa: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
- alsa: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- alsa: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
(git-fixes).
- alsa: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
(git-fixes).
- alsa: hda/sigmatel: Fix unused variable warning for beep power change
(git-fixes).
- alsa: hda/sigmatel: Keep power up while beep is enabled (git-fixes).
- alsa: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
- alsa: hda: Fix position reporting on Poulsbo (git-fixes).
- alsa: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
- alsa: oss: Fix potential deadlock at unregistration (git-fixes).
- alsa: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- alsa: rme9652: use explicitly signed char (git-fixes).
- alsa: usb-audio: Fix NULL dererence at error path (git-fixes).
- alsa: usb-audio: Fix potential memory leaks (git-fixes).
- arm64: assembler: add cond_yield macro (git-fixes)
- asoc: eureka-tlv320: Hold reference returned from of_find_xxx API
(git-fixes).
- asoc: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- asoc: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
(git-fixes).
- asoc: nau8824: Fix semaphore unbalance at error paths (git-fixes).
- asoc: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- asoc: tas2770: Reinit regcache on reset (git-fixes).
- asoc: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- asoc: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- asoc: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- asoc: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- asoc: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
(git-fixes).
- bluetooth: L2CAP: Fix user-after-free (git-fixes).
- bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
(git-fixes).
- bluetooth: hci_core: Fix not handling link timeouts propertly
(git-fixes).
- bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
(git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: gs_usb: gs_can_open(): fix race dev->can.state condition
(git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
(git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
(git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
(git-fixes).
- clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
(git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
(git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
(git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
(git-fixes).
- crypto: akcipher - default implementation for setting a private key
(git-fixes).
- crypto: arm64/sha - fix function types (git-fixes)
- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
(git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
__cleanup() (git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
(git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amd/display: Limit user regamma to a valid value (git-fixes).
- drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/amdgpu: use dirty framebuffer helper (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
(git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
(git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/udl: Restore display mode on resume (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
(git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
(git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
for_each_available_child_of_node() (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053
bsc#1201725).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups
(git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
(git-fixes).
- gpio: rockchip: request GPIO mux to pinctrl when setting direction
(git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
hidpp_connect_event (git-fixes).
- hid: hidraw: fix memory leak in hidraw_release() (git-fixes).
- hid: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- hid: multitouch: Add memory barriers (git-fixes).
- hid: roccat: Fix use-after-free in roccat_read() (git-fixes).
- hsi: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- hsi: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- ib/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD
(git-fixes)
- ib/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
- ib/core: Only update PKEY and GID caches on respective events (git-fixes)
- ib/hfi1: Adjust pkey entry in index 0 (git-fixes)
- ib/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
- ib/hfi1: Fix possible null-pointer dereference in
_extend_sdma_tx_descs() (git-fixes)
- ib/mlx4: Add support for REJ due to timeout (git-fixes)
- ib/mlx4: Use port iterator and validation APIs (git-fixes)
- ib/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
(git-fixes)
- ib/rdmavt: Add __init/__exit annotations to module init/exit funcs
(git-fixes)
- ib/srpt: Remove redundant assignment to ret (git-fixes)
- iio: ABI: Fix wrong format of differential capacitance channel ABI
(git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch
(git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
(git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- input: i8042 - fix refount leak on sparc (git-fixes).
- input: xpad - add supported devices as contributed on github (git-fixes).
- input: xpad - fix wireless 360 controller breaking after suspend
(git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
(git-fixes).
- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: sink stdout from cmd for silent build (git-fixes).
- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
(jsc#SLE-24559).
- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
- kvm: nVMX: Unconditionally purge queued/injected events on nested "exit"
(git-fixes).
- kvm: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- kvm: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
- kvm: s390: clear kicked_mask before sleeping again (git-fixes).
- kvm: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
(git-fixes).
- kvm: s390: pv: do not present the ecall interrupt twice (git-fixes).
- kvm: s390: split kvm_s390_real_to_abs (git-fixes).
- kvm: s390x: fix SCK locking (git-fixes)
- kvm: x86/emulator: Fix handing of POP SS to correctly set
interruptibility (git-fixes).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
(git-fixes).
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
(git-fixes).
- locking/csd_lock: Change csdlock_debug from early_param to __setup
(git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- media: aspeed-video: ignore interrupts that are not enabled (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: coda: Add more H264 levels for CODA960 (git-fixes).
- media: coda: Fix reported H264 profile (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: dvb_vb2: fix possible out of bound access (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
(git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
(git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
(git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
(git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
(git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in
intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- mm, memcg: avoid stale protection values when cgroup is above protection
(bsc#1204754).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
(bsc#1204575).
- mm: memcontrol: fix occasional OOMs due to proportional memory.low
reclaim (bsc#1204754).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
(git-fixes).
- mmc: core: Replace with already defined values for readability
(git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
(git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the
probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
(git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
(git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).
- padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).
- parisc/sticon: fix reverse colors (bsc#1152489) Backporting notes: *
context changes
- parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)
- pci: Dynamically map ECAM regions (bsc#1204382).
- pci: Fix used_buses calculation in pci_scan_child_bus_extend()
(git-fixes).
- pci: Sanitise firmware BAR assignments behind a PCI-PCI bridge
(git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling
(git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
(git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
(git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module
autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering
(git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- pm: domains: Fix handling of unavailable/disabled idle states
(git-fixes).
- pm: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
(git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/fadump: align destination address to pagesize (bsc#1204728
ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
(jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h
(bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs()
(bsc#1065729).
- powerpc/pseries: Interface to represent PAPR firmware attributes
(bsc#1200465 ltc#197256 jsc#PED-1931).
- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
- rdma/bnxt_re: Add missing spin lock initialization (git-fixes)
- rdma/bnxt_re: Fix query SRQ failure (git-fixes)
- rdma/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- rdma/cma: Ensure rdma_addr_cancel() happens before issuing more requests
(git-fixes)
- rdma/cma: Fix arguments order in net device validation (git-fixes)
- rdma/core: Sanitize WQ state received from the userspace (git-fixes)
- rdma/cxgb4: Remove MW support (git-fixes)
- rdma/efa: Free IRQ vectors on error flow (git-fixes)
- rdma/efa: Remove double QP type assignment (git-fixes)
- rdma/efa: Use ib_umem_num_dma_pages() (git-fixes)
- rdma/hfi1: Fix potential integer multiplication overflow errors
(git-fixes)
- rdma/hns: Remove unnecessary check for the sgid_attr when modifying QP
(git-fixes)
- rdma/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
- rdma/iwcm: Release resources if iw_cm module initialization fails
(git-fixes)
- rdma/mlx4: Return missed an error if device does not support steering
(git-fixes)
- rdma/mlx5: Add missing check for return value in get namespace flow
(git-fixes)
- rdma/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
- rdma/mlx5: Fix memory leak in error flow for subscribe event routine
(git-fixes)
- rdma/mlx5: Make mkeys always owned by the kernel's PD when not enabled
(git-fixes)
- rdma/mlx5: Set user priority for DCT (git-fixes)
- rdma/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create()
(git-fixes)
- rdma/mthca: Work around -Wenum-conversion warning (git-fixes)
- rdma/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
- rdma/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- rdma/qedr: Fix reporting QP timeout attribute (git-fixes)
- rdma/qib: Remove superfluous fallthrough statements (git-fixes)
- rdma/rtrs-srv: Pass the correct number of entries for dma mapped SGL
(git-fixes)
- rdma/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
- rdma/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
- rdma/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- rdma/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
- rdma/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
- rdma/rxe: Fix failure during driver load (git-fixes)
- rdma/rxe: Fix over copying in get_srq_wqe (git-fixes)
- rdma/rxe: Fix redundant call to ip_send_check (git-fixes)
- rdma/rxe: Fix redundant skb_put_zero (git-fixes)
- rdma/rxe: Fix rnr retry behavior (git-fixes)
- rdma/rxe: Fix the error caused by qp->sk (git-fixes)
- rdma/rxe: Fix wrong port_cap_flags (git-fixes)
- rdma/rxe: Generate a completion for unsupported/invalid opcode
(git-fixes)
- rdma/rxe: Remove unused pkt->offset (git-fixes)
- rdma/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
- rdma/sa_query: Use strscpy_pad instead of memcpy to copy a string
(git-fixes)
- rdma/siw: Always consume all skbuf data in sk_data_ready() upcall.
(git-fixes)
- rdma/siw: Fix a condition race issue in MPA request processing
(git-fixes)
- rdma/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
(git-fixes)
- rdma/siw: Pass a pointer to virt_to_page() (git-fixes)
- rdma/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- rdma: Verify port when creating flow rule (git-fixes)
- rdma: remove useless condition in siw_create_cq() (git-fixes)
- regulator: pfuze100: Fix the global-out-of-bounds access in
pfuze100_regulator_probe() (git-fixes).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
- revert "drivers/video/backlight/platform_lcd.c: add support for
(bsc#1152489)
- revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
suspend/resume time" (git-fixes).
- revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes).
- revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
(git-fixes).
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
(git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
(git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask()
(git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465
ltc#197256 jsc#PED-1931).
- selftests/powerpc: Skip energy_scale_info test on older firmware
(git-fixes).
- serial: Create uart_xmit_advance() (git-fixes).
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
(git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
- soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
(git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in
spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
(git-fixes).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
(git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- struct pci_config_window kABI workaround (bsc#1204382).
- thermal: intel_powerclamp: Use first online CPU as control_cpu
(git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
to avoid crash (git-fixes).
- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data
(git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
(git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c
(git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
(git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- usb: serial: console: move mutex_unlock() before usb_serial_put()
(git-fixes).
- usb: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- usb: serial: option: add Quectel RM520N (git-fixes).
- usb: serial: option: add Quectel RM520N (git-fixes).
- usb: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- usb: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- usb: typec: ucsi: Remove incorrect warning (git-fixes).
- usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).
- usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).
- usb: xhci-mtk: add some schedule error number (git-fixes).
- usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).
- usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).
- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule
(git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
(git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
(git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in
ath10k_sta_state() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level
(git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
(git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(other cases) (git-fixes).
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh
(git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
fast-rx (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
(git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
(git-fixes).
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
- xfs: enable big timestamps (bsc#1203387).
- xfs: enable new inode btree counters feature (bsc#1203387).
- xfs: explicitly define inode timestamp range (bsc#1203387).
- xfs: fix memory corruption during remote attr value buffer invalidation
(git-fixes).
- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
- xfs: move incore structures out of xfs_da_format.h (git-fixes).
- xfs: quota: move to time64_t interfaces (bsc#1203387).
- xfs: redefine xfs_ictimestamp_t (bsc#1203387). Refresh
patches.suse/xfs-repair-malformed-inode-items-during-log-recovery.patch.
- xfs: redefine xfs_timestamp_t (bsc#1203387).
- xfs: refactor remote attr value buffer invalidation (git-fixes).
- xfs: remove obsolete AGF counter debugging (git-fixes).
- xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
- xfs: store inode btree block counts in AGI header (bsc#1203387).
- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
- xfs: use the finobt block counts to speed up mount times (bsc#1203387).
- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
- xfs: widen ondisk quota expiration timestamps to handle y2038+
(bsc#1203387).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3897=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-3897=1
Package List:
- openSUSE Leap 15.3 (x86_64):
cluster-md-kmp-azure-5.3.18-150300.38.83.1
cluster-md-kmp-azure-debuginfo-5.3.18-150300.38.83.1
dlm-kmp-azure-5.3.18-150300.38.83.1
dlm-kmp-azure-debuginfo-5.3.18-150300.38.83.1
gfs2-kmp-azure-5.3.18-150300.38.83.1
gfs2-kmp-azure-debuginfo-5.3.18-150300.38.83.1
kernel-azure-5.3.18-150300.38.83.1
kernel-azure-debuginfo-5.3.18-150300.38.83.1
kernel-azure-debugsource-5.3.18-150300.38.83.1
kernel-azure-devel-5.3.18-150300.38.83.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.83.1
kernel-azure-extra-5.3.18-150300.38.83.1
kernel-azure-extra-debuginfo-5.3.18-150300.38.83.1
kernel-azure-livepatch-devel-5.3.18-150300.38.83.1
kernel-azure-optional-5.3.18-150300.38.83.1
kernel-azure-optional-debuginfo-5.3.18-150300.38.83.1
kernel-syms-azure-5.3.18-150300.38.83.1
kselftests-kmp-azure-5.3.18-150300.38.83.1
kselftests-kmp-azure-debuginfo-5.3.18-150300.38.83.1
ocfs2-kmp-azure-5.3.18-150300.38.83.1
ocfs2-kmp-azure-debuginfo-5.3.18-150300.38.83.1
reiserfs-kmp-azure-5.3.18-150300.38.83.1
reiserfs-kmp-azure-debuginfo-5.3.18-150300.38.83.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-azure-5.3.18-150300.38.83.1
kernel-source-azure-5.3.18-150300.38.83.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
kernel-devel-azure-5.3.18-150300.38.83.1
kernel-source-azure-5.3.18-150300.38.83.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (x86_64):
kernel-azure-5.3.18-150300.38.83.1
kernel-azure-debuginfo-5.3.18-150300.38.83.1
kernel-azure-debugsource-5.3.18-150300.38.83.1
kernel-azure-devel-5.3.18-150300.38.83.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.83.1
kernel-syms-azure-5.3.18-150300.38.83.1
References:
https://www.suse.com/security/cve/CVE-2021-4037.html
https://www.suse.com/security/cve/CVE-2022-2153.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-2964.html
https://www.suse.com/security/cve/CVE-2022-2978.html
https://www.suse.com/security/cve/CVE-2022-3169.html
https://www.suse.com/security/cve/CVE-2022-3176.html
https://www.suse.com/security/cve/CVE-2022-3424.html
https://www.suse.com/security/cve/CVE-2022-3521.html
https://www.suse.com/security/cve/CVE-2022-3524.html
https://www.suse.com/security/cve/CVE-2022-3535.html
https://www.suse.com/security/cve/CVE-2022-3542.html
https://www.suse.com/security/cve/CVE-2022-3545.html
https://www.suse.com/security/cve/CVE-2022-3565.html
https://www.suse.com/security/cve/CVE-2022-3577.html
https://www.suse.com/security/cve/CVE-2022-3586.html
https://www.suse.com/security/cve/CVE-2022-3594.html
https://www.suse.com/security/cve/CVE-2022-3621.html
https://www.suse.com/security/cve/CVE-2022-3623.html
https://www.suse.com/security/cve/CVE-2022-3625.html
https://www.suse.com/security/cve/CVE-2022-3629.html
https://www.suse.com/security/cve/CVE-2022-3640.html
https://www.suse.com/security/cve/CVE-2022-3646.html
https://www.suse.com/security/cve/CVE-2022-3649.html
https://www.suse.com/security/cve/CVE-2022-39189.html
https://www.suse.com/security/cve/CVE-2022-40768.html
https://www.suse.com/security/cve/CVE-2022-41674.html
https://www.suse.com/security/cve/CVE-2022-42703.html
https://www.suse.com/security/cve/CVE-2022-42719.html
https://www.suse.com/security/cve/CVE-2022-42720.html
https://www.suse.com/security/cve/CVE-2022-42721.html
https://www.suse.com/security/cve/CVE-2022-42722.html
https://www.suse.com/security/cve/CVE-2022-43750.html
https://bugzilla.suse.com/1032323
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1198702
https://bugzilla.suse.com/1200465
https://bugzilla.suse.com/1200788
https://bugzilla.suse.com/1201725
https://bugzilla.suse.com/1202638
https://bugzilla.suse.com/1202686
https://bugzilla.suse.com/1202700
https://bugzilla.suse.com/1203066
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203290
https://bugzilla.suse.com/1203387
https://bugzilla.suse.com/1203391
https://bugzilla.suse.com/1203496
https://bugzilla.suse.com/1203514
https://bugzilla.suse.com/1203770
https://bugzilla.suse.com/1203802
https://bugzilla.suse.com/1204051
https://bugzilla.suse.com/1204053
https://bugzilla.suse.com/1204059
https://bugzilla.suse.com/1204060
https://bugzilla.suse.com/1204125
https://bugzilla.suse.com/1204166
https://bugzilla.suse.com/1204168
https://bugzilla.suse.com/1204354
https://bugzilla.suse.com/1204355
https://bugzilla.suse.com/1204382
https://bugzilla.suse.com/1204402
https://bugzilla.suse.com/1204415
https://bugzilla.suse.com/1204417
https://bugzilla.suse.com/1204431
https://bugzilla.suse.com/1204439
https://bugzilla.suse.com/1204470
https://bugzilla.suse.com/1204479
https://bugzilla.suse.com/1204574
https://bugzilla.suse.com/1204575
https://bugzilla.suse.com/1204619
https://bugzilla.suse.com/1204635
https://bugzilla.suse.com/1204637
https://bugzilla.suse.com/1204646
https://bugzilla.suse.com/1204647
https://bugzilla.suse.com/1204653
https://bugzilla.suse.com/1204728
https://bugzilla.suse.com/1204753
https://bugzilla.suse.com/1204754
1
0
SUSE-SU-2022:3889-1: important: Security update for exiv2
by opensuse-security@opensuse.org 07 Nov '22
by opensuse-security@opensuse.org 07 Nov '22
07 Nov '22
SUSE Security Update: Security update for exiv2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3889-1
Rating: important
References: #1068871 #1142675 #1142679 #1185002 #1185218
#1185447 #1185913 #1186053 #1186192 #1188645
#1188733 #1189332 #1189333 #1189334 #1189335
#1189338 PED-1393
Cross-References: CVE-2017-1000128 CVE-2019-13108 CVE-2019-13111
CVE-2020-19716 CVE-2021-29457 CVE-2021-29463
CVE-2021-29470 CVE-2021-29623 CVE-2021-31291
CVE-2021-32617 CVE-2021-34334 CVE-2021-37620
CVE-2021-37621 CVE-2021-37622 CVE-2021-37623
CVSS scores:
CVE-2017-1000128 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-1000128 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-13108 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13108 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-13111 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13111 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-19716 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-19716 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29457 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-29457 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-29463 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29463 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29470 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29470 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29623 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-29623 (SUSE): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
CVE-2021-31291 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-34334 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-34334 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37620 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37620 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-37621 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37621 (SUSE): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37622 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37622 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37623 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-37623 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 15 vulnerabilities, contains one
feature and has one errata is now available.
Description:
This update for exiv2 fixes the following issues:
Updated to version 0.27.5 (jsc#PED-1393):
- CVE-2017-1000128: Fixed stack out of bounds read in JPEG2000 parser
(bsc#1068871).
- CVE-2019-13108: Fixed integer overflow PngImage:readMetadata
(bsc#1142675).
- CVE-2020-19716: Fixed buffer overflow vulnerability in the Databuf
function in types.cpp (bsc#1188645).
- CVE-2021-29457: Fixed heap buffer overflow when write metadata into a
crafted image file (bsc#1185002).
- CVE-2021-29470: Fixed out-of-bounds read in
Exiv2:Jp2Image:encodeJp2Header (bsc#1185447).
- CVE-2021-29623: Fixed read of uninitialized memory (bsc#1186053).
- CVE-2021-31291: Fixed heap-based buffer overflow in jp2image.cpp
(bsc#1188733).
- CVE-2021-32617: Fixed denial of service due to inefficient algorithm
(bsc#1186192).
- CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read()
(bsc#1189332).
- CVE-2021-37621: Fixed DoS due to infinite loop in
Image:printIFDStructure (bsc#1189333).
- CVE-2021-37622: Fixed DoS due to infinite loop in
JpegBase:printStructure (bsc#1189334)
- CVE-2021-34334: Fixed DoS due to integer overflow in loop
counter(bsc#1189338)
- CVE-2021-37623: Fixed DoS due to infinite loop in
JpegBase:printStructure (bsc#1189335)
- CVE-2021-29463: Fixed out-of-bounds read in webpimage.cpp (bsc#1185913).
- CVE-2021-34334: Fixed DoS due to integer overflow in loop counter
(bsc#1189338)
- CVE-2019-13111: Fixed integer overflow in WebPImage:decodeChunks that
lead to denial of service (bsc#1142679)
- CVE-2021-29463: Fixed an out-of-bounds read was found in webpimage.cpp
(bsc#1185913)
Bugfixes:
- Fixed build using GCC 11 (bsc#1185218).
A new libexiv2-2_27 shared library is shipped, the libexiv2-2_26 is
provided only for compatibility now.
Please recompile your applications using the exiv2 library.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3889=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-3889=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
exiv2-0.27.5-150400.15.4.1
exiv2-debuginfo-0.27.5-150400.15.4.1
exiv2-debugsource-0.27.5-150400.15.4.1
libexiv2-26-0.26-150400.9.16.1
libexiv2-26-debuginfo-0.26-150400.9.16.1
libexiv2-27-0.27.5-150400.15.4.1
libexiv2-27-debuginfo-0.27.5-150400.15.4.1
libexiv2-devel-0.27.5-150400.15.4.1
libexiv2-xmp-static-0.27.5-150400.15.4.1
- openSUSE Leap 15.4 (noarch):
exiv2-lang-0.27.5-150400.15.4.1
- openSUSE Leap 15.4 (x86_64):
libexiv2-26-32bit-0.26-150400.9.16.1
libexiv2-26-32bit-debuginfo-0.26-150400.9.16.1
libexiv2-27-32bit-0.27.5-150400.15.4.1
libexiv2-27-32bit-debuginfo-0.27.5-150400.15.4.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.27.5-150400.15.4.1
exiv2-debugsource-0.27.5-150400.15.4.1
libexiv2-26-0.26-150400.9.16.1
libexiv2-26-debuginfo-0.26-150400.9.16.1
libexiv2-27-0.27.5-150400.15.4.1
libexiv2-27-debuginfo-0.27.5-150400.15.4.1
libexiv2-devel-0.27.5-150400.15.4.1
libexiv2-xmp-static-0.27.5-150400.15.4.1
References:
https://www.suse.com/security/cve/CVE-2017-1000128.html
https://www.suse.com/security/cve/CVE-2019-13108.html
https://www.suse.com/security/cve/CVE-2019-13111.html
https://www.suse.com/security/cve/CVE-2020-19716.html
https://www.suse.com/security/cve/CVE-2021-29457.html
https://www.suse.com/security/cve/CVE-2021-29463.html
https://www.suse.com/security/cve/CVE-2021-29470.html
https://www.suse.com/security/cve/CVE-2021-29623.html
https://www.suse.com/security/cve/CVE-2021-31291.html
https://www.suse.com/security/cve/CVE-2021-32617.html
https://www.suse.com/security/cve/CVE-2021-34334.html
https://www.suse.com/security/cve/CVE-2021-37620.html
https://www.suse.com/security/cve/CVE-2021-37621.html
https://www.suse.com/security/cve/CVE-2021-37622.html
https://www.suse.com/security/cve/CVE-2021-37623.html
https://bugzilla.suse.com/1068871
https://bugzilla.suse.com/1142675
https://bugzilla.suse.com/1142679
https://bugzilla.suse.com/1185002
https://bugzilla.suse.com/1185218
https://bugzilla.suse.com/1185447
https://bugzilla.suse.com/1185913
https://bugzilla.suse.com/1186053
https://bugzilla.suse.com/1186192
https://bugzilla.suse.com/1188645
https://bugzilla.suse.com/1188733
https://bugzilla.suse.com/1189332
https://bugzilla.suse.com/1189333
https://bugzilla.suse.com/1189334
https://bugzilla.suse.com/1189335
https://bugzilla.suse.com/1189338
1
0
SUSE-SU-2022:3892-1: moderate: Security update for exiv2
by opensuse-security@opensuse.org 07 Nov '22
by opensuse-security@opensuse.org 07 Nov '22
07 Nov '22
SUSE Security Update: Security update for exiv2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3892-1
Rating: moderate
References: #1142679 #1185913 #1189338
Cross-References: CVE-2019-13111 CVE-2021-29463 CVE-2021-34334
CVSS scores:
CVE-2019-13111 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13111 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29463 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29463 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-34334 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-34334 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for exiv2 fixes the following issues:
- CVE-2019-13111: Fixed nteger overflow in WebPImage:decodeChunks
(bsc#1142679).
- CVE-2021-29463: Fixed out-of-bounds read (bsc#1185913).
- CVE-2021-34334: Fixed a DoS due to integer overflow in loop counter
bug (bsc#1189338).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3892=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-3892=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
exiv2-0.26-150000.6.21.1
exiv2-debuginfo-0.26-150000.6.21.1
exiv2-debugsource-0.26-150000.6.21.1
libexiv2-26-0.26-150000.6.21.1
libexiv2-26-debuginfo-0.26-150000.6.21.1
libexiv2-devel-0.26-150000.6.21.1
libexiv2-doc-0.26-150000.6.21.1
- openSUSE Leap 15.3 (x86_64):
libexiv2-26-32bit-0.26-150000.6.21.1
libexiv2-26-32bit-debuginfo-0.26-150000.6.21.1
- openSUSE Leap 15.3 (noarch):
exiv2-lang-0.26-150000.6.21.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.21.1
exiv2-debugsource-0.26-150000.6.21.1
libexiv2-26-0.26-150000.6.21.1
libexiv2-26-debuginfo-0.26-150000.6.21.1
libexiv2-devel-0.26-150000.6.21.1
References:
https://www.suse.com/security/cve/CVE-2019-13111.html
https://www.suse.com/security/cve/CVE-2021-29463.html
https://www.suse.com/security/cve/CVE-2021-34334.html
https://bugzilla.suse.com/1142679
https://bugzilla.suse.com/1185913
https://bugzilla.suse.com/1189338
1
0
SUSE-SU-2022:3884-1: important: Security update for expat
by opensuse-security@opensuse.org 07 Nov '22
by opensuse-security@opensuse.org 07 Nov '22
07 Nov '22
SUSE Security Update: Security update for expat
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3884-1
Rating: important
References: #1204708
Cross-References: CVE-2022-43680
CVSS scores:
CVE-2022-43680 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-43680 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction
of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3884=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3884=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3884=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
expat-2.4.4-150400.3.12.1
expat-debuginfo-2.4.4-150400.3.12.1
expat-debugsource-2.4.4-150400.3.12.1
libexpat-devel-2.4.4-150400.3.12.1
libexpat1-2.4.4-150400.3.12.1
libexpat1-debuginfo-2.4.4-150400.3.12.1
- openSUSE Leap 15.4 (x86_64):
expat-32bit-debuginfo-2.4.4-150400.3.12.1
libexpat-devel-32bit-2.4.4-150400.3.12.1
libexpat1-32bit-2.4.4-150400.3.12.1
libexpat1-32bit-debuginfo-2.4.4-150400.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
expat-2.4.4-150400.3.12.1
expat-debuginfo-2.4.4-150400.3.12.1
expat-debugsource-2.4.4-150400.3.12.1
libexpat-devel-2.4.4-150400.3.12.1
libexpat1-2.4.4-150400.3.12.1
libexpat1-debuginfo-2.4.4-150400.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
expat-32bit-debuginfo-2.4.4-150400.3.12.1
libexpat1-32bit-2.4.4-150400.3.12.1
libexpat1-32bit-debuginfo-2.4.4-150400.3.12.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
expat-debuginfo-2.4.4-150400.3.12.1
expat-debugsource-2.4.4-150400.3.12.1
libexpat1-2.4.4-150400.3.12.1
libexpat1-debuginfo-2.4.4-150400.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-43680.html
https://bugzilla.suse.com/1204708
1
0
SUSE-SU-2022:3871-1: important: Security update for libxml2
by opensuse-security@opensuse.org 04 Nov '22
by opensuse-security@opensuse.org 04 Nov '22
04 Nov '22
SUSE Security Update: Security update for libxml2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3871-1
Rating: important
References: #1201978 #1204366 #1204367
Cross-References: CVE-2016-3709 CVE-2022-40303 CVE-2022-40304
CVSS scores:
CVE-2016-3709 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2016-3709 (SUSE): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
CVE-2022-40303 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40304 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for libxml2 fixes the following issues:
- CVE-2016-3709: Fixed possible XSS vulnerability (bsc#1201978).
- CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE
(bsc#1204366).
- CVE-2022-40304: Fixed dict corruption caused by entity reference
cycles (bsc#1204367).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3871=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3871=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3871=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3871=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3871=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3871=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3871=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3871=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3871=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3871=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3871=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3871=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3871=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3871=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-3871=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3871=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3871=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3871=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3871=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3871=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3871=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3871=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3871=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3871=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3871=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3871=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- openSUSE Leap 15.3 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
libxml2-devel-32bit-2.9.7-150000.3.51.1
- openSUSE Leap 15.3 (noarch):
libxml2-doc-2.9.7-150000.3.51.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Manager Server 4.1 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Manager Proxy 4.1 (x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (aarch64 ppc64le s390x x86_64):
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Enterprise Storage 7 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
- SUSE Enterprise Storage 6 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
- SUSE CaaS Platform 4.0 (x86_64):
libxml2-2-2.9.7-150000.3.51.1
libxml2-2-32bit-2.9.7-150000.3.51.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.51.1
libxml2-2-debuginfo-2.9.7-150000.3.51.1
libxml2-debugsource-2.9.7-150000.3.51.1
libxml2-devel-2.9.7-150000.3.51.1
libxml2-tools-2.9.7-150000.3.51.1
libxml2-tools-debuginfo-2.9.7-150000.3.51.1
python-libxml2-python-debugsource-2.9.7-150000.3.51.1
python2-libxml2-python-2.9.7-150000.3.51.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.51.1
python3-libxml2-python-2.9.7-150000.3.51.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.51.1
References:
https://www.suse.com/security/cve/CVE-2016-3709.html
https://www.suse.com/security/cve/CVE-2022-40303.html
https://www.suse.com/security/cve/CVE-2022-40304.html
https://bugzilla.suse.com/1201978
https://bugzilla.suse.com/1204366
https://bugzilla.suse.com/1204367
1
0
SUSE-SU-2022:3875-1: important: Security update for xmlbeans
by opensuse-security@opensuse.org 04 Nov '22
by opensuse-security@opensuse.org 04 Nov '22
04 Nov '22
SUSE Security Update: Security update for xmlbeans
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3875-1
Rating: important
References: #1180915
Cross-References: CVE-2021-23926
CVSS scores:
CVE-2021-23926 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2021-23926 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xmlbeans fixes the following issues:
- CVE-2021-23926: Fixed XML parsers not protecting from malicious XML
input (bsc#1180915).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3875=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3875=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3875=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3875=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3875=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3875=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3875=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3875=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3875=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3875=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3875=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3875=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3875=1
Package List:
- openSUSE Leap 15.4 (noarch):
xmlbeans-2.6.0-150000.5.3.1
xmlbeans-scripts-2.6.0-150000.5.3.1
- openSUSE Leap 15.3 (noarch):
xmlbeans-2.6.0-150000.5.3.1
xmlbeans-scripts-2.6.0-150000.5.3.1
- SUSE Manager Server 4.1 (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Manager Proxy 4.1 (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
xmlbeans-2.6.0-150000.5.3.1
- SUSE Enterprise Storage 7 (noarch):
xmlbeans-2.6.0-150000.5.3.1
References:
https://www.suse.com/security/cve/CVE-2021-23926.html
https://bugzilla.suse.com/1180915
1
0
SUSE-SU-2022:3868-1: moderate: Security update for rubygem-loofah
by opensuse-security@opensuse.org 04 Nov '22
by opensuse-security@opensuse.org 04 Nov '22
04 Nov '22
SUSE Security Update: Security update for rubygem-loofah
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3868-1
Rating: moderate
References: #1154751
Cross-References: CVE-2019-15587
CVSS scores:
CVE-2019-15587 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2019-15587 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rubygem-loofah fixes the following issues:
- CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements
(bsc#1154751).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3868=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3868=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-3868=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3868=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-3868=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-3868=1
- SUSE Linux Enterprise High Availability 15:
zypper in -t patch SUSE-SLE-Product-HA-15-2022-3868=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
ruby2.5-rubygem-loofah-doc-2.2.2-150000.4.6.1
ruby2.5-rubygem-loofah-testsuite-2.2.2-150000.4.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
ruby2.5-rubygem-loofah-doc-2.2.2-150000.4.6.1
ruby2.5-rubygem-loofah-testsuite-2.2.2-150000.4.6.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
- SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1
References:
https://www.suse.com/security/cve/CVE-2019-15587.html
https://bugzilla.suse.com/1154751
1
0
SUSE-SU-2022:3867-1: moderate: Security update for python-Flask-Security-Too
by opensuse-security@opensuse.org 03 Nov '22
by opensuse-security@opensuse.org 03 Nov '22
03 Nov '22
SUSE Security Update: Security update for python-Flask-Security-Too
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3867-1
Rating: moderate
References: #1202105
Cross-References: CVE-2021-23385
CVSS scores:
CVE-2021-23385 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2021-23385 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Flask-Security-Too fixes the following issues:
- CVE-2021-23385: Fixed open redirect (bsc#1202105).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3867=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3867=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3867=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3867=1
Package List:
- openSUSE Leap 15.4 (noarch):
python3-Flask-Security-Too-3.4.2-150200.3.6.1
- openSUSE Leap 15.3 (noarch):
python3-Flask-Security-Too-3.4.2-150200.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-Flask-Security-Too-3.4.2-150200.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-Flask-Security-Too-3.4.2-150200.3.6.1
References:
https://www.suse.com/security/cve/CVE-2021-23385.html
https://bugzilla.suse.com/1202105
1
0
SUSE-SU-2022:3866-1: important: Security update for ntfs-3g_ntfsprogs
by opensuse-security@opensuse.org 03 Nov '22
by opensuse-security@opensuse.org 03 Nov '22
03 Nov '22
SUSE Security Update: Security update for ntfs-3g_ntfsprogs
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3866-1
Rating: important
References: #1204734
Cross-References: CVE-2022-40284
CVSS scores:
CVE-2022-40284 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for ntfs-3g_ntfsprogs fixes the following issues:
- CVE-2022-40284: Fixed incorrect validation of some of the NTFS
metadata that could cause buffer overflow (bsc#1204734).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3866=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3866=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3866=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3866=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libntfs-3g-devel-2022.5.17-150000.3.16.1
libntfs-3g87-2022.5.17-150000.3.16.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g-2022.5.17-150000.3.16.1
ntfs-3g-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.16.1
ntfsprogs-2022.5.17-150000.3.16.1
ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
ntfsprogs-extra-2022.5.17-150000.3.16.1
ntfsprogs-extra-debuginfo-2022.5.17-150000.3.16.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libntfs-3g-devel-2022.5.17-150000.3.16.1
libntfs-3g87-2022.5.17-150000.3.16.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g-2022.5.17-150000.3.16.1
ntfs-3g-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.16.1
ntfsprogs-2022.5.17-150000.3.16.1
ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
ntfsprogs-extra-2022.5.17-150000.3.16.1
ntfsprogs-extra-debuginfo-2022.5.17-150000.3.16.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
libntfs-3g-devel-2022.5.17-150000.3.16.1
libntfs-3g87-2022.5.17-150000.3.16.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g-2022.5.17-150000.3.16.1
ntfs-3g-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.16.1
ntfsprogs-2022.5.17-150000.3.16.1
ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
libntfs-3g-devel-2022.5.17-150000.3.16.1
libntfs-3g87-2022.5.17-150000.3.16.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g-2022.5.17-150000.3.16.1
ntfs-3g-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.16.1
ntfsprogs-2022.5.17-150000.3.16.1
ntfsprogs-debuginfo-2022.5.17-150000.3.16.1
References:
https://www.suse.com/security/cve/CVE-2022-40284.html
https://bugzilla.suse.com/1204734
1
0
SUSE-SU-2022:3862-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 03 Nov '22
by opensuse-security@opensuse.org 03 Nov '22
03 Nov '22
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3862-1
Rating: important
References: #1204412 #1204416
Cross-References: CVE-2022-3550 CVE-2022-3551
CVSS scores:
CVE-2022-3550 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3550 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3551 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3551 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString()
(bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of
GetComponentSpec() (bsc#1204416).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3862=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3862=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3862=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150400.38.8.1
xorg-x11-server-debuginfo-1.20.3-150400.38.8.1
xorg-x11-server-debugsource-1.20.3-150400.38.8.1
xorg-x11-server-extra-1.20.3-150400.38.8.1
xorg-x11-server-extra-debuginfo-1.20.3-150400.38.8.1
xorg-x11-server-sdk-1.20.3-150400.38.8.1
xorg-x11-server-source-1.20.3-150400.38.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-debuginfo-1.20.3-150400.38.8.1
xorg-x11-server-debugsource-1.20.3-150400.38.8.1
xorg-x11-server-sdk-1.20.3-150400.38.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150400.38.8.1
xorg-x11-server-debuginfo-1.20.3-150400.38.8.1
xorg-x11-server-debugsource-1.20.3-150400.38.8.1
xorg-x11-server-extra-1.20.3-150400.38.8.1
xorg-x11-server-extra-debuginfo-1.20.3-150400.38.8.1
References:
https://www.suse.com/security/cve/CVE-2022-3550.html
https://www.suse.com/security/cve/CVE-2022-3551.html
https://bugzilla.suse.com/1204412
https://bugzilla.suse.com/1204416
1
0
openSUSE-SU-2022:10185-1: important: Security update for EternalTerminal
by opensuse-security@opensuse.org 02 Nov '22
by opensuse-security@opensuse.org 02 Nov '22
02 Nov '22
openSUSE Security Update: Security update for EternalTerminal
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10185-1
Rating: important
References: #1202432 #1202433 #1202434 #1202435
Cross-References: CVE-2022-24949 CVE-2022-24950 CVE-2022-24951
CVE-2022-24952
CVSS scores:
CVE-2022-24949 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24950 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24951 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24952 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for EternalTerminal fixes the following issues:
Update to 6.2.1:
* CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC
socket (boo#1202435)
* CVE-2022-24950: Fixed privilege escalation to root (boo#1202434)
* CVE-2022-24951: Fixed DoS triggered remotely by invalid sequence numbers
(boo#1202433)
* CVE-2022-24952: Fixed race condition allows authenticated attacker to
hijack other users' SSH authorization socket (boo#1202432)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10185=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
EternalTerminal-6.2.1-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24949.html
https://www.suse.com/security/cve/CVE-2022-24950.html
https://www.suse.com/security/cve/CVE-2022-24951.html
https://www.suse.com/security/cve/CVE-2022-24952.html
https://bugzilla.suse.com/1202432
https://bugzilla.suse.com/1202433
https://bugzilla.suse.com/1202434
https://bugzilla.suse.com/1202435
1
0
openSUSE-SU-2022:10186-1: important: Security update for privoxy
by opensuse-security@opensuse.org 02 Nov '22
by opensuse-security@opensuse.org 02 Nov '22
02 Nov '22
openSUSE Security Update: Security update for privoxy
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10186-1
Rating: important
References: #1193584
Cross-References: CVE-2021-44540 CVE-2021-44541 CVE-2021-44542
CVE-2021-44543
CVSS scores:
CVE-2021-44540 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44541 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44542 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44543 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for privoxy fixes the following issues:
privoxy was updated to 3.0.33 (boo#1193584):
* CVE-2021-44543: Encode the template name to prevent XSS (cross-side
scripting) when Privoxy is configured to servce the user-manual itself
* CVE-2021-44540: Free memory of compiled pattern spec before bailing
* CVE-2021-44541: Free header memory when failing to get the request
destination.
* CVE-2021-44542: Prevent memory leaks when handling errors
* Disable fast-redirects for a number of domains
* Update default block lists
* Many bug fixes and minor enhancements
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10186=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
privoxy-3.0.33-bp154.3.3.1
- openSUSE Backports SLE-15-SP4 (noarch):
privoxy-doc-3.0.33-bp154.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-44540.html
https://www.suse.com/security/cve/CVE-2021-44541.html
https://www.suse.com/security/cve/CVE-2021-44542.html
https://www.suse.com/security/cve/CVE-2021-44543.html
https://bugzilla.suse.com/1193584
1
0
openSUSE-SU-2022:10187-1: important: Security update for EternalTerminal
by opensuse-security@opensuse.org 02 Nov '22
by opensuse-security@opensuse.org 02 Nov '22
02 Nov '22
openSUSE Security Update: Security update for EternalTerminal
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10187-1
Rating: important
References: #1202432 #1202433 #1202434 #1202435
Cross-References: CVE-2022-24949 CVE-2022-24950 CVE-2022-24951
CVE-2022-24952
CVSS scores:
CVE-2022-24949 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24950 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24951 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24952 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for EternalTerminal fixes the following issues:
Update to 6.2.1:
* CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC
socket (boo#1202435)
* CVE-2022-24950: Fixed privilege escalation to root (boo#1202434)
* CVE-2022-24951: Fixed DoS triggered remotely by invalid sequence numbers
(boo#1202433)
* CVE-2022-24952: Fixed race condition allows authenticated attacker to
hijack other users' SSH authorization socket (boo#1202432)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10187=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
EternalTerminal-6.2.1-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24949.html
https://www.suse.com/security/cve/CVE-2022-24950.html
https://www.suse.com/security/cve/CVE-2022-24951.html
https://www.suse.com/security/cve/CVE-2022-24952.html
https://bugzilla.suse.com/1202432
https://bugzilla.suse.com/1202433
https://bugzilla.suse.com/1202434
https://bugzilla.suse.com/1202435
1
0
SUSE-SU-2022:3857-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 02 Nov '22
by opensuse-security@opensuse.org 02 Nov '22
02 Nov '22
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3857-1
Rating: important
References: #1204412 #1204416
Cross-References: CVE-2022-3550 CVE-2022-3551
CVSS scores:
CVE-2022-3550 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3550 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3551 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3551 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2022-3550: Fixed out of bounds read/write in _GetCountedString()
(bsc#1204412).
- CVE-2022-3551: Fixed various leaks of the return value of
GetComponentSpec() (bsc#1204416).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3857=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3857=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3857=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3857=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3857=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3857=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3857=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3857=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3857=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3857=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3857=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3857=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3857=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3857=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3857=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-wayland-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.58.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
xorg-x11-server-source-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.58.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Manager Proxy 4.1 (x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-1.20.3-150200.22.5.58.1
xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.58.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-1.20.3-150200.22.5.58.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.58.1
xorg-x11-server-sdk-1.20.3-150200.22.5.58.1
References:
https://www.suse.com/security/cve/CVE-2022-3550.html
https://www.suse.com/security/cve/CVE-2022-3551.html
https://bugzilla.suse.com/1204412
https://bugzilla.suse.com/1204416
1
0
SUSE-SU-2022:3844-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3844-1
Rating: important
References: #1185032 #1190497 #1194023 #1194869 #1195917
#1196444 #1196869 #1197659 #1198189 #1200288
#1200622 #1201309 #1201310 #1201987 #1202095
#1202960 #1203039 #1203066 #1203101 #1203197
#1203263 #1203338 #1203360 #1203361 #1203389
#1203410 #1203505 #1203552 #1203664 #1203693
#1203699 #1203767 #1203769 #1203770 #1203794
#1203798 #1203893 #1203902 #1203906 #1203908
#1203935 #1203939 #1203987 #1203992 #1204051
#1204059 #1204060 #1204125 PED-387 PED-529
PED-652 PED-664 PED-682 PED-688 PED-720 PED-729
PED-755 PED-763 SLE-19924 SLE-24814
Cross-References: CVE-2022-1263 CVE-2022-2586 CVE-2022-3202
CVE-2022-32296 CVE-2022-3239 CVE-2022-3303
CVE-2022-39189 CVE-2022-41218 CVE-2022-41674
CVE-2022-41848 CVE-2022-41849 CVE-2022-42719
CVE-2022-42720 CVE-2022-42721 CVE-2022-42722
CVSS scores:
CVE-2022-1263 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1263 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2586 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3202 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-3202 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-32296 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-32296 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-3239 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3239 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3303 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3303 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39189 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-39189 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41218 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41218 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41674 (NVD) : 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-41674 (SUSE): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41848 (NVD) : 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41848 (SUSE): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41849 (NVD) : 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41849 (SUSE): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42721 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42721 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42722 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42722 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Live Patching 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 15 vulnerabilities, contains 12
features and has 33 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated.
The following security bugs were fixed:
- CVE-2022-3303: Fixed a race condition in the sound subsystem due to
improper locking (bnc#1203769).
- CVE-2022-41218: Fixed an use-after-free caused by refcount races in
drivers/media/dvb-core/dmxdev.c (bnc#1202960).
- CVE-2022-3239: Fixed an use-after-free in the video4linux driver that
could lead a local user to able to crash the system or escalate their
privileges (bnc#1203552).
- CVE-2022-41848: Fixed a race condition and resultant use-after-free if a
physically proximate attacker removes a PCMCIA device while calling
ioctl (bnc#1203987).
- CVE-2022-41849: Fixed a race condition and resultant use-after-free if a
physically proximate attacker removes a USB device while calling open
(bnc#1203992).
- CVE-2022-41674: Fixed a DoS issue where kernel can crash on the
reception of specific WiFi Frames (bsc#1203770).
- CVE-2022-1263: Fixed a NULL pointer dereference issue was found in KVM
when releasing a vCPU with dirty ring support enabled. This flaw allowed
an unprivileged local attacker on the host to issue specific ioctl
calls, causing a kernel oops condition that results in a denial of
service (bnc#1198189).
- CVE-2022-32296: Fixed a bug which allowed TCP servers to identify
clients by observing what source ports are used (bnc#1200288).
- CVE-2022-3202: Fixed a NULL pointer dereference flaw in Journaled File
System. This could allow a local attacker to crash the system or leak
kernel internal information (bnc#1203389).
- CVE-2022-39189: Fixed a bug in the x86 KVM subsystem which allows
unprivileged guest users to compromise the guest kernel because TLB
flush operations are mishandled (bnc#1203066).
- CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft
table is deleted (bnc#1202095).
- CVE-2022-42722: Fixed crash in beacon protection for P2P-device.
(bsc#1204125)
- CVE-2022-42719: Fixed MBSSID parsing use-after-free. (bsc#1204051)
- CVE-2022-42721: Avoid nontransmitted BSS list corruption. (bsc#1204060)
- CVE-2022-42720: Fixed BSS refcounting bugs. (bsc#1204059)
The following non-security bugs were fixed:
- ACPI / scan: Create platform device for CS35L41 (bsc#1203699).
- ACPI: processor idle: Practically limit "Dummy wait" workaround to old
Intel systems (bsc#1203767).
- ACPI: resource: skip IRQ override on AMD Zen platforms (git-fixes).
- ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699).
- ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699).
- ALSA: aloop: Fix random zeros in capture data when using jiffies timer
(git-fixes).
- ALSA: core: Fix double-free at snd_card_new() (git-fixes).
- ALSA: cs35l41: Check hw_config before using it (bsc#1203699).
- ALSA: cs35l41: Enable Internal Boost in shared lib (bsc#1203699).
- ALSA: cs35l41: Move cs35l41_gpio_config to shared lib (bsc#1203699).
- ALSA: cs35l41: Unify hardware configuration (bsc#1203699).
- ALSA: emu10k1: Fix out of bounds access in
snd_emu10k1_pcm_channel_alloc() (git-fixes).
- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
- ALSA: hda: cs35l41: Add Amp Name based on channel and index
(bsc#1203699).
- ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699).
- ALSA: hda: cs35l41: Add calls to newly added test key function
(bsc#1203699).
- ALSA: hda: cs35l41: Add defaulted values into dsp bypass config sequence
(bsc#1203699).
- ALSA: hda: cs35l41: Add initial DSP support and firmware loading
(bsc#1203699).
- ALSA: hda: cs35l41: Add missing default cases (bsc#1203699).
- ALSA: hda: cs35l41: Add module parameter to control firmware load
(bsc#1203699).
- ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems (bsc#1203699).
- ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699).
- ALSA: hda: cs35l41: Allow compilation test on non-ACPI configurations
(bsc#1203699).
- ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699).
- ALSA: hda: cs35l41: Avoid overwriting register patch (bsc#1203699).
- ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD Properties
(bsc#1203699).
- ALSA: hda: cs35l41: Consolidate selections under SND_HDA_SCODEC_CS35L41
(bsc#1203699).
- ALSA: hda: cs35l41: Do not dereference fwnode handle (bsc#1203699).
- ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699).
- ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops
(bsc#1203699).
- ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate reference
(bsc#1203699).
- ALSA: hda: cs35l41: fix double free on error in probe() (bsc#1203699).
- ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name
(bsc#1203699).
- ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699).
- ALSA: hda: cs35l41: Handle all external boost setups the same way
(bsc#1203699).
- ALSA: hda: cs35l41: Improve dev_err_probe() messaging (bsc#1203699).
- ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void (bsc#1203699).
- ALSA: hda: cs35l41: Make use of the helper function dev_err_probe()
(bsc#1203699).
- ALSA: hda: cs35l41: Move boost config to initialization code
(bsc#1203699).
- ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol namespace
(bsc#1203699).
- ALSA: hda: cs35l41: Move external boost handling to lib for ASoC use
(bsc#1203699).
- ALSA: hda: cs35l41: Mute the device before shutdown (bsc#1203699).
- ALSA: hda: cs35l41: Put the device into safe mode for external boost
(bsc#1203699).
- ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI variables
(bsc#1203699).
- ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct (bsc#1203699).
- ALSA: hda: cs35l41: Remove Set Channel Map api from binding
(bsc#1203699).
- ALSA: hda: cs35l41: Reorganize log for playback actions (bsc#1203699).
- ALSA: hda: cs35l41: Save codec object inside component struct
(bsc#1203699).
- ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver
(bsc#1203699).
- ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop
(bsc#1203699).
- ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699).
- ALSA: hda: cs35l41: Support Firmware switching and reloading
(bsc#1203699).
- ALSA: hda: cs35l41: Support Hibernation during Suspend (bsc#1203699).
- ALSA: hda: cs35l41: Support multiple load paths for firmware
(bsc#1203699).
- ALSA: hda: cs35l41: Support reading subsystem id from ACPI (bsc#1203699).
- ALSA: hda: cs35l41: Support Speaker ID for laptops (bsc#1203699).
- ALSA: hda: cs35l41: Tidyup code (bsc#1203699).
- ALSA: hda: cs35l41: Use the CS35L41 HDA internal define (bsc#1203699).
- ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses (bsc#1203699).
- ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699).
- ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount
saturation (git-fixes).
- ALSA: hda: Fix Nvidia dp infoframe (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls directly
(bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA controls
(bsc#1203699).
- ALSA: hda: intel-dsp-config: Add RaptorLake PCI IDs (jsc#PED-720).
- ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699).
- ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg (bsc#1203699).
- ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock (bsc#1203699).
- ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to static
(bsc#1203699).
- ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg (bsc#1203699).
- ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants
(bsc#1203699).
- ALSA: hda/cs8409: Fix Warlock to use mono mic configuration
(bsc#1203699).
- ALSA: hda/cs8409: Re-order quirk table into ascending order
(bsc#1203699).
- ALSA: hda/cs8409: Support manual mode detection for CS42L42
(bsc#1203699).
- ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699).
- ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699).
- ALSA: hda/cs8409: Support new Warlock MLK Variants (bsc#1203699).
- ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda driver
(bsc#1203699).
- ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED
(git-fixes).
- ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops
(bsc#1203699).
- ALSA: hda/realtek: Add mute and micmut LED support for Zbook Fury 17 G9
(bsc#1203699).
- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model
(bsc#1203699).
- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7 (bsc#1203699).
- ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41
(bsc#1203699).
- ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699).
- ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop (bsc#1203699).
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
(git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop
(git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on
EliteBook 845/865 G9 (bsc#1203699).
- ALSA: hda/realtek: Enable mute/micmute LEDs support for HP Laptops
(bsc#1203699).
- ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops
(bsc#1203699).
- ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699).
- ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41 s-codec
(bsc#1203699).
- ALSA: hda/realtek: More robust component matching for CS35L41
(bsc#1203699).
- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).
- ALSA: hda/sigmatel: Fix unused variable warning for beep power change
(git-fixes).
- ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes).
- ALSA: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
- ALSA: hda/tegra: set depop delay for tegra (git-fixes).
- ALSA: hda/tegra: Update scratch reg. communication (git-fixes).
- ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (git-fixes).
- ALSA: usb-audio: Fix an out-of-bounds bug in
__snd_usb_parse_audio_interface() (git-fixes).
- ALSA: usb-audio: Inform the delayed registration more properly
(git-fixes).
- ALSA: usb-audio: Register card again for iface over delayed_register
option (git-fixes).
- ALSA: usb-audio: Split endpoint setups for hw_params and prepare
(git-fixes).
- ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes).
- ARM: dts: imx: align SPI NOR node name with dtschema (git-fixes).
- ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible (git-fixes).
- arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes).
- arm64: dts: rockchip: Fix typo in lisense text for PX30.Core (git-fixes).
- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes).
- arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
(git-fixes).
- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes).
- arm64: errata: Add Cortex-A510 to the repeat tlbi list (git-fixes)
Enable this errata fix configuration option to arm64/default.
- arm64: kexec_file: use more system keyrings to verify kernel image
signature (bsc#1196444).
- arm64: lib: Import latest version of Arm Optimized Routines' strcmp
(git-fixes)
- arm64: select TRACE_IRQFLAGS_NMI_SUPPORT (git-fixes)
- arm64: topology: fix possible overflow in amu_fie_setup() (git-fixes).
- ASoC: cs35l41: Add ASP TX3/4 source to register patch (bsc#1203699).
- ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699).
- ASoC: cs35l41: Add common cs35l41 enter hibernate function (bsc#1203699).
- ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699).
- ASoC: cs35l41: Add endianness flag in snd_soc_component_driver
(bsc#1203699).
- ASoC: cs35l41: Add one more variable in the debug log (bsc#1203699).
- ASoC: cs35l41: Add one more variable in the debug log (bsc#1203699).
- ASoC: cs35l41: Add support for CLSA3541 ACPI device ID (bsc#1203699).
- ASoC: cs35l41: Add support for hibernate memory retention mode
(bsc#1203699).
- ASoC: cs35l41: Binding fixes (bsc#1203699).
- ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699).
- ASoC: cs35l41: Combine adjacent register writes (bsc#1203699).
- ASoC: cs35l41: Convert tables to shared source code (bsc#1203699).
- ASoC: cs35l41: Correct DSP power down (bsc#1203699).
- ASoC: cs35l41: Correct handling of some registers in the cache
(bsc#1203699).
- ASoC: cs35l41: Correct some control names (bsc#1203699).
- ASoC: cs35l41: Create shared function for boost configuration
(bsc#1203699).
- ASoC: cs35l41: Create shared function for errata patches (bsc#1203699).
- ASoC: cs35l41: Create shared function for setting channels (bsc#1203699).
- ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699).
- ASoC: cs35l41: Do not overwrite returned error code (bsc#1203699).
- ASoC: cs35l41: Do not print error when waking from hibernation
(bsc#1203699).
- ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699).
- ASoC: cs35l41: DSP Support (bsc#1203699).
- ASoC: cs35l41: Fix a bunch of trivial code formating/style issues
(bsc#1203699).
- ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN
(bsc#1203699).
- ASoC: cs35l41: Fix an out-of-bounds access in otp_packed_element_t
(bsc#1203699).
- ASoC: cs35l41: Fix DSP mbox start command and global enable order
(bsc#1203699).
- ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699).
- ASoC: cs35l41: Fix link problem (bsc#1203699).
- ASoC: cs35l41: Fix max number of TX channels (bsc#1203699).
- ASoC: cs35l41: Fix undefined reference to core functions (bsc#1203699).
- ASoC: cs35l41: Fix use of an uninitialised variable (bsc#1203699).
- ASoC: cs35l41: Fixup the error messages (bsc#1203699).
- ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699).
- ASoC: cs35l41: Move cs_dsp config struct into shared code (bsc#1203699).
- ASoC: cs35l41: Move cs35l41 exit hibernate function into shared code
(bsc#1203699).
- ASoC: cs35l41: Move cs35l41 fs errata into shared code (bsc#1203699).
- ASoC: cs35l41: Move cs35l41_otp_unpack to shared code (bsc#1203699).
- ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code
(bsc#1203699).
- ASoC: cs35l41: Move power initializations to reg_sequence (bsc#1203699).
- ASoC: cs35l41: Read System Name from ACPI _SUB to identify firmware
(bsc#1203699).
- ASoC: cs35l41: Remove incorrect comment (bsc#1203699).
- ASoC: cs35l41: Remove unnecessary param (bsc#1203699).
- ASoC: cs35l41: Set the max SPI speed for the whole device (bsc#1203699).
- ASoC: cs35l41: Support external boost (bsc#1203699).
- ASoC: cs35l41: Update handling of test key registers (bsc#1203699).
- ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot
(bsc#1203699).
- ASoC: cs42l42: Add control for audio slow-start switch (bsc#1203699).
- ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START
(bsc#1203699).
- ASoC: cs42l42: Allow time for HP/ADC to power-up after enable
(bsc#1203699).
- ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts
(bsc#1203699).
- ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ handling
(bsc#1203699).
- ASoC: cs42l42: Do not claim to support 192k (bsc#1203699).
- ASoC: cs42l42: Do not reconfigure the PLL while it is running
(bsc#1203699).
- ASoC: cs42l42: Fix WARN in remove() if running without an interrupt
(bsc#1203699).
- ASoC: cs42l42: free_irq() before powering-down on probe() fail
(bsc#1203699).
- ASoC: cs42l42: Handle system suspend (bsc#1203699).
- ASoC: cs42l42: Implement Manual Type detection as fallback (bsc#1203699).
- ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile (bsc#1203699).
- ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl script
(bsc#1203699).
- ASoC: cs42l42: Move CS42L42 register descriptions to general include
(bsc#1203699).
- ASoC: cs42l42: Only report button state if there was a button interrupt
(git-fixes).
- ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler
(bsc#1203699).
- ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699).
- ASoC: cs42l42: Remove redundant writes to DETECT_MODE (bsc#1203699).
- ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG masks
(bsc#1203699).
- ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume callbacks
(bsc#1203699).
- ASoC: cs42l42: Report full jack status when plug is detected
(bsc#1203699).
- ASoC: cs42l42: Report initial jack state (bsc#1203699).
- ASoC: cs42l42: Reset and power-down on remove() and failed probe()
(bsc#1203699).
- ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699).
- ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699).
- ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699).
- ASoC: cs42l42: Use two thresholds and increased wait time for manual
type detection (bsc#1203699).
- ASoC: dt-bindings: cs42l42: Convert binding to yaml (bsc#1203699).
- ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes).
- ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion (git-fixes).
- ASoC: mchp-spdiftx: remove references to mchp_i2s_caps (git-fixes).
- ASoC: nau8824: Fix semaphore unbalance at error paths (git-fixes).
- ASoC: qcom: sm8250: add missing module owner (git-fixes).
- ASoC: SOF: Intel: pci-tgl: add ADL-PS support (jsc#PED-720).
- ASoC: SOF: Intel: pci-tgl: add RPL-P support (jsc#PED-720).
- ASoC: SOF: Intel: pci-tgl: add RPL-S support (jsc#PED-652).
- ASoC: tas2770: Reinit regcache on reset (git-fixes).
- ASoC: wm_adsp: Add support for "toggle" preloaders (bsc#1203699).
- ASoC: wm_adsp: Add trace caps to speaker protection FW (bsc#1203699).
- ASoC: wm_adsp: Cancel ongoing work when removing controls (bsc#1203699).
- ASoC: wm_adsp: Compressed stream DSP memory structs should be __packed
(bsc#1203699).
- ASoC: wm_adsp: Correct control read size when parsing compressed buffer
(bsc#1203699).
- ASoC: wm_adsp: Expand firmware loading search options (bsc#1203699).
- ASoC: wm_adsp: Fix event for preloader (bsc#1203699).
- ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699).
- ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699).
- ASoC: wm_adsp: Minor clean and redundant code removal (bsc#1203699).
- ASoC: wm_adsp: Move check for control existence (bsc#1203699).
- ASoC: wm_adsp: Move check of dsp->running to better place (bsc#1203699).
- ASoC: wm_adsp: move firmware loading to client (bsc#1203699).
- ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699).
- ASoC: wm_adsp: Pass firmware names as parameters when starting DSP core
(bsc#1203699).
- ASoC: wm_adsp: remove a repeated including (bsc#1203699).
- ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699).
- ASoC: wm_adsp: Remove the wmfw_add_ctl helper function (bsc#1203699).
- ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699).
- ASoC: wm_adsp: Rename generic DSP support (bsc#1203699).
- ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling (bsc#1203699).
- ASoC: wm_adsp: Separate some ASoC and generic functions (bsc#1203699).
- ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops
(bsc#1203699).
- ASoC: wm_adsp: Split DSP power operations into helper functions
(bsc#1203699).
- ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp (bsc#1203699).
- ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed buffers
(bsc#1203699).
- ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol 'ret'
(bsc#1203699).
- batman-adv: Fix hang up with small MTU hard-interface (git-fixes).
- Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
(git-fixes).
- Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
(git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly
(git-fixes).
- bnx2x: fix built-in kernel driver load failure (git-fixes).
- bnx2x: fix driver load from initrd (git-fixes).
- btrfs: fix relocation crash due to premature return from
btrfs_commit_transaction() (bsc#1203360).
- btrfs: fix space cache corruption and potential double allocations
(bsc#1203361).
- can: gs_usb: gs_can_open(): fix race dev->can.state condition
(git-fixes).
- can: rx-offload: can_rx_offload_init_queue(): fix typo (git-fixes).
- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
(bsc#1196869).
- cgroup: cgroup_get_from_id() must check the looked-up kn is a directory
(bsc#1203906).
- cgroup: Fix race condition at rebind_subsystems() (bsc#1203902).
- cgroup: Fix threadgroup_rwsem cpus_read_lock() deadlock (bsc#1196869).
- clk: bcm: rpi: Prevent out-of-bounds access (git-fixes).
- clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc()
(git-fixes).
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
(git-fixes).
- clk: ingenic-tcu: Properly enable registers before accessing timers
(git-fixes).
- clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
- constraints: increase disk space for all architectures References:
bsc#1203693 aarch64 is already suffering. SLE15-SP5 x86_64 stats show
that it is very close to the limit.
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)
- cs-dsp and serial-multi-instantiate enablement (bsc#1203699)
- dmaengine: idxd: add helper for per interrupt handle drain (jsc#PED-682).
- dmaengine: idxd: add knob for enqcmds retries (jsc#PED-755).
- dmaengine: idxd: change MSIX allocation based on per wq activation
(jsc#PED-664).
- dmaengine: idxd: create locked version of idxd_quiesce() call
(jsc#PED-682).
- dmaengine: idxd: embed irq_entry in idxd_wq struct (jsc#PED-664).
- dmaengine: idxd: fix descriptor flushing locking (jsc#PED-664).
- dmaengine: idxd: fix retry value to be constant for duration of function
call (git-fixes).
- dmaengine: idxd: handle interrupt handle revoked event (jsc#PED-682).
- dmaengine: idxd: handle invalid interrupt handle descriptors
(jsc#PED-682).
- dmaengine: idxd: int handle management refactoring (jsc#PED-682).
- dmaengine: idxd: match type for retries var in idxd_enqcmds()
(git-fixes).
- dmaengine: idxd: move interrupt handle assignment (jsc#PED-682).
- dmaengine: idxd: rework descriptor free path on failure (jsc#PED-682).
- dmaengine: idxd: set defaults for wq configs (jsc#PED-688).
- dmaengine: idxd: update IAA definitions for user header (jsc#PED-763).
- dmaengine: ti: k3-udma-private: Fix refcount leak bug in
of_xudma_dev_get() (git-fixes).
- docs: i2c: i2c-topology: fix incorrect heading (git-fixes).
- dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe (git-fixes).
- drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV (git-fixes).
- drm/amd/amdgpu: skip ucode loading if ucode_size == 0 (git-fixes).
- drm/amd/display: Limit user regamma to a valid value (git-fixes).
- drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack
usage (git-fixes).
- drm/amd/display: Reduce number of arguments of dml31's
CalculateFlipSchedule() (git-fixes).
- drm/amd/display: Reduce number of arguments of dml31's
CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes).
- drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid
cards (git-fixes).
- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).
- drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
- drm/amdgpu: make sure to init common IP before gmc (git-fixes).
- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).
- drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega
(git-fixes).
- drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
(git-fixes).
- drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device
to psp_hw_fini (git-fixes).
- drm/amdgpu: Separate vf2pf work item init from virt data exchange
(git-fixes).
- drm/amdgpu: use dirty framebuffer helper (git-fixes).
- drm/bridge: display-connector: implement bus fmts callbacks (git-fixes).
- drm/bridge: lt8912b: add vsync hsync (git-fixes).
- drm/bridge: lt8912b: fix corrupted image output (git-fixes).
- drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes).
- drm/gem: Fix GEM handle release errors (git-fixes).
- drm/gma500: Fix BUG: sleeping function called from invalid context
errors (git-fixes).
- drm/i915: Implement WaEdpLinkRateDataReload (git-fixes).
- drm/i915: Skip wm/ddb readout for disabled pipes (git-fixes).
- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).
- drm/i915/gt: Restrict forced preemption to the active context
(git-fixes).
- drm/mediatek: dsi: Add atomic {destroy,duplicate}_state, reset callbacks
(git-fixes).
- drm/mediatek: dsi: Move mtk_dsi_stop() call back to mtk_dsi_poweroff()
(git-fixes).
- drm/meson: Correct OSD1 global alpha value (git-fixes).
- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
- drm/panel: simple: Fix innolux_g121i1_l01 bus_format (git-fixes).
- drm/panfrost: devfreq: set opp to the recommended one to configure
regulator (git-fixes).
- drm/radeon: add a force flush to delay work when radeon (git-fixes).
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
- drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes).
- dt-bindings: hwmon: (mr75203) fix "intel,vm-map" property to be optional
(git-fixes).
- EDAC/dmc520: Do not print an error for each unconfigured interrupt line
(bsc#1190497).
- efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).
- efi: libstub: Disable struct randomization (git-fixes).
- eth: alx: take rtnl_lock on resume (git-fixes).
- eth: sun: cassini: remove dead code (git-fixes).
- fbcon: Add option to enable legacy hardware acceleration (bsc#1152472)
Backporting changes: * context fixes in other patch * update config
- fbcon: Fix accelerated fbdev scrolling while logo is still shown
(bsc#1152472)
- fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
(git-fixes).
- firmware: arm_scmi: Fix the asynchronous reset requests (git-fixes).
- firmware: arm_scmi: Harden accesses to the reset domains (git-fixes).
- firmware: cs_dsp: add driver to support firmware loading on Cirrus Logic
DSPs (bsc#1203699).
- firmware: cs_dsp: Add lockdep asserts to interface functions
(bsc#1203699).
- firmware: cs_dsp: Add memory chunk helpers (bsc#1203699).
- firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699).
- firmware: cs_dsp: Add pre_run callback (bsc#1203699).
- firmware: cs_dsp: Add pre_stop callback (bsc#1203699).
- firmware: cs_dsp: Add support for rev 2 coefficient files (bsc#1203699).
- firmware: cs_dsp: Add version checks on coefficient loading
(bsc#1203699).
- firmware: cs_dsp: Allow creation of event controls (bsc#1203699).
- firmware: cs_dsp: Clarify some kernel doc comments (bsc#1203699).
- firmware: cs_dsp: Clear core reset for cache (bsc#1203699).
- firmware: cs_dsp: Fix overrun of unterminated control name string
(bsc#1203699).
- firmware: cs_dsp: Move lockdep asserts to avoid potential null pointer
(bsc#1203699).
- firmware: cs_dsp: Perform NULL check in cs_dsp_coeff_write/read_ctrl
(bsc#1203699).
- firmware: cs_dsp: Print messages from bin files (bsc#1203699).
- firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h (bsc#1203699).
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace
is dead (git-fixes).
- fuse: Remove the control interface for virtio-fs (bsc#1203798).
- gpio: mockup: fix NULL pointer dereference when removing debugfs
(git-fixes).
- gpio: mockup: remove gpio debugfs when remove device (git-fixes).
- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
(git-fixes).
- gpio: mvebu: Fix check for pwm support on non-A8K platforms (git-fixes).
- gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
(git-fixes).
- gve: Fix GFP flags when allocing pages (git-fixes).
- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message
(git-fixes).
- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).
- hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API (git-fixes).
- hwmon: (mr75203) enable polling for all VM channels (git-fixes).
- hwmon: (mr75203) fix multi-channel voltage reading (git-fixes).
- hwmon: (mr75203) fix VM sensor allocation when "intel,vm-map" not
defined (git-fixes).
- hwmon: (mr75203) fix voltage equation for negative source input
(git-fixes).
- hwmon: (mr75203) update pvt->v_num and vm_num to the actual number of
used sensors (git-fixes).
- hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase mp2888
controller (git-fixes).
- hwmon: (tps23861) fix byte order in resistance register (git-fixes).
- i2c: acpi: Add an i2c_acpi_client_count() helper function (bsc#1203699).
- i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible
(git-fixes).
- i2c: mlxbf: Fix frequency calculation (git-fixes).
- i2c: mlxbf: incorrect base address passed during io write (git-fixes).
- i2c: mlxbf: prevent stack overflow in
mlxbf_i2c_smbus_start_transaction() (git-fixes).
- i2c: mlxbf: support lock mechanism (git-fixes).
- ice: Allow operation with reduced device MSI-X (bsc#1201987).
- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap (git-fixes).
- ice: Do not skip not enabled queues in ice_vc_dis_qs_msg (git-fixes).
- ice: fix crash when writing timestamp on RX rings (git-fixes).
- ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler (git-fixes).
- ice: fix possible under reporting of ethtool Tx and Rx statistics
(git-fixes).
- ice: Fix race during aux device (un)plugging (git-fixes).
- ice: Match on all profiles in slow-path (git-fixes).
- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
- igb: skip phy status check where unavailable (git-fixes).
- Input: goodix - add compatible string for GT1158 (git-fixes).
- Input: goodix - add support for GT1158 (git-fixes).
- Input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).
- Input: iqs62x-keys - drop unused device node references (git-fixes).
- Input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).
- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).
- kABI workaround for spi changes (bsc#1203699).
- kABI: Add back removed struct paca member (bsc#1203664 ltc#199236).
- kABI: fix adding another field to scsi_device (bsc#1203039).
- kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924, jsc#SLE-24814).
- kbuild: disable header exports for UML in a straightforward way
(git-fixes).
- kexec, KEYS, s390: Make use of built-in and secondary keyring for
signature verification (bsc#1196444).
- kexec, KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).
- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
- kexec: drop weak attribute from functions (bsc#1196444).
- KVM: SVM: Create a separate mapping for the GHCB save area
(jsc#SLE-19924, jsc#SLE-24814).
- KVM: SVM: Create a separate mapping for the SEV-ES save area
(jsc#SLE-19924, jsc#SLE-24814).
- KVM: SVM: Define sev_features and VMPL field in the VMSA (jsc#SLE-19924,
jsc#SLE-24814).
- KVM: SVM: fix tsc scaling cache logic (bsc#1203263).
- KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924,
jsc#SLE-24814).
- KVM: VMX: Heed the 'msr' argument in msr_write_intercepted() (git-fixes).
- KVM: X86: Fix when shadow_root_level=5 and guest root_level 4
(git-fixes).
- KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_send_ipi()
(git-fixes).
- KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall
(git-fixes).
- KVM: x86: Move lookup of indexed CPUID leafs to helper (jsc#SLE-19924,
jsc#SLE-24814).
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
(git-fixes).
- lockd: detect and reject lock arguments that overflow (git-fixes).
- md-raid10: fix KASAN warning (git-fixes).
- md: call __md_stop_writes in md_stop (git-fixes).
- md: unlock mddev before reap sync_thread in action_store (bsc#1197659).
- media: aspeed: Fix an error handling path in aspeed_video_probe()
(git-fixes).
- media: coda: Add more H264 levels for CODA960 (git-fixes).
- media: coda: Fix reported H264 profile (git-fixes).
- media: dvb_vb2: fix possible out of bound access (git-fixes).
- media: exynos4-is: Change clk_disable to clk_disable_unprepare
(git-fixes).
- media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
(git-fixes).
- media: flexcop-usb: fix endpoint type check (git-fixes).
- media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes).
- media: imx-jpeg: Correct some definition according specification
(git-fixes).
- media: imx-jpeg: Disable slot interrupt when frame done (git-fixes).
- media: imx-jpeg: Fix potential array out of bounds in queue_setup
(git-fixes).
- media: imx-jpeg: Leave a blank space before the configuration data
(git-fixes).
- media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes).
- media: mceusb: Use new usb_control_msg_*() routines (git-fixes).
- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment.
- media: rkvdec: Disable H.264 error detection (git-fixes).
- media: st-delta: Fix PM disable depth imbalance in delta_probe
(git-fixes).
- media: vsp1: Fix offset calculation for plane cropping.
- misc: cs35l41: Remove unused pdn variable (bsc#1203699).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mlxsw: i2c: Fix initialization error flow (git-fixes).
- mm: Fix PASID use-after-free issue (bsc#1203908).
- mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch
failure (git-fixes).
- mmc: hsq: Fix data stomping during mmc recovery (git-fixes).
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
- mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv
(git-fixes).
- net: axienet: fix RX ring refill allocation failure handling (git-fixes).
- net: axienet: reset core on initialization prior to MDIO access
(git-fixes).
- net: bcmgenet: hide status block before TX timestamping (git-fixes).
- net: bcmgenet: Revert "Use stronger register read/writes to assure
ordering" (git-fixes).
- net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).
- net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list iterator
(git-fixes).
- net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() (git-fixes).
- net: dsa: felix: fix tagging protocol changes with multiple CPU ports
(git-fixes).
- net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).
- net: dsa: introduce helpers for iterating through ports using dp
(git-fixes).
- net: dsa: lantiq_gswip: Do not set GSWIP_MII_CFG_RMII_CLK (git-fixes).
- net: dsa: lantiq_gswip: fix use after free in gswip_remove() (git-fixes).
- net: dsa: microchip: fix bridging with more than two member ports
(git-fixes).
- net: dsa: mt7530: 1G can also support 1000BASE-X link mode (git-fixes).
- net: dsa: mt7530: add missing of_node_put() in mt7530_setup()
(git-fixes).
- net: dsa: mv88e6xxx: Fix port_hidden_wait to account for port_base_addr
(git-fixes).
- net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
(git-fixes).
- net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes).
- net: emaclite: Add error handling for of_address_to_resource()
(git-fixes).
- net: enetc: Use pci_release_region() to release some resources
(git-fixes).
- net: ethernet: mediatek: ppe: fix wrong size passed to memset()
(git-fixes).
- net: ethernet: mv643xx: Fix over zealous checking of_get_mac_address()
(git-fixes).
- net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link
(git-fixes).
- net: ethernet: stmmac: fix write to sgmii_adapter_base (git-fixes).
- net: fec: add missing of_node_put() in fec_enet_init_stop_mode()
(git-fixes).
- net: ftgmac100: access hardware register after clock ready (git-fixes).
- net: hns3: add netdev reset check for hns3_set_tunable() (git-fixes).
- net: hns3: fix the concurrency between functions reading debugfs
(git-fixes).
- net: ipa: get rid of a duplicate initialization (git-fixes).
- net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes).
- net: ipa: record proper RX transaction count (git-fixes).
- net: macb: Fix PTP one step sync support (git-fixes).
- net: macb: Increment rx bd head after allocating skb and buffer
(git-fixes).
- net: mana: Add rmb after checking owner bits (git-fixes).
- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).
- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).
- net: mdio: Fix ENOMEM return value in BCM6368 mux bus controller
(git-fixes).
- net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP
filters (git-fixes).
- net: mscc: ocelot: fix all IP traffic getting trapped to CPU with PTP
over IP (git-fixes).
- net: mscc: ocelot: fix broken IP multicast flooding (git-fixes).
- net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware
when deleted (git-fixes).
- net: mscc: ocelot: fix missing unlock on error in ocelot_hwstamp_set()
(git-fixes).
- net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
(git-fixes).
- net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
(git-fixes).
- net: phy: aquantia: wait for the suspend/resume operations to finish
(git-fixes).
- net: phy: at803x: move page selection fix to config_init (git-fixes).
- net: phy: Do not WARN for PHY_UP state in mdio_bus_phy_resume()
(git-fixes).
- net: sparx5: depends on PTP_1588_CLOCK_OPTIONAL (git-fixes).
- net: sparx5: uses, depends on BRIDGE or !BRIDGE (git-fixes).
- net: stmmac: dwmac-qcom-ethqos: add platform level clocks management
(git-fixes).
- net: stmmac: dwmac-qcom-ethqos: Enable RGMII functional clock on resume
(git-fixes).
- net: stmmac: dwmac-sun8i: add missing of_node_put() in
sun8i_dwmac_register_mdio_mux() (git-fixes).
- net: stmmac: enhance XDP ZC driver level switching performance
(git-fixes).
- net: stmmac: fix out-of-bounds access in a selftest (git-fixes).
- net: stmmac: Fix unset max_speed difference between DT and non-DT
platforms (git-fixes).
- net: stmmac: only enable DMA interrupts when ready (git-fixes).
- net: stmmac: perserve TX and RX coalesce value during XDP setup
(git-fixes).
- net: stmmac: remove unused get_addr() callback (git-fixes).
- net: stmmac: Use readl_poll_timeout_atomic() in atomic state (git-fixes).
- net: systemport: Fix an error handling path in bcm_sysport_probe()
(git-fixes).
- net: thunderbolt: Enable DMA paths only after rings are enabled
(git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- net: wwan: iosm: Call mutex_init before locking it (git-fixes).
- net: wwan: iosm: remove pointless null check (git-fixes).
- net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes).
- net/mlx5: Drain fw_reset when removing device (git-fixes).
- net/mlx5e: Block rx-gro-hw feature in switchdev mode (git-fixes).
- net/mlx5e: Properly block HW GRO when XDP is enabled (git-fixes).
- net/mlx5e: Properly block LRO when XDP is enabled (git-fixes).
- net/mlx5e: Remove HW-GRO from reported features (git-fixes).
- net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes).
- net/qla3xxx: Fix a test in ql_reset_work() (git-fixes).
- net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()
(git-fixes).
- NFS: Do not decrease the value of seq_nr_highest_sent (git-fixes).
- NFS: fix problems with __nfs42_ssc_open (git-fixes).
- NFS: Fix races in the legacy idmapper upcall (git-fixes).
- NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests (git-fixes).
- NFS: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: RECLAIM_COMPLETE must handle EACCES (git-fixes).
- NFS: Turn off open-by-filehandle and NFS re-export for NFSv4.0
(git-fixes).
- NFS: Update mode bits after ALLOCATE and DEALLOCATE (git-fixes).
- NFSD: Clean up the show_nf_flags() macro (git-fixes).
- NFSD: eliminate the NFSD_FILE_BREAK_* flags (git-fixes).
- NFSD: Fix offset type in I/O trace points (git-fixes).
- NFSD: Report RDMA connection errors to the server (git-fixes).
- NFSD: restore EINVAL error translation in nfsd_commit() (git-fixes).
- of/device: Fix up of_dma_configure_id() stub (git-fixes).
- of/fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).
- parisc/sticon: fix reverse colors (bsc#1152489)
- parisc/stifb: Fix fb_is_primary_device() only available with
(bsc#1152489)
- parisc/stifb: Implement fb_is_primary_device() (bsc#1152489)
- parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489)
- PCI: Correct misspelled words (git-fixes).
- PCI: Disable MSI for Tegra234 Root Ports (git-fixes).
- PCI: Prefer 'unsigned int' over bare 'unsigned' (git-fixes).
- PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited (jsc#PED-387).
- pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes).
- pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes).
- pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes).
- platform/surface: aggregator_registry: Add support for Surface Laptop Go
2 (git-fixes).
- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap
fixes (git-fixes).
- platform/x86: i2c-multi-instantiate: Rename it for a generic serial
driver name (bsc#1203699).
- platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop
(bsc#1203699).
- platform/x86: serial-multi-instantiate: Add SPI support (bsc#1203699).
- platform/x86: serial-multi-instantiate: Reorganize I2C functions
(bsc#1203699).
- powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL
(bsc#1194869).
- ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).
- regulator: core: Clean up on enable failure (git-fixes).
- regulator: pfuze100: Fix the global-out-of-bounds access in
pfuze100_regulator_probe() (git-fixes).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
- s390: fix double free of GS and RI CBs on fork() failure (bsc#1203197
LTC#199895).
- s390/boot: fix absolute zero lowcore corruption on boot (git-fixes).
- scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD (bsc#1203039).
- scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).
- scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID
cases (bsc#1203939).
- scsi: lpfc: Add reporting capability for Link Degrade Signaling
(bsc#1203939).
- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).
- scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload
(bsc#1203939).
- scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same
NPort ID (bsc#1203939).
- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).
- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
- scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed
phba (bsc#1185032 bsc#1203939).
- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
- scsi: lpfc: Remove unneeded result variable (bsc#1203939).
- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd
(bsc#1203939).
- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE
(bsc#1203939).
- scsi: lpfc: Rework FDMI attribute registration for unintential padding
(bsc#1203939).
- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency
(bsc#1203939).
- scsi: lpfc: Update congestion mode logging for Emulex SAN Manager
application (bsc#1203939).
- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).
- scsi: mpt3sas: Fix use-after-free warning (git-fixes).
- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status
(bsc#1203935).
- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1()
(bsc#1203935).
- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
- scsi: qla2xxx: Define static symbols (bsc#1203935).
- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX
(bsc#1203935).
- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
- scsi: qla2xxx: Enhance driver tracing with separate tunable and more
(bsc#1203935).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).
- scsi: qla2xxx: Fix response queue handler reading stale packets
(bsc#1203935).
- scsi: qla2xxx: Fix spelling mistake "definiton" "definition"
(bsc#1203935).
- scsi: qla2xxx: Log message "skipping scsi_scan_host()" as informational
(bsc#1203935).
- scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).
- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue handler reading
stale packets" (bsc#1203935).
- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).
- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" (git-fixes).
- scsi: smartpqi: Add module param to disable managed ints (bsc#1203893).
- scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).
- selftests: Fix the if conditions of in test_extra_filter() (git-fixes).
- selftests: forwarding: add shebang for sch_red.sh (git-fixes).
- selftests: forwarding: Fix failing tests with old libnet (git-fixes).
- serial: atmel: remove redundant assignment in rs485_config (git-fixes).
- serial: Create uart_xmit_advance() (git-fixes).
- serial: fsl_lpuart: Reset prior to registration (git-fixes).
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
- soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
- spi: Add API to count spi acpi resources (bsc#1203699).
- spi: Create helper API to lookup ACPI info for spi device (bsc#1203699).
- spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe (git-fixes).
- spi: meson-spicc: do not rely on busy flag in pow2 clk ops (git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: propagate error code to the caller of acpi_spi_device_alloc()
(bsc#1203699).
- spi: qup: add missing clk_disable_unprepare on error in
spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
(git-fixes).
- spi: Return deferred probe error when controller isn't yet available
(bsc#1203699).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- spi: Support selection of the index of the ACPI Spi Resource before
alloc (bsc#1203699).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
(git-fixes).
- struct ehci_hcd: hide new element going into a hole (git-fixes).
- struct xhci_hcd: restore member now dynamically allocated (git-fixes).
- SUNRPC: Do not call connect() more than once on a TCP socket (git-fixes).
- SUNRPC: Do not leak sockets in xs_local_connect() (git-fixes).
- SUNRPC: fix expiry of auth creds (git-fixes).
- SUNRPC: Fix xdr_encode_bool() (git-fixes).
- SUNRPC: Reinitialise the backchannel request buffers before reuse
(git-fixes).
- SUNRPC: RPC level errors should set task->tk_rpc_status (git-fixes).
- thunderbolt: Add support for Intel Maple Ridge single port controller
(git-fixes).
- tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).
- tty: serial: atmel: Preserve previous USART mode if RS485 disabled
(git-fixes).
- USB: Add ignore-residue quirk for NXP PN7462AU (git-fixes).
- USB: add quirks for Lenovo OneLink+ Dock (git-fixes).
- USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).
- USB: core: Fix RST error in hub.c (git-fixes).
- USB: core: Prevent nested device-reset calls (git-fixes).
- USB: Drop commas after SoC match table sentinels (git-fixes).
- USB: dwc3: core: leave default DMA if the controller does not support
64-bit DMA (git-fixes).
- USB: dwc3: disable USB core PHY management (git-fixes).
- USB: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
(git-fixes).
- USB: dwc3: gadget: Do not modify GEVNTCOUNT in pullup() (git-fixes).
- USB: dwc3: gadget: Refactor pullup() (git-fixes).
- USB: dwc3: pci: Add support for Intel Raptor Lake (git-fixes).
- USB: Fix ehci infinite suspend-resume loop issue in zhaoxin (git-fixes).
- USB: Fix memory leak in usbnet_disconnect() (git-fixes).
- USB: host: xhci: fix a comment typo in xhci_mem_init() (git-fixes).
- USB: host: xhci: use ffs() in xhci_mem_init() (git-fixes).
- USB: hub: avoid warm port reset during USB3 disconnect (git-fixes).
- USB: serial: cp210x: add Decagon UCA device id (git-fixes).
- USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).
- USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- USB: serial: option: add Quectel EM060K modem (git-fixes).
- USB: serial: option: add Quectel RM520N (git-fixes).
- USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
(git-fixes).
- USB: serial: option: add support for OPPO R11 diag port (git-fixes).
- USB: storage: Add ASUS 0x0b05:0x1932 to IGNORE_UAS (git-fixes).
- USB: struct usb_device: hide new member (git-fixes).
- USB: typec: intel_pmc_mux: Add new ACPI ID for Meteor Lake IOM device
(git-fixes).
- USB: typec: tipd: Add an additional overflow check (git-fixes).
- USB: typec: tipd: Do not read/write more bytes than required (git-fixes).
- USB: typec: ucsi: Remove incorrect warning (git-fixes).
- USB: xhci-mtk: relax TT periodic bandwidth allocation (git-fixes).
- vfio/type1: Unpin zero pages (git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- video: fbdev: i740fb: Error out if 'pixclock' equals zero (git-fixes).
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
(git-fixes).
- virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement
(jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Add support to derive key (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Add support to get extended report (jsc#SLE-19924,
jsc#SLE-24814).
- virt: sevguest: Fix bool function returning negative value
(jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Fix return value check in alloc_shared_pages()
(jsc#SLE-19924, jsc#SLE-24814).
- vrf: fix packet sniffing for traffic originating from ip tunnels
(git-fixes).
- vt: Clear selection before changing the font (git-fixes).
- watchdog: wdat_wdt: Set the min and max timeout values properly
(bsc#1194023).
- wifi: ath10k: add peer map clean up for peer delete in
ath10k_sta_state() (git-fixes).
- wifi: ath11k: fix number of VHT beamformee spatial streams (git-fixes).
- wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
il4965_rs_fill_link_cmd() (git-fixes).
- wifi: mac80211_hwsim: check length for virtio packets (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh
(git-fixes).
- wifi: mac80211: fix regression with non-QoS drivers (git-fixes).
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
- wifi: mt76: fix reading current per-tid starting sequence number for
aggregation (git-fixes).
- wifi: mt76: mt7615: add mt7615_mutex_acquire/release in
mt7615_sta_set_decap_offload (git-fixes).
- wifi: mt76: mt7915: do not check state before configuring implicit
beamform (git-fixes).
- wifi: mt76: sdio: fix transmitting packet hangs (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
(git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
(git-fixes).
- wifi: rtlwifi: 8192de: correct checking of IQK reload (git-fixes).
- wifi: rtw88: add missing destroy_workqueue() on error path in
rtw_core_init() (git-fixes).
- workqueue: do not skip lockdep work dependency in cancel_work_sync()
(git-fixes).
- x86/boot: Add a pointer to Confidential Computing blob in bootparams
(jsc#SLE-19924, jsc#SLE-24814).
- x86/boot: Add Confidential Computing type to setup_data (jsc#SLE-19924,
jsc#SLE-24814).
- x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924,
jsc#SLE-24814).
- x86/boot: Put globals that are accessed early into the .data section
(jsc#SLE-19924, jsc#SLE-24814).
- x86/boot: Use MSR read/write helpers instead of inline assembly
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Add helper for validating pages in the decompression
stage (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Add SEV-SNP feature detection/setup (jsc#SLE-19924,
jsc#SLE-24814).
- x86/compressed: Export and rename add_identity_map() (jsc#SLE-19924,
jsc#SLE-24814).
- x86/compressed: Register GHCB memory when SEV-SNP is active
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP guests
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/64: Add identity mapping for Confidential Computing blob
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC handlers
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/64: Detect/setup SEV/SME features earlier during boot
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI config table lookup to helper
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI detection to helper (jsc#SLE-19924,
jsc#SLE-24814).
- x86/compressed/acpi: Move EFI kexec handling into common code
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI system table lookup to helper
(jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI vendor table lookup to helper
(jsc#SLE-19924, jsc#SLE-24814).
- x86/head/64: Re-enable stack protection (jsc#SLE-19924, jsc#SLE-24814).
- x86/ibt,ftrace: Make function-graph play nice (bsc#1203969).
- x86/kernel: Mark the .bss..decrypted section as shared in the RMP table
(jsc#SLE-19924, jsc#SLE-24814).
- x86/kernel: Validate ROM memory before accessing when SEV-SNP is active
(jsc#SLE-19924, jsc#SLE-24814).
- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
- x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924,
jsc#SLE-24814).
- x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Add a helper for the PVALIDATE instruction (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Add a sev= cmdline option (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Add helper for validating pages in early enc attribute changes
(jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Add missing __init annotations to SEV init routines
(jsc#SLE-19924 jsc#SLE-24814).
- x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Check SEV-SNP features support (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Detect/setup SEV/SME features earlier in boot (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Get the AP jump table address from secrets page (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Move MSR-based VMGEXITs for CPUID to helper (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Provide support for SNP guest request NAEs (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Register GHCB memory when SEV-SNP is active (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Register SEV-SNP guest request platform device (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Use firmware-validated CPUID for SEV-SNP guests (jsc#SLE-19924,
jsc#SLE-24814).
- x86/sev: Use SEV-SNP AP creation to start secondary CPUs (jsc#SLE-19924,
jsc#SLE-24814).
- x86/xen: Remove undefined behavior in setup_features() (git-fixes).
- xen-blkback: Advertise feature-persistent as user requested (git-fixes).
- xen-blkback: Apply 'feature_persistent' parameter when connect
(git-fixes).
- xen-blkback: fix persistent grants negotiation (git-fixes).
- xen-blkfront: Advertise feature-persistent as user requested (git-fixes).
- xen-blkfront: Apply 'feature_persistent' parameter when connect
(git-fixes).
- xen-blkfront: Cache feature_persistent value before advertisement
(git-fixes).
- xen-blkfront: Handle NULL gendisk (git-fixes).
- xen-netback: only remove 'hotplug-status' when the vif is actually
destroyed (git-fixes).
- xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes).
- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE (git-fixes).
- xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
(git-fixes).
- xen/usb: do not use arbitrary_virt_to_machine() (git-fixes).
- xhci: Allocate separate command structures for each LPM command
(git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3844=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3844=1
- SUSE Linux Enterprise Module for Live Patching 15-SP4:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2022-3844=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-3844=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3844=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3844=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3844=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-3844=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.28.1
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.28.1
dlm-kmp-default-5.14.21-150400.24.28.1
dlm-kmp-default-debuginfo-5.14.21-150400.24.28.1
gfs2-kmp-default-5.14.21-150400.24.28.1
gfs2-kmp-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-5.14.21-150400.24.28.1
kernel-default-base-5.14.21-150400.24.28.1.150400.24.9.5
kernel-default-base-rebuild-5.14.21-150400.24.28.1.150400.24.9.5
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
kernel-default-devel-5.14.21-150400.24.28.1
kernel-default-devel-debuginfo-5.14.21-150400.24.28.1
kernel-default-extra-5.14.21-150400.24.28.1
kernel-default-extra-debuginfo-5.14.21-150400.24.28.1
kernel-default-livepatch-5.14.21-150400.24.28.1
kernel-default-livepatch-devel-5.14.21-150400.24.28.1
kernel-default-optional-5.14.21-150400.24.28.1
kernel-default-optional-debuginfo-5.14.21-150400.24.28.1
kernel-obs-build-5.14.21-150400.24.28.1
kernel-obs-build-debugsource-5.14.21-150400.24.28.1
kernel-obs-qa-5.14.21-150400.24.28.1
kernel-syms-5.14.21-150400.24.28.1
kselftests-kmp-default-5.14.21-150400.24.28.1
kselftests-kmp-default-debuginfo-5.14.21-150400.24.28.1
ocfs2-kmp-default-5.14.21-150400.24.28.1
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.28.1
reiserfs-kmp-default-5.14.21-150400.24.28.1
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.28.1
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
kernel-kvmsmall-5.14.21-150400.24.28.1
kernel-kvmsmall-debuginfo-5.14.21-150400.24.28.1
kernel-kvmsmall-debugsource-5.14.21-150400.24.28.1
kernel-kvmsmall-devel-5.14.21-150400.24.28.1
kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.28.1
kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.28.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-5.14.21-150400.24.28.1
kernel-debug-debuginfo-5.14.21-150400.24.28.1
kernel-debug-debugsource-5.14.21-150400.24.28.1
kernel-debug-devel-5.14.21-150400.24.28.1
kernel-debug-devel-debuginfo-5.14.21-150400.24.28.1
kernel-debug-livepatch-devel-5.14.21-150400.24.28.1
- openSUSE Leap 15.4 (aarch64):
cluster-md-kmp-64kb-5.14.21-150400.24.28.1
cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.28.1
dlm-kmp-64kb-5.14.21-150400.24.28.1
dlm-kmp-64kb-debuginfo-5.14.21-150400.24.28.1
dtb-allwinner-5.14.21-150400.24.28.1
dtb-altera-5.14.21-150400.24.28.1
dtb-amazon-5.14.21-150400.24.28.1
dtb-amd-5.14.21-150400.24.28.1
dtb-amlogic-5.14.21-150400.24.28.1
dtb-apm-5.14.21-150400.24.28.1
dtb-apple-5.14.21-150400.24.28.1
dtb-arm-5.14.21-150400.24.28.1
dtb-broadcom-5.14.21-150400.24.28.1
dtb-cavium-5.14.21-150400.24.28.1
dtb-exynos-5.14.21-150400.24.28.1
dtb-freescale-5.14.21-150400.24.28.1
dtb-hisilicon-5.14.21-150400.24.28.1
dtb-lg-5.14.21-150400.24.28.1
dtb-marvell-5.14.21-150400.24.28.1
dtb-mediatek-5.14.21-150400.24.28.1
dtb-nvidia-5.14.21-150400.24.28.1
dtb-qcom-5.14.21-150400.24.28.1
dtb-renesas-5.14.21-150400.24.28.1
dtb-rockchip-5.14.21-150400.24.28.1
dtb-socionext-5.14.21-150400.24.28.1
dtb-sprd-5.14.21-150400.24.28.1
dtb-xilinx-5.14.21-150400.24.28.1
gfs2-kmp-64kb-5.14.21-150400.24.28.1
gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.28.1
kernel-64kb-5.14.21-150400.24.28.1
kernel-64kb-debuginfo-5.14.21-150400.24.28.1
kernel-64kb-debugsource-5.14.21-150400.24.28.1
kernel-64kb-devel-5.14.21-150400.24.28.1
kernel-64kb-devel-debuginfo-5.14.21-150400.24.28.1
kernel-64kb-extra-5.14.21-150400.24.28.1
kernel-64kb-extra-debuginfo-5.14.21-150400.24.28.1
kernel-64kb-livepatch-devel-5.14.21-150400.24.28.1
kernel-64kb-optional-5.14.21-150400.24.28.1
kernel-64kb-optional-debuginfo-5.14.21-150400.24.28.1
kselftests-kmp-64kb-5.14.21-150400.24.28.1
kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.28.1
ocfs2-kmp-64kb-5.14.21-150400.24.28.1
ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.28.1
reiserfs-kmp-64kb-5.14.21-150400.24.28.1
reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.28.1
- openSUSE Leap 15.4 (noarch):
kernel-devel-5.14.21-150400.24.28.1
kernel-docs-5.14.21-150400.24.28.1
kernel-docs-html-5.14.21-150400.24.28.1
kernel-macros-5.14.21-150400.24.28.1
kernel-source-5.14.21-150400.24.28.1
kernel-source-vanilla-5.14.21-150400.24.28.1
- openSUSE Leap 15.4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.28.1
kernel-zfcpdump-debuginfo-5.14.21-150400.24.28.1
kernel-zfcpdump-debugsource-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
kernel-default-extra-5.14.21-150400.24.28.1
kernel-default-extra-debuginfo-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Live Patching 15-SP4 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
kernel-default-livepatch-5.14.21-150400.24.28.1
kernel-default-livepatch-devel-5.14.21-150400.24.28.1
kernel-livepatch-5_14_21-150400_24_28-default-1-150400.9.3.5
kernel-livepatch-5_14_21-150400_24_28-default-debuginfo-1-150400.9.3.5
kernel-livepatch-SLE15-SP4_Update_4-debugsource-1-150400.9.3.5
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
reiserfs-kmp-default-5.14.21-150400.24.28.1
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.14.21-150400.24.28.1
kernel-obs-build-debugsource-5.14.21-150400.24.28.1
kernel-syms-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
kernel-docs-5.14.21-150400.24.28.1
kernel-source-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-5.14.21-150400.24.28.1
kernel-default-base-5.14.21-150400.24.28.1.150400.24.9.5
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
kernel-default-devel-5.14.21-150400.24.28.1
kernel-default-devel-debuginfo-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64):
kernel-64kb-5.14.21-150400.24.28.1
kernel-64kb-debuginfo-5.14.21-150400.24.28.1
kernel-64kb-debugsource-5.14.21-150400.24.28.1
kernel-64kb-devel-5.14.21-150400.24.28.1
kernel-64kb-devel-debuginfo-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
kernel-devel-5.14.21-150400.24.28.1
kernel-macros-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.28.1
kernel-zfcpdump-debuginfo-5.14.21-150400.24.28.1
kernel-zfcpdump-debugsource-5.14.21-150400.24.28.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
kernel-default-5.14.21-150400.24.28.1
kernel-default-base-5.14.21-150400.24.28.1.150400.24.9.5
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.28.1
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.28.1
dlm-kmp-default-5.14.21-150400.24.28.1
dlm-kmp-default-debuginfo-5.14.21-150400.24.28.1
gfs2-kmp-default-5.14.21-150400.24.28.1
gfs2-kmp-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debuginfo-5.14.21-150400.24.28.1
kernel-default-debugsource-5.14.21-150400.24.28.1
ocfs2-kmp-default-5.14.21-150400.24.28.1
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.28.1
References:
https://www.suse.com/security/cve/CVE-2022-1263.html
https://www.suse.com/security/cve/CVE-2022-2586.html
https://www.suse.com/security/cve/CVE-2022-3202.html
https://www.suse.com/security/cve/CVE-2022-32296.html
https://www.suse.com/security/cve/CVE-2022-3239.html
https://www.suse.com/security/cve/CVE-2022-3303.html
https://www.suse.com/security/cve/CVE-2022-39189.html
https://www.suse.com/security/cve/CVE-2022-41218.html
https://www.suse.com/security/cve/CVE-2022-41674.html
https://www.suse.com/security/cve/CVE-2022-41848.html
https://www.suse.com/security/cve/CVE-2022-41849.html
https://www.suse.com/security/cve/CVE-2022-42719.html
https://www.suse.com/security/cve/CVE-2022-42720.html
https://www.suse.com/security/cve/CVE-2022-42721.html
https://www.suse.com/security/cve/CVE-2022-42722.html
https://bugzilla.suse.com/1185032
https://bugzilla.suse.com/1190497
https://bugzilla.suse.com/1194023
https://bugzilla.suse.com/1194869
https://bugzilla.suse.com/1195917
https://bugzilla.suse.com/1196444
https://bugzilla.suse.com/1196869
https://bugzilla.suse.com/1197659
https://bugzilla.suse.com/1198189
https://bugzilla.suse.com/1200288
https://bugzilla.suse.com/1200622
https://bugzilla.suse.com/1201309
https://bugzilla.suse.com/1201310
https://bugzilla.suse.com/1201987
https://bugzilla.suse.com/1202095
https://bugzilla.suse.com/1202960
https://bugzilla.suse.com/1203039
https://bugzilla.suse.com/1203066
https://bugzilla.suse.com/1203101
https://bugzilla.suse.com/1203197
https://bugzilla.suse.com/1203263
https://bugzilla.suse.com/1203338
https://bugzilla.suse.com/1203360
https://bugzilla.suse.com/1203361
https://bugzilla.suse.com/1203389
https://bugzilla.suse.com/1203410
https://bugzilla.suse.com/1203505
https://bugzilla.suse.com/1203552
https://bugzilla.suse.com/1203664
https://bugzilla.suse.com/1203693
https://bugzilla.suse.com/1203699
https://bugzilla.suse.com/1203767
https://bugzilla.suse.com/1203769
https://bugzilla.suse.com/1203770
https://bugzilla.suse.com/1203794
https://bugzilla.suse.com/1203798
https://bugzilla.suse.com/1203893
https://bugzilla.suse.com/1203902
https://bugzilla.suse.com/1203906
https://bugzilla.suse.com/1203908
https://bugzilla.suse.com/1203935
https://bugzilla.suse.com/1203939
https://bugzilla.suse.com/1203987
https://bugzilla.suse.com/1203992
https://bugzilla.suse.com/1204051
https://bugzilla.suse.com/1204059
https://bugzilla.suse.com/1204060
https://bugzilla.suse.com/1204125
1
0
SUSE-SU-2022:3843-1: critical: Security update for openssl-3
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for openssl-3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3843-1
Rating: critical
References: #1204226 #1204714
Cross-References: CVE-2022-3358 CVE-2022-3602 CVE-2022-3786
CVSS scores:
CVE-2022-3358 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-3358 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-3602 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3786 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for openssl-3 fixes the following issues:
- CVE-2022-3358: Fixed vulnerability where a custom cipher passed to
EVP_CipherInit() could lead into NULL encryption being unexpectedly used
(bsc#1204226).
- CVE-2022-3602: Fixed a buffer overflow in the X.509 email address.
(bsc#1204714)
- CVE-2022-3786: Fixed another buffer overflow related to X.509 email
address. (bsc#1204714)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3843=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3843=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenssl-3-devel-3.0.1-150400.4.11.1
libopenssl3-3.0.1-150400.4.11.1
libopenssl3-debuginfo-3.0.1-150400.4.11.1
openssl-3-3.0.1-150400.4.11.1
openssl-3-debuginfo-3.0.1-150400.4.11.1
openssl-3-debugsource-3.0.1-150400.4.11.1
- openSUSE Leap 15.4 (x86_64):
libopenssl-3-devel-32bit-3.0.1-150400.4.11.1
libopenssl3-32bit-3.0.1-150400.4.11.1
libopenssl3-32bit-debuginfo-3.0.1-150400.4.11.1
- openSUSE Leap 15.4 (noarch):
openssl-3-doc-3.0.1-150400.4.11.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenssl-3-devel-3.0.1-150400.4.11.1
libopenssl3-3.0.1-150400.4.11.1
libopenssl3-debuginfo-3.0.1-150400.4.11.1
openssl-3-3.0.1-150400.4.11.1
openssl-3-debuginfo-3.0.1-150400.4.11.1
openssl-3-debugsource-3.0.1-150400.4.11.1
References:
https://www.suse.com/security/cve/CVE-2022-3358.html
https://www.suse.com/security/cve/CVE-2022-3602.html
https://www.suse.com/security/cve/CVE-2022-3786.html
https://bugzilla.suse.com/1204226
https://bugzilla.suse.com/1204714
1
0
SUSE-SU-2022:3829-1: important: Security update for hdf5
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for hdf5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3829-1
Rating: important
References: #1093663 #1101475 #1101906 #1107069 #1111598
#1125882 #1167400 #1194366 #1194375 #1195212
#1195215
Cross-References: CVE-2018-11205 CVE-2018-13867 CVE-2018-14031
CVE-2018-16438 CVE-2018-17439 CVE-2019-8396
CVE-2020-10812 CVE-2021-45830 CVE-2021-45833
CVE-2021-46242 CVE-2021-46244
CVSS scores:
CVE-2018-11205 (NVD) : 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2018-11205 (SUSE): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2018-13867 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-13867 (SUSE): 5.3 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L
CVE-2018-14031 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-14031 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-16438 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16438 (SUSE): 2.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
CVE-2018-17439 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-17439 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2019-8396 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-8396 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-10812 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-10812 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-45830 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45830 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-45833 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45833 (SUSE): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-46242 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-46242 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-46244 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-46244 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for HPC 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for hdf5 fixes the following issues:
- CVE-2021-46244: Fixed division by zero leading to DoS (bsc#1195215).
- CVE-2018-13867: Fixed out of bounds read in the function
H5F__accum_read in H5Faccum.c (bsc#1101906).
- CVE-2018-16438: Fixed out of bounds read in H5L_extern_query at
H5Lexternal.c (bsc#1107069).
- CVE-2020-10812: Fixed NULL pointer dereference (bsc#1167400).
- CVE-2021-45830: Fixed heap buffer overflow vulnerability in
H5F_addr_decode_len in /hdf5/src/H5Fint.c (bsc#1194375).
- CVE-2019-8396: Fixed buffer overflow in function H5O__layout_encode
in H5Olayout.c (bsc#1125882).
- CVE-2018-11205: Fixed out of bounds read was discovered in
H5VM_memcpyvv in H5VM.c (bsc#1093663).
- CVE-2021-46242: Fixed heap-use-after free via the component
H5AC_unpin_entry (bsc#1195212).
- CVE-2021-45833: Fixed stack buffer overflow vulnerability
(bsc#1194366).
- CVE-2018-14031: Fixed heap-based buffer over-read in the function
H5T_copy in H5T.c (bsc#1101475).
- CVE-2018-17439: Fixed out of bounds read in the function
H5F__accum_read in H5Faccum.c (bsc#1111598).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3829=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3829=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3829=1
- SUSE Linux Enterprise Module for HPC 15-SP3:
zypper in -t patch SUSE-SLE-Module-HPC-15-SP3-2022-3829=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-hpc-examples-1.10.8-150300.4.6.1
libhdf5-gnu-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
- openSUSE Leap 15.4 (noarch):
hdf5-gnu-hpc-1.10.8-150300.4.6.1
hdf5-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5-hpc-examples-1.10.8-150300.4.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-hpc-examples-1.10.8-150300.4.6.1
libhdf5-gnu-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
- openSUSE Leap 15.3 (noarch):
hdf5-gnu-hpc-1.10.8-150300.4.6.1
hdf5-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5-hpc-examples-1.10.8-150300.4.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (ppc64le s390x):
hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-hpc-examples-1.10.8-150300.4.6.1
libhdf5-gnu-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
hdf5-gnu-hpc-1.10.8-150300.4.6.1
hdf5-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5-hpc-examples-1.10.8-150300.4.6.1
- SUSE Linux Enterprise Module for HPC 15-SP3 (aarch64 x86_64):
hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-debugsource-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-devel-static-1.10.8-150300.4.6.1
hdf5_1_10_8-gnu-openmpi4-hpc-module-1.10.8-150300.4.6.1
hdf5_1_10_8-hpc-examples-1.10.8-150300.4.6.1
libhdf5-gnu-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-debuginfo-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-debuginfo-1.10.8-150300.4.6.1
- SUSE Linux Enterprise Module for HPC 15-SP3 (noarch):
hdf5-gnu-hpc-1.10.8-150300.4.6.1
hdf5-gnu-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mpich-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-1.10.8-150300.4.6.1
hdf5-gnu-mvapich2-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi3-hpc-devel-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-1.10.8-150300.4.6.1
hdf5-gnu-openmpi4-hpc-devel-1.10.8-150300.4.6.1
hdf5-hpc-examples-1.10.8-150300.4.6.1
References:
https://www.suse.com/security/cve/CVE-2018-11205.html
https://www.suse.com/security/cve/CVE-2018-13867.html
https://www.suse.com/security/cve/CVE-2018-14031.html
https://www.suse.com/security/cve/CVE-2018-16438.html
https://www.suse.com/security/cve/CVE-2018-17439.html
https://www.suse.com/security/cve/CVE-2019-8396.html
https://www.suse.com/security/cve/CVE-2020-10812.html
https://www.suse.com/security/cve/CVE-2021-45830.html
https://www.suse.com/security/cve/CVE-2021-45833.html
https://www.suse.com/security/cve/CVE-2021-46242.html
https://www.suse.com/security/cve/CVE-2021-46244.html
https://bugzilla.suse.com/1093663
https://bugzilla.suse.com/1101475
https://bugzilla.suse.com/1101906
https://bugzilla.suse.com/1107069
https://bugzilla.suse.com/1111598
https://bugzilla.suse.com/1125882
https://bugzilla.suse.com/1167400
https://bugzilla.suse.com/1194366
https://bugzilla.suse.com/1194375
https://bugzilla.suse.com/1195212
https://bugzilla.suse.com/1195215
1
0
SUSE-SU-2022:3836-1: moderate: Security update for python-lxml
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for python-lxml
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3836-1
Rating: moderate
References: #1179534 #1184177
Cross-References: CVE-2020-27783 CVE-2021-28957
CVSS scores:
CVE-2020-27783 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2020-27783 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2021-28957 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2021-28957 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for python-lxml fixes the following issues:
- CVE-2021-28957: Fixed XSS due to missing input sanitization for HTML5
attributes (bsc#1184177).
- CVE-2020-27783: Fixed XSS due to the use of improper parser
(bsc#1179534).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3836=1
Package List:
- openSUSE Leap 15.3 (noarch):
python2-lxml-doc-4.0.0-150000.4.3.1
python3-lxml-doc-4.0.0-150000.4.3.1
References:
https://www.suse.com/security/cve/CVE-2020-27783.html
https://www.suse.com/security/cve/CVE-2021-28957.html
https://bugzilla.suse.com/1179534
https://bugzilla.suse.com/1184177
1
0
SUSE-SU-2022:3830-1: moderate: Security update for php7
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3830-1
Rating: moderate
References: #1203867 #1203870
Cross-References: CVE-2022-31628 CVE-2022-31629
CVSS scores:
CVE-2022-31628 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31628 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-31629 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for php7 fixes the following issues:
- CVE-2022-31628: Fixed an uncontrolled recursion in the phar uncompressor
while decompressing "quines" gzip files. (bsc#1203867)
- CVE-2022-31629: Fixed a bug which could lead an attacker to set an
insecure cookie that will treated as secure in the victim's browser.
(bsc#1203870)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3830=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
php7-wddx-7.2.5-150000.4.98.2
php7-wddx-debuginfo-7.2.5-150000.4.98.2
References:
https://www.suse.com/security/cve/CVE-2022-31628.html
https://www.suse.com/security/cve/CVE-2022-31629.html
https://bugzilla.suse.com/1203867
https://bugzilla.suse.com/1203870
1
0
SUSE-SU-2022:3827-1: important: Security update for hdf5
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for hdf5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3827-1
Rating: important
References: #1093663 #1101475 #1101906 #1107069 #1111598
#1125882 #1167400 #1194366 #1194375 #1195212
#1195215
Cross-References: CVE-2018-11205 CVE-2018-13867 CVE-2018-14031
CVE-2018-16438 CVE-2018-17439 CVE-2019-8396
CVE-2020-10812 CVE-2021-45830 CVE-2021-45833
CVE-2021-46242 CVE-2021-46244
CVSS scores:
CVE-2018-11205 (NVD) : 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2018-11205 (SUSE): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2018-13867 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-13867 (SUSE): 5.3 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L
CVE-2018-14031 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-14031 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-16438 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16438 (SUSE): 2.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
CVE-2018-17439 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-17439 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2019-8396 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-8396 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-10812 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-10812 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-45830 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45830 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-45833 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45833 (SUSE): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-46242 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-46242 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2021-46244 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-46244 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for hdf5 fixes the following issues:
- CVE-2021-46244: Fixed division by zero leading to DoS (bsc#1195215).
- CVE-2018-13867: Fixed out of bounds read in the function
H5F__accum_read in H5Faccum.c (bsc#1101906).
- CVE-2018-16438: Fixed out of bounds read in H5L_extern_query at
H5Lexternal.c (bsc#1107069).
- CVE-2020-10812: Fixed NULL pointer dereference (bsc#1167400).
- CVE-2021-45830: Fixed heap buffer overflow vulnerability in
H5F_addr_decode_len in /hdf5/src/H5Fint.c (bsc#1194375).
- CVE-2019-8396: Fixed buffer overflow in function H5O__layout_encode
in H5Olayout.c (bsc#1125882).
- CVE-2018-11205: Fixed out of bounds read was discovered in
H5VM_memcpyvv in H5VM.c (bsc#1093663).
- CVE-2021-46242: Fixed heap-use-after free via the component
H5AC_unpin_entry (bsc#1195212).
- CVE-2021-45833: Fixed stack buffer overflow vulnerability
(bsc#1194366).
- CVE-2018-14031: Fixed heap-based buffer over-read in the function
H5T_copy in H5T.c (bsc#1101475).
- CVE-2018-17439: Fixed out of bounds read in the function
H5F__accum_read in H5Faccum.c (bsc#1111598).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3827=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3827=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3827=1
Package List:
- openSUSE Leap 15.4 (ppc64le):
hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-hpc-examples-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-hpc-examples-1.10.8-150100.7.7.1
libhdf5-gnu-hpc-1.10.8-150100.7.7.1
libhdf5-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
hdf5-gnu-hpc-devel-1.10.8-150100.7.7.1
hdf5-gnu-mpich-hpc-devel-1.10.8-150100.7.7.1
hdf5-gnu-mvapich2-hpc-devel-1.10.8-150100.7.7.1
hdf5-gnu-openmpi2-hpc-devel-1.10.8-150100.7.7.1
hdf5-hpc-examples-1.10.8-150100.7.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
hdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150100.7.7.1
hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150100.7.7.1
hdf5_1_10_8-hpc-examples-1.10.8-150100.7.7.1
libhdf5-gnu-hpc-1.10.8-150100.7.7.1
libhdf5-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-hpc-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150100.7.7.1
libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150100.7.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
hdf5-gnu-hpc-devel-1.10.8-150100.7.7.1
hdf5-gnu-mpich-hpc-devel-1.10.8-150100.7.7.1
hdf5-gnu-mvapich2-hpc-devel-1.10.8-150100.7.7.1
hdf5-gnu-openmpi2-hpc-devel-1.10.8-150100.7.7.1
hdf5-hpc-examples-1.10.8-150100.7.7.1
References:
https://www.suse.com/security/cve/CVE-2018-11205.html
https://www.suse.com/security/cve/CVE-2018-13867.html
https://www.suse.com/security/cve/CVE-2018-14031.html
https://www.suse.com/security/cve/CVE-2018-16438.html
https://www.suse.com/security/cve/CVE-2018-17439.html
https://www.suse.com/security/cve/CVE-2019-8396.html
https://www.suse.com/security/cve/CVE-2020-10812.html
https://www.suse.com/security/cve/CVE-2021-45830.html
https://www.suse.com/security/cve/CVE-2021-45833.html
https://www.suse.com/security/cve/CVE-2021-46242.html
https://www.suse.com/security/cve/CVE-2021-46244.html
https://bugzilla.suse.com/1093663
https://bugzilla.suse.com/1101475
https://bugzilla.suse.com/1101906
https://bugzilla.suse.com/1107069
https://bugzilla.suse.com/1111598
https://bugzilla.suse.com/1125882
https://bugzilla.suse.com/1167400
https://bugzilla.suse.com/1194366
https://bugzilla.suse.com/1194375
https://bugzilla.suse.com/1195212
https://bugzilla.suse.com/1195215
1
0
SUSE-SU-2022:3837-1: moderate: Security update for gnome-desktop
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for gnome-desktop
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3837-1
Rating: moderate
References: #1133043
Cross-References: CVE-2019-11460
CVSS scores:
CVE-2019-11460 (NVD) : 9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE-2019-11460 (SUSE): 4.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for gnome-desktop fixes the following issues:
- CVE-2019-11460: Fixed sandbox issue that allowed bypassing from a
compromised thumbnailer (bsc#1133043).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3837=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3837=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libgnome-desktop-3-12-3.26.2-150000.4.3.1
libgnome-desktop-3-12-debuginfo-3.26.2-150000.4.3.1
- openSUSE Leap 15.4 (x86_64):
libgnome-desktop-3-12-32bit-3.26.2-150000.4.3.1
libgnome-desktop-3-12-32bit-debuginfo-3.26.2-150000.4.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libgnome-desktop-3-12-3.26.2-150000.4.3.1
libgnome-desktop-3-12-debuginfo-3.26.2-150000.4.3.1
- openSUSE Leap 15.3 (x86_64):
libgnome-desktop-3-12-32bit-3.26.2-150000.4.3.1
libgnome-desktop-3-12-32bit-debuginfo-3.26.2-150000.4.3.1
References:
https://www.suse.com/security/cve/CVE-2019-11460.html
https://bugzilla.suse.com/1133043
1
0
SUSE-SU-2022:3834-1: moderate: Security update for python-Flask-Security
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for python-Flask-Security
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3834-1
Rating: moderate
References: #1202105
Cross-References: CVE-2021-23385
CVSS scores:
CVE-2021-23385 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2021-23385 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Flask-Security fixes the following issues:
- CVE-2021-23385: Fixed open redirect (bsc#1202105).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3834=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3834=1
Package List:
- openSUSE Leap 15.4 (noarch):
python3-Flask-Security-3.0.0-150100.4.3.1
- openSUSE Leap 15.3 (noarch):
python2-Flask-Security-3.0.0-150100.4.3.1
python3-Flask-Security-3.0.0-150100.4.3.1
References:
https://www.suse.com/security/cve/CVE-2021-23385.html
https://bugzilla.suse.com/1202105
1
0
SUSE-SU-2022:3833-1: moderate: Security update for podofo
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for podofo
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3833-1
Rating: moderate
References: #1099719
Cross-References: CVE-2018-12983
CVSS scores:
CVE-2018-12983 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-12983 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for podofo fixes the following issues:
- CVE-2018-12983: Fixed a stack overrun (bsc#1099719).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3833=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3833=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpodofo-devel-0.9.6-150300.3.6.1
libpodofo0_9_6-0.9.6-150300.3.6.1
libpodofo0_9_6-debuginfo-0.9.6-150300.3.6.1
podofo-0.9.6-150300.3.6.1
podofo-debuginfo-0.9.6-150300.3.6.1
podofo-debugsource-0.9.6-150300.3.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpodofo-devel-0.9.6-150300.3.6.1
libpodofo0_9_6-0.9.6-150300.3.6.1
libpodofo0_9_6-debuginfo-0.9.6-150300.3.6.1
podofo-0.9.6-150300.3.6.1
podofo-debuginfo-0.9.6-150300.3.6.1
podofo-debugsource-0.9.6-150300.3.6.1
References:
https://www.suse.com/security/cve/CVE-2018-12983.html
https://bugzilla.suse.com/1099719
1
0
SUSE-SU-2022:3823-1: important: Security update for hsqldb
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for hsqldb
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3823-1
Rating: important
References: #1204521
Cross-References: CVE-2022-41853
CVSS scores:
CVE-2022-41853 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41853 (SUSE): 8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for hsqldb fixes the following issues:
- CVE-2022-41853: Fixed insufficient input sanitization (bsc#1204521).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3823=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3823=1
Package List:
- openSUSE Leap 15.4 (noarch):
hsqldb-2.3.3-150000.7.3.1
hsqldb-demo-2.3.3-150000.7.3.1
hsqldb-javadoc-2.3.3-150000.7.3.1
hsqldb-manual-2.3.3-150000.7.3.1
- openSUSE Leap 15.3 (noarch):
hsqldb-2.3.3-150000.7.3.1
hsqldb-demo-2.3.3-150000.7.3.1
hsqldb-javadoc-2.3.3-150000.7.3.1
hsqldb-manual-2.3.3-150000.7.3.1
References:
https://www.suse.com/security/cve/CVE-2022-41853.html
https://bugzilla.suse.com/1204521
1
0
SUSE-SU-2022:3835-1: moderate: Security update for nodejs10
by opensuse-security@opensuse.org 01 Nov '22
by opensuse-security@opensuse.org 01 Nov '22
01 Nov '22
SUSE Security Update: Security update for nodejs10
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3835-1
Rating: moderate
References: #1201325 #1203832
Cross-References: CVE-2022-32213 CVE-2022-35256
CVSS scores:
CVE-2022-32213 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2022-32213 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2022-35256 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for nodejs10 fixes the following issues:
- CVE-2022-35256: Fixed incorrect parsing of header fields (bsc#1203832).
- CVE-2022-32213: Fixed bypass via obs-fold mechanic (bsc#1201325).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3835=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3835=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.50.1
nodejs10-debuginfo-10.24.1-150000.1.50.1
nodejs10-debugsource-10.24.1-150000.1.50.1
nodejs10-devel-10.24.1-150000.1.50.1
npm10-10.24.1-150000.1.50.1
- openSUSE Leap 15.4 (noarch):
nodejs10-docs-10.24.1-150000.1.50.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.50.1
nodejs10-debuginfo-10.24.1-150000.1.50.1
nodejs10-debugsource-10.24.1-150000.1.50.1
nodejs10-devel-10.24.1-150000.1.50.1
npm10-10.24.1-150000.1.50.1
- openSUSE Leap 15.3 (noarch):
nodejs10-docs-10.24.1-150000.1.50.1
References:
https://www.suse.com/security/cve/CVE-2022-32213.html
https://www.suse.com/security/cve/CVE-2022-35256.html
https://bugzilla.suse.com/1201325
https://bugzilla.suse.com/1203832
1
0