openSUSE Security Announce
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
April 2022
- 2 participants
- 61 discussions
SUSE-SU-2022:1477-1: moderate: Security update for python-Twisted
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for python-Twisted
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1477-1
Rating: moderate
References: #1198086
Cross-References: CVE-2022-24801
CVSS scores:
CVE-2022-24801 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24801 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Twisted fixes the following issues:
- CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to
prevent HTTP request smuggling. (bsc#1198086)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1477=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1477=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1477=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1477=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1477=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.9.1
python-Twisted-debugsource-19.10.0-150200.3.9.1
python2-Twisted-19.10.0-150200.3.9.1
python2-Twisted-debuginfo-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.9.1
python-Twisted-debugsource-19.10.0-150200.3.9.1
python-Twisted-doc-19.10.0-150200.3.9.1
python2-Twisted-19.10.0-150200.3.9.1
python2-Twisted-debuginfo-19.10.0-150200.3.9.1
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.9.1
python-Twisted-debugsource-19.10.0-150200.3.9.1
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debugsource-19.10.0-150200.3.9.1
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
References:
https://www.suse.com/security/cve/CVE-2022-24801.html
https://bugzilla.suse.com/1198086
1
0
SUSE-SU-2022:1479-1: moderate: Security update for jasper
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for jasper
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1479-1
Rating: moderate
References: #1182104 #1182105 #1184757 #1184798
Cross-References: CVE-2021-26926 CVE-2021-26927 CVE-2021-3443
CVE-2021-3467
CVSS scores:
CVE-2021-26926 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2021-26926 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2021-26927 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-26927 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-3443 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3443 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3467 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3467 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for jasper fixes the following issues:
- CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757).
- CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
- CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
- CVE-2021-26926: Fixed an out of bounds read in jp2_decode()
(bsc#1182105).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1479=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1479=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1479=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1479=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1479=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1479=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1479=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
jasper-2.0.14-150000.3.25.1
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- openSUSE Leap 15.4 (x86_64):
libjasper4-32bit-2.0.14-150000.3.25.1
libjasper4-32bit-debuginfo-2.0.14-150000.3.25.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
jasper-2.0.14-150000.3.25.1
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- openSUSE Leap 15.3 (x86_64):
libjasper4-32bit-2.0.14-150000.3.25.1
libjasper4-32bit-debuginfo-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
References:
https://www.suse.com/security/cve/CVE-2021-26926.html
https://www.suse.com/security/cve/CVE-2021-26927.html
https://www.suse.com/security/cve/CVE-2021-3443.html
https://www.suse.com/security/cve/CVE-2021-3467.html
https://bugzilla.suse.com/1182104
https://bugzilla.suse.com/1182105
https://bugzilla.suse.com/1184757
https://bugzilla.suse.com/1184798
1
0
SUSE-SU-2022:1476-1: moderate: Security update for libcaca
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for libcaca
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1476-1
Rating: moderate
References: #1197028
Cross-References: CVE-2022-0856
CVSS scores:
CVE-2022-0856 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0856 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libcaca fixes the following issues:
- CVE-2022-0856: Fixed a divide by zero issue which could be exploited to
cause an application crash (bsc#1197028).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1476=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1476=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1476=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1476=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1476=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
caca-utils-0.99.beta19.git20171003-150200.11.6.1
caca-utils-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.4 (x86_64):
libcaca0-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.4 (noarch):
python3-caca-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
caca-utils-0.99.beta19.git20171003-150200.11.6.1
caca-utils-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.3 (noarch):
python3-caca-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.3 (x86_64):
libcaca0-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
References:
https://www.suse.com/security/cve/CVE-2022-0856.html
https://bugzilla.suse.com/1197028
1
0
SUSE-SU-2022:0731-2: important: Security update for mariadb
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for mariadb
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:0731-2
Rating: important
References: #1195325 #1195334 #1195339 #1196016 SLE-22245
Cross-References: CVE-2021-46657 CVE-2021-46658 CVE-2021-46659
CVE-2021-46661 CVE-2021-46663 CVE-2021-46664
CVE-2021-46665 CVE-2021-46668 CVE-2022-24048
CVE-2022-24050 CVE-2022-24051 CVE-2022-24052
CVSS scores:
CVE-2021-46657 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46657 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-46658 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46658 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-46659 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46659 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-46661 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46661 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46663 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46663 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46664 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46665 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46668 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24048 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24050 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24051 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24052 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 12 vulnerabilities, contains one
feature is now available.
Description:
This update for mariadb fixes the following issues:
- Update to 10.5.15 (bsc#1196016):
* 10.5.15: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668
CVE-2021-46663
* 10.5.14: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048
CVE-2021-46659, bsc#1195339
- The following issues have already been fixed in this package but weren't
previously mentioned in the changes file: CVE-2021-46658, bsc#1195334
CVE-2021-46657, bsc#1195325
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-731=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
mariadb-galera-10.5.15-150300.3.15.1
References:
https://www.suse.com/security/cve/CVE-2021-46657.html
https://www.suse.com/security/cve/CVE-2021-46658.html
https://www.suse.com/security/cve/CVE-2021-46659.html
https://www.suse.com/security/cve/CVE-2021-46661.html
https://www.suse.com/security/cve/CVE-2021-46663.html
https://www.suse.com/security/cve/CVE-2021-46664.html
https://www.suse.com/security/cve/CVE-2021-46665.html
https://www.suse.com/security/cve/CVE-2021-46668.html
https://www.suse.com/security/cve/CVE-2022-24048.html
https://www.suse.com/security/cve/CVE-2022-24050.html
https://www.suse.com/security/cve/CVE-2022-24051.html
https://www.suse.com/security/cve/CVE-2022-24052.html
https://bugzilla.suse.com/1195325
https://bugzilla.suse.com/1195334
https://bugzilla.suse.com/1195339
https://bugzilla.suse.com/1196016
1
0
SUSE-SU-2022:1465-1: important: Security update for libslirp
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for libslirp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1465-1
Rating: important
References: #1187364 #1187366 #1187367 #1198773
Cross-References: CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
CVSS scores:
CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for libslirp fixes the following issues:
- CVE-2021-3592: Fixed invalid pointer initialization may lead to
information disclosure (bootp) (bsc#1187364).
- CVE-2021-3594: Fixed invalid pointer initialization may lead to
information disclosure (udp) (bsc#1187367).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to
information disclosure (tftp) (bsc#1187366).
- Fix a dhcp regression [bsc#1198773]
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1465=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1465=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-1465=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1465=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1465=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1465=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
References:
https://www.suse.com/security/cve/CVE-2021-3592.html
https://www.suse.com/security/cve/CVE-2021-3594.html
https://www.suse.com/security/cve/CVE-2021-3595.html
https://bugzilla.suse.com/1187364
https://bugzilla.suse.com/1187366
https://bugzilla.suse.com/1187367
https://bugzilla.suse.com/1198773
1
0
SUSE-SU-2022:1461-1: important: Security update for nodejs12
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1461-1
Rating: important
References: #1194819 #1196877 #1197283 #1198247
Cross-References: CVE-2021-44906 CVE-2021-44907 CVE-2022-0235
CVE-2022-0778
CVSS scores:
CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-44907 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44907 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-0235 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
CVE-2022-0778 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0778 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs12 fixes the following issues:
- CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when
parsing certificates (bsc#1196877).
- CVE-2021-44906: Fixed a prototype pollution in node-minimist
(bsc#1198247).
- CVE-2021-44907: Fixed a potential Denial of Service vulnerability in
node-qs (bsc#1197283).
- CVE-2022-0235: Fixed an exposure of sensitive information to an
unauthorized actor in node-fetch (bsc#1194819).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1461=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1461=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1461=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1461=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1461=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1461=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1461=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1461=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1461=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1461=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1461=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1461=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- openSUSE Leap 15.4 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Manager Server 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Manager Proxy 4.1 (x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Manager Proxy 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Enterprise Storage 7 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
References:
https://www.suse.com/security/cve/CVE-2021-44906.html
https://www.suse.com/security/cve/CVE-2021-44907.html
https://www.suse.com/security/cve/CVE-2022-0235.html
https://www.suse.com/security/cve/CVE-2022-0778.html
https://bugzilla.suse.com/1194819
https://bugzilla.suse.com/1196877
https://bugzilla.suse.com/1197283
https://bugzilla.suse.com/1198247
1
0
SUSE-SU-2022:1462-1: important: Security update for nodejs14
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for nodejs14
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1462-1
Rating: important
References: #1194819 #1196877 #1197283 #1198247
Cross-References: CVE-2021-44906 CVE-2021-44907 CVE-2022-0235
CVE-2022-0778
CVSS scores:
CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-44907 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44907 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-0235 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
CVE-2022-0778 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0778 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs14 fixes the following issues:
- CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when
parsing certificates (bsc#1196877).
- CVE-2021-44906: Fixed a prototype pollution in node-minimist
(bsc#1198247).
- CVE-2021-44907: Fixed a potential Denial of Service vulnerability in
node-qs (bsc#1197283).
- CVE-2022-0235: Fixed an exposure of sensitive information to an
unauthorized actor in node-fetch (bsc#1194819).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1462=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1462=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1462=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1462=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1462=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1462=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1462=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1462=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1462=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1462=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1462=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1462=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack14-14.19.1-150200.15.31.1
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- openSUSE Leap 15.4 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Manager Server 4.1 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Manager Proxy 4.1 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Proxy 4.1 (x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Enterprise Storage 7 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
References:
https://www.suse.com/security/cve/CVE-2021-44906.html
https://www.suse.com/security/cve/CVE-2021-44907.html
https://www.suse.com/security/cve/CVE-2022-0235.html
https://www.suse.com/security/cve/CVE-2022-0778.html
https://bugzilla.suse.com/1194819
https://bugzilla.suse.com/1196877
https://bugzilla.suse.com/1197283
https://bugzilla.suse.com/1198247
1
0
SUSE-SU-2022:1454-1: moderate: Security update for python-pip
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for python-pip
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1454-1
Rating: moderate
References: #1176262 #1195831 SLE-18038
Cross-References: CVE-2019-20916
CVSS scores:
CVE-2019-20916 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2019-20916 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability, contains one
feature and has one errata is now available.
Description:
This update for python-pip fixes the following issues:
- Add wheel subpackage with the generated wheel for this package
(bsc#1176262, CVE-2019-20916).
- Make wheel a separate build run to avoid the setuptools/wheel build
cycle.
- Switch this package to use update-alternatives for all files in
%{_bindir} so it doesn't collide with the versions on "the latest"
versions of Python interpreter (jsc#SLE-18038, bsc#1195831).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1454=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1454=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1454=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-1454=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1454=1
Package List:
- openSUSE Leap 15.4 (noarch):
python2-pip-20.0.2-150100.6.18.1
- openSUSE Leap 15.3 (noarch):
python2-pip-20.0.2-150100.6.18.1
python3-pip-20.0.2-150100.6.18.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
python3-pip-20.0.2-150100.6.18.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (noarch):
python2-pip-20.0.2-150100.6.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-pip-20.0.2-150100.6.18.1
References:
https://www.suse.com/security/cve/CVE-2019-20916.html
https://bugzilla.suse.com/1176262
https://bugzilla.suse.com/1195831
1
0
SUSE-SU-2022:1446-1: moderate: Security update for python-paramiko
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for python-paramiko
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1446-1
Rating: moderate
References: #1197279
Cross-References: CVE-2022-24302
CVSS scores:
CVE-2022-24302 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-24302 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-paramiko fixes the following issues:
- CVE-2022-24302: Fixed a race condition between creation and chmod when
writing private keys. (bsc#1197279)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1446=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1446=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1446=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-1446=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1446=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1446=1
Package List:
- openSUSE Leap 15.4 (noarch):
python-paramiko-doc-2.4.2-150100.6.12.1
python2-paramiko-2.4.2-150100.6.12.1
python3-paramiko-2.4.2-150100.6.12.1
- openSUSE Leap 15.3 (noarch):
python-paramiko-doc-2.4.2-150100.6.12.1
python2-paramiko-2.4.2-150100.6.12.1
python3-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
python3-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (noarch):
python2-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-paramiko-2.4.2-150100.6.12.1
References:
https://www.suse.com/security/cve/CVE-2022-24302.html
https://bugzilla.suse.com/1197279
1
0
28 Apr '22
SUSE Security Update: Security update for glib2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1455-1
Rating: low
References: #1183533
Cross-References: CVE-2021-28153
CVSS scores:
CVE-2021-28153 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-28153 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for glib2 fixes the following issues:
- CVE-2021-28153: Fixed an issue where symlink targets would be
incorrectly created as empty files (bsc#1183533).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1455=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1455=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1455=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1455=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1455=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1455=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1455=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
glib2-tests-2.62.6-150200.3.9.1
glib2-tests-debuginfo-2.62.6-150200.3.9.1
libgio-fam-2.62.6-150200.3.9.1
libgio-fam-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.4 (x86_64):
libgio-fam-32bit-2.62.6-150200.3.9.1
libgio-fam-32bit-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-devel-2.62.6-150200.3.9.1
glib2-devel-debuginfo-2.62.6-150200.3.9.1
glib2-devel-static-2.62.6-150200.3.9.1
glib2-tests-2.62.6-150200.3.9.1
glib2-tests-debuginfo-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgio-fam-2.62.6-150200.3.9.1
libgio-fam-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-2.62.6-150200.3.9.1
libgthread-2_0-0-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.3 (x86_64):
glib2-devel-32bit-2.62.6-150200.3.9.1
glib2-devel-32bit-debuginfo-2.62.6-150200.3.9.1
glib2-tools-32bit-2.62.6-150200.3.9.1
glib2-tools-32bit-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgio-fam-32bit-2.62.6-150200.3.9.1
libgio-fam-32bit-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-32bit-2.62.6-150200.3.9.1
libgthread-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.3 (noarch):
gio-branding-upstream-2.62.6-150200.3.9.1
glib2-lang-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
glib2-lang-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-devel-2.62.6-150200.3.9.1
glib2-devel-debuginfo-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-2.62.6-150200.3.9.1
libgthread-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-devel-2.62.6-150200.3.9.1
glib2-devel-debuginfo-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-2.62.6-150200.3.9.1
libgthread-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libgio-2_0-0-32bit-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
glib2-lang-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
References:
https://www.suse.com/security/cve/CVE-2021-28153.html
https://bugzilla.suse.com/1183533
1
0
SUSE-SU-2022:1437-1: moderate: Security update for buildah
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for buildah
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1437-1
Rating: moderate
References: #1197870
Cross-References: CVE-2022-27651
CVSS scores:
CVE-2022-27651 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-27651 (SUSE): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for buildah fixes the following issues:
- CVE-2022-27651: Fixed incorrect default inheritable capabilities for
linux container (bsc#1197870).
Update to version 1.25.1.
The following non-security bugs were fixed:
- add workaround for https://bugzilla.opensuse.org/show_bug.cgi?id=1183043
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1437=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-1437=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
buildah-1.25.1-150300.8.6.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
buildah-1.25.1-150300.8.6.1
References:
https://www.suse.com/security/cve/CVE-2022-27651.html
https://bugzilla.suse.com/1197870
1
0
SUSE-SU-2022:1435-1: important: Security update for firewalld, golang-github-prometheus-prometheus
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for firewalld, golang-github-prometheus-prometheus
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1435-1
Rating: important
References: #1196338 #1197042 SLE-24373 SLE-24374 SLE-24375
Cross-References: CVE-2022-21698
CVSS scores:
CVE-2022-21698 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-21698 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 6
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability, contains three
features and has one errata is now available.
Description:
This update for firewalld, golang-github-prometheus-prometheus fixes the
following issues:
Security fixes for golang-github-prometheus-prometheus:
- CVE-2022-21698: Denial of Service through unbounded cardinality, and
potential memory exhaustion, when handling requests with non-standard
HTTP methods (bsc#1196338).
Other non security changes for golang-github-prometheus-prometheus:
- Build `firewalld-prometheus-config` only for SUSE Linux Enterprise 15,
15-SP1 and 15-SP2, and require `firewalld`.
- Only recommends `firewalld-prometheus-config` as prometheus does not
require it to run.
- Create `firewalld-prometheus-config` subpackage (bsc#1197042,
jsc#SLE-24373, jsc#SLE-24374, jsc#SLE-24375)
Other non security changes for firewalld:
- Provide dummy `firewalld-prometheus-config` package (bsc#1197042)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1435=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1435=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-1435=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-1435=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-1435=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1435=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1435=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1435=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1435=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1435=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- openSUSE Leap 15.3 (noarch):
firewall-applet-0.9.3-150300.3.6.1
firewall-config-0.9.3-150300.3.6.1
firewall-macros-0.9.3-150300.3.6.1
firewalld-0.9.3-150300.3.6.1
firewalld-lang-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (aarch64 ppc64le s390x x86_64):
firewalld-prometheus-config-0.1-150100.4.9.2
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (noarch):
firewall-applet-0.9.3-150300.3.6.1
firewall-config-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
firewall-macros-0.9.3-150300.3.6.1
firewalld-0.9.3-150300.3.6.1
firewalld-lang-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
firewalld-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
firewalld-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
firewalld-prometheus-config-0.1-150100.4.9.2
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
References:
https://www.suse.com/security/cve/CVE-2022-21698.html
https://bugzilla.suse.com/1196338
https://bugzilla.suse.com/1197042
1
0
SUSE-SU-2022:1436-1: moderate: Security update for libaom
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for libaom
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1436-1
Rating: moderate
References: #1185778
Cross-References: CVE-2021-30473
CVSS scores:
CVE-2021-30473 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-30473 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libaom fixes the following issues:
- CVE-2021-30473: AOMedia in aom_image.c frees memory that is not located
on the heap (bsc#1185778).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1436=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1436=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1436=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1436=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.4 (x86_64):
libaom0-32bit-1.0.0-150200.3.12.1
libaom0-32bit-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
aom-tools-1.0.0-150200.3.12.1
aom-tools-debuginfo-1.0.0-150200.3.12.1
libaom-debugsource-1.0.0-150200.3.12.1
libaom-devel-1.0.0-150200.3.12.1
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.3 (x86_64):
libaom0-32bit-1.0.0-150200.3.12.1
libaom0-32bit-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.3 (noarch):
libaom-devel-doc-1.0.0-150200.3.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libaom-debugsource-1.0.0-150200.3.12.1
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libaom-debugsource-1.0.0-150200.3.12.1
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
References:
https://www.suse.com/security/cve/CVE-2021-30473.html
https://bugzilla.suse.com/1185778
1
0
SUSE-SU-2022:1431-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1431-1
Rating: important
References: #1196133 #1198290
Cross-References: CVE-2022-22594 CVE-2022-22624 CVE-2022-22628
CVE-2022-22629 CVE-2022-22637
CVSS scores:
CVE-2022-22594 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-22594 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-22624 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-22628 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-22629 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-22637 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for webkit2gtk3 fixes the following issues:
Update to version 2.36.0 (bsc#1198290):
- CVE-2022-22624: Fixed use after free that may lead to arbitrary code
execution.
- CVE-2022-22628: Fixed use after free that may lead to arbitrary code
execution.
- CVE-2022-22629: Fixed a buffer overflow that may lead to arbitrary code
execution.
- CVE-2022-22637: Fixed an unexpected cross-origin behavior due to a logic
error.
Missing CVE reference for the update to 2.34.6 (bsc#1196133):
- CVE-2022-22594: Fixed a cross-origin issue in the IndexDB API.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1431=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1431=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1431=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1431=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1431=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1431=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1431=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1431=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1431=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1431=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1431=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1431=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1431=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1431=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1431=1
Package List:
- openSUSE Leap 15.4 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit-jsc-4-2.36.0-150200.32.1
webkit-jsc-4-debuginfo-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
webkit2gtk3-minibrowser-2.36.0-150200.32.1
webkit2gtk3-minibrowser-debuginfo-2.36.0-150200.32.1
- openSUSE Leap 15.3 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-32bit-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-32bit-debuginfo-2.36.0-150200.32.1
- openSUSE Leap 15.3 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Manager Server 4.1 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Manager Proxy 4.1 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Proxy 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Enterprise Storage 7 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
References:
https://www.suse.com/security/cve/CVE-2022-22594.html
https://www.suse.com/security/cve/CVE-2022-22624.html
https://www.suse.com/security/cve/CVE-2022-22628.html
https://www.suse.com/security/cve/CVE-2022-22629.html
https://www.suse.com/security/cve/CVE-2022-22637.html
https://bugzilla.suse.com/1196133
https://bugzilla.suse.com/1198290
1
0
SUSE-SU-2022:1430-1: important: Security update for cifs-utils
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for cifs-utils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1430-1
Rating: important
References: #1197216
Cross-References: CVE-2022-27239
CVSS scores:
CVE-2022-27239 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option
(bsc#1197216).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1430=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1430=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1430=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1430=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1430=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1430=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1430=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1430=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1430=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1430=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1430=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1430=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1430=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1430=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1430=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
pam_cifscreds-6.9-150100.5.15.1
pam_cifscreds-debuginfo-6.9-150100.5.15.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Manager Proxy 4.1 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE CaaS Platform 4.0 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
References:
https://www.suse.com/security/cve/CVE-2022-27239.html
https://bugzilla.suse.com/1197216
1
0
27 Apr '22
SUSE Security Update: Security update for ant
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1418-1
Rating: moderate
References: #1188468 #1188469
Cross-References: CVE-2021-36373 CVE-2021-36374
CVSS scores:
CVE-2021-36373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-36373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-36374 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-36374 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for ant fixes the following issues:
- CVE-2021-36373: Fixed an excessive memory allocation when reading a
specially crafted TAR archive (bsc#1188468).
- CVE-2021-36374: Fixed an excessive memory allocation when reading a
specially crafted ZIP archive (bsc#1188469).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1418=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1418=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1418=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1418=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1418=1
Package List:
- openSUSE Leap 15.4 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-apache-xalan2-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-commons-net-1.10.7-150200.4.6.1
ant-imageio-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-jsch-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-junit5-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
ant-testutil-1.10.7-150200.4.6.1
ant-xz-1.10.7-150200.4.6.1
- openSUSE Leap 15.3 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-apache-xalan2-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-commons-net-1.10.7-150200.4.6.1
ant-imageio-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-jsch-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-junit5-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
ant-testutil-1.10.7-150200.4.6.1
ant-xz-1.10.7-150200.4.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
References:
https://www.suse.com/security/cve/CVE-2021-36373.html
https://www.suse.com/security/cve/CVE-2021-36374.html
https://bugzilla.suse.com/1188468
https://bugzilla.suse.com/1188469
1
0
SUSE-SU-2022:1411-1: moderate: Security update for go1.17
by opensuse-security@opensuse.org 26 Apr '22
by opensuse-security@opensuse.org 26 Apr '22
26 Apr '22
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1411-1
Rating: moderate
References: #1190649 #1198423 #1198424
Cross-References: CVE-2022-24675 CVE-2022-28327
CVSS scores:
CVE-2022-24675 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28327 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for go1.17 fixes the following issues:
- Updated to version 1.17.9 (bsc#1190649):
- CVE-2022-24675: Fixed a stack overflow via crafted PEM file
(bsc#1198423).
- CVE-2022-28327: Fixed a potential panic when using big P-256 scalars
in the crypto/elliptic module (bsc#1198424).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1411=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1411=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1411=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1411=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1411=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
go1.17-race-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
References:
https://www.suse.com/security/cve/CVE-2022-24675.html
https://www.suse.com/security/cve/CVE-2022-28327.html
https://bugzilla.suse.com/1190649
https://bugzilla.suse.com/1198423
https://bugzilla.suse.com/1198424
1
0
SUSE-SU-2022:1410-1: moderate: Security update for go1.18
by opensuse-security@opensuse.org 26 Apr '22
by opensuse-security@opensuse.org 26 Apr '22
26 Apr '22
SUSE Security Update: Security update for go1.18
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1410-1
Rating: moderate
References: #1183043 #1193742 #1198423 #1198424 #1198427
Cross-References: CVE-2022-24675 CVE-2022-27536 CVE-2022-28327
CVSS scores:
CVE-2022-24675 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27536 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28327 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has two
fixes is now available.
Description:
This update for go1.18 fixes the following issues:
- CVE-2022-24675: Fixed a stack overlow in Decode() in encoding/pem
(bsc#1198423).
- CVE-2022-28327: Fixed a crash due to refused oversized scalars in
generic P-256 (bsc#1198424).
- CVE-2022-27536: Fixed a crash in Certificate.Verify in crypto/x509
(bsc#1198427).
Bump go1.18 (bsc#1193742)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1410=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1410=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1410=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1410=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
References:
https://www.suse.com/security/cve/CVE-2022-24675.html
https://www.suse.com/security/cve/CVE-2022-27536.html
https://www.suse.com/security/cve/CVE-2022-28327.html
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1193742
https://bugzilla.suse.com/1198423
https://bugzilla.suse.com/1198424
https://bugzilla.suse.com/1198427
1
0
SUSE-SU-2022:1376-1: moderate: Security update for mutt
by opensuse-security@opensuse.org 25 Apr '22
by opensuse-security@opensuse.org 25 Apr '22
25 Apr '22
SUSE Security Update: Security update for mutt
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1376-1
Rating: moderate
References: #1198518
Cross-References: CVE-2022-1328
CVSS scores:
CVE-2022-1328 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-1328 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for mutt fixes the following issues:
- CVE-2022-1328: Fixed an invalid memory access when reading untrusted
uuencoded data. This could result in including private memory in replies
(bsc#1198518).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1376=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1376=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1376=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1376=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1376=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- openSUSE Leap 15.4 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- openSUSE Leap 15.3 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
References:
https://www.suse.com/security/cve/CVE-2022-1328.html
https://bugzilla.suse.com/1198518
1
0
SUSE-SU-2022:1396-1: moderate: Security update for SUSE Manager Client Tools
by opensuse-security@opensuse.org 25 Apr '22
by opensuse-security@opensuse.org 25 Apr '22
25 Apr '22
SUSE Security Update: Security update for SUSE Manager Client Tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1396-1
Rating: moderate
References: #1181400 #1194363 #1194873 #1194909 #1195726
#1195727 #1195728 #1197579 SLE-23051 SLE-23422
SLE-23439
Cross-References: CVE-2021-36222 CVE-2021-3711 CVE-2021-39226
CVE-2021-41174 CVE-2021-41244 CVE-2021-43798
CVE-2021-43813 CVE-2021-43815 CVE-2022-21673
CVE-2022-21702 CVE-2022-21703 CVE-2022-21713
CVSS scores:
CVE-2021-36222 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-36222 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3711 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3711 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-39226 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-39226 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-41174 (NVD) : 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41174 (SUSE): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41244 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-41244 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-43798 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43798 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43813 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43813 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21673 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21673 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21702 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2022-21702 (SUSE): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
CVE-2022-21703 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-21703 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-21713 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise Module for SUSE Manager Server 4.2
SUSE Manager Server 4.2
SUSE Manager Tools 15
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 12 vulnerabilities, contains three
features is now available.
Description:
This update fixes the following issues:
grafana:
- Update from version 7.5.12 to version 8.3.5 (jsc#SLE-23439,
jsc#SLE-23422)
+ Security:
* Fixes XSS vulnerability in handling data sources (bsc#1195726,
CVE-2022-21702)
* Fixes cross-origin request forgery vulnerability (bsc#1195727,
CVE-2022-21703)
* Fixes Insecure Direct Object Reference vulnerability in Teams API
(bsc#1195728, CVE-2022-21713)
- Update to Go 1.17.
- Add build-time dependency on `wire`.
- Update license to GNU Affero General Public License v3.0.
- Update to version 8.3.4
* GetUserInfo: return an error if no user was found (bsc#1194873,
CVE-2022-21673)
+ Features and enhancements:
* Alerting: Allow configuration of non-ready alertmanagers.
* Alerting: Allow customization of Google chat message.
* AppPlugins: Support app plugins with only default nav.
* InfluxDB: query editor: skip fields in metadata queries.
* Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels
query in grafana.
* Prometheus: Forward oauth tokens after prometheus datasource
migration.
+ Bug fixes:
* Azure Monitor: Bug fix for variable interpolations in metrics
dropdowns.
* Azure Monitor: Improved error messages for variable queries.
* CloudMonitoring: Fixes broken variable queries that use group bys.
* Configuration: You can now see your expired API keys if you have no
active ones.
* Elasticsearch: Fix handling multiple datalinks for a single field.
* Export: Fix error being thrown when exporting dashboards using query
variables that reference the default datasource.
* ImportDashboard: Fixes issue with importing dashboard and name
ending up in uid.
* Login: Page no longer overflows on mobile.
* Plugins: Set backend metadata property for core plugins.
* Prometheus: Fill missing steps with null values.
* Prometheus: Fix interpolation of $__rate_interval variable.
* Prometheus: Interpolate variables with curly brackets syntax.
* Prometheus: Respect the http-method data source setting.
* Table: Fixes issue with field config applied to wrong fields when
hiding columns.
* Toolkit: Fix bug with rootUrls not being properly parsed when
signing a private plugin.
* Variables: Fix so data source variables are added to adhoc
configuration.
+ Plugin development fixes & changes:
* Toolkit: Revert build config so tslib is bundled with plugins to
prevent plugins from crashing.
- Update to version 8.3.3:
* BarChart: Use new data error view component to show actions in panel
edit.
* CloudMonitor: Iterate over pageToken for resources.
* Macaron: Prevent WriteHeader invalid HTTP status code panic.
* AnnoListPanel: Fix interpolation of variables in tags.
* CloudWatch: Allow queries to have no dimensions specified.
* CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5
to 8.3.0.
* CloudWatch: Make sure MatchExact flag gets the right value.
* Dashboards: Fix so that empty folders can be deleted from the manage
dashboards/folders page.
* InfluxDB: Improve handling of metadata query errors in InfluxQL.
* Loki: Fix adding of ad hoc filters for queries with parser and
line_format expressions.
* Prometheus: Fix running of exemplar queries for non-histogram
metrics.
* Prometheus: Interpolate template variables in interval.
* StateTimeline: Fix toolitp not showing when for frames with multiple
fields.
* TraceView: Fix virtualized scrolling when trace view is
opened in right pane in Explore.
* Variables: Fix repeating panels for on time range changed variables.
* Variables: Fix so queryparam option works for scoped
- Update to version 8.3.2
+ Security: Fixes CVE-2021-43813 and CVE-2021-43815.
- Update to version 8.3.1
+ Security: Fixes CVE-2021-43798.
- Update to version 8.3.0
* Alerting: Prevent folders from being deleted when they contain
alerts.
* Alerting: Show full preview value in tooltip.
* BarGauge: Limit title width when name is really long.
* CloudMonitoring: Avoid to escape regexps in filters.
* CloudWatch: Add support for AWS Metric Insights.
* TooltipPlugin: Remove other panels' shared tooltip in edit panel.
* Visualizations: Limit y label width to 40% of visualization width.
* Alerting: Clear alerting rule evaluation errors after intermittent
failures.
* Alerting: Fix refresh on legacy Alert List panel.
* Dashboard: Fix queries for panels with non-integer widths.
* Explore: Fix url update inconsistency.
* Prometheus: Fix range variables interpolation for time ranges
smaller than 1 second.
* ValueMappings: Fixes issue with regex value mapping that only sets
color.
- Update to version 8.3.0-beta2
+ Breaking changes:
* Grafana 8 Alerting enabled by default for installations that do not
use legacy alerting.
* Keep Last State for "If execution error or timeout" when upgrading
to Grafana 8 alerting.
* Alerting: Create DatasourceError alert if evaluation returns error.
* Alerting: Make Unified Alerting enabled by default for those who do
not use legacy alerting.
* Alerting: Support mute timings configuration through the api for the
embedded alert manager.
* CloudWatch: Add missing AWS/Events metrics.
* Docs: Add easier to find deprecation notices to certain data sources
and to the changelog.
* Plugins Catalog: Enable install controls based on the
pluginAdminEnabled flag.
* Table: Add space between values for the DefaultCell and JSONViewCell.
* Tracing: Make query editors available in dashboard for Tempo and
Zipkin.
* AccessControl: Renamed orgs roles, removed fixed:orgs:reader
introduced in beta1.
* Azure Monitor: Add trap focus for modals in grafana/ui and
other small a11y fixes for Azure Monitor.
* CodeEditor: Prevent suggestions from being clipped.
* Dashboard: Fix cache timeout persistence.
* Datasource: Fix stable sort order of query responses.
* Explore: Fix error in query history when removing last item.
* Logs: Fix requesting of older logs when flipped order.
* Prometheus: Fix running of health check query based on access mode.
* TextPanel: Fix suggestions for existing panels.
* Tracing: Fix incorrect indentations due to reoccurring spanIDs.
* Tracing: Show start time of trace with milliseconds precision.
* Variables: Make renamed or missing variable section expandable.
* Select: Select menus now properly scroll during keyboard navigation.
- Update to version 8.3.0-beta1
* Alerting: Add UI for contact point testing with custom annotations
and labels.
* Alerting: Make alert state indicator in panel header work with
Grafana 8 alerts.
* Alerting: Option for Discord notifier to use webhook name.
* Annotations: Deprecate AnnotationsSrv.
* Auth: Omit all base64 paddings in JWT tokens for the JWT auth.
* Azure Monitor: Clean up fields when editing Metrics.
* AzureMonitor: Add new starter dashboards.
* AzureMonitor: Add starter dashboard for app monitoring with
Application Insights.
* Barchart/Time series: Allow x axis label.
* CLI: Improve error handling for installing plugins.
* CloudMonitoring: Migrate to use backend plugin SDK contracts.
* CloudWatch Logs: Add retry strategy for hitting max concurrent
queries.
* CloudWatch: Add AWS RoboMaker metrics and dimension.
* CloudWatch: Add AWS Transfer metrics and dimension.
* Dashboard: replace datasource name with a reference object.
* Dashboards: Show logs on time series when hovering.
* Elasticsearch: Add support for Elasticsearch 8.0 (Beta).
* Elasticsearch: Add time zone setting to Date Histogram aggregation.
* Elasticsearch: Enable full range log volume histogram.
* Elasticsearch: Full range logs volume.
* Explore: Allow changing the graph type.
* Explore: Show ANSI colors when highlighting matched words in the
logs panel.
* Graph(old) panel: Listen to events from Time series panel.
* Import: Load gcom dashboards from URL.
* LibraryPanels: Improves export and import of library panels between
orgs.
* OAuth: Support PKCE.
* Panel edit: Overrides now highlight correctly when searching.
* PanelEdit: Display drag indicators on draggable sections.
* Plugins: Refactor Plugin Management.
* Prometheus: Add custom query parameters when creating PromLink url.
* Prometheus: Remove limits on metrics, labels, and values in Metrics
Browser.
* StateTimeline: Share cursor with rest of the panels.
* Tempo: Add error details when json upload fails.
* Tempo: Add filtering for service graph query.
* Tempo: Add links to nodes in Service Graph pointing to Prometheus
metrics.
* Time series/Bar chart panel: Add ability to sort series via legend.
* TimeSeries: Allow multiple axes for the same unit.
* TraceView: Allow span links defined on dataFrame.
* Transformations: Support a rows mode in labels to fields.
* ValueMappings: Don't apply field config defaults to time fields.
* Variables: Only update panels that are impacted by variable change.
* API: Fix dashboard quota limit for imports.
* Alerting: Fix rule editor issues with Azure Monitor data source.
* Azure monitor: Make sure alert rule editor is not enabled when
template variables are being used.
* CloudMonitoring: Fix annotation queries.
* CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor.
* Dashboard: Remove the current panel from the list of options in the
Dashboard datasource.
* Encryption: Fix decrypting secrets in alerting migration.
* InfluxDB: Fix corner case where index is too large in ALIAS
* NavBar: Order App plugins alphabetically.
* NodeGraph: Fix zooming sensitivity on touchpads.
* Plugins: Add OAuth pass-through logic to api/ds/query endpoint.
* Snapshots: Fix panel inspector for snapshot data.
* Tempo: Fix basic auth password reset on adding tag.
* ValueMapping: Fixes issue with regex mappings.
* grafana/ui: Enable slider marks display.
- Update to version 8.2.7
- Update to version 8.2.6
* Security: Upgrade Docker base image to Alpine 3.14.3.
* Security: Upgrade Go to 1.17.2.
* TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated
series.
- Update to version 8.2.5
* Fix No Data behaviour in Legacy Alerting.
* Alerting: Fix a bug where the metric in the evaluation string was
not correctly populated.
* Alerting: Fix no data behaviour in Legacy Alerting for alert rules
using the AND operator.
* CloudMonitoring: Ignore min and max aggregation in MQL queries.
* Dashboards: 'Copy' is no longer added to new dashboard titles.
* DataProxy: Fix overriding response body when response is a WebSocket
upgrade.
* Elasticsearch: Use field configured in query editor as field for
date_histogram aggregations.
* Explore: Fix running queries without a datasource property set.
* InfluxDB: Fix numeric aliases in queries.
* Plugins: Ensure consistent plugin settings list response.
* Tempo: Fix validation of float durations.
* Tracing: Correct tags for each span are shown.
- Update to version 8.2.4
+ Security: Fixes CVE-2021-41244.
- Update to version 8.2.3
+ Security: Fixes CVE-2021-41174.
- Update to version 8.2.2
* Annotations: We have improved tag search performance.
* Application: You can now configure an error-template title.
* AzureMonitor: We removed a restriction from the resource filter
query.
* Packaging: We removed the ProcSubset option in systemd. This
option prevented Grafana from starting in LXC environments.
* Prometheus: We removed the autocomplete limit for metrics.
* Table: We improved the styling of the type icons to make them more
distinct from column / field name.
* ValueMappings: You can now use value mapping in stat, gauge, bar
gauge, and pie chart visualizations.
* Alerting: Fix panic when Slack's API sends unexpected response.
* Alerting: The Create Alert button now appears on the dashboard panel
when you are working with a default datasource.
* Explore: We fixed the problem where the Explore log panel disappears
when an Elasticsearch logs query returns no results.
* Graph: You can now see annotation descriptions on hover.
* Logs: The system now uses the JSON parser only if the line is parsed
to an object.
* Prometheus: We fixed the issue where the system did not reuse TCP
connections when querying from Grafana alerting.
* Prometheus: We fixed the problem that resulted in an error when a
user created a query with a $__interval min step.
* RowsToFields: We fixed the issue where the system was not properly
interpreting number values.
* Scale: We fixed how the system handles NaN percent when data min =
data max.
* Table panel: You can now create a filter that includes special
characters.
- Update to version 8.2.1
* Dashboard: Fix rendering of repeating panels.
* Datasources: Fix deletion of data source if plugin is not found.
* Packaging: Remove systemcallfilters sections from systemd unit files.
* Prometheus: Add Headers to HTTP client options.
- Update to version 8.2.0
* AWS: Updated AWS authentication documentation.
* Alerting: Added support Alertmanager data source for upstream
Prometheus AM implementation.
* Alerting: Allows more characters in label names so notifications are
sent.
* Alerting: Get alert rules for a dashboard or a panel using
/api/v1/rules endpoints.
* Annotations: Improved rendering performance of event markers.
* CloudWatch Logs: Skip caching for log queries.
* Explore: Added an opt-in configuration for Node Graph in Jaeger,
Zipkin, and Tempo.
* Packaging: Add stricter systemd unit options.
* Prometheus: Metrics browser can now handle label values with
* CodeEditor: Ensure that we trigger the latest onSave callback
provided to the component.
* DashboardList/AlertList: Fix for missing All folder value.
* Plugins: Create a mock icon component to prevent console errors.
- Update to version 8.2.0-beta2
* AccessControl: Document new permissions restricting data source
access.
* TimePicker: Add fiscal years and search to time picker.
* Alerting: Added support for Unified Alerting with Grafana HA.
* Alerting: Added support for tune rule evaluation using configuration
options.
* Alerting: Cleanups alertmanager namespace from key-value store when
disabling Grafana 8 alerts.
* Alerting: Remove ngalert feature toggle and introduce two new
settings for enabling Grafana 8 alerts and disabling them for
specific organisations.
* CloudWatch: Introduced new math expression where it is necessary to
specify the period field.
* InfluxDB: Added support for $__interval and $__interval_ms in Flux
queries for alerting.
* InfluxDB: Flux queries can use more precise start and end timestamps
with nanosecond-precision.
* Plugins Catalog: Make the catalog the default way to interact with
plugins.
* Prometheus: Removed autocomplete limit for metrics.
* Alerting: Fixed an issue where the edit page crashes if you tried to
preview an alert without a condition set.
* Alerting: Fixed rules migration to keep existing Grafana 8 alert
rules.
* Alerting: Fixed the silence file content generated during
* Analytics: Fixed an issue related to interaction event propagation
in Azure Application Insights.
* BarGauge: Fixed an issue where the cell color was lit even though
there was no data.
* BarGauge: Improved handling of streaming data.
* CloudMonitoring: Fixed INT64 label unmarshal error.
* ConfirmModal: Fixes confirm button focus on modal open.
* Dashboard: Add option to generate short URL for variables with
values containing spaces.
* Explore: No longer hides errors containing refId property.
* Fixed an issue that produced State timeline panel tooltip error when
data was not in sync.
* InfluxDB: InfluxQL query editor is set to always use resultFormat.
* Loki: Fixed creating context query for logs with parsed labels.
* PageToolbar: Fixed alignment of titles.
* Plugins Catalog: Update to the list of available panels after an
install, update or uninstall.
* TimeSeries: Fixed an issue where the shared cursor was not showing
when hovering over in old Graph panel.
* Variables: Fixed issues related to change of focus or refresh pages
when pressing enter in a text box variable input.
* Variables: Panel no longer crash when using the adhoc variable in
data links.
- Update to version 8.2.0-beta1
* AccessControl: Introduce new permissions to restrict access for
reloading provisioning configuration.
* Alerting: Add UI to edit Cortex/Loki namespace, group names, and
group evaluation interval.
* Alerting: Add a Test button to test contact point.
* Alerting: Allow creating/editing recording rules for Loki and Cortex.
* Alerting: Metrics should have the label org instead of user.
* Alerting: Sort notification channels by name to make them easier to
locate.
* Alerting: Support org level isolation of notification
* AzureMonitor: Add data links to deep link to Azure Portal Azure
Resource Graph.
* AzureMonitor: Add support for annotations from Azure Monitor Metrics
and Azure Resource Graph services.
* AzureMonitor: Show error message when subscriptions request fails in
ConfigEditor.
* Chore: Update to Golang 1.16.7.
* CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs.
* CloudWatch Logs: Disable query path using websockets (Live) feature.
* CloudWatch/Logs: Don't group dataframes for non time series
* Cloudwatch: Migrate queries that use multiple stats to one query per
stat.
* Dashboard: Keep live timeseries moving left (v2).
* Datasources: Introduce response_limit for datasource responses.
* Explore: Add filter by trace or span ID to trace to logs
* Explore: Download traces as JSON in Explore Inspector.
* Explore: Reuse Dashboard's QueryRows component.
* Explore: Support custom display label for derived fields buttons for
Loki datasource.
* Grafana UI: Update monaco-related dependencies.
* Graphite: Deprecate browser access mode.
* InfluxDB: Improve handling of intervals in alerting.
* InfluxDB: InfluxQL query editor: Handle unusual characters in tag
values better.
* Jaeger: Add ability to upload JSON file for trace data.
* LibraryElements: Enable specifying UID for new and existing library
elements.
* LibraryPanels: Remove library panel icon from the panel header so
you can no longer tell that a panel is a library panel from the
dashboard view.
* Logs panel: Scroll to the bottom on page refresh when sorting in
ascending order.
* Loki: Add fuzzy search to label browser.
* Navigation: Implement active state for items in the Sidemenu.
* Packaging: Update PID file location from /var/run to /run.
* Plugins: Add Hide OAuth Forward config option.
* Postgres/MySQL/MSSQL: Add setting to limit the maximum number
of rows processed.
* Prometheus: Add browser access mode deprecation warning.
* Prometheus: Add interpolation for built-in-time variables to backend.
* Tempo: Add ability to upload trace data in JSON format.
* TimeSeries/XYChart: Allow grid lines visibility control in XYChart
and TimeSeries panels.
* Transformations: Convert field types to time string number or
boolean.
* Value mappings: Add regular-expression based value mapping.
* Zipkin: Add ability to upload trace JSON.
* Admin: Prevent user from deleting user's current/active
organization.
* LibraryPanels: Fix library panel getting saved in the dashboard's
folder.
* OAuth: Make generic teams URL and JMES path configurable.
* QueryEditor: Fix broken copy-paste for mouse middle-click
* Thresholds: Fix undefined color in "Add threshold".
* Timeseries: Add wide-to-long, and fix multi-frame output.
* TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set
to All.
* Grafana UI: Fix TS error property css is missing in type.
- Update to version 8.1.8
- Update to version 8.1.7
* Alerting: Fix alerts with evaluation interval more than 30 seconds
resolving before notification.
* Elasticsearch/Prometheus: Fix usage of proper SigV4 service
namespace.
- Update to version 8.1.6
+ Security: Fixes CVE-2021-39226.
- Update to version 8.1.5
* BarChart: Fixes panel error that happens on second refresh.
- Update to version 8.1.4
+ Features and enhancements
* Explore: Ensure logs volume bar colors match legend colors.
* LDAP: Search all DNs for users.
* Alerting: Fix notification channel migration.
* Annotations: Fix blank panels for queries with unknown data sources.
* BarChart: Fix stale values and x axis labels.
* Graph: Make old graph panel thresholds work even if ngalert is
enabled.
* InfluxDB: Fix regex to identify / as separator.
* LibraryPanels: Fix update issues related to library panels in rows.
* Variables: Fix variables not updating inside a Panel when the
preceding Row uses "Repeat For".
- Update to version 8.1.3
+ Bug fixes
* Alerting: Fix alert flapping in the internal alertmanager.
* Alerting: Fix request handler failed to convert dataframe "results"
to plugins.DataTimeSeriesSlice: input frame is not recognized as a
time series.
* Dashboard: Fix UIDs are not preserved when importing/creating
dashboards thru importing .json file.
* Dashboard: Forces panel re-render when exiting panel edit.
* Dashboard: Prevent folder from changing when navigating to general
settings.
* Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix
CVE-2021-3711.
* Elasticsearch: Fix metric names for alert queries.
* Elasticsearch: Limit Histogram field parameter to numeric values.
* Elasticsearch: Prevent pipeline aggregations to show up in terms
order by options.
* LibraryPanels: Prevent duplicate repeated panels from being created.
* Loki: Fix ad-hoc filter in dashboard when used with parser.
* Plugins: Track signed files + add warn log for plugin assets which
are not signed.
* Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly.
* Prometheus: Fix validate selector in metrics browser.
* Security: Fix stylesheet injection vulnerability.
* Security: Fix short URL vulnerability.
- Update to version 8.1.2
* AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers.
* Datasource: Change HTTP status code for failed datasource health
check to 400.
* Explore: Add span duration to left panel in trace viewer.
* Plugins: Use file extension allowlist when serving plugin assets
instead of checking for UNIX executable.
* Profiling: Add support for binding pprof server to custom network
interfaces.
* Search: Make search icon keyboard navigable.
* Template variables: Keyboard navigation improvements.
* Tooltip: Display ms within minute time range.
* Alerting: Fix saving LINE contact point.
* Annotations: Fix alerting annotation coloring.
* Annotations: Alert annotations are now visible in the correct Panel.
* Auth: Hide SigV4 config UI and disable middleware when its config
flag is disabled.
* Dashboard: Prevent incorrect panel layout by comparing window width
against theme breakpoints.
* Explore: Fix showing of full log context.
* PanelEdit: Fix 'Actual' size by passing the correct panel size to
Dashboard.
* Plugins: Fix TLS datasource settings.
* Variables: Fix issue with empty drop downs on navigation.
* Variables: Fix URL util converting false into true.
* Toolkit: Fix matchMedia not found error.
- Update to version 8.1.1
* CloudWatch Logs: Fix crash when no region is selected.
- Update to version 8.1.0
* Alerting: Deduplicate receivers during migration.
* ColorPicker: Display colors as RGBA.
* Select: Make portalling the menu opt-in, but opt-in everywhere.
* TimeRangePicker: Improve accessibility.
* Annotations: Correct annotations that are displayed upon page
refresh.
* Annotations: Fix Enabled button that disappeared from Grafana v8.0.6.
* Annotations: Fix data source template variable that was not
available for annotations.
* AzureMonitor: Fix annotations query editor that does not load.
* Geomap: Fix scale calculations.
* GraphNG: Fix y-axis autosizing.
* Live: Display stream rate and fix duplicate channels in list
* Loki: Update labels in log browser when time range changes in
dashboard.
* NGAlert: Send resolve signal to alertmanager on alerting -> Normal.
* PasswordField: Prevent a password from being displayed when you
click the Enter button.
* Renderer: Remove debug.log file when Grafana is stopped.
* Security: Update dependencies to fix CVE-2021-36222.
- Update to version 8.1.0-beta3
* Alerting: Support label matcher syntax in alert rule list filter.
* IconButton: Put tooltip text as aria-label.
* Live: Experimental HA with Redis.
* UI: FileDropzone component.
* CloudWatch: Add AWS LookoutMetrics.
* Docker: Fix builds by delaying go mod verify until all required
files are copied over.
* Exemplars: Fix disable exemplars only on the query that failed.
* SQL: Fix SQL dataframe resampling (fill mode + time intervals).
- Update to version 8.1.0-beta2
* Alerting: Expand the value string in alert annotations and
* Auth: Add Azure HTTP authentication middleware.
* Auth: Auth: Pass user role when using the authentication proxy.
* Gazetteer: Update countries.json file to allow for linking to
3-letter country codes.
* Config: Fix Docker builds by correcting formatting in sample.ini.
* Explore: Fix encoding of internal URLs.
- Update to version 8.1.0-beta1
* Alerting: Add Alertmanager notifications tab.
* Alerting: Add button to deactivate current Alertmanager
* Alerting: Add toggle in Loki/Prometheus data source configuration to
opt out of alerting UI.
* Alerting: Allow any "evaluate for" value >=0 in the alert rule form.
* Alerting: Load default configuration from status endpoint, if Cortex
Alertmanager returns empty user configuration.
* Alerting: view to display alert rule and its underlying data.
* Annotation panel: Release the annotation panel.
* Annotations: Add typeahead support for tags in built-in annotations.
* AzureMonitor: Add curated dashboards for Azure services.
* AzureMonitor: Add support for deep links to Microsoft Azure portal
for Metrics.
* AzureMonitor: Remove support for different credentials for Azure
Monitor Logs.
* AzureMonitor: Support querying any Resource for Logs queries.
* Elasticsearch: Add frozen indices search support.
* Elasticsearch: Name fields after template variables values instead
of their name.
* Elasticsearch: add rate aggregation.
* Email: Allow configuration of content types for email notifications.
* Explore: Add more meta information when line limit is hit.
* Explore: UI improvements to trace view.
* FieldOverrides: Added support to change display name in an
override field and have it be matched by a later rule.
* HTTP Client: Introduce dataproxy_max_idle_connections config
variable.
* InfluxDB: InfluxQL: adds tags to timeseries data.
* InfluxDB: InfluxQL: make measurement search case insensitive. Legacy
Alerting: Replace simplejson with a struct in webhook notification
channel.
* Legend: Updates display name for Last (not null) to just Last*.
* Logs panel: Add option to show common labels.
* Loki: Add $__range variable.
* Loki: Add support for "label_values(log stream selector, label)" in
templating.
* Loki: Add support for ad-hoc filtering in dashboard.
* MySQL Datasource: Add timezone parameter.
* NodeGraph: Show gradient fields in legend.
* PanelOptions: Don't mutate panel options/field config object when
updating.
* PieChart: Make pie gradient more subtle to match other charts.
* Prometheus: Update PromQL typeahead and highlighting.
* Prometheus: interpolate variable for step field.
* Provisioning: Improve validation by validating across all dashboard
providers.
* SQL Datasources: Allow multiple string/labels columns with time
series.
* Select: Portal select menu to document.body.
* Team Sync: Add group mapping to support team sync in the Generic
OAuth provider.
* Tooltip: Make active series more noticeable.
* Tracing: Add support to configure trace to logs start and end time.
* Transformations: Skip merge when there is only a single data frame.
* ValueMapping: Added support for mapping text to color, boolean
values, NaN and Null. Improved UI for value mapping.
* Visualizations: Dynamically set any config (min, max, unit, color,
thresholds) from query results.
* live: Add support to handle origin without a value for the port when
matching with root_url.
* Alerting: Handle marshaling Inf values.
* AzureMonitor: Fix macro resolution for template variables.
* AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes
resources.
* AzureMonitor: Request and concat subsequent resource pages.
* Bug: Fix parse duration for day.
* Datasources: Improve error handling for error messages.
* Explore: Correct the functionality of shift-enter shortcut across
all uses.
* Explore: Show all dataFrames in data tab in Inspector.
* GraphNG: Fix Tooltip mode 'All' for XYChart.
* Loki: Fix highlight of logs when using filter expressions with
backticks.
* Modal: Force modal content to overflow with scroll.
* Plugins: Ignore symlinked folders when verifying plugin signature.
* Toolkit: Improve error messages when tasks fail.
- Update to version 8.0.7
- Update to version 8.0.6
* Alerting: Add annotation upon alert state change.
* Alerting: Allow space in label and annotation names.
* InfluxDB: Improve legend labels for InfluxDB query results.
* Alerting: Fix improper alert by changing the handling of empty
labels.
* CloudWatch/Logs: Reestablish Cloud Watch alert behavior.
* Dashboard: Avoid migration breaking on fieldConfig without defaults
field in folded panel.
* DashboardList: Fix issue not re-fetching dashboard list after
variable change.
* Database: Fix incorrect format of isolation level configuration
parameter for MySQL.
* InfluxDB: Correct tag filtering on InfluxDB data.
* Links: Fix links that caused a full page reload.
* Live: Fix HTTP error when InfluxDB metrics have an incomplete
or asymmetrical field set.
* Postgres/MySQL/MSSQL: Change time field to "Time" for time series
queries.
* Postgres: Fix the handling of a null return value in query
* Tempo: Show hex strings instead of uints for IDs.
* TimeSeries: Improve tooltip positioning when tooltip
overflows.
* Transformations: Add 'prepare time series' transformer.
- Update to version 8.0.5
* Cloudwatch Logs: Send error down to client.
* Folders: Return 409 Conflict status when folder already exists.
* TimeSeries: Do not show series in tooltip if it's hidden in the viz.
* AzureMonitor: Fix issue where resource group name is missing
on the resource picker button.
* Chore: Fix AWS auth assuming role with workspace IAM.
* DashboardQueryRunner: Fixes unrestrained subscriptions being
* DateFormats: Fix reading correct setting key for use_browser_locale.
* Links: Fix links to other apps outside Grafana when under sub path.
* Snapshots: Fix snapshot absolute time range issue.
* Table: Fix data link color.
* Time Series: Fix X-axis time format when tick increment is larger
than a year.
* Tooltip Plugin: Prevent tooltip render if field is undefined.
- Update to version 8.0.4
* Live: Rely on app url for origin check.
* PieChart: Sort legend descending, update placeholder.
* TimeSeries panel: Do not reinitialize plot when thresholds mode
change.
* Elasticsearch: Allow case sensitive custom options in date_histogram
interval.
* Elasticsearch: Restore previous field naming strategy when using
variables.
* Explore: Fix import of queries between SQL data sources.
* InfluxDB: InfluxQL query editor: fix retention policy handling.
* Loki: Send correct time range in template variable queries.
* TimeSeries: Preserve RegExp series overrides when migrating from old
graph panel.
- Update to version 8.0.3
* Alerting: Increase alertmanager_conf column if MySQL.
* Time series/Bar chart panel: Handle infinite numbers as nulls when
converting to plot array.
* TimeSeries: Ensure series overrides that contain color are migrated,
and migrate the previous fieldConfig when changing the panel type.
* ValueMappings: Improve singlestat value mappings migration.
* Annotations: Fix annotation line and marker colors.
* AzureMonitor: Fix KQL template variable queries without default
workspace.
* CloudWatch/Logs: Fix missing response data for log queries.
* LibraryPanels: Fix crash in library panels list when panel plugin is
not found.
* LogsPanel: Fix performance drop when moving logs panel in
* Loki: Parse log levels when ANSI coloring is enabled.
* MSSQL: Fix issue with hidden queries still being executed.
* PanelEdit: Display the VisualizationPicker that was not displayed if
a panel has an unknown panel plugin.
* Plugins: Fix loading symbolically linked plugins.
* Prometheus: Fix issue where legend name was replaced with name Value
in stat and gauge panels.
* State Timeline: Fix crash when hovering over panel.
- Update to version 8.0.2
* Datasource: Add support for max_conns_per_host in dataproxy settings.
* Configuration: Fix changing org preferences in FireFox.
* PieChart: Fix legend dimension limits.
* Postgres/MySQL/MSSQL: Fix panic in concurrent map writes.
* Variables: Hide default data source if missing from regex.
- Update to version 8.0.1
* Alerting/SSE: Fix "count_non_null" reducer validation.
* Cloudwatch: Fix duplicated time series.
* Cloudwatch: Fix missing defaultRegion.
* Dashboard: Fix Dashboard init failed error on dashboards with
old singlestat panels in collapsed rows.
* Datasource: Fix storing timeout option as numeric.
* Postgres/MySQL/MSSQL: Fix annotation parsing for empty
* Postgres/MySQL/MSSQL: Numeric/non-string values are now returned
from query variables.
* Postgres: Fix an error that was thrown when the annotation query did
not return any results.
* StatPanel: Fix an issue with the appearance of the graph when
switching color mode.
* Visualizations: Fix an issue in the Stat/BarGauge/Gauge/PieChart
panels where all values mode were showing the same name if they had
the same value.
* Toolkit: Resolve external fonts when Grafana is served from a sub
path.
- Update to version 8.0.0
* The following endpoints were deprecated for Grafana v5.0 and support
for them has now been removed: GET /dashboards/db/:slug GET
/dashboard-solo/db/:slug GET /api/dashboard/db/:slug DELETE
/api/dashboards/db/:slug
* AzureMonitor: Require default subscription for workspaces() template
variable query.
* AzureMonitor: Use resource type display names in the UI.
* Dashboard: Remove support for loading and deleting dashboard by slug.
* InfluxDB: Deprecate direct browser access in data source.
* VizLegend: Add a read-only property.
* AzureMonitor: Fix Azure Resource Graph queries in Azure China.
* Checkbox: Fix vertical layout issue with checkboxes due to fixed
height.
* Dashboard: Fix Table view when editing causes the panel data to not
update.
* Dashboard: Fix issues where unsaved-changes warning is not displayed.
* Login: Fixes Unauthorized message showing when on login page
or snapshot page.
* NodeGraph: Fix sorting markers in grid view.
* Short URL: Include orgId in generated short URLs.
* Variables: Support raw values of boolean type.
- Update to version 8.0.0-beta3
* The default HTTP method for Prometheus data source is now POST.
* API: Support folder UID in dashboards API.
* Alerting: Add support for configuring avatar URL for the Discord
notifier.
* Alerting: Clarify that Threema Gateway Alerts support only Basic IDs.
* Azure: Expose Azure settings to external plugins.
* AzureMonitor: Deprecate using separate credentials for Azure Monitor
Logs.
* AzureMonitor: Display variables in resource picker for Azure
* AzureMonitor: Hide application insights for data sources not using
it.
* AzureMonitor: Support querying subscriptions and resource groups in
Azure Monitor Logs.
* AzureMonitor: remove requirement for default subscription.
* CloudWatch: Add Lambda@Edge Amazon CloudFront metrics.
* CloudWatch: Add missing AWS AppSync metrics.
* ConfirmModal: Auto focus delete button.
* Explore: Add caching for queries that are run from logs
* Loki: Add formatting for annotations.
* Loki: Bring back processed bytes as meta information.
* NodeGraph: Display node graph collapsed by default with trace view.
* Overrides: Include a manual override option to hide something from
visualization.
* PieChart: Support row data in pie charts.
* Prometheus: Update default HTTP method to POST for existing data
sources.
* Time series panel: Position tooltip correctly when window is
scrolled or resized.
* Admin: Fix infinite loading edit on the profile page.
* Color: Fix issues with random colors in string and date
* Dashboard: Fix issue with title or folder change has no effect after
exiting settings view.
* DataLinks: Fix an issue __series.name is not working in data link.
* Datasource: Fix dataproxy timeout should always be applied for
outgoing data source HTTP requests.
* Elasticsearch: Fix NewClient not passing httpClientProvider to
client impl.
* Explore: Fix Browser title not updated on Navigation to Explore.
* GraphNG: Remove fieldName and hideInLegend properties from
UPlotSeriesBuilder.
* OAuth: Fix fallback to auto_assign_org_role setting for Azure AD
OAuth when no role claims exists.
* PanelChrome: Fix issue with empty panel after adding a non data
panel and coming back from panel edit.
* StatPanel: Fix data link tooltip not showing for single value.
* Table: Fix sorting for number fields.
* Table: Have text underline for datalink, and add support for image
datalink.
* Transformations: Prevent FilterByValue transform from crashing panel
edit.
- Update to version 8.0.0-beta2
* AppPlugins: Expose react-router to apps.
* AzureMonitor: Add Azure Resource Graph.
* AzureMonitor: Managed Identity configuration UI.
* AzureMonitor: Token provider with support for Managed Identities.
* AzureMonitor: Update Logs workspace() template variable query to
return resource URIs.
* BarChart: Value label sizing.
* CloudMonitoring: Add support for preprocessing.
* CloudWatch: Add AWS/EFS StorageBytes metric.
* CloudWatch: Allow use of missing AWS namespaces using custom
* Datasource: Shared HTTP client provider for core backend data
sources and any data source using the data source proxy.
* InfluxDB: InfluxQL: allow empty tag values in the query editor.
* Instrumentation: Instrument incoming HTTP request with histograms by
default.
* Library Panels: Add name endpoint & unique name validation to
AddLibraryPanelModal.
* Logs panel: Support details view.
* PieChart: Always show the calculation options dropdown in the
* PieChart: Remove beta flag.
* Plugins: Enforce signing for all plugins.
* Plugins: Remove support for deprecated backend plugin protocol
version.
* Tempo/Jaeger: Add better display name to legend.
* Timeline: Add time range zoom.
* Timeline: Adds opacity & line width option.
* Timeline: Value text alignment option.
* ValueMappings: Add duplicate action, and disable dismiss on backdrop
click.
* Zipkin: Add node graph view to trace response.
* Annotations panel: Remove subpath from dashboard links.
* Content Security Policy: Allow all image sources by default.
* Content Security Policy: Relax default template wrt. loading
of scripts, due to nonces not working.
* Datasource: Fix tracing propagation for alert execution by
introducing HTTP client outgoing tracing middleware.
* InfluxDB: InfluxQL always apply time interval end.
* Library Panels: Fixes "error while loading library panels".
* NewsPanel: Fixes rendering issue in Safari.
* PanelChrome: Fix queries being issued again when scrolling in and
out of view.
* Plugins: Fix Azure token provider cache panic and auth param nil
value.
* Snapshots: Fix key and deleteKey being ignored when creating an
external snapshot.
* Table: Fix issue with cell border not showing with colored
background cells.
* Table: Makes tooltip scrollable for long JSON values.
* TimeSeries: Fix for Connected null values threshold toggle during
panel editing.
* Variables: Fixes inconsistent selected states on dashboard
* Variables: Refreshes all panels even if panel is full screen.
* QueryField: Remove carriage return character from pasted text.
- Update to version 8.0.0-beta1
+ License update:
* AGPL License: Update license from Apache 2.0 to the GNU Affero
General Public License (AGPL).
* Removes the never refresh option for Query variables.
* Removes the experimental Tags feature for Variables.
+ Deprecations:
* The InfoBox & FeatureInfoBox are now deprecated please use the Alert
component instead with severity info.
* API: Add org users with pagination.
* API: Return 404 when deleting nonexistent API key.
* API: Return query results as JSON rather than base64 encoded Arrow.
* Alerting: Allow sending notification tags to Opsgenie as extra
properties.
* Alerts: Replaces all uses of InfoBox & FeatureInfoBox with Alert.
* Auth: Add support for JWT Authentication.
* AzureMonitor: Add support for Microsoft.SignalRService/SignalR
metrics.
* AzureMonitor: Azure settings in Grafana server config.
* AzureMonitor: Migrate Metrics query editor to React.
* BarChart panel: enable series toggling via legend.
* BarChart panel: Adds support for Tooltip in BarChartPanel.
* PieChart panel: Change look of highlighted pie slices.
* CloudMonitoring: Migrate config editor from angular to react.
* CloudWatch: Add Amplify Console metrics and dimensions.
* CloudWatch: Add missing Redshift metrics to CloudWatch data
* CloudWatch: Add metrics for managed RabbitMQ service.
* DashboardList: Enable templating on search tag input.
* Datasource config: correctly remove single custom http header.
* Elasticsearch: Add generic support for template variables.
* Elasticsearch: Allow omitting field when metric supports inline
script.
* Elasticsearch: Allow setting a custom limit for log queries.
* Elasticsearch: Guess field type from first non-empty value.
* Elasticsearch: Use application/x-ndjson content type for multisearch
requests.
* Elasticsearch: Use semver strings to identify ES version.
* Explore: Add logs navigation to request more logs.
* Explore: Map Graphite queries to Loki.
* Explore: Scroll split panes in Explore independently.
* Explore: Wrap each panel in separate error boundary.
* FieldDisplay: Smarter naming of stat values when visualising row
values (all values) in stat panels.
* Graphite: Expand metric names for variables.
* Graphite: Handle unknown Graphite functions without breaking the
visual editor.
* Graphite: Show graphite functions descriptions.
* Graphite: Support request cancellation properly (Uses new
backendSrv.fetch Observable request API).
* InfluxDB: Flux: Improve handling of complex response-structures.
* InfluxDB: Support region annotations.
* Inspector: Download logs for manual processing.
* Jaeger: Add node graph view for trace.
* Jaeger: Search traces.
* Loki: Use data source settings for alerting queries.
* NodeGraph: Exploration mode.
* OAuth: Add support for empty scopes.
* PanelChrome: New logic-less emotion based component with no
dependency on PanelModel or DashboardModel.
* PanelEdit: Adds a table view toggle to quickly view data in table
form.
* PanelEdit: Highlight matched words when searching options.
* PanelEdit: UX improvements.
* Plugins: PanelRenderer and simplified QueryRunner to be used from
plugins.
* Plugins: AuthType in route configuration and params interpolation.
* Plugins: Enable plugin runtime install/uninstall capabilities.
* Plugins: Support set body content in plugin routes.
* Plugins: Introduce marketplace app.
* Plugins: Moving the DataSourcePicker to grafana/runtime so it can be
reused in plugins.
* Prometheus: Add custom query params for alert and exemplars
* Prometheus: Use fuzzy string matching to autocomplete metric names
and label.
* Routing: Replace Angular routing with react-router.
* Slack: Use chat.postMessage API by default.
* Tempo: Search for Traces by querying Loki directly from Tempo.
* Tempo: Show graph view of the trace.
* Themes: Switch theme without reload using global shortcut.
* TimeSeries panel: Add support for shared cursor.
* TimeSeries panel: Do not crash the panel if there is no time series
data in the response.
* Variables: Do not save repeated panels, rows and scopedVars.
* Variables: Removes experimental Tags feature.
* Variables: Removes the never refresh option.
* Visualizations: Unify tooltip options across visualizations.
* Visualizations: Refactor and unify option creation between new
visualizations.
* Visualizations: Remove singlestat panel.
* APIKeys: Fixes issue with adding first api key.
* Alerting: Add checks for non supported units - disable defaulting to
seconds.
* Alerting: Fix issue where Slack notifications won't link to user IDs.
* Alerting: Omit empty message in PagerDuty notifier.
* AzureMonitor: Fix migration error from older versions of App
Insights queries.
* CloudWatch: Fix AWS/Connect dimensions.
* CloudWatch: Fix broken AWS/MediaTailor dimension name.
* Dashboards: Allow string manipulation as advanced variable format
option.
* DataLinks: Includes harmless extended characters like Cyrillic
characters.
* Drawer: Fixes title overflowing its container.
* Explore: Fix issue when some query errors were not shown.
* Generic OAuth: Prevent adding duplicated users.
* Graphite: Handle invalid annotations.
* Graphite: Fix autocomplete when tags are not available.
* InfluxDB: Fix Cannot read property 'length' of undefined in when
parsing response.
* Instrumentation: Enable tracing when Jaeger host and port are
* Instrumentation: Prefix metrics with grafana.
* MSSQL: By default let driver choose port.
* OAuth: Add optional strict parsing of role_attribute_path.
* Panel: Fixes description markdown with inline code being rendered on
newlines and full width.
* PanelChrome: Ignore data updates & errors for non data panels.
* Permissions: Fix inherited folder permissions can prevent new
permissions being added to a dashboard.
* Plugins: Remove pre-existing plugin installs when installing with
grafana-cli.
* Plugins: Support installing to folders with whitespace and fix
pluginUrl trailing and leading whitespace failures.
* Postgres/MySQL/MSSQL: Don't return connection failure details to the
client.
* Postgres: Fix ms precision of interval in time group macro when
TimescaleDB is enabled.
* Provisioning: Use dashboard checksum field as change indicator.
* SQL: Fix so that all captured errors are returned from sql engine.
* Shortcuts: Fixes panel shortcuts so they always work.
* Table: Fixes so border is visible for cells with links.
* Variables: Clear query when data source type changes.
* Variables: Filters out builtin variables from unknown list.
* Button: Introduce buttonStyle prop.
* DataQueryRequest: Remove deprecated props showingGraph and
showingTabel and exploreMode.
* grafana/ui: Update React Hook Form to v7.
* IconButton: Introduce variant for red and blue icon buttons.
* Plugins: Expose the getTimeZone function to be able to get the
current selected timeZone.
* TagsInput: Add className to TagsInput.
* VizLegend: Move onSeriesColorChanged to PanelContext (breaking
change).
- Update to version 7.5.13
* Alerting: Fix NoDataFound for alert rules using AND operator.
mgr-cfg:
- Version 4.2.8-1
* Fix the condition for preventing building python 2 subpackage for
SLE15 (bsc#1197579)
- Version 4.2.7-1
* Fix installation problem for SLE15SP4 due missing python-selinux
mgr-osad:
- Version 4.2.8-1
* Fix the condition for preventing building python 2 subpackage for SLE15
mgr-push:
- Version 4.2.5-1
* Fix the condition for preventing building python 2 subpackage for SLE15
mgr-virtualization:
- Version 4.2.4-1
* Fix the condition for preventing building python 2 subpackage for SLE15
prometheus-postgres_exporter:
- Version 0.10.0
* Added hardening to systemd service(s) with changes to
`prometheus-postgres_exporter.service` (bsc#1181400)
* Package rename from golang-github-wrouesnel-postgres_exporter
(jsc#SLE-23051)
rhnlib:
- Version 4.2.6-1
* Fix the condition for preventing building python 2 subpackage for SLE15
spacecmd:
- Version 4.2.16-1
* implement system.bootstrap (bsc#1194909)
* Fix interactive mode for "system_applyerrata" and "errata_apply"
(bsc#1194363)
spacewalk-client-tools:
- Version 4.2.18-1
* Fix the condition for preventing building python 2 subpackage for SLE15
- Version 4.2.17-1
* Update translation strings
spacewalk-koan:
- Version 4.2.6-1
* Fix the condition for preventing building python 2 subpackage for SLE15
spacewalk-oscap:
- Version 4.2.4-1
* Fix the condition for preventing building python 2 subpackage for SLE15
suseRegisterInfo:
- Version 4.2.6-1
* Fix the condition for preventing building python 2 subpackage for SLE15
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1396=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1396=1
- SUSE Manager Tools 15:
zypper in -t patch SUSE-SLE-Manager-Tools-15-2022-1396=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-1396=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
prometheus-postgres_exporter-0.10.0-150000.1.3.1
- openSUSE Leap 15.4 (noarch):
spacecmd-4.2.16-150000.3.77.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
prometheus-postgres_exporter-0.10.0-150000.1.3.1
- openSUSE Leap 15.3 (noarch):
python3-rhnlib-4.2.6-150000.3.34.1
spacecmd-4.2.16-150000.3.77.1
- SUSE Manager Tools 15 (aarch64 ppc64le s390x x86_64):
grafana-8.3.5-150000.1.30.1
grafana-debuginfo-8.3.5-150000.1.30.1
prometheus-postgres_exporter-0.10.0-150000.1.3.1
- SUSE Manager Tools 15 (noarch):
mgr-cfg-4.2.8-150000.1.24.1
mgr-cfg-actions-4.2.8-150000.1.24.1
mgr-cfg-client-4.2.8-150000.1.24.1
mgr-cfg-management-4.2.8-150000.1.24.1
mgr-osad-4.2.8-150000.1.36.1
mgr-push-4.2.5-150000.1.18.2
mgr-virtualization-host-4.2.4-150000.1.26.1
python3-mgr-cfg-4.2.8-150000.1.24.1
python3-mgr-cfg-actions-4.2.8-150000.1.24.1
python3-mgr-cfg-client-4.2.8-150000.1.24.1
python3-mgr-cfg-management-4.2.8-150000.1.24.1
python3-mgr-osa-common-4.2.8-150000.1.36.1
python3-mgr-osad-4.2.8-150000.1.36.1
python3-mgr-push-4.2.5-150000.1.18.2
python3-mgr-virtualization-common-4.2.4-150000.1.26.1
python3-mgr-virtualization-host-4.2.4-150000.1.26.1
python3-rhnlib-4.2.6-150000.3.34.1
python3-spacewalk-check-4.2.18-150000.3.59.1
python3-spacewalk-client-setup-4.2.18-150000.3.59.1
python3-spacewalk-client-tools-4.2.18-150000.3.59.1
python3-spacewalk-koan-4.2.6-150000.3.27.1
python3-spacewalk-oscap-4.2.4-150000.3.18.1
python3-suseRegisterInfo-4.2.6-150000.3.21.1
spacecmd-4.2.16-150000.3.77.1
spacewalk-check-4.2.18-150000.3.59.1
spacewalk-client-setup-4.2.18-150000.3.59.1
spacewalk-client-tools-4.2.18-150000.3.59.1
spacewalk-koan-4.2.6-150000.3.27.1
spacewalk-oscap-4.2.4-150000.3.18.1
suseRegisterInfo-4.2.6-150000.3.21.1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64):
prometheus-postgres_exporter-0.10.0-150000.1.3.1
References:
https://www.suse.com/security/cve/CVE-2021-36222.html
https://www.suse.com/security/cve/CVE-2021-3711.html
https://www.suse.com/security/cve/CVE-2021-39226.html
https://www.suse.com/security/cve/CVE-2021-41174.html
https://www.suse.com/security/cve/CVE-2021-41244.html
https://www.suse.com/security/cve/CVE-2021-43798.html
https://www.suse.com/security/cve/CVE-2021-43813.html
https://www.suse.com/security/cve/CVE-2021-43815.html
https://www.suse.com/security/cve/CVE-2022-21673.html
https://www.suse.com/security/cve/CVE-2022-21702.html
https://www.suse.com/security/cve/CVE-2022-21703.html
https://www.suse.com/security/cve/CVE-2022-21713.html
https://bugzilla.suse.com/1181400
https://bugzilla.suse.com/1194363
https://bugzilla.suse.com/1194873
https://bugzilla.suse.com/1194909
https://bugzilla.suse.com/1195726
https://bugzilla.suse.com/1195727
https://bugzilla.suse.com/1195728
https://bugzilla.suse.com/1197579
1
0
22 Apr '22
SUSE Security Update: Security update for libslirp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1314-1
Rating: low
References: #1187364 #1187366 #1187367
Cross-References: CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
CVSS scores:
CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for libslirp fixes the following issues:
- CVE-2021-3592: Fixed invalid pointer initialization may lead to
information disclosure (bootp) (bsc#1187364).
- CVE-2021-3594: Fixed invalid pointer initialization may lead to
information disclosure (udp) (bsc#1187367).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to
information disclosure (tftp) (bsc#1187366).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1314=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1314=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1314=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1314=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp-devel-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp-devel-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp-devel-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3592.html
https://www.suse.com/security/cve/CVE-2021-3594.html
https://www.suse.com/security/cve/CVE-2021-3595.html
https://bugzilla.suse.com/1187364
https://bugzilla.suse.com/1187366
https://bugzilla.suse.com/1187367
1
0
SUSE-SU-2022:1307-1: important: Security update for dnsmasq
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for dnsmasq
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1307-1
Rating: important
References: #1197872
Cross-References: CVE-2022-0934
CVSS scores:
CVE-2022-0934 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for dnsmasq fixes the following issues:
- CVE-2022-0934: Fixed an invalid memory access that could lead to remote
denial
of service via crafted packet (bsc#1197872).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1307=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1307=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1307=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1307=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1307=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1307=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1307=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1307=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1307=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1307=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1307=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1307=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1307=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1307=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1307=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1307=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1307=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1307=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1307=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
dnsmasq-utils-2.86-150100.7.20.1
dnsmasq-utils-debuginfo-2.86-150100.7.20.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
dnsmasq-utils-2.86-150100.7.20.1
dnsmasq-utils-debuginfo-2.86-150100.7.20.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Manager Proxy 4.1 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE CaaS Platform 4.0 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
References:
https://www.suse.com/security/cve/CVE-2022-0934.html
https://bugzilla.suse.com/1197872
1
0
SUSE-SU-2022:1315-1: moderate: Security update for netty
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for netty
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1315-1
Rating: moderate
References: #1184203
Cross-References: CVE-2021-21409
CVSS scores:
CVE-2021-21409 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-21409 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for netty fixes the following issues:
- CVE-2021-21409: Fixed request smuggling via content-length header
(bsc#1184203).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1315=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1315=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.9.1
- openSUSE Leap 15.4 (noarch):
netty-javadoc-4.1.75-150200.4.9.1
netty-poms-4.1.75-150200.4.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.9.1
- openSUSE Leap 15.3 (noarch):
netty-javadoc-4.1.75-150200.4.9.1
netty-poms-4.1.75-150200.4.9.1
References:
https://www.suse.com/security/cve/CVE-2021-21409.html
https://bugzilla.suse.com/1184203
1
0
SUSE-SU-2022:1305-1: important: Security update for libinput
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for libinput
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1305-1
Rating: important
References: #1198111
Cross-References: CVE-2022-1215
CVSS scores:
CVE-2022-1215 (SUSE): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libinput fixes the following issues:
- CVE-2022-1215: Fixed a format string vulnerability (bsc#1198111).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1305=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1305=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1305=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1305=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1305=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1305=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1305=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1305=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1305=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1305=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1305=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1305=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1305=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1305=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1305=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1305=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- openSUSE Leap 15.3 (x86_64):
libinput10-32bit-1.10.5-150000.3.3.1
libinput10-32bit-debuginfo-1.10.5-150000.3.3.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Manager Proxy 4.1 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE CaaS Platform 4.0 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1215.html
https://bugzilla.suse.com/1198111
1
0
SUSE-SU-2022:1304-1: important: Security update for tomcat
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for tomcat
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1304-1
Rating: important
References: #1198136
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tomcat fixes the following issues:
Security hardening, related to Spring Framework vulnerabilities:
- Deprecate getResources() and always return null (bsc#1198136).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1304=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1304=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1304=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1304=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1304=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1304=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1304=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1304=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-1304=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1304=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1304=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1304=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1304=1
Package List:
- openSUSE Leap 15.4 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-docs-webapp-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-embed-9.0.36-150200.22.1
tomcat-javadoc-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-jsvc-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- openSUSE Leap 15.3 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-docs-webapp-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-embed-9.0.36-150200.22.1
tomcat-javadoc-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-jsvc-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Manager Server 4.1 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Manager Proxy 4.1 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Enterprise Storage 7 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
References:
https://bugzilla.suse.com/1198136
1
0
SUSE-SU-2022:1316-1: moderate: Security update for podofo
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for podofo
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1316-1
Rating: moderate
References: #1159921
Cross-References: CVE-2019-20093
CVSS scores:
CVE-2019-20093 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-20093 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for podofo fixes the following issues:
- CVE-2019-20093: Fixed an invalid memory access that could cause an
application crash (bsc#1159921).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1316=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1316=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpodofo-devel-0.9.6-150300.3.3.1
libpodofo0_9_6-0.9.6-150300.3.3.1
libpodofo0_9_6-debuginfo-0.9.6-150300.3.3.1
podofo-0.9.6-150300.3.3.1
podofo-debuginfo-0.9.6-150300.3.3.1
podofo-debugsource-0.9.6-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpodofo-devel-0.9.6-150300.3.3.1
libpodofo0_9_6-0.9.6-150300.3.3.1
libpodofo0_9_6-debuginfo-0.9.6-150300.3.3.1
podofo-0.9.6-150300.3.3.1
podofo-debuginfo-0.9.6-150300.3.3.1
podofo-debugsource-0.9.6-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2019-20093.html
https://bugzilla.suse.com/1159921
1
0
SUSE-SU-2022:1296-1: important: Security update for openjpeg
by opensuse-security@opensuse.org 21 Apr '22
by opensuse-security@opensuse.org 21 Apr '22
21 Apr '22
SUSE Security Update: Security update for openjpeg
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1296-1
Rating: important
References: #1102016 #1106881 #1162090 #1173578 #1180457
#1184774
Cross-References: CVE-2018-14423 CVE-2018-16376 CVE-2020-15389
CVE-2020-27823 CVE-2020-8112 CVE-2021-29338
CVSS scores:
CVE-2018-14423 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-14423 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-16376 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16376 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2020-15389 (NVD) : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2020-15389 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-27823 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-27823 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-29338 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29338 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for openjpeg fixes the following issues:
- CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions
pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c
(bsc#1102016).
- CVE-2018-16376: Fixed heap-based buffer overflow function
t2_encode_packet in lib/openmj2/t2.c (bsc#1106881).
- CVE-2020-8112: Fixed a heap buffer overflow in
opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090).
- CVE-2020-15389: Fixed a use-after-free if a mix of valid and invalid
files in a directory operated on by the decompressor (bsc#1173578).
- CVE-2020-27823: Fixed a heap buffer over-write in
opj_tcd_dc_level_shift_encode() (bsc#1180457),
- CVE-2021-29338: Fixed an integer Overflow allows remote attackers to
crash the application (bsc#1184774).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1296=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1296=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1296=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1296=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1296=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1296=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1296=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1296=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1296=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1296=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1296=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1296=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1296=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1296=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1296=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1296=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1296=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1296=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- openSUSE Leap 15.4 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.5.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.5.1
openjpeg-devel-32bit-1.5.2-150000.4.5.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- openSUSE Leap 15.3 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.5.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.5.1
openjpeg-devel-32bit-1.5.2-150000.4.5.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Manager Proxy 4.1 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE CaaS Platform 4.0 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
References:
https://www.suse.com/security/cve/CVE-2018-14423.html
https://www.suse.com/security/cve/CVE-2018-16376.html
https://www.suse.com/security/cve/CVE-2020-15389.html
https://www.suse.com/security/cve/CVE-2020-27823.html
https://www.suse.com/security/cve/CVE-2020-8112.html
https://www.suse.com/security/cve/CVE-2021-29338.html
https://bugzilla.suse.com/1102016
https://bugzilla.suse.com/1106881
https://bugzilla.suse.com/1162090
https://bugzilla.suse.com/1173578
https://bugzilla.suse.com/1180457
https://bugzilla.suse.com/1184774
1
0
21 Apr '22
SUSE Security Update: Security update for swtpm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1297-1
Rating: low
References: #1196240
Cross-References: CVE-2022-23645
CVSS scores:
CVE-2022-23645 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for swtpm fixes the following issues:
- Update to version 0.5.3
- CVE-2022-23645: Check header size indicator against expected size
(bsc#1196240).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1297=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1297=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1297=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1297=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
swtpm-devel-0.5.3-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
swtpm-devel-0.5.3-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
swtpm-devel-0.5.3-150300.3.3.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-23645.html
https://bugzilla.suse.com/1196240
1
0
SUSE-SU-2022:1277-1: moderate: Security update for dcraw
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for dcraw
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1277-1
Rating: moderate
References: #1056170 #1063798 #1084690 #1097973 #1097974
#1117436 #1117512 #1117517 #1117622 #1117896
#1189642
Cross-References: CVE-2017-13735 CVE-2017-14608 CVE-2018-19565
CVE-2018-19566 CVE-2018-19567 CVE-2018-19568
CVE-2018-19655 CVE-2018-5801 CVE-2018-5805
CVE-2018-5806 CVE-2021-3624
CVSS scores:
CVE-2017-13735 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-13735 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2017-14608 (NVD) : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2017-14608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-19565 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2018-19565 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-19566 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2018-19566 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2018-19567 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-19567 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-19568 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-19568 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-19655 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-19655 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5801 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5801 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-5805 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-5805 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-5806 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5806 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3624 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for dcraw fixes the following issues:
- CVE-2017-13735: Fixed a denial of service issue due to a floating point
exception (bsc#1056170).
- CVE-2017-14608: Fixed an invalid memory access that could lead to
information disclosure or denial of service (bsc#1063798).
- CVE-2018-19655: Fixed a buffer overflow that could lead to an
application crash (bsc#1117896).
- CVE-2018-5801: Fixed an invalid memory access that could lead to denial
of service (bsc#1084690).
- CVE-2018-5805: Fixed a buffer overflow that could lead to an application
crash (bsc#1097973).
- CVE-2018-5806: Fixed an invalid memory access that could lead to denial
of service (bsc#1097974).
- CVE-2018-19565: Fixed an invalid memory access that could lead to
information disclosure or denial of service (bsc#1117622).
- CVE-2018-19566: Fixed an invalid memory access that could lead to
information disclosure or denial of service (bsc#1117517).
- CVE-2018-19567: Fixed a denial of service issue due to a floating point
exception (bsc#1117512).
- CVE-2018-19568: Fixed a denial of service issue due to a floating point
exception (bsc#1117436).
- CVE-2021-3624: Fixed a buffer overflow that could lead to code execution
or denial of service (bsc#1189642).
Non-security fixes:
- Updated to version 9.28.0.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1277=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1277=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dcraw-9.28.0-150000.3.3.1
dcraw-debuginfo-9.28.0-150000.3.3.1
dcraw-debugsource-9.28.0-150000.3.3.1
- openSUSE Leap 15.4 (noarch):
dcraw-lang-9.28.0-150000.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dcraw-9.28.0-150000.3.3.1
dcraw-debuginfo-9.28.0-150000.3.3.1
dcraw-debugsource-9.28.0-150000.3.3.1
- openSUSE Leap 15.3 (noarch):
dcraw-lang-9.28.0-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2017-13735.html
https://www.suse.com/security/cve/CVE-2017-14608.html
https://www.suse.com/security/cve/CVE-2018-19565.html
https://www.suse.com/security/cve/CVE-2018-19566.html
https://www.suse.com/security/cve/CVE-2018-19567.html
https://www.suse.com/security/cve/CVE-2018-19568.html
https://www.suse.com/security/cve/CVE-2018-19655.html
https://www.suse.com/security/cve/CVE-2018-5801.html
https://www.suse.com/security/cve/CVE-2018-5805.html
https://www.suse.com/security/cve/CVE-2018-5806.html
https://www.suse.com/security/cve/CVE-2021-3624.html
https://bugzilla.suse.com/1056170
https://bugzilla.suse.com/1063798
https://bugzilla.suse.com/1084690
https://bugzilla.suse.com/1097973
https://bugzilla.suse.com/1097974
https://bugzilla.suse.com/1117436
https://bugzilla.suse.com/1117512
https://bugzilla.suse.com/1117517
https://bugzilla.suse.com/1117622
https://bugzilla.suse.com/1117896
https://bugzilla.suse.com/1189642
1
0
SUSE-SU-2022:1271-1: important: Security update for netty
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for netty
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1271-1
Rating: important
References: #1182103 #1183262 #1190610 #1190613 #1193672
Cross-References: CVE-2021-21290 CVE-2021-21295 CVE-2021-37136
CVE-2021-37137 CVE-2021-43797
CVSS scores:
CVE-2021-21290 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-21290 (SUSE): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-21295 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-21295 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-37136 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37136 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37137 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37137 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-43797 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-43797 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for netty fixes the following issues:
- Updated to version 4.1.75:
- CVE-2021-37136: Fixed an unrestricted decompressed data size in
Bzip2Decoder (bsc#1190610).
- CVE-2021-37137: Fixed an unrestricted chunk length in
SnappyFrameDecoder, which might lead to excessive memory usage
(#bsc#1190613).
- CVE-2021-43797: Fixed a potential HTTP request smuggling issue due to
insufficient validation against control characters (bsc#1193672).
- CVE-2021-21290: Fixed an information disclosure via the local system
temporary directory (bsc#1182103).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1271=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1271=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.6.2
- openSUSE Leap 15.4 (noarch):
netty-javadoc-4.1.75-150200.4.6.2
netty-poms-4.1.75-150200.4.6.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.6.2
- openSUSE Leap 15.3 (noarch):
netty-javadoc-4.1.75-150200.4.6.2
netty-poms-4.1.75-150200.4.6.2
References:
https://www.suse.com/security/cve/CVE-2021-21290.html
https://www.suse.com/security/cve/CVE-2021-21295.html
https://www.suse.com/security/cve/CVE-2021-37136.html
https://www.suse.com/security/cve/CVE-2021-37137.html
https://www.suse.com/security/cve/CVE-2021-43797.html
https://bugzilla.suse.com/1182103
https://bugzilla.suse.com/1183262
https://bugzilla.suse.com/1190610
https://bugzilla.suse.com/1190613
https://bugzilla.suse.com/1193672
1
0
SUSE-SU-2022:1274-1: important: Security update for GraphicsMagick
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for GraphicsMagick
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1274-1
Rating: important
References: #1198351
Cross-References: CVE-2022-1270
CVSS scores:
CVE-2022-1270 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for GraphicsMagick fixes the following issues:
- CVE-2022-1270: Fixed a heap buffer overflow when parsing MIFF
(bsc#1198351).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1274=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1274=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
GraphicsMagick-1.3.35-150300.3.3.1
GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
GraphicsMagick-debugsource-1.3.35-150300.3.3.1
GraphicsMagick-devel-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick++-devel-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick3-config-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.35-150300.3.3.1
perl-GraphicsMagick-1.3.35-150300.3.3.1
perl-GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
GraphicsMagick-1.3.35-150300.3.3.1
GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
GraphicsMagick-debugsource-1.3.35-150300.3.3.1
GraphicsMagick-devel-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick++-devel-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick3-config-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.35-150300.3.3.1
perl-GraphicsMagick-1.3.35-150300.3.3.1
perl-GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1270.html
https://bugzilla.suse.com/1198351
1
0
SUSE-SU-2022:1273-1: important: Security update for SDL
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for SDL
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1273-1
Rating: important
References: #1181201 #1181202 #1198001
Cross-References: CVE-2020-14409 CVE-2020-14410 CVE-2021-33657
CVSS scores:
CVE-2020-14409 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-14409 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-14410 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2020-14410 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33657 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-33657 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for SDL fixes the following issues:
- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap
corruption) in SDL_BlitCopy in video/SDL_blit_copy.c. (bsc#1181202)
- CVE-2020-14410: Fixed a heap-based buffer over-read in
Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c. (bsc#1181201)
- CVE-2021-33657: Fixed a Heap overflow problem in video/SDL_pixels.c.
(bsc#1198001)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1273=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1273=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1273=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1273=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1273=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1273=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1273=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1273=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1273=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1273=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1273=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1273=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1273=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1273=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1273=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1273=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1273=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1273=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1273=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- openSUSE Leap 15.4 (x86_64):
libSDL-1_2-0-32bit-1.2.15-150000.3.19.1
libSDL-1_2-0-32bit-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-32bit-1.2.15-150000.3.19.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- openSUSE Leap 15.3 (x86_64):
libSDL-1_2-0-32bit-1.2.15-150000.3.19.1
libSDL-1_2-0-32bit-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-32bit-1.2.15-150000.3.19.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Manager Proxy 4.1 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE CaaS Platform 4.0 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
References:
https://www.suse.com/security/cve/CVE-2020-14409.html
https://www.suse.com/security/cve/CVE-2020-14410.html
https://www.suse.com/security/cve/CVE-2021-33657.html
https://bugzilla.suse.com/1181201
https://bugzilla.suse.com/1181202
https://bugzilla.suse.com/1198001
1
0
SUSE-SU-2022:1276-1: important: Security update for nbd
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for nbd
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1276-1
Rating: important
References: #1196827 #1196828
Cross-References: CVE-2022-26495 CVE-2022-26496
CVSS scores:
CVE-2022-26495 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26495 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26496 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26496 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for nbd fixes the following issues:
- CVE-2022-26495: Fixed an integer overflow with a resultant heap-based
buffer overflow (bsc#1196827).
- CVE-2022-26496: Fixed a stack-based buffer overflow when parsing the
name field by sending a crafted NBD_OPT_INFO (bsc#1196828).
Update to version 3.24 (bsc#1196827, bsc#1196828, CVE-2022-26495,
CVE-2022-26496):
* https://github.com/advisories/GHSA-q9rw-8758-hccj
Update to version 3.23:
* Don't overwrite the hostname with the TLS hostname
Update to version 3.22:
- nbd-server: handle auth for v6-mapped IPv4 addresses
- nbd-client.c: parse the next option in all cases
- configure.ac: silence a few autoconf 2.71 warnings
- spec: Relax NBD_OPT_LIST_META_CONTEXTS
- client: Don't confuse Unix socket with TLS hostname
- server: Avoid deprecated g_memdup
Update to version 3.21:
- Fix --disable-manpages build
- Fix a bug in whitespace handling regarding authorization files
- Support client-side marking of devices as read-only
- Support preinitialized NBD connection (i.e., skip the negotiation).
- Fix the systemd unit file for nbd-client so it works with netlink (the
more common situation nowadays)
Update to 3.20.0 (no changelog)
Update to version 3.19.0:
* Better error messages in case of unexpected disconnects
* Better compatibility with non-bash sh implementations (for
configure.sh)
* Fix for a segfault in NBD_OPT_INFO handling
* The ability to specify whether to listen on both TCP and Unix domain
sockets, rather than to always do so
* Various minor editorial and spelling fixes in the documentation.
Update to version 1.18.0:
* Client: Add the "-g" option to avoid even trying the NBD_OPT_GO message
* Server: fixes to inetd mode
* Don't make gnutls and libnl automagic.
* Server: bugfixes in handling of some export names during verification.
* Server: clean supplementary groups when changing user.
* Client: when using the netlink protocol, only set a timeout when there
actually is a timeout, rather than defaulting to 0 seconds
* Improve documentation on the nbdtab file
* Minor improvements to some error messages
* Improvements to test suite so it works better on non-GNU userland
environments
- Update to version 1.17.0:
* proto: add xNBD command NBD_CMD_CACHE to the spec
* server: do not crash when handling child name
* server: Close socket pair when fork fails
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1276=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1276=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nbd-3.24-150000.3.3.1
nbd-debuginfo-3.24-150000.3.3.1
nbd-debugsource-3.24-150000.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nbd-3.24-150000.3.3.1
nbd-debuginfo-3.24-150000.3.3.1
nbd-debugsource-3.24-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-26495.html
https://www.suse.com/security/cve/CVE-2022-26496.html
https://bugzilla.suse.com/1196827
https://bugzilla.suse.com/1196828
1
0
SUSE-SU-2022:1265-1: important: Security update for jsoup, jsr-305
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for jsoup, jsr-305
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1265-1
Rating: important
References: #1189749
Cross-References: CVE-2021-37714
CVSS scores:
CVE-2021-37714 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37714 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jsoup, jsr-305 fixes the following issues:
- CVE-2021-37714: Fixed infinite in untrusted HTML or XML data parsing
(bsc#1189749).
Changes in jsr-305:
- Build with java source and target levels 8
- Upgrade to upstream version 3.0.2
Changes in jsoup:
- Upgrade to upstream version 1.14.2
- Generate tarball using source service instead of a script
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1265=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1265=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1265=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1265=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1265=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1265=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1265=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1265=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1265=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1265=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1265=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1265=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1265=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1265=1
Package List:
- openSUSE Leap 15.4 (noarch):
jsoup-1.14.2-150200.3.3.1
jsoup-javadoc-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
jsr-305-javadoc-3.0.2-150200.3.3.1
- openSUSE Leap 15.3 (noarch):
jsoup-1.14.2-150200.3.3.1
jsoup-javadoc-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
jsr-305-javadoc-3.0.2-150200.3.3.1
- SUSE Manager Server 4.1 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Manager Proxy 4.1 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Enterprise Storage 7 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-37714.html
https://bugzilla.suse.com/1189749
1
0
SUSE-SU-2022:1256-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1256-1
Rating: important
References: #1189562 #1193738 #1194943 #1195051 #1195254
#1195353 #1196018 #1196114 #1196433 #1196468
#1196488 #1196514 #1196639 #1196761 #1196830
#1196836 #1196942 #1196973 #1197227 #1197331
#1197366 #1197391 #1198031 #1198032 #1198033
SLE-18234 SLE-23652
Cross-References: CVE-2021-39713 CVE-2021-45868 CVE-2022-0812
CVE-2022-0850 CVE-2022-1016 CVE-2022-1048
CVE-2022-23036 CVE-2022-23037 CVE-2022-23038
CVE-2022-23039 CVE-2022-23040 CVE-2022-23041
CVE-2022-23042 CVE-2022-26490 CVE-2022-26966
CVE-2022-28356 CVE-2022-28388 CVE-2022-28389
CVE-2022-28390
CVSS scores:
CVE-2021-39713 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-39713 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0812 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-28356 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28356 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 19 vulnerabilities, contains two
features and has 6 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c
(bnc#1197391).
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution (bsc#1197227).
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel (bnc#1198032).
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel (bnc#1198033).
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel (bnc#1198031).
- CVE-2022-0812: Fixed an incorrect header size calculations in xprtrdma
(bsc#1196639).
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock
(bsc#1197331).
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c (bsc#1196761).
- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which
allowed attackers to obtain sensitive information from the memory via
crafted frame lengths from a USB device (bsc#1196836).
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota file
(bnc#1197366).
- CVE-2021-39713: Fixed a race condition in the network scheduling
subsystem which could lead to a use-after-free (bsc#1196973).
-
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
lead to read/write access to memory pages or denial of service. These
issues are related to the Xen PV device frontend drivers (bsc#1196488).
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An
attacker with adjacent NFC access could trigger crash the system or
corrupt system memory (bsc#1196830).
The following non-security bugs were fixed:
- ax88179_178a: Fixed memory issues that could be triggered by malicious
USB devices (bsc#1196018).
- genirq: Use rcu in kstat_irqs_usr() (bsc#1193738).
- gve/net: Fixed multiple bugfixes (jsc#SLE-23652).
- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
- net: tipc: validate domain record count on input (bsc#1195254).
- powerpc: Fixed issues related to slow I/O on PowerPC (bsc#1196433).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1256=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1256=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1256=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1256=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1256=1
- SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-1256=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1256=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1256=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-1256=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1256=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-4.12.14-150100.197.111.1
kernel-vanilla-base-4.12.14-150100.197.111.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debugsource-4.12.14-150100.197.111.1
kernel-vanilla-devel-4.12.14-150100.197.111.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.111.1
kernel-debug-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.4 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.111.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.4 (s390x):
kernel-default-man-4.12.14-150100.197.111.1
kernel-zfcpdump-man-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-4.12.14-150100.197.111.1
kernel-vanilla-base-4.12.14-150100.197.111.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debugsource-4.12.14-150100.197.111.1
kernel-vanilla-devel-4.12.14-150100.197.111.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.111.1
kernel-debug-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.111.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (s390x):
kernel-default-man-4.12.14-150100.197.111.1
kernel-zfcpdump-man-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):
kernel-default-man-4.12.14-150100.197.111.1
kernel-zfcpdump-debuginfo-4.12.14-150100.197.111.1
kernel-zfcpdump-debugsource-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-livepatch-4.12.14-150100.197.111.1
kernel-default-livepatch-devel-4.12.14-150100.197.111.1
kernel-livepatch-4_12_14-150100_197_111-default-1-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-150100.197.111.1
cluster-md-kmp-default-debuginfo-4.12.14-150100.197.111.1
dlm-kmp-default-4.12.14-150100.197.111.1
dlm-kmp-default-debuginfo-4.12.14-150100.197.111.1
gfs2-kmp-default-4.12.14-150100.197.111.1
gfs2-kmp-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
ocfs2-kmp-default-4.12.14-150100.197.111.1
ocfs2-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Enterprise Storage 6 (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE CaaS Platform 4.0 (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE CaaS Platform 4.0 (x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
References:
https://www.suse.com/security/cve/CVE-2021-39713.html
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0812.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-23036.html
https://www.suse.com/security/cve/CVE-2022-23037.html
https://www.suse.com/security/cve/CVE-2022-23038.html
https://www.suse.com/security/cve/CVE-2022-23039.html
https://www.suse.com/security/cve/CVE-2022-23040.html
https://www.suse.com/security/cve/CVE-2022-23041.html
https://www.suse.com/security/cve/CVE-2022-23042.html
https://www.suse.com/security/cve/CVE-2022-26490.html
https://www.suse.com/security/cve/CVE-2022-26966.html
https://www.suse.com/security/cve/CVE-2022-28356.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1193738
https://bugzilla.suse.com/1194943
https://bugzilla.suse.com/1195051
https://bugzilla.suse.com/1195254
https://bugzilla.suse.com/1195353
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196114
https://bugzilla.suse.com/1196433
https://bugzilla.suse.com/1196468
https://bugzilla.suse.com/1196488
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196639
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196830
https://bugzilla.suse.com/1196836
https://bugzilla.suse.com/1196942
https://bugzilla.suse.com/1196973
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197391
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
1
0
SUSE-SU-2022:1260-1: important: Security update for git
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1260-1
Rating: important
References: #1198234
Cross-References: CVE-2022-24765
CVSS scores:
CVE-2022-24765 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for git fixes the following issues:
- CVE-2022-24765: Fixed a potential command injection via git worktree
(bsc#1198234).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1260=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1260=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1260=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1260=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1260=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1260=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1260=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1260=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1260=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1260=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1260=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1260=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1260=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1260=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1260=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1260=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-svn-debuginfo-2.26.2-150000.36.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
git-svn-debuginfo-2.26.2-150000.36.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Manager Server 4.1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Manager Proxy 4.1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Manager Proxy 4.1 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Enterprise Storage 7 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Enterprise Storage 6 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE CaaS Platform 4.0 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE CaaS Platform 4.0 (noarch):
git-doc-2.26.2-150000.36.1
References:
https://www.suse.com/security/cve/CVE-2022-24765.html
https://bugzilla.suse.com/1198234
1
0
SUSE-SU-2022:1259-1: important: Security update for icedtea-web
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for icedtea-web
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1259-1
Rating: important
References: #1142825 #1142832 #1142835
Cross-References: CVE-2019-10181 CVE-2019-10182 CVE-2019-10185
CVSS scores:
CVE-2019-10181 (NVD) : 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-10181 (SUSE): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-10182 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2019-10182 (SUSE): 6.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2019-10185 (SUSE): 8.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for icedtea-web fixes the following issues:
- CVE-2019-10181: Fixed an issue where an attacker could inject unsigned
code in a signed JAR file (bsc#1142835).
- CVE-2019-10182: Fixed a path traversal issue where an attacker could
upload arbritrary files by tricking a victim into running a specially
crafted application(bsc#1142825).
- CVE-2019-10185: Fixed an issue where an attacker could write files to
arbitrary locations during JAR auto-extraction (bsc#1142832).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1259=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1259=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1259=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1259=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1259=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1259=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
icedtea-web-1.7.2-150100.7.3.1
- openSUSE Leap 15.4 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
icedtea-web-1.7.2-150100.7.3.1
- openSUSE Leap 15.3 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
References:
https://www.suse.com/security/cve/CVE-2019-10181.html
https://www.suse.com/security/cve/CVE-2019-10182.html
https://www.suse.com/security/cve/CVE-2019-10185.html
https://bugzilla.suse.com/1142825
https://bugzilla.suse.com/1142832
https://bugzilla.suse.com/1142835
1
0
SUSE-SU-2022:1252-1: important: Security update for openjpeg2
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for openjpeg2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1252-1
Rating: important
References: #1076314 #1076967 #1079845 #1102016 #1106881
#1106882 #1140130 #1160782 #1162090 #1173578
#1180457 #1184774 #1197738
Cross-References: CVE-2018-14423 CVE-2018-16375 CVE-2018-16376
CVE-2018-20845 CVE-2018-5727 CVE-2018-5785
CVE-2018-6616 CVE-2020-15389 CVE-2020-27823
CVE-2020-6851 CVE-2020-8112 CVE-2021-29338
CVE-2022-1122
CVSS scores:
CVE-2018-14423 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-14423 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-16375 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16375 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2018-16376 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16376 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2018-20845 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20845 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-5727 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5727 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-5785 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5785 (SUSE): 4 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
CVE-2018-6616 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-6616 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-15389 (NVD) : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2020-15389 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-27823 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-27823 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-6851 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-6851 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-29338 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29338 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-1122 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-1122 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for openjpeg2 fixes the following issues:
- CVE-2018-5727: Fixed integer overflow vulnerability in
theopj_t1_encode_cblks function (bsc#1076314).
- CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds
leftshift in the opj_j2k_setup_encoder function (bsc#1076967).
- CVE-2018-6616: Fixed excessive iteration in the opj_t1_encode_cblks
function of openjp2/t1.c (bsc#1079845).
- CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions
pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c
(bsc#1102016).
- CVE-2018-16375: Fixed missing checks for header_info.height and
header_info.width in the function pnmtoimage in bin/jpwl/convert.c
(bsc#1106882).
- CVE-2018-16376: Fixed heap-based buffer overflow function
t2_encode_packet in lib/openmj2/t2.c (bsc#1106881).
- CVE-2018-20845: Fixed division-by-zero in the functions pi_next_pcrl,
pi_next_cprl, and pi_next_rpcl in openmj2/pi.ci (bsc#1140130).
- CVE-2020-6851: Fixed heap-based buffer overflow in
opj_t1_clbl_decode_processor (bsc#1160782).
- CVE-2020-8112: Fixed heap-based buffer overflow in
opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090).
- CVE-2020-15389: Fixed use-after-free if t a mix of valid and invalid
files in a directory operated on by the decompressor (bsc#1173578).
- CVE-2020-27823: Fixed heap buffer over-write in
opj_tcd_dc_level_shift_encode() (bsc#1180457).
- CVE-2021-29338: Fixed integer overflow that allows remote attackers to
crash the application (bsc#1184774).
- CVE-2022-1122: Fixed segmentation fault in opj2_decompress due to
uninitialized pointer (bsc#1197738).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1252=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1252=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1252=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1252=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1252=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1252=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1252=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1252=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1252=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1252=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1252=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1252=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1252=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1252=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1252=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1252=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1252=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1252=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1252=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- openSUSE Leap 15.4 (x86_64):
libopenjp2-7-32bit-2.3.0-150000.3.5.1
libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.5.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- openSUSE Leap 15.3 (x86_64):
libopenjp2-7-32bit-2.3.0-150000.3.5.1
libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.5.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Manager Proxy 4.1 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libopenjp2-7-32bit-2.3.0-150000.3.5.1
libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE CaaS Platform 4.0 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
References:
https://www.suse.com/security/cve/CVE-2018-14423.html
https://www.suse.com/security/cve/CVE-2018-16375.html
https://www.suse.com/security/cve/CVE-2018-16376.html
https://www.suse.com/security/cve/CVE-2018-20845.html
https://www.suse.com/security/cve/CVE-2018-5727.html
https://www.suse.com/security/cve/CVE-2018-5785.html
https://www.suse.com/security/cve/CVE-2018-6616.html
https://www.suse.com/security/cve/CVE-2020-15389.html
https://www.suse.com/security/cve/CVE-2020-27823.html
https://www.suse.com/security/cve/CVE-2020-6851.html
https://www.suse.com/security/cve/CVE-2020-8112.html
https://www.suse.com/security/cve/CVE-2021-29338.html
https://www.suse.com/security/cve/CVE-2022-1122.html
https://bugzilla.suse.com/1076314
https://bugzilla.suse.com/1076967
https://bugzilla.suse.com/1079845
https://bugzilla.suse.com/1102016
https://bugzilla.suse.com/1106881
https://bugzilla.suse.com/1106882
https://bugzilla.suse.com/1140130
https://bugzilla.suse.com/1160782
https://bugzilla.suse.com/1162090
https://bugzilla.suse.com/1173578
https://bugzilla.suse.com/1180457
https://bugzilla.suse.com/1184774
https://bugzilla.suse.com/1197738
1
0
openSUSE-SU-2022:0114-1: important: Security update for chromium
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0114-1
Rating: important
References: #1198509
Cross-References: CVE-2022-1364
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for chromium fixes the following issues:
Updated Chromium to 100.0.4896.127 (boo#1198509)
- CVE-2022-1364: Type Confusion in V8
- Various fixes from internal audits, fuzzing and other initiatives
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-114=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-100.0.4896.127-bp153.2.85.1
chromium-100.0.4896.127-bp153.2.85.1
References:
https://www.suse.com/security/cve/CVE-2022-1364.html
https://bugzilla.suse.com/1198509
1
0
openSUSE-SU-2022:0113-1: moderate: Security update for nodejs12
by opensuse-security@opensuse.org 17 Apr '22
by opensuse-security@opensuse.org 17 Apr '22
17 Apr '22
openSUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0113-1
Rating: moderate
References: #1194511 #1194512 #1194513 #1194514 #1198204
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-21824 CVE-2022-24191
CVSS scores:
CVE-2021-44531 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
CVE-2022-24191 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for nodejs12 fixes the following issues:
- CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names
(bsc#1194511).
- CVE-2021-44532: Fixed certificate Verification Bypass via String
Injection (bsc#1194512).
- CVE-2021-44533: Fixed incorrect handling of certificate subject and
issuer fields (bsc#1194513).
- CVE-2022-21824: Fixed prototype pollution via console.table properties
(bsc#1194514).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-113=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-113=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.9-4.25.1
nodejs12-debuginfo-12.22.9-4.25.1
nodejs12-debugsource-12.22.9-4.25.1
nodejs12-devel-12.22.9-4.25.1
npm12-12.22.9-4.25.1
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.9-4.25.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
htmldoc-1.9.12-bp153.2.9.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://www.suse.com/security/cve/CVE-2022-24191.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
https://bugzilla.suse.com/1198204
1
0
SUSE-SU-2022:1218-1: important: Security update for SDL2
by opensuse-security@opensuse.org 14 Apr '22
by opensuse-security@opensuse.org 14 Apr '22
14 Apr '22
SUSE Security Update: Security update for SDL2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1218-1
Rating: important
References: #1198001
Cross-References: CVE-2021-33657
CVSS scores:
CVE-2021-33657 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-33657 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for SDL2 fixes the following issues:
- CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image
(bsc#1198001).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1218=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1218=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1218=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1218=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1218=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1218=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1218=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1218=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1218=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1218=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1218=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1218=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1218=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1218=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1218=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1218=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- openSUSE Leap 15.4 (x86_64):
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-32bit-2.0.8-150200.11.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- openSUSE Leap 15.3 (x86_64):
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-32bit-2.0.8-150200.11.6.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Manager Proxy 4.1 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
References:
https://www.suse.com/security/cve/CVE-2021-33657.html
https://bugzilla.suse.com/1198001
1
0
openSUSE-SU-2022:0112-1: important: Security update for chromium
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0112-1
Rating: important
References: #1194511 #1194512 #1194513 #1194514 #1197680
#1198053 #1198361
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-1125 CVE-2022-1127 CVE-2022-1128
CVE-2022-1129 CVE-2022-1130 CVE-2022-1131
CVE-2022-1132 CVE-2022-1133 CVE-2022-1134
CVE-2022-1135 CVE-2022-1136 CVE-2022-1137
CVE-2022-1138 CVE-2022-1139 CVE-2022-1141
CVE-2022-1142 CVE-2022-1143 CVE-2022-1144
CVE-2022-1145 CVE-2022-1146 CVE-2022-1232
CVE-2022-1305 CVE-2022-1306 CVE-2022-1307
CVE-2022-1308 CVE-2022-1309 CVE-2022-1310
CVE-2022-1311 CVE-2022-1312 CVE-2022-1313
CVE-2022-1314 CVE-2022-21824
CVSS scores:
CVE-2021-44531 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 35 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Updated to Chromium 100.0.4896.88 (boo#1198361)
- CVE-2022-1305: Use after free in storage
- CVE-2022-1306: Inappropriate implementation in compositing
- CVE-2022-1307: Inappropriate implementation in full screen
- CVE-2022-1308: Use after free in BFCache
- CVE-2022-1309: Insufficient policy enforcement in developer tools
- CVE-2022-1310: Use after free in regular expressions
- CVE-2022-1311: Use after free in Chrome OS shell
- CVE-2022-1312: Use after free in storage
- CVE-2022-1313: Use after free in tab groups
- CVE-2022-1314: Type Confusion in V8
- Various fixes from internal audits, fuzzing and other initiatives
Updated to version 100.0.4896.75:
- CVE-2022-1232: Type Confusion in V8 (boo#1198053)
Update to version 100.0.4896.60 (boo#1197680):
- CVE-2022-1125: Use after free in Portals
- CVE-2022-1127: Use after free in QR Code Generator
- CVE-2022-1128: Inappropriate implementation in Web Share API
- CVE-2022-1129: Inappropriate implementation in Full Screen Mode
- CVE-2022-1130: Insufficient validation of untrusted input in WebOTP
- CVE-2022-1131: Use after free in Cast UI
- CVE-2022-1132: Inappropriate implementation in Virtual Keyboard
- CVE-2022-1133: Use after free in WebRTC
- CVE-2022-1134: Type Confusion in V8
- CVE-2022-1135: Use after free in Shopping Cart
- CVE-2022-1136: Use after free in Tab Strip
- CVE-2022-1137: Inappropriate implementation in Extensions
- CVE-2022-1138: Inappropriate implementation in Web Cursor
- CVE-2022-1139: Inappropriate implementation in Background Fetch API
- CVE-2022-1141: Use after free in File Manager
- CVE-2022-1142: Heap buffer overflow in WebUI
- CVE-2022-1143: Heap buffer overflow in WebUI
- CVE-2022-1144: Use after free in WebUI
- CVE-2022-1145: Use after free in Extensions
- CVE-2022-1146: Inappropriate implementation in Resource Timing
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-112=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-112=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.18.3-15.24.1
nodejs14-debuginfo-14.18.3-15.24.1
nodejs14-debugsource-14.18.3-15.24.1
nodejs14-devel-14.18.3-15.24.1
npm14-14.18.3-15.24.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.18.3-15.24.1
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-100.0.4896.88-bp153.2.82.1
chromedriver-debuginfo-100.0.4896.88-bp153.2.82.1
chromium-100.0.4896.88-bp153.2.82.1
chromium-debuginfo-100.0.4896.88-bp153.2.82.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-1125.html
https://www.suse.com/security/cve/CVE-2022-1127.html
https://www.suse.com/security/cve/CVE-2022-1128.html
https://www.suse.com/security/cve/CVE-2022-1129.html
https://www.suse.com/security/cve/CVE-2022-1130.html
https://www.suse.com/security/cve/CVE-2022-1131.html
https://www.suse.com/security/cve/CVE-2022-1132.html
https://www.suse.com/security/cve/CVE-2022-1133.html
https://www.suse.com/security/cve/CVE-2022-1134.html
https://www.suse.com/security/cve/CVE-2022-1135.html
https://www.suse.com/security/cve/CVE-2022-1136.html
https://www.suse.com/security/cve/CVE-2022-1137.html
https://www.suse.com/security/cve/CVE-2022-1138.html
https://www.suse.com/security/cve/CVE-2022-1139.html
https://www.suse.com/security/cve/CVE-2022-1141.html
https://www.suse.com/security/cve/CVE-2022-1142.html
https://www.suse.com/security/cve/CVE-2022-1143.html
https://www.suse.com/security/cve/CVE-2022-1144.html
https://www.suse.com/security/cve/CVE-2022-1145.html
https://www.suse.com/security/cve/CVE-2022-1146.html
https://www.suse.com/security/cve/CVE-2022-1232.html
https://www.suse.com/security/cve/CVE-2022-1305.html
https://www.suse.com/security/cve/CVE-2022-1306.html
https://www.suse.com/security/cve/CVE-2022-1307.html
https://www.suse.com/security/cve/CVE-2022-1308.html
https://www.suse.com/security/cve/CVE-2022-1309.html
https://www.suse.com/security/cve/CVE-2022-1310.html
https://www.suse.com/security/cve/CVE-2022-1311.html
https://www.suse.com/security/cve/CVE-2022-1312.html
https://www.suse.com/security/cve/CVE-2022-1313.html
https://www.suse.com/security/cve/CVE-2022-1314.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
https://bugzilla.suse.com/1197680
https://bugzilla.suse.com/1198053
https://bugzilla.suse.com/1198361
1
0
SUSE-SU-2022:1183-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1183-1
Rating: important
References: #1065729 #1156395 #1175667 #1177028 #1178134
#1179639 #1180153 #1189562 #1194649 #1195640
#1195926 #1196018 #1196196 #1196478 #1196761
#1196823 #1197227 #1197243 #1197300 #1197302
#1197331 #1197343 #1197366 #1197389 #1197462
#1197501 #1197534 #1197661 #1197675 #1197702
#1197811 #1197812 #1197815 #1197817 #1197819
#1197820 #1197888 #1197889 #1197894 #1197914
#1198027 #1198028 #1198029 #1198030 #1198031
#1198032 #1198033
Cross-References: CVE-2021-45868 CVE-2022-0850 CVE-2022-0854
CVE-2022-1011 CVE-2022-1016 CVE-2022-1048
CVE-2022-1055 CVE-2022-1195 CVE-2022-1198
CVE-2022-1199 CVE-2022-1205 CVE-2022-27666
CVE-2022-28388 CVE-2022-28389 CVE-2022-28390
CVSS scores:
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-0854 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0854 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1011 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1195 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1198 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1199 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1205 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27666 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27666 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 15 vulnerabilities and has 32 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels
DMA subsystem. This flaw allowed a local user to read random memory from
the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow
a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock.
(bsc#1197331)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota
file. (bnc#1197366)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal
user privilege to overwrite kernel heap objects and may cause a local
privilege escalation. (bnc#1197462)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c. (bsc#1196761)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities
that allow an attacker to crash the linux kernel by simulating Amateur
Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free
vulnerabilities that allow an attacker to crash the linux kernel by
simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an
attacker to crash the linux kernel by simulating Amateur Radio
(bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a
local attacker with a user privilege to execute a denial of service.
(bsc#1198029)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other
data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
(git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods
(git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: docs: enumeration: Update UART serial bus resource documentation
(git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more
references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
(git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
(git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
(git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put
(git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
(git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
(git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in
msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in
rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
(bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device
(bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records
(git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the
log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log
(bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs
(bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log
(bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink
(bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode
(bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists
(bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged
(bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging
inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes
(bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit
(bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync
(bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged()
(bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans
(bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir
entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log
(bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode
(bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device
when fully ready (git-fixes).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
(git-fixes).
- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in
timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail
(git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations
(git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
(git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
(git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages
(bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
(git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq
function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe
(git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops
(git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
(git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling
(git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector
(git-fixes).
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer
(git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type
(bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data
(git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available
(git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across
encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert "media: em28xx: add missing em28xx_close_extension"
(git-fixes).
- media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm: add vma_lookup(), update find_vma_intersection() comments
(git-fixes).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no
managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
(git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
(git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend
functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
(bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable
(git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state
(bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir
(git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking
(git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
(git-fixes).
- pinctrl: mediatek: paris: Fix "argument" argument type for
mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
(git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
(git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
(bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/pseries: Fix use after free in remove_phb_dynamic()
(bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty
(bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before
pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
(git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in
__gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set
(bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations
(git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling
functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte()
(git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675
bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download
(bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
(bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped()
(bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure
(bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test
(bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing
(bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device
(git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags
(git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing
(git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m ->
VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of
'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists
(git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
(git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response()
(git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
(git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature
(bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency
across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
(bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1183=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1183=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1183=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1183=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1183=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1183=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-default-optional-5.3.18-150300.59.63.1
kernel-default-optional-debuginfo-5.3.18-150300.59.63.1
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-obs-qa-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
kselftests-kmp-default-5.3.18-150300.59.63.1
kselftests-kmp-default-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-150300.59.63.1
kernel-debug-debuginfo-5.3.18-150300.59.63.1
kernel-debug-debugsource-5.3.18-150300.59.63.1
kernel-debug-devel-5.3.18-150300.59.63.1
kernel-debug-devel-debuginfo-5.3.18-150300.59.63.1
kernel-debug-livepatch-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-5.3.18-150300.59.63.1
kernel-kvmsmall-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-debugsource-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-150300.59.63.1
cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-64kb-5.3.18-150300.59.63.1
dlm-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dtb-al-5.3.18-150300.59.63.1
dtb-allwinner-5.3.18-150300.59.63.1
dtb-altera-5.3.18-150300.59.63.1
dtb-amd-5.3.18-150300.59.63.1
dtb-amlogic-5.3.18-150300.59.63.1
dtb-apm-5.3.18-150300.59.63.1
dtb-arm-5.3.18-150300.59.63.1
dtb-broadcom-5.3.18-150300.59.63.1
dtb-cavium-5.3.18-150300.59.63.1
dtb-exynos-5.3.18-150300.59.63.1
dtb-freescale-5.3.18-150300.59.63.1
dtb-hisilicon-5.3.18-150300.59.63.1
dtb-lg-5.3.18-150300.59.63.1
dtb-marvell-5.3.18-150300.59.63.1
dtb-mediatek-5.3.18-150300.59.63.1
dtb-nvidia-5.3.18-150300.59.63.1
dtb-qcom-5.3.18-150300.59.63.1
dtb-renesas-5.3.18-150300.59.63.1
dtb-rockchip-5.3.18-150300.59.63.1
dtb-socionext-5.3.18-150300.59.63.1
dtb-sprd-5.3.18-150300.59.63.1
dtb-xilinx-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
gfs2-kmp-64kb-5.3.18-150300.59.63.1
gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-extra-5.3.18-150300.59.63.1
kernel-64kb-extra-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1
kernel-64kb-optional-5.3.18-150300.59.63.1
kernel-64kb-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-64kb-5.3.18-150300.59.63.1
kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-docs-5.3.18-150300.59.63.1
kernel-docs-html-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
kernel-source-vanilla-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
kernel-docs-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
References:
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-0854.html
https://www.suse.com/security/cve/CVE-2022-1011.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-1055.html
https://www.suse.com/security/cve/CVE-2022-1195.html
https://www.suse.com/security/cve/CVE-2022-1198.html
https://www.suse.com/security/cve/CVE-2022-1199.html
https://www.suse.com/security/cve/CVE-2022-1205.html
https://www.suse.com/security/cve/CVE-2022-27666.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1175667
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1179639
https://bugzilla.suse.com/1180153
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1194649
https://bugzilla.suse.com/1195640
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196196
https://bugzilla.suse.com/1196478
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196823
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197243
https://bugzilla.suse.com/1197300
https://bugzilla.suse.com/1197302
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197389
https://bugzilla.suse.com/1197462
https://bugzilla.suse.com/1197501
https://bugzilla.suse.com/1197534
https://bugzilla.suse.com/1197661
https://bugzilla.suse.com/1197675
https://bugzilla.suse.com/1197702
https://bugzilla.suse.com/1197811
https://bugzilla.suse.com/1197812
https://bugzilla.suse.com/1197815
https://bugzilla.suse.com/1197817
https://bugzilla.suse.com/1197819
https://bugzilla.suse.com/1197820
https://bugzilla.suse.com/1197888
https://bugzilla.suse.com/1197889
https://bugzilla.suse.com/1197894
https://bugzilla.suse.com/1197914
https://bugzilla.suse.com/1198027
https://bugzilla.suse.com/1198028
https://bugzilla.suse.com/1198029
https://bugzilla.suse.com/1198030
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
1
0
SUSE-SU-2022:1176-1: important: Security update for MozillaThunderbird
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1176-1
Rating: important
References: #1197903
Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-1197
CVE-2022-24713 CVE-2022-28281 CVE-2022-28282
CVE-2022-28285 CVE-2022-28286 CVE-2022-28289
CVSS scores:
CVE-2022-1097 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1196 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-1197 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-28281 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-28282 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-28285 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-28286 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-28289 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
- Updated to version 91.8 (bsc#1197903):
- CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects.
- CVE-2022-28281: Fixed a memory corruption issue due to unexpected
WebAuthN Extensions.
- CVE-2022-1197: Fixed an issue where OpenPGP revocation information was
ignored.
- CVE-2022-1196: Fixed a memory corruption issue after VR process
destruction.
- CVE-2022-28282: Fixed a memory corruption issue in document
translation.
- CVE-2022-28285: Fixed a memory corruption issue in JIT code generation.
- CVE-2022-28286: Fixed an iframe layout issue that could have been
exploited to stage spoofing attacks.
- CVE-2022-24713: Fixed a potential denial of service via complex
regular expressions.
- CVE-2022-28289: Fixed multiple memory corruption issues.
Non-security fixes:
- Changed Google accounts using password authentication to use OAuth2.
- Fixed an issue where OpenPGP ECC keys created by Thunderbird could not
be imported into GnuPG.
- Fixed an issue where exporting multiple public PGP keys from Thunderbird
was not possible.
- Fixed an issue where replying to a newsgroup message erroneously
displayed a "No-reply" popup warning.
- Fixed an issue with opening older address books.
- Fixed an issue where LDAP directories would be lost when switching to
"Offline" mode.
- Fixed an issue when importing webcals.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1176=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1176=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1176=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1176=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1176=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1176=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
References:
https://www.suse.com/security/cve/CVE-2022-1097.html
https://www.suse.com/security/cve/CVE-2022-1196.html
https://www.suse.com/security/cve/CVE-2022-1197.html
https://www.suse.com/security/cve/CVE-2022-24713.html
https://www.suse.com/security/cve/CVE-2022-28281.html
https://www.suse.com/security/cve/CVE-2022-28282.html
https://www.suse.com/security/cve/CVE-2022-28285.html
https://www.suse.com/security/cve/CVE-2022-28286.html
https://www.suse.com/security/cve/CVE-2022-28289.html
https://bugzilla.suse.com/1197903
1
0
SUSE-SU-2022:1167-1: important: Security update for go1.17
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1167-1
Rating: important
References: #1183043 #1190649 #1196732
Cross-References: CVE-2022-24921
CVSS scores:
CVE-2022-24921 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24921 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for go1.17 fixes the following issues:
Update to version 1.17.8 (bsc#1190649):
- CVE-2022-24921: Fixed a potential denial of service via large regular
expressions (bsc#1196732).
Non-security fixes:
- Fixed an issue with v2 modules (go#51332).
- Fixed an issue when building source in riscv64 (go#51199).
- Increased compatibility for the DNS protocol in the net module
(go#51162).
- Fixed an issue with histograms in the runtime/metrics module
(go#50734).
- Fixed an issue when parsing x509 certificates (go#51000).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1167=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1167=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1167=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1167=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1167=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1167=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1167=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1167=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1167=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1167=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1167=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1167=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1167=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1167=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Manager Server 4.1 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Proxy 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
References:
https://www.suse.com/security/cve/CVE-2022-24921.html
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1190649
https://bugzilla.suse.com/1196732
1
0
SUSE-SU-2022:1164-1: important: Security update for go1.16
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for go1.16
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1164-1
Rating: important
References: #1182345 #1183043 #1196732
Cross-References: CVE-2022-24921
CVSS scores:
CVE-2022-24921 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24921 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for go1.16 fixes the following issues:
Update to version 1.16.15 (bsc#1182345):
- CVE-2022-24921: Fixed a potential denial of service via large regular
expressions (bsc#1196732).
Non-security fixes:
- Fixed an issue with v2 modules (go#51331).
- Fixed an issue when building source in riscv64 (go#51198).
- Increased compatibility for the DNS protocol in the net module
(go#51161).
- Fixed an issue with histograms in the runtime/metrics module
(go#50733).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1164=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1164=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1164=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1164=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1164=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1164=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1164=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1164=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1164=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1164=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1164=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1164=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1164=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Manager Server 4.1 (x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Manager Proxy 4.1 (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
References:
https://www.suse.com/security/cve/CVE-2022-24921.html
https://bugzilla.suse.com/1182345
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1196732
1
0
SUSE-SU-2022:1157-1: important: Security update for libsolv, libzypp, zypper
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for libsolv, libzypp, zypper
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1157-1
Rating: important
References: #1184501 #1194848 #1195999 #1196061 #1196317
#1196368 #1196514 #1196925 #1197134
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP2
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Installer 15-SP2
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for libsolv, libzypp, zypper fixes the following issues:
Security relevant fix:
- Harden package signature checks (bsc#1184501).
libsolv update to 0.7.22:
- reworked choice rule generation to cover more usecases
- support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514)
- support parsing of Debian's Multi-Arch indicator
- fix segfault on conflict resolution when using bindings
- fix split provides not working if the update includes a forbidden vendor
change
- support strict repository priorities new solver flag:
SOLVER_FLAG_STRICT_REPO_PRIORITY
- support zstd compressed control files in debian packages
- add an ifdef allowing to rename Solvable dependency members ("requires"
is a keyword in C++20)
- support setting/reading userdata in solv files new functions:
repowriter_set_userdata, solv_read_userdata
- support queying of the custom vendor check function new function:
pool_get_custom_vendorcheck
- support solv files with an idarray block
- allow accessing the toolversion at runtime
libzypp update to 17.30.0:
- ZConfig: Update solver settings if target changes (bsc#1196368)
- Fix possible hang in singletrans mode (bsc#1197134)
- Do 2 retries if mount is still busy.
- Fix package signature check (bsc#1184501) Pay attention that header and
payload are secured by a valid signature and report more detailed which
signature is missing.
- Retry umount if device is busy (bsc#1196061, closes #381) A previously
released ISO image may need a bit more time to release it's loop device.
So we wait a bit and retry.
- Fix serializing/deserializing type mismatch in zypp-rpm protocol
(bsc#1196925)
- Fix handling of ISO media in releaseAll (bsc#1196061)
- Hint on common ptf resolver conflicts (bsc#1194848)
- Hint on ptf<>patch resolver conflicts (bsc#1194848)
zypper update to 1.14.52:
- info: print the packages upstream URL if available (fixes #426)
- info: Fix SEGV with not installed PTFs (bsc#1196317)
- Don't prevent less restrictive umasks (bsc#1195999)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1157=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1157=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1157=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1157=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1157=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1157=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1157=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1157=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1157=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1157=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1157=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1157=1
- SUSE Linux Enterprise Installer 15-SP2:
zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2022-1157=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1157=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1157=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1157=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-demo-0.7.22-150200.12.1
libsolv-demo-debuginfo-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
libzypp-devel-doc-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python-solv-0.7.22-150200.12.1
python-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- openSUSE Leap 15.3 (noarch):
zypper-aptitude-1.14.52-150200.30.2
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Manager Server 4.1 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Manager Retail Branch Server 4.1 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Manager Proxy 4.1 (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Manager Proxy 4.1 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.1 (noarch):
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.0 (noarch):
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Installer 15-SP2 (aarch64 ppc64le s390x x86_64):
libsolv-tools-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Enterprise Storage 7 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
References:
https://bugzilla.suse.com/1184501
https://bugzilla.suse.com/1194848
https://bugzilla.suse.com/1195999
https://bugzilla.suse.com/1196061
https://bugzilla.suse.com/1196317
https://bugzilla.suse.com/1196368
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196925
https://bugzilla.suse.com/1197134
1
0
SUSE-SU-2022:1163-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1163-1
Rating: important
References: #1065729 #1156395 #1175667 #1177028 #1178134
#1179639 #1180153 #1189562 #1194589 #1194625
#1194649 #1194943 #1195051 #1195353 #1195640
#1195926 #1196018 #1196130 #1196196 #1196478
#1196488 #1196761 #1196823 #1196956 #1197227
#1197243 #1197245 #1197300 #1197302 #1197331
#1197343 #1197366 #1197389 #1197460 #1197462
#1197501 #1197534 #1197661 #1197675 #1197677
#1197702 #1197811 #1197812 #1197815 #1197817
#1197819 #1197820 #1197888 #1197889 #1197894
#1198027 #1198028 #1198029 #1198030 #1198031
#1198032 #1198033 #1198077
Cross-References: CVE-2021-39698 CVE-2021-45402 CVE-2021-45868
CVE-2022-0850 CVE-2022-0854 CVE-2022-1011
CVE-2022-1016 CVE-2022-1048 CVE-2022-1055
CVE-2022-1195 CVE-2022-1198 CVE-2022-1199
CVE-2022-1205 CVE-2022-23036 CVE-2022-23037
CVE-2022-23038 CVE-2022-23039 CVE-2022-23040
CVE-2022-23041 CVE-2022-23042 CVE-2022-27223
CVE-2022-27666 CVE-2022-28388 CVE-2022-28389
CVE-2022-28390
CVSS scores:
CVE-2021-39698 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-39698 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45402 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-45402 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-0854 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0854 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1011 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1195 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1198 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1199 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1205 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-27223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27223 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-27666 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27666 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 25 vulnerabilities and has 33 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels
DMA subsystem. This flaw allowed a local user to read random memory from
the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities
that allow an attacker to crash the linux kernel by simulating Amateur
Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free
vulnerabilities that allow an attacker to crash the linux kernel by
simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an
attacker to crash the linux kernel by simulating Amateur Radio
(bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a
local attacker with a user privilege to execute a denial of service.
(bsc#1198029)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock.
(bsc#1197331)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow
a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c. (bsc#1196761)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal
user privilege to overwrite kernel heap objects and may cause a local
privilege escalation. (bnc#1197462)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota
file. (bnc#1197366)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other
data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
- CVE-2022-27223: Fixed an out-of-array access in
/usb/gadget/udc/udc-xilinx.c. (bsc#1197245)
- CVE-2021-39698: Fixed a possible memory corruption due to a use after
free in aio_poll_complete_work. This could lead to local escalation of
privilege with no additional execution privileges needed. (bsc#1196956)
- CVE-2021-45402: Fixed a pointer leak in check_alu_op() of
kernel/bpf/verifier.c. (bsc#1196130).
-
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
lead to read/write access to memory pages or denial of service. These
issues are related to the Xen PV device frontend drivers. (bsc#1196488)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
(git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods
(git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more
references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
(git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
(git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
(git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put
(git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
(git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
(git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in
msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in
rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
(bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device
(bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records
(git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the
log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log
(bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs
(bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log
(bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink
(bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode
(bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists
(bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged
(bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging
inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes
(bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit
(bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync
(bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged()
(bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans
(bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir
entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log
(bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode
(bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device
when fully ready (git-fixes).
- cifs: do not skip link targets when an I/O fails (bsc#1194625).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in
timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail
(git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations
(git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
(git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
(git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages
(bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
(git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq
function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe
(git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops
(git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
(git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling
(git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector
(git-fixes).
- Drop HID multitouch fix patch (bsc#1197243),
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- EDAC: Fix calculation of returned address and next offset in
edac_align_ptr() (bsc#1178134).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer
(git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).
- gpio: ts4900: Do not set DAT and OE together (git-fixes).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds
(git-fixes).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type
(bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data
(git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available
(git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- kernel-binary.spec: Do not use the default certificate path
(bsc#1194943).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across
encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert "media: em28xx: add missing em28xx_close_extension"
(git-fixes).
- media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no
managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
(git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
(git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: DP83822: clear MISR2 register to disable interrupts
(git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend
functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
(bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable
(git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state
(bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir
(git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking
(git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
- NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
(git-fixes).
- pinctrl: mediatek: paris: Fix "argument" argument type for
mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
(git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
(git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
(bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/perf: Expose Performance Monitor Counter SPR's as part of
extended regs (bsc#1198077 ltc#197299).
- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct
(bsc#1198077 ltc#197299).
- powerpc/pseries: Fix use after free in remove_phb_dynamic()
(bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty
(bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before
pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
(git-fixes).
- Revert "build initrd without systemd" (bsc#1197300).
- Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" (bsc#1197243).
- Revert "module, async: async_synchronize_full() on module init iff async
is used" (bsc#1197888).
- Revert "Revert "build initrd without systemd" (bsc#1197300)"
- Revert "usb: dwc3: gadget: Use list_replace_init() before traversing
lists" (git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in
__gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set
(bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations
(git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling
functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte()
(git-fixes).
- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677
LTC#197378).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675
bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download
(bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
(bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped()
(bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure
(bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test
(bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing
(bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device
(git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags
(git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing
(git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- team: protect features update by RCU to avoid deadlock (git-fixes).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m ->
VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of
'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).
- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).
- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists
(git-fixes).
- usb: dwc3: meson-g12a: Disable the regulator in the error handling path
of the probe (git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
(git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response()
(git-fixes).
- usb: host: xen-hcd: add missing unlock in error path (git-fixes).
- usb: hub: Fix locking issues with address0_mutex (git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
(git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature
(bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency
across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
(bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
(bsc#1196488, XSA-396).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1163=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1163=1
Package List:
- openSUSE Leap 15.3 (noarch):
kernel-devel-azure-5.3.18-150300.38.53.1
kernel-source-azure-5.3.18-150300.38.53.1
- openSUSE Leap 15.3 (x86_64):
cluster-md-kmp-azure-5.3.18-150300.38.53.1
cluster-md-kmp-azure-debuginfo-5.3.18-150300.38.53.1
dlm-kmp-azure-5.3.18-150300.38.53.1
dlm-kmp-azure-debuginfo-5.3.18-150300.38.53.1
gfs2-kmp-azure-5.3.18-150300.38.53.1
gfs2-kmp-azure-debuginfo-5.3.18-150300.38.53.1
kernel-azure-5.3.18-150300.38.53.1
kernel-azure-debuginfo-5.3.18-150300.38.53.1
kernel-azure-debugsource-5.3.18-150300.38.53.1
kernel-azure-devel-5.3.18-150300.38.53.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.53.1
kernel-azure-extra-5.3.18-150300.38.53.1
kernel-azure-extra-debuginfo-5.3.18-150300.38.53.1
kernel-azure-livepatch-devel-5.3.18-150300.38.53.1
kernel-azure-optional-5.3.18-150300.38.53.1
kernel-azure-optional-debuginfo-5.3.18-150300.38.53.1
kernel-syms-azure-5.3.18-150300.38.53.1
kselftests-kmp-azure-5.3.18-150300.38.53.1
kselftests-kmp-azure-debuginfo-5.3.18-150300.38.53.1
ocfs2-kmp-azure-5.3.18-150300.38.53.1
ocfs2-kmp-azure-debuginfo-5.3.18-150300.38.53.1
reiserfs-kmp-azure-5.3.18-150300.38.53.1
reiserfs-kmp-azure-debuginfo-5.3.18-150300.38.53.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
kernel-devel-azure-5.3.18-150300.38.53.1
kernel-source-azure-5.3.18-150300.38.53.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (x86_64):
kernel-azure-5.3.18-150300.38.53.1
kernel-azure-debuginfo-5.3.18-150300.38.53.1
kernel-azure-debugsource-5.3.18-150300.38.53.1
kernel-azure-devel-5.3.18-150300.38.53.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.53.1
kernel-syms-azure-5.3.18-150300.38.53.1
References:
https://www.suse.com/security/cve/CVE-2021-39698.html
https://www.suse.com/security/cve/CVE-2021-45402.html
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-0854.html
https://www.suse.com/security/cve/CVE-2022-1011.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-1055.html
https://www.suse.com/security/cve/CVE-2022-1195.html
https://www.suse.com/security/cve/CVE-2022-1198.html
https://www.suse.com/security/cve/CVE-2022-1199.html
https://www.suse.com/security/cve/CVE-2022-1205.html
https://www.suse.com/security/cve/CVE-2022-23036.html
https://www.suse.com/security/cve/CVE-2022-23037.html
https://www.suse.com/security/cve/CVE-2022-23038.html
https://www.suse.com/security/cve/CVE-2022-23039.html
https://www.suse.com/security/cve/CVE-2022-23040.html
https://www.suse.com/security/cve/CVE-2022-23041.html
https://www.suse.com/security/cve/CVE-2022-23042.html
https://www.suse.com/security/cve/CVE-2022-27223.html
https://www.suse.com/security/cve/CVE-2022-27666.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1175667
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1179639
https://bugzilla.suse.com/1180153
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1194589
https://bugzilla.suse.com/1194625
https://bugzilla.suse.com/1194649
https://bugzilla.suse.com/1194943
https://bugzilla.suse.com/1195051
https://bugzilla.suse.com/1195353
https://bugzilla.suse.com/1195640
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196130
https://bugzilla.suse.com/1196196
https://bugzilla.suse.com/1196478
https://bugzilla.suse.com/1196488
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196823
https://bugzilla.suse.com/1196956
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197243
https://bugzilla.suse.com/1197245
https://bugzilla.suse.com/1197300
https://bugzilla.suse.com/1197302
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197389
https://bugzilla.suse.com/1197460
https://bugzilla.suse.com/1197462
https://bugzilla.suse.com/1197501
https://bugzilla.suse.com/1197534
https://bugzilla.suse.com/1197661
https://bugzilla.suse.com/1197675
https://bugzilla.suse.com/1197677
https://bugzilla.suse.com/1197702
https://bugzilla.suse.com/1197811
https://bugzilla.suse.com/1197812
https://bugzilla.suse.com/1197815
https://bugzilla.suse.com/1197817
https://bugzilla.suse.com/1197819
https://bugzilla.suse.com/1197820
https://bugzilla.suse.com/1197888
https://bugzilla.suse.com/1197889
https://bugzilla.suse.com/1197894
https://bugzilla.suse.com/1198027
https://bugzilla.suse.com/1198028
https://bugzilla.suse.com/1198029
https://bugzilla.suse.com/1198030
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
https://bugzilla.suse.com/1198077
1
0
12 Apr '22
SUSE Security Update: Security update for xz
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1158-1
Rating: important
References: #1198062
Cross-References: CVE-2022-1271
CVSS scores:
CVE-2022-1271 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xz fixes the following issues:
- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames
(ZDI-CAN-16587). (bsc#1198062)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1158=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1158=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1158=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1158=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1158=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1158=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1158=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1158=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1158=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1158=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1158=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1158=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1158=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1158=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1158=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1158=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1158=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1158=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1158=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1158=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1158=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- openSUSE Leap 15.4 (noarch):
xz-lang-5.2.3-150000.4.7.1
- openSUSE Leap 15.4 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
xz-devel-32bit-5.2.3-150000.4.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- openSUSE Leap 15.3 (noarch):
xz-lang-5.2.3-150000.4.7.1
- openSUSE Leap 15.3 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
xz-devel-32bit-5.2.3-150000.4.7.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Manager Server 4.1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Manager Server 4.1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Manager Proxy 4.1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Manager Proxy 4.1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 7 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 7 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 6 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 6 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE CaaS Platform 4.0 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE CaaS Platform 4.0 (noarch):
xz-lang-5.2.3-150000.4.7.1
References:
https://www.suse.com/security/cve/CVE-2022-1271.html
https://bugzilla.suse.com/1198062
1
0
SUSE-SU-2022:1162-1: important: Security update for subversion
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for subversion
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1162-1
Rating: important
References: #1197939 #1197940
Cross-References: CVE-2021-28544 CVE-2022-24070
CVSS scores:
CVE-2021-28544 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-24070 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for subversion fixes the following issues:
- CVE-2022-24070: Fixed a memory corruption issue in mod_dav_svn as used
by Apache HTTP server. This could be exploited by a remote attacker to
cause a denial of service (bsc#1197940).
- CVE-2021-28544: Fixed an information leak issue where Subversion servers
may reveal the original path of files protected by path-based
authorization (bsc#1197939).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1162=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1162=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1162=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1162=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1162=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
subversion-python-ctypes-1.10.6-150300.10.8.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsvn_auth_gnome_keyring-1-0-1.10.6-150300.10.8.1
libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-150300.10.8.1
libsvn_auth_kwallet-1-0-1.10.6-150300.10.8.1
libsvn_auth_kwallet-1-0-debuginfo-1.10.6-150300.10.8.1
subversion-1.10.6-150300.10.8.1
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-devel-1.10.6-150300.10.8.1
subversion-perl-1.10.6-150300.10.8.1
subversion-perl-debuginfo-1.10.6-150300.10.8.1
subversion-python-1.10.6-150300.10.8.1
subversion-python-ctypes-1.10.6-150300.10.8.1
subversion-python-debuginfo-1.10.6-150300.10.8.1
subversion-ruby-1.10.6-150300.10.8.1
subversion-ruby-debuginfo-1.10.6-150300.10.8.1
subversion-server-1.10.6-150300.10.8.1
subversion-server-debuginfo-1.10.6-150300.10.8.1
subversion-tools-1.10.6-150300.10.8.1
subversion-tools-debuginfo-1.10.6-150300.10.8.1
- openSUSE Leap 15.3 (noarch):
subversion-bash-completion-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-server-1.10.6-150300.10.8.1
subversion-server-debuginfo-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-perl-1.10.6-150300.10.8.1
subversion-perl-debuginfo-1.10.6-150300.10.8.1
subversion-python-1.10.6-150300.10.8.1
subversion-python-debuginfo-1.10.6-150300.10.8.1
subversion-tools-1.10.6-150300.10.8.1
subversion-tools-debuginfo-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
subversion-bash-completion-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
subversion-1.10.6-150300.10.8.1
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-devel-1.10.6-150300.10.8.1
References:
https://www.suse.com/security/cve/CVE-2021-28544.html
https://www.suse.com/security/cve/CVE-2022-24070.html
https://bugzilla.suse.com/1197939
https://bugzilla.suse.com/1197940
1
0
Hi folks,
openSUSE Leap 15.3 and newer updates can come from 2 seperate
buildservice instances, the internal buildservice (IBS)
building the SLES parts, and open buildservice (OBS)
building the openSUSE parts of Leap.
Up to now I had some logic that updates released from both
use "openSUSE-SU/openSUSE-RU" advisory prefixes.
This worked OK in 2021, but in 2022 the ID space has started
overlapping and it happened multiple times that updates shared
the same id.
Starting today the IBS released updates for openSUSE Leap
will be labeled with SUSE prefix, e.g. "SUSE-SU/SUSE-RU",
while the openSUSE ones will still be "openSUSE-" prefixed.
E.g. check opensc update has now the id "SUSE-SU-2022:1156-1"
and contains as products both the SUSE Linux Enterprise and
the openSUSE products:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.o…
Ciao, Marcus
1
0
SUSE-SU-2022:1156-1: important: Security update for opensc
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for opensc
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1156-1
Rating: important
References: #1114649 #1191957 #1191992 #1192000 #1192005
Cross-References: CVE-2021-42779 CVE-2021-42780 CVE-2021-42781
CVE-2021-42782
CVSS scores:
CVE-2021-42779 (SUSE): 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42780 (SUSE): 2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-42781 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2021-42782 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves four vulnerabilities and has one
errata is now available.
Description:
This update for opensc fixes the following issues:
Security issues fixed:
- CVE-2021-42782: Stack buffer overflow issues in various places
(bsc#1191957).
- CVE-2021-42781: Fixed multiple heap buffer overflows in
pkcs15-oberthur.c (bsc#1192000).
- CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005).
- CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992).
Non-security issues fixed:
- Fixes segmentation fault in 'pkcs11-tool.c'. (bsc#1114649)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1156=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1156=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1156=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1156=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1156=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1156=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1156=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1156=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1156=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1156=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- openSUSE Leap 15.3 (x86_64):
opensc-32bit-0.19.0-150100.3.16.1
opensc-32bit-debuginfo-0.19.0-150100.3.16.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
- SUSE CaaS Platform 4.0 (x86_64):
opensc-0.19.0-150100.3.16.1
opensc-debuginfo-0.19.0-150100.3.16.1
opensc-debugsource-0.19.0-150100.3.16.1
References:
https://www.suse.com/security/cve/CVE-2021-42779.html
https://www.suse.com/security/cve/CVE-2021-42780.html
https://www.suse.com/security/cve/CVE-2021-42781.html
https://www.suse.com/security/cve/CVE-2021-42782.html
https://bugzilla.suse.com/1114649
https://bugzilla.suse.com/1191957
https://bugzilla.suse.com/1191992
https://bugzilla.suse.com/1192000
https://bugzilla.suse.com/1192005
1
0
openSUSE-SU-2022:0110-1: important: Security update for opera
by opensuse-security@opensuse.org 08 Apr '22
by opensuse-security@opensuse.org 08 Apr '22
08 Apr '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0110-1
Rating: important
References:
Cross-References: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508
CVE-2021-30509 CVE-2021-30510 CVE-2021-30511
CVE-2021-30512 CVE-2021-30513 CVE-2021-30514
CVE-2021-30515 CVE-2021-30516 CVE-2021-30517
CVE-2021-30518 CVE-2021-30519 CVE-2021-30520
CVE-2021-30541 CVE-2021-30544 CVE-2021-30545
CVE-2021-30546 CVE-2021-30547 CVE-2021-30548
CVE-2021-30549 CVE-2021-30550 CVE-2021-30551
CVE-2021-30552 CVE-2021-30553 CVE-2021-30554
CVE-2021-30555 CVE-2021-30556 CVE-2021-30557
CVE-2021-30560 CVE-2021-30561 CVE-2021-30562
CVE-2021-30563 CVE-2021-30564 CVE-2021-30590
CVE-2021-30591 CVE-2021-30592 CVE-2021-30593
CVE-2021-30594 CVE-2021-30596 CVE-2021-30597
CVE-2021-30598 CVE-2021-30599 CVE-2021-30600
CVE-2021-30601 CVE-2021-30602 CVE-2021-30603
CVE-2021-30604 CVE-2021-30606 CVE-2021-30607
CVE-2021-30608 CVE-2021-30609 CVE-2021-30610
CVE-2021-30611 CVE-2021-30612 CVE-2021-30613
CVE-2021-30614 CVE-2021-30615 CVE-2021-30616
CVE-2021-30617 CVE-2021-30618 CVE-2021-30619
CVE-2021-30620 CVE-2021-30621 CVE-2021-30622
CVE-2021-30623 CVE-2021-30624 CVE-2021-30625
CVE-2021-30626 CVE-2021-30627 CVE-2021-30628
CVE-2021-30629 CVE-2021-30630 CVE-2021-30631
CVE-2021-30632 CVE-2021-30633 CVE-2021-37974
CVE-2021-37975 CVE-2021-37976 CVE-2021-37977
CVE-2021-37978 CVE-2021-37979 CVE-2021-37980
CVE-2021-37981 CVE-2021-37982 CVE-2021-37983
CVE-2021-37984 CVE-2021-37985 CVE-2021-37986
CVE-2021-37987 CVE-2021-37988 CVE-2021-37989
CVE-2021-37990 CVE-2021-37991 CVE-2021-37992
CVE-2021-37993 CVE-2021-37994 CVE-2021-37995
CVE-2021-37996 CVE-2021-37997 CVE-2021-37998
CVE-2021-37999 CVE-2021-38001 CVE-2021-38002
CVE-2021-38003 CVE-2021-38004 CVE-2021-38005
CVE-2021-38006 CVE-2021-38007 CVE-2021-38008
CVE-2021-38009 CVE-2021-38010 CVE-2021-38011
CVE-2021-38012 CVE-2021-38013 CVE-2021-38014
CVE-2021-38015 CVE-2021-38016 CVE-2021-38017
CVE-2021-38019 CVE-2021-38020 CVE-2021-38021
CVE-2021-38022 CVE-2021-4052 CVE-2021-4053
CVE-2021-4054 CVE-2021-4055 CVE-2021-4056
CVE-2021-4057 CVE-2021-4058 CVE-2021-4059
CVE-2021-4061 CVE-2021-4062 CVE-2021-4063
CVE-2021-4064 CVE-2021-4065 CVE-2021-4066
CVE-2021-4067 CVE-2021-4068 CVE-2021-4078
CVE-2021-4079 CVE-2021-4098 CVE-2021-4099
CVE-2021-4100 CVE-2021-4101 CVE-2021-4102
CVE-2022-0096 CVE-2022-0097 CVE-2022-0098
CVE-2022-0099 CVE-2022-0100 CVE-2022-0101
CVE-2022-0102 CVE-2022-0103 CVE-2022-0104
CVE-2022-0105 CVE-2022-0106 CVE-2022-0107
CVE-2022-0108 CVE-2022-0109 CVE-2022-0110
CVE-2022-0111 CVE-2022-0112 CVE-2022-0113
CVE-2022-0114 CVE-2022-0115 CVE-2022-0116
CVE-2022-0117 CVE-2022-0118 CVE-2022-0120
CVE-2022-0289 CVE-2022-0290 CVE-2022-0291
CVE-2022-0292 CVE-2022-0293 CVE-2022-0294
CVE-2022-0295 CVE-2022-0296 CVE-2022-0297
CVE-2022-0298 CVE-2022-0300 CVE-2022-0301
CVE-2022-0302 CVE-2022-0304 CVE-2022-0305
CVE-2022-0306 CVE-2022-0307 CVE-2022-0308
CVE-2022-0309 CVE-2022-0310 CVE-2022-0311
CVE-2022-0452 CVE-2022-0453 CVE-2022-0454
CVE-2022-0455 CVE-2022-0456 CVE-2022-0457
CVE-2022-0458 CVE-2022-0459 CVE-2022-0460
CVE-2022-0461 CVE-2022-0462 CVE-2022-0463
CVE-2022-0464 CVE-2022-0465 CVE-2022-0466
CVE-2022-0467 CVE-2022-0468 CVE-2022-0469
CVE-2022-0470 CVE-2022-0603 CVE-2022-0604
CVE-2022-0605 CVE-2022-0606 CVE-2022-0607
CVE-2022-0608 CVE-2022-0609 CVE-2022-0610
CVE-2022-0789 CVE-2022-0790 CVE-2022-0791
CVE-2022-0792 CVE-2022-0793 CVE-2022-0794
CVE-2022-0795 CVE-2022-0796 CVE-2022-0797
CVE-2022-0798 CVE-2022-0799 CVE-2022-0800
CVE-2022-0801 CVE-2022-0802 CVE-2022-0803
CVE-2022-0804 CVE-2022-0805 CVE-2022-0806
CVE-2022-0807 CVE-2022-0808 CVE-2022-0809
CVE-2022-1096
CVSS scores:
CVE-2021-30506 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30507 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30508 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30509 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30510 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30511 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2021-30512 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30513 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30514 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30515 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30516 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30517 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30518 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30519 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30520 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30544 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30545 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30545 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30546 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30546 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30547 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30547 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30548 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30548 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30549 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30549 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30550 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30550 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30551 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30551 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30552 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30553 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30553 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30554 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30555 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30556 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30557 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30625 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30626 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30627 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30628 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30629 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30630 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-30632 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-30633 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2021-37974 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37975 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37976 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-37977 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37978 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37979 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37980 (NVD) : 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
CVE-2021-37981 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2021-37982 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37983 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37984 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37985 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37986 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37987 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37988 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37989 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-37990 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-37991 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37992 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37993 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37994 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-37995 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-37996 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-37997 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37998 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-37999 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2021-38001 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38002 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2021-38003 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38004 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-38005 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38006 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38007 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38008 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38009 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-38010 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-38011 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38012 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38013 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2021-38014 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38015 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38016 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38017 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-38019 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-38020 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2021-38021 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-38022 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-4052 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4053 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4054 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-4055 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4056 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4057 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4058 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4059 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-4061 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4062 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4063 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4064 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4065 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4066 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4067 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4068 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2021-4078 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4079 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4098 (NVD) : 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
CVE-2021-4099 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4100 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4101 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-4102 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0096 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0097 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2022-0098 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0099 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0100 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0101 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0102 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0103 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0104 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0105 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0106 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0107 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0108 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0109 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0110 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-0111 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-0112 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-0113 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0114 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2022-0115 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0116 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-0117 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0118 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-0120 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0289 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0290 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2022-0291 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0292 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-0293 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0294 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-0295 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0296 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0297 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0298 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0300 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0301 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0302 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0304 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0305 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-0306 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0307 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0308 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0309 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-0310 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0311 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.4:NonFree
______________________________________________________________________________
An update that fixes 241 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Update to 85.0.4341.28
- CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84
- DNA-98092 Crash at views::MenuItemView::GetMenuController()
- DNA-98278 Translations for O85
- DNA-98320 [Mac] Unable to delete recent search entries
- DNA-98614 Show recent searches for non-BABE users
- DNA-98615 Allow removal of recent searches
- DNA-98616 Add recent searches to ���old��� BABE
- DNA-98617 Make it possible to disable ad-blocker per-country
- DNA-98651 Remove Instagram and Facebook Messenger in Russia
- DNA-98653 Add flag #recent-searches
- DNA-98696 smoketest
PageInfoHistoryDataSourceTest.FormatTimestampString failing
- DNA-98703 Port Chromium issue 1309225 to Opera Stable
- The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096
- Changes in 85.0.4341.18
- CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51
- DNA-98059 [Linux] Crash at
opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled
- DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()
- DNA-98126 System crash dialog shown on macOS <= 10.15
- DNA-98331 [Snap] Meme generator cropping / resizing broken
- DNA-98394 Audio tab indicator set to "muted" on videoconferencing sites
- DNA-98481 Report errors in opauto_collector
- The update to chromium 99.0.4844.51 fixes following issues:
CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,
CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,
CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,
CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,
CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809
- Changes in 85.0.4341.13
- DNA-94119 Upgrade curl to 7.81.0
- DNA-97849 [Mac monterey] System shortcut interfere with Opera���s
`ToggleSearchInOpenTabs` shortcut
- DNA-98204 Automatic popout happens when video is paused
- DNA-98231 Shortcuts are blocked by displayed tab tooltip when
triggered quickly after tooltip appears
- DNA-98321 Add thinlto-cache warnings to suppression list
- DNA-98395 Promote O85 to stable
- Complete Opera 85.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-85/
- Update to 84.0.4316.42
- DNA-94119 Upgrade curl to 7.81.0
- DNA-98092 Crash at views::MenuItemView::GetMenuController()
- DNA-98204 Automatic popout happens when video is paused
- DNA-98231 Shortcuts are blocked by displayed tab tooltip when
triggered quickly after tooltip appears
- Update to 84.0.4316.31
- CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109
- DNA-97573 [Win][Lin]���Close tab��� button is not displayed on tabs
playing media when many tabs are open
- DNA-97729 cancelling the process uploading custom Wallpaper crashes
the browser
- DNA-97871 Google meet tab���s icons don���t fit on pinned tab
- DNA-97872 Tab is being unpinned when video conferencing button is
clicked
- DNA-98039 Dark theme top sites have black background
- DNA-98117 Clicking current tab information should hide tooltip
- Update to 84.0.4316.21
- CHR-8762 Update chromium on desktop-stable-98-4316 to 98.0.4758.102
- DNA-97333 ���Add a site��� label on start page tile barely visible
- DNA-97691 Opera 84 translations
- DNA-97767 Wrong string in FR
- DNA-97855 Crash at ScopedProfileKeepAlive::~ScopedProfileKeepAlive()
- DNA-97982 Enable #snap-upstream-implementation on all streams
- The update to chromium 98.0.4758.102 fixes following issues:
CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606,
CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610
- Update to 84.0.4316.14
- CHR-8753 Update chromium on desktop-stable-98-4316 to 98.0.4758.82
- DNA-97177 Battery saver ��� the icon looks bad for DPI!=100%
- DNA-97614 automatic video pop-out for most popular websites
broadcasting Winter Olympic Games 2022
- DNA-97804 Promote O84 to stable
- The update to chromium 98.0.4758.82 fixes following issues:
CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455,
CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459,
CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463,
CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467,
CVE-2022-0468, CVE-2022-0469, CVE-2022-0470
- Complete Opera 84.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-84/
- Update to 83.0.4254.54
- DNA-96581 Fast tab tooltip doesn���t always show related sites with
scrollable tab strip
- DNA-96608 Cannot drag a tab to create a new window
- DNA-96657 Do not make tab tooltip hoverable if there���s no list of
tabs
- DNA-97291 Crash at
opera::flow::FlowSessionImpl::RegisterDevice(base::OnceCallback)
- DNA-97468 Incorrect number of restored tabs when video-popout is
detached
- DNA-97476 Add retry to stapling during signing
- DNA-97609 Failing MetricsReporterTest.TimeSpent* smoketests
- Update to 83.0.4254.27
- CHR-8737 Update chromium on desktop-stable-97-4254 to 97.0.4692.99
- DNA-96336 [Mac] Translate new network installer slogan
- DNA-96678 Add battery level monitoring capability to powerSavePrivate
- DNA-96939 Crash at
opera::ExternalVideoService::MarkAsManuallyClosed()
- DNA-97276 Enable #static-tab-audio-indicator on all streams
- The update to chromium 97.0.4692.99 fixes following issues:
CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,
CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,
CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,
CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,
CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310, CVE-2022-0311
- Update to 83.0.4254.19
- DNA-96079 Turn on #automatic-video-popout on developer
- DNA-97070 Opera 83 translations
- DNA-97119 [LastCard] Stop showing used burner cards
- DNA-97131 Enable automatic-video-popout on all streams from O84 on
- DNA-97257 Crash at views::ImageButton::SetMinimumImageSize(gfx::Size
const&)
- DNA-97259 Promote O83 to stable
- Complete Opera 83.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-83/
- Update to 83.0.4254.16
- DNA-96968 Fix alignment of the 'Advanced' button in Settings
- Update to 83.0.4254.14
- CHR-8701 Update chromium on desktop-stable-97-4254 to 97.0.4692.45
- CHR-8713 Update chromium on desktop-stable-97-4254 to 97.0.4692.56
- CHR-8723 Update chromium on desktop-stable-97-4254 to 97.0.4692.71
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96822 Tab close resize behavior change
- DNA-96861 Create Loomi Options menu
- DNA-96904 Support Win11 snap layout popup
- DNA-96951 Tab close animation broken
- DNA-96991 Tab X button doesn���t work correctly
- DNA-97027 Incorrect tab size after tab close
- The update to chromium 97.0.4692.71 fixes following issues:
CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,
CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,
CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,
CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,
CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,
CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,
CVE-2022-0118, CVE-2022-0120
- Update to version 82.0.4227.58
- DNA-96780 Crash at
ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)
- DNA-96890 Settings default browser not working for current user on
Windows 7
- Update to version 82.0.4227.43
- CHR-8705 Update chromium on desktop-stable-96-4227 to 96.0.4664.110
- DNA-93284 Unstable
obj/opera/desktop/common/installer_rc_generated/installer.res
- DNA-95908 Interstitial/internal pages shown as NOT SECURE after
visiting http site
- DNA-96404 Opera doesn���t show on main screen when second screen is
abruptly disconnected
- The update to chromium 96.0.4664.110 fixes following issues:
CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101, CVE-2021-4102
- Update to version 82.0.4227.33
- CHR-8689 Update chromium on desktop-stable-96-4227 to 96.0.4664.93
- DNA-96559 Tooltip popup looks bad in dark theme
- DNA-96570 [Player] Tidal logging in via PLAY doesn���t work
- DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks
- DNA-96649 Update Meme button
- DNA-96676 Add Icon in the Sidebar Setup
- DNA-96677 Add default URL
- The update to chromium 96.0.4664.93 fixes following issues:
CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,
CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,
CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,
CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,
CVE-2021-4067, CVE-2021-4068
- Update to version 82.0.4227.23
- DNA-95632 With new au-logic UUID is set with delay and may be not set
for pb-builds (when closing fast)
- DNA-96349 Laggy tooltip animation
- DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap version
for Opera 82
- DNA-96493 Create 'small' enticement in credit card autofill
- DNA-96533 Opera 82 translations
- DNA-96535 Make the URL configurable
- DNA-96553 Add switch to whitelist test pages
- DNA-96557 Links not opened from panel
- DNA-96558 AdBlock bloks some trackers inside the panel
- DNA-96568 [Player] Tidal in sidebar Player opens wrong site when
logging in
- DNA-96659 Siteprefs not applied after network service crash
- DNA-96593 Promote O82 to stable
- Complete Opera 82.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-82/
- Update to version 82.0.4227.13
- CHR-8668 Update chromium on desktop-stable-96-4227 to 96.0.4664.45
- DNA-76987 [Mac] Update desktop EULA with geolocation split
- DNA-93388 Problem with symlinks on windows when creating file list
- DNA-95734 Discarded Recently Closed items get revived after restart
- DNA-96134 "Your profile has been updated" does not disappear
- DNA-96190 Opera freezes when trying to drag expanded bookmark folder
with nested subfolders
- DNA-96223 Easy Files not working in Full Screen
- DNA-96274 Checkout autofill shouldn't show used burner card
- DNA-96275 Change the notification message for pausing multi-use cards
- DNA-96295 "Video pop out" setting doesn't sync
- DNA-96316 Highlight text wrong colour on dark mode
- DNA-96326 Wrong translation Private Mode > Turkish
- DNA-96351 macOS window controls are missing in full screen
- DNA-96440 Update video URL
- DNA-96448 add option to pin extension via rich hints
- DNA-96453 Register user-chosen option on client-side, read on hint side
- DNA-96454 Choosing an option from the settings menu should close the
popup
- DNA-96484 Enable AB test for a new autoupdater logic (for 50%)
- DNA-96500 Add "don't show me again" prefs to allowed whitelist
- DNA-96538 Inline audiocomplete for www.mediaexpert.pl incorrectly
suggested
- The update to chromium 96.0.4664.45 fixes following issues:
CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,
CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,
CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,
CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,
CVE-2021-38022
- Update to version 81.0.4196.54
- CHR-8644 Update chromium on desktop-stable-95-4196 to 95.0.4638.69
- DNA-95773 ExtensionWebRequestApiTest crashes on mac
- DNA-96062 Opera 81 translations
- DNA-96134 ���Your profile has been updated��� does not disappear
- DNA-96274 Checkout autofill shouldn���t show used burner card
- DNA-96275 Change the notification message for pausing multi-use cards
- DNA-96440 Update video URL
- The update to chromium 95.0.4638.69 fixes following issues:
CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,
CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004
- Update to version 81.0.4196.37
- DNA-96008 Crash at
content::WebContentsImpl::OpenURL(content::OpenURLParams const&)
- DNA-96032 Closing the videoconference pop-up force leaving the meeting
- DNA-96092 Crash at void
opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)
- DNA-96142 [Yat] Emoji icon cut off in URL for Yat
- Update to version 81.0.4196.31
- DNA-95733 Implement the ���Manage��� menu in card details view
- DNA-95736 Update UI for paused card
- DNA-95791 Crash at base::operator<
- DNA-95794 Sometimes the sidebar UI fails to load
- DNA-95812 Retrieve cards info when showing autofill
- DNA-96035 Cannot create virtual card on Sandbox environment
- DNA-96147 ���Buy��� button does not work
- DNA-96168 Update contributors list
- DNA-96211 Enable #fast-tab-tooltip on all streams
- DNA-96231 Promote O81 to stable
- Complete Opera 80.1 changelog at:
https://blogs.opera.com/desktop/changelog-for-81/
- Update to version 81.0.4196.27
- CHR-8623 Update chromium on desktop-stable-95-4196 to 95.0.4638.54
- DNA-92384 Better segmenting of hint users
- DNA-95523 Allow sorting in multi-card view
- DNA-95659 Flow of Lastcard on first login
- DNA-95735 Implement the button that reveals full card details
- DNA-95747 Better way to handle expired funding card
- DNA-95949 [Mac Retina] Clicking active tab should scroll to the top
- DNA-95993 Update icon used for Yat in address bar dropdown
- DNA-96021 Cleared download item view is never deleted
- DNA-96036 Occupation field in 'Account ��� Edit' is shown twice
- DNA-96127 Upgrade plan button does nothing
- DNA-96138 "Add Card" button does not change to "Upgrade Plan" after
adding card
- The update to chromium 95.0.4638.54 fixes following issues:
CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984,
CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988,
CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992,
CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996
- Update to version 80.0.4170.72
- DNA-95522 Change card view to show all types of cards
- DNA-95523 Allow sorting in multi-card view
- DNA-95524 Allow searching for cards by name
- DNA-95658 Allow user to add a card
- DNA-95659 Flow of Lastcard on first login
- DNA-95660 Implement editing card details
- DNA-95699 Add card details view
- DNA-95733 Implement the ���Manage��� menu in card details view
- DNA-95735 Implement the button that reveals full card details
- DNA-95736 Update UI for paused card
- DNA-95747 Better way to handle expired funding card
- DNA-95794 Sometimes the sidebar UI fails to load
- DNA-95812 Retrieve cards info when showing autofill
- DNA-96036 Occupation field in ���Account ��� Edit��� is shown twice
- DNA-96127 Upgrade plan button does nothing
- DNA-96138 ���Add Card��� button does not change to ���Upgrade Plan���
after adding card
- Update to version 80.0.4170.63
- CHR-8612 Update chromium on desktop-stable-94-4170 to 94.0.4606.81
- DNA-95434 Crash at opera::ThemesService::UpdateCurrentTheme()
- The update to chromium 94.0.4606.81 fixes following issues:
CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980
- Update to version 80.0.4170.40
- CHR-8598 Update chromium on desktop-stable-94-4170 to 94.0.4606.71
- DNA-95221 Emoji button stuck in address bar
- DNA-95325 Make y.at navigations to be reported with page_views events
- DNA-95327 Add ���Emojis��� context menu option in address bar field
- DNA-95339 Add YAT emoji url suggestion to search�� dialog
- DNA-95416 Remove emoji button from address bar
- DNA-95439 Enable #yat-emoji-addresses on developer stream
- DNA-95441 [Mac big sur] Emoji are not shown in address bar url
- DNA-95514 Crash at resource_coordinator::TabLifecycleUnitSource
::TabLifecycleUnit::OnLifecycleUnitStateChanged(mojom::
LifecycleUnitState, mojom::LifecycleUnitStateChangeReason)
- DNA-95746 Enable #reader-mode everywhere
- DNA-95865 Numbers are recognized as emojis
- DNA-95866 Change Yat text in selection popup
- DNA-95867 Show that buttons are clickable in selection popup
- The update to chromium 94.0.4606.71 fixes following issues:
CVE-2021-37974, CVE-2021-37975, CVE-2021-37976
- Update to version 80.0.4170.16
- CHR-8590 Update chromium on desktop-stable-94-4170 to 94.0.4606.61
- DNA-95347 Make InstallerStep::Run async
- DNA-95420 First suggestion in address field is often not highlighted
- DNA-95613 Browser closing itself after closing SD/first tab and last
opened tab
- DNA-95725 Promote O80 to stable
- DNA-95781 Import fixes for CVE-2021-37975, CVE-2021-37976 and
CVE-2021-37974 to desktop-stable-94-4170
- Complete Opera 80.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-80/
- Drop Provides/Obsoletes for opera-gtk and opera-kde4
opera-gtk and opera-kde4 were last used in openSUSE 13.1
- Drop post/postun for desktop_database_post and icon_theme_cache_post
because were last used before
openSUSE 15.0
- Update to version 79.0.4143.72
- DNA-94933 Add emoji panel to address bar
- DNA-95210 Add emoji YAT address bar suggestions
- DNA-95221 Emoji button stuck in address bar
- DNA-95325 Make y.at navigations to be reported with page_views events
- DNA-95327 Add ���Emojis��� context menu option in address bar field
- DNA-95339 Add YAT emoji url suggestion to search�� dialog
- DNA-95364 Add browser feature flag
- DNA-95416 Remove emoji button from address bar
- DNA-95439 Enable #yat-emoji-addresses on developer stream
- DNA-95441 [Mac big sur] Emoji are not shown in address bar url
- DNA-95445 Crash when removing unsynced pinboard bookmark with sync
enabled
- DNA-95512 Allow to show title and timer for simple banners
- DNA-95516 Wrong label in settings for themes
- DNA-95679 Temporarily disable AB test for a new autoupdater logic
- Update to version 79.0.4143.50
- CHR-8571 Update chromium on desktop-stable-93-4143 to 93.0.4577.82
- DNA-94104 ContinueShoppingOnEbayBrowserTest.ShouldDisplayOffers
TilesStartingWithMostActiveOnes fails
- DNA-94894 [Rich Hint] Agent API permissions
- DNA-94989 Wrong color and appearance of subpages in the settings
- DNA-95241 ���Switch to tab��� button is visible only on hover
- DNA-95286 Add unit tests to pinboard sync related logic in browser
- DNA-95372 [Mac retina screen] Snapshot doesnt capture cropped area
- DNA-95526 Some webstore extensions are not verified properly
- The update to chromium 93.0.4577.82 fixes following issues:
CVE-2021-30625, CVE-2021-30626, CVE-2021-30627, CVE-2021-30628,
CVE-2021-30629, CVE-2021-30630, CVE-2021-30631, CVE-2021-30632,
CVE-2021-30633
- Update to version 79.0.4143.22
- CHR-8550 Update chromium on desktop-stable-93-4143 to 93.0.4577.58
- CHR-8557 Update chromium on desktop-stable-93-4143 to 93.0.4577.63
- DNA-94641 [Linux] Proprietary media codecs not working in snap builds
- DNA-95076 [Linux] Page crash with media content
- DNA-95084 [Mac] Cannot quit through menu with snapshot editor open
- DNA-95138 Add setting to synchronize Pinboards
- DNA-95157 Crash at -[OperaCrApplication sendEvent:]
- DNA-95204 Opera 79 translations
- DNA-95240 The pinboard thumbnail cannot be generated anymore
- DNA-95278 Existing Pinboards might be missing
- DNA-95292 Enable #bookmarks-trash-cleaner on all streams
- DNA-95293 Enable #easy-files-downloads-folder on all streams
- DNA-95383 Promote O79 to stable
- Complete Opera 79.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-79/
- The update to chromium 93.0.4577.58 fixes following issues:
CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609,
CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613,
CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617,
CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621,
CVE-2021-30622, CVE-2021-30623, CVE-2021-30624
- Update to version 78.0.4093.184
- CHR-8533 Update chromium on desktop-stable-92-4093 to 92.0.4515.159
- DNA-93472 Reattaching to other browsers
- DNA-93741 Multiple hint slots
- DNA-93742 Allow displaying unobtrusive external hints
- DNA-93744 Add slots in toolbar action view
- DNA-94230 Improve text contrast for Speed Dials
- DNA-94724 [Mac] Add macOS dark theme wallpaper with easy setup
- DNA-94786 Crash at base::SupportsUserData:: SetUserData(void const*,
std::__1::unique_ptr)
- DNA-94807 Allow scripts access opera version and product info
- DNA-94862 Continue on shopping Amazon doesn���t work correct
- DNA-94870 Add an addonsPrivate function to install with permissions
dialog first
- DNA-95064 Revert DNA-93714 on stable
- The update to chromium 92.0.4515.159 fixes following issues:
CVE-2021-30598, CVE-2021-30599, CVE-2021-30600, CVE-2021-30601,
CVE-2021-30602, CVE-2021-30603, CVE-2021-30604
- Update to version 78.0.4093.147
- CHR-8251 Update chromium on desktop-stable-92-4093 to 92.0.4515.131
- DNA-93036 Opera not starting after closing window. Processes still
working.
- DNA-94516 Add ���Detach tab��� entry to tab menu
- DNA-94584 [Mac] Sidebar setup not closed after press ���Add
extensions��� button
- DNA-94761 Crash when trying to record ���Chrome developer��� trace
- DNA-94790 Crash at opera::VideoConferenceTabDetachController::
OnBrowserAboutToStartClosing(Browser*)
- The update to chromium 92.0.4515.131 fixes following issues:
CVE-2021-30590, CVE-2021-30591, CVE-2021-30592, CVE-2021-30593,
CVE-2021-30594, CVE-2021-30596, CVE-2021-30597
- Update to version 78.0.4093.112
- DNA-94466 Implement sorting Pinboards in overview
- DNA-94582 Add access to APIs for showing pinboard icon in sidebar
- DNA-94603 Suspicious pinboards events
- DNA-94625 Disable opr.pinboardPrivate.getThumbnail() for local files
- DNA-94640 Promote O78 to stable
- DNA-94661 Missing translations for some languages
- Complete Opera 78.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-78/
- Update to version 77.0.4054.277
- CHR-8502 Update chromium on desktop-stable-91-4054 to 91.0.4472.164
- DNA-94291 Video conference popout doesnt remember its size after
resizing
- DNA-94399 Incorrect icon for wp.pl in address bar dropdown
- DNA-94462 Low quality of default wallpaper on windows
- The update to chromium 91.0.4472.164 fixes following issues:
CVE-2021-30541, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562,
CVE-2021-30563, CVE-2021-30564
- Update to version 77.0.4054.254
- DNA-92344 Windows 10 Implementation
- DNA-92486 Replace ��� icon with ���settings��� icon
- DNA-92487 Close individual item
- DNA-92496 Create separate entry in settings for BABE
- DNA-93275 Implement cycles size according to design
- DNA-93280 The system theme has only half a checkmark
- DNA-93728 Whatsapp notification is not refreshed
- DNA-94047 Remove pinboard WebUI integration
- DNA-94118 Write test for ThumbnailTabHelper changes in DNA-94100
- DNA-94120 Fix Welcome popup layout
- DNA-94140 Crash at base::TaskRunner ::PostTask(base::Location const&,
base::OnceCallback)
- DNA-94205 Consider setting pinboard display URL in
address_field_helper.cc
- DNA-94211 Easy Files don���t show thumbnails
- DNA-94309 Pinboards URLs don���t get lighter color treatment
- DNA-94318 Wrong ���Transparency��� word translation in Swedish
- DNA-94321 AB test: google suggestions on top ��� bigger test
- DNA-94341 Make pinboard popup testable on web page
- DNA-94381 Disabling Pinboards doesn���t remove item from menu / sidebar
- DNA-94392 Add u2f-devices interface to snap packages
- DNA-94461 Enable #system-theme on all streams
- Update to version 77.0.4054.203
- CHR-8475 Update chromium on desktop-stable-91-4054 to 91.0.4472.124
- DNA-93523 Crash at extensions::TabHelper::WebContentsDestroyed()
- DNA-93917 Upload snap to edge while preparing repository package
- DNA-94157 Crash at gfx::ICCProfile::operator=(gfx::ICCProfile const&)
- DNA-94159 Crash at
opera::auth::AuthAccountServiceImpl::GetAuthAccount()
- DNA-94161 [Add tabs]Unexpected symbols instead of Workspace name
- DNA-94241 Implement better process killing for timeout
- DNA-94248 Allow retry on tests that timed-out
- DNA-94251 heap-use-after-free in VideoConference
- DNA-94315 Crash at class std::__1::basic_string ui::ResourceBundle::
LoadLocaleResources(const class std::__1::basic_string& const, bool)
- DNA-94357 Fix issue in scripts
- Update to version 77.0.4054.172
- DNA-93078 Do not display ���share tab��� sliding toolbar on detached
tab
- DNA-93358 The red underline extends beyond the Google meets conference
tab outline
- DNA-93404 Crash in test when destroying BABE���s webcontents
- DNA-93637 ctrl+9 shortcut is inconsistent with other browsers
- DNA-93661 Add opauto test to cover new shortcut from DNA-93637
- DNA-93867 Use version from package instead of repository
- DNA-93993 Pinboard translations from Master
- DNA-94099 Increase new-autoupdater-logic AB test to cover 50% of new
installations
- DNA-94100 Thumbnail doesn���t update
- DNA-94178 Automatic popout should not happen after manually closing a
popout
- Update to version 77.0.4054.146
- CHR-8458 Update chromium on desktop-stable-91-4054 to 91.0.4472.114
- DNA-92171 Create active linkdiscovery service
- DNA-92388 Fix and unskip
WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible
- DNA-93101 Tabs are being snoozed when tab snoozing is disabled
- DNA-93386 Update pinboard view when item changes
- DNA-93448 Make browser ready for Developer release
- DNA-93491 Fix failing tests after enabling #pinboard flag
- DNA-93498 Add additional music services
- DNA-93503 Blank popup on clicking toolbar icon with popup open
- DNA-93561 Do not allow zoom different from 100% in Pinboard popup
- DNA-93637 ctrl+9 shortcut is inconsistent with other browsers
- DNA-93644 Create route for `import open tabs` to `pinboard`
- DNA-93664 Adapt popup to design
- DNA-93702 Turn on flags on developer
- DNA-93737 [Pinboard] Remove Mock API
- DNA-93745 Unable to open the popup after opening it several times
- DNA-93776 Popup closes and reopens when clicking the toolbar button
- DNA-93786 DCHECK after opening popup
- DNA-93802 Crash at views::Widget::GetNativeView() const
- DNA-93810 Add pinboard icon to sidebar
- DNA-93825 Add pinboard to Opera menu
- DNA-93833 [Player] Implement seeking for new services
- DNA-93845 Do not log output of snapcraft on console
- DNA-93864 Create feature flag for start page sync banner
- DNA-93865 Implement start page banner
- DNA-93867 Use version from package instead of repository
- DNA-93878 [Player] Crash when current player service becomes
unavailable when user location changes
- DNA-93953 ���Send image to Pinboard��� has the wrong position in the
context menu
- DNA-93987 Disable zooming popup contents like in other popups
- DNA-93989 Change internal URL to opera://pinboards
- DNA-93990 Update strings to reflect new standards
- DNA-93992 Add Pinboards to Opera settings
- DNA-93993 Pinboard translations from Master
- DNA-94011 Enable feature flags for Reborn 5 on stable
- DNA-94019 Add a direct link to settings
- DNA-94088 Internal pages provoke not saving other pages to the Pinboard
- DNA-94111 [O77] Sidebar setup does not open
- DNA-94139 Crash at
opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget()
- The update to chromium 91.0.4472.114 fixes following issues:
CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557
- Update to version 77.0.4054.90
- CHR-8446 Update chromium on desktop-stable-91-4054 to 91.0.4472.101
- The update to chromium 91.0.4472.101 fixes following issues:
CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547,
CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551,
CVE-2021-30552, CVE-2021-30553
- Update to version 77.0.4054.80
- DNA-93656 Active cards in checkout Auto-fill
- DNA-93805 Create snap packages in buildsign
- DNA-93823 archive_opera_snap failures on Linux
- DNA-93844 Fix AttributeError in package_type.py
- Update to version 77.0.4054.64
- DNA-93159 Implement image(preview) of each created pinboard
- DNA-93273 ���Send image to Pinboard��� doesn���t work correct on
staging server
- DNA-93277 Add/update opauto tests for the System Theme WP1
implementation p.1
- DNA-93286 [BigSur] YT not being reloaded when opened from link
- DNA-93296 Opera 77 translations
- DNA-93372 Build new edition for Axel Springer
- DNA-93376 Write unittests for PinboardImageCollector
- DNA-93401 [LastCard] Do not change user state if not needed
- DNA-93409 Animation with hat and glasses is missing in Private mode
- DNA-93443 API opr.pinboardPrivate.getThumbnail() returns
old thumbnail image
- DNA-93509 Add Opera switch for pinboard staging backend and use it for
tests
- DNA-93519 [Sidebar] WhatsApp ���Log out��� doesn���t work
- DNA-93634 Fix errors in Slovak translations
- DNA-93724 Some webstore extensions are not verified properly
- Complete Opera 77.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-77/
- Update to version 76.0.4017.177
- DNA-92597 Sound controller doesn���t work after pressing ���Next���
button
- DNA-93405 Import vmp_signer instead of starting new python process
- DNA-93406 [Mac] Import plist_util instead of calling script in
_generateAppEntitlements
- DNA-93442 Make GX Control panel attachable by webdriver
- DNA-93554 [AdBlock] Find a fix for blocking ���new��� YouTube ads
- DNA-93587 Pre-refactor solution
- Update to version 76.0.4017.154
- CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212
- DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode
- DNA-92587 Sync settings: ���Use old password��� button doesn���t work
- DNA-92672 Make it possible for agent to inject scripts into startpage
- DNA-92712 Add SD reload API
- DNA-93190 The bookmark can���t be opened in Workspace 5-6
- DNA-93247 Reopen last closed tab shortcut opens random tab on new
window
- DNA-93294 Binary diff for opera_browser.dll is not created on 32-bit
builds
- DNA-93313 Add opauto test to cover DNA-93190
- DNA-93368 Fix an error in Polish translation
- DNA-93408 [Windows] widevine_cdm_component_installer does not compile
on desktop-stable-90-4017
- The update to chromium 90.0.4430.212 fixes following issues:
CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509,
CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513,
CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517,
CVE-2021-30518, CVE-2021-30519, CVE-2021-30520
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:NonFree:
zypper in -t patch openSUSE-2022-110=1
Package List:
- openSUSE Leap 15.4:NonFree (x86_64):
opera-85.0.4341.28-lp154.2.5.1
References:
https://www.suse.com/security/cve/CVE-2021-30506.html
https://www.suse.com/security/cve/CVE-2021-30507.html
https://www.suse.com/security/cve/CVE-2021-30508.html
https://www.suse.com/security/cve/CVE-2021-30509.html
https://www.suse.com/security/cve/CVE-2021-30510.html
https://www.suse.com/security/cve/CVE-2021-30511.html
https://www.suse.com/security/cve/CVE-2021-30512.html
https://www.suse.com/security/cve/CVE-2021-30513.html
https://www.suse.com/security/cve/CVE-2021-30514.html
https://www.suse.com/security/cve/CVE-2021-30515.html
https://www.suse.com/security/cve/CVE-2021-30516.html
https://www.suse.com/security/cve/CVE-2021-30517.html
https://www.suse.com/security/cve/CVE-2021-30518.html
https://www.suse.com/security/cve/CVE-2021-30519.html
https://www.suse.com/security/cve/CVE-2021-30520.html
https://www.suse.com/security/cve/CVE-2021-30541.html
https://www.suse.com/security/cve/CVE-2021-30544.html
https://www.suse.com/security/cve/CVE-2021-30545.html
https://www.suse.com/security/cve/CVE-2021-30546.html
https://www.suse.com/security/cve/CVE-2021-30547.html
https://www.suse.com/security/cve/CVE-2021-30548.html
https://www.suse.com/security/cve/CVE-2021-30549.html
https://www.suse.com/security/cve/CVE-2021-30550.html
https://www.suse.com/security/cve/CVE-2021-30551.html
https://www.suse.com/security/cve/CVE-2021-30552.html
https://www.suse.com/security/cve/CVE-2021-30553.html
https://www.suse.com/security/cve/CVE-2021-30554.html
https://www.suse.com/security/cve/CVE-2021-30555.html
https://www.suse.com/security/cve/CVE-2021-30556.html
https://www.suse.com/security/cve/CVE-2021-30557.html
https://www.suse.com/security/cve/CVE-2021-30560.html
https://www.suse.com/security/cve/CVE-2021-30561.html
https://www.suse.com/security/cve/CVE-2021-30562.html
https://www.suse.com/security/cve/CVE-2021-30563.html
https://www.suse.com/security/cve/CVE-2021-30564.html
https://www.suse.com/security/cve/CVE-2021-30590.html
https://www.suse.com/security/cve/CVE-2021-30591.html
https://www.suse.com/security/cve/CVE-2021-30592.html
https://www.suse.com/security/cve/CVE-2021-30593.html
https://www.suse.com/security/cve/CVE-2021-30594.html
https://www.suse.com/security/cve/CVE-2021-30596.html
https://www.suse.com/security/cve/CVE-2021-30597.html
https://www.suse.com/security/cve/CVE-2021-30598.html
https://www.suse.com/security/cve/CVE-2021-30599.html
https://www.suse.com/security/cve/CVE-2021-30600.html
https://www.suse.com/security/cve/CVE-2021-30601.html
https://www.suse.com/security/cve/CVE-2021-30602.html
https://www.suse.com/security/cve/CVE-2021-30603.html
https://www.suse.com/security/cve/CVE-2021-30604.html
https://www.suse.com/security/cve/CVE-2021-30606.html
https://www.suse.com/security/cve/CVE-2021-30607.html
https://www.suse.com/security/cve/CVE-2021-30608.html
https://www.suse.com/security/cve/CVE-2021-30609.html
https://www.suse.com/security/cve/CVE-2021-30610.html
https://www.suse.com/security/cve/CVE-2021-30611.html
https://www.suse.com/security/cve/CVE-2021-30612.html
https://www.suse.com/security/cve/CVE-2021-30613.html
https://www.suse.com/security/cve/CVE-2021-30614.html
https://www.suse.com/security/cve/CVE-2021-30615.html
https://www.suse.com/security/cve/CVE-2021-30616.html
https://www.suse.com/security/cve/CVE-2021-30617.html
https://www.suse.com/security/cve/CVE-2021-30618.html
https://www.suse.com/security/cve/CVE-2021-30619.html
https://www.suse.com/security/cve/CVE-2021-30620.html
https://www.suse.com/security/cve/CVE-2021-30621.html
https://www.suse.com/security/cve/CVE-2021-30622.html
https://www.suse.com/security/cve/CVE-2021-30623.html
https://www.suse.com/security/cve/CVE-2021-30624.html
https://www.suse.com/security/cve/CVE-2021-30625.html
https://www.suse.com/security/cve/CVE-2021-30626.html
https://www.suse.com/security/cve/CVE-2021-30627.html
https://www.suse.com/security/cve/CVE-2021-30628.html
https://www.suse.com/security/cve/CVE-2021-30629.html
https://www.suse.com/security/cve/CVE-2021-30630.html
https://www.suse.com/security/cve/CVE-2021-30631.html
https://www.suse.com/security/cve/CVE-2021-30632.html
https://www.suse.com/security/cve/CVE-2021-30633.html
https://www.suse.com/security/cve/CVE-2021-37974.html
https://www.suse.com/security/cve/CVE-2021-37975.html
https://www.suse.com/security/cve/CVE-2021-37976.html
https://www.suse.com/security/cve/CVE-2021-37977.html
https://www.suse.com/security/cve/CVE-2021-37978.html
https://www.suse.com/security/cve/CVE-2021-37979.html
https://www.suse.com/security/cve/CVE-2021-37980.html
https://www.suse.com/security/cve/CVE-2021-37981.html
https://www.suse.com/security/cve/CVE-2021-37982.html
https://www.suse.com/security/cve/CVE-2021-37983.html
https://www.suse.com/security/cve/CVE-2021-37984.html
https://www.suse.com/security/cve/CVE-2021-37985.html
https://www.suse.com/security/cve/CVE-2021-37986.html
https://www.suse.com/security/cve/CVE-2021-37987.html
https://www.suse.com/security/cve/CVE-2021-37988.html
https://www.suse.com/security/cve/CVE-2021-37989.html
https://www.suse.com/security/cve/CVE-2021-37990.html
https://www.suse.com/security/cve/CVE-2021-37991.html
https://www.suse.com/security/cve/CVE-2021-37992.html
https://www.suse.com/security/cve/CVE-2021-37993.html
https://www.suse.com/security/cve/CVE-2021-37994.html
https://www.suse.com/security/cve/CVE-2021-37995.html
https://www.suse.com/security/cve/CVE-2021-37996.html
https://www.suse.com/security/cve/CVE-2021-37997.html
https://www.suse.com/security/cve/CVE-2021-37998.html
https://www.suse.com/security/cve/CVE-2021-37999.html
https://www.suse.com/security/cve/CVE-2021-38001.html
https://www.suse.com/security/cve/CVE-2021-38002.html
https://www.suse.com/security/cve/CVE-2021-38003.html
https://www.suse.com/security/cve/CVE-2021-38004.html
https://www.suse.com/security/cve/CVE-2021-38005.html
https://www.suse.com/security/cve/CVE-2021-38006.html
https://www.suse.com/security/cve/CVE-2021-38007.html
https://www.suse.com/security/cve/CVE-2021-38008.html
https://www.suse.com/security/cve/CVE-2021-38009.html
https://www.suse.com/security/cve/CVE-2021-38010.html
https://www.suse.com/security/cve/CVE-2021-38011.html
https://www.suse.com/security/cve/CVE-2021-38012.html
https://www.suse.com/security/cve/CVE-2021-38013.html
https://www.suse.com/security/cve/CVE-2021-38014.html
https://www.suse.com/security/cve/CVE-2021-38015.html
https://www.suse.com/security/cve/CVE-2021-38016.html
https://www.suse.com/security/cve/CVE-2021-38017.html
https://www.suse.com/security/cve/CVE-2021-38019.html
https://www.suse.com/security/cve/CVE-2021-38020.html
https://www.suse.com/security/cve/CVE-2021-38021.html
https://www.suse.com/security/cve/CVE-2021-38022.html
https://www.suse.com/security/cve/CVE-2021-4052.html
https://www.suse.com/security/cve/CVE-2021-4053.html
https://www.suse.com/security/cve/CVE-2021-4054.html
https://www.suse.com/security/cve/CVE-2021-4055.html
https://www.suse.com/security/cve/CVE-2021-4056.html
https://www.suse.com/security/cve/CVE-2021-4057.html
https://www.suse.com/security/cve/CVE-2021-4058.html
https://www.suse.com/security/cve/CVE-2021-4059.html
https://www.suse.com/security/cve/CVE-2021-4061.html
https://www.suse.com/security/cve/CVE-2021-4062.html
https://www.suse.com/security/cve/CVE-2021-4063.html
https://www.suse.com/security/cve/CVE-2021-4064.html
https://www.suse.com/security/cve/CVE-2021-4065.html
https://www.suse.com/security/cve/CVE-2021-4066.html
https://www.suse.com/security/cve/CVE-2021-4067.html
https://www.suse.com/security/cve/CVE-2021-4068.html
https://www.suse.com/security/cve/CVE-2021-4078.html
https://www.suse.com/security/cve/CVE-2021-4079.html
https://www.suse.com/security/cve/CVE-2021-4098.html
https://www.suse.com/security/cve/CVE-2021-4099.html
https://www.suse.com/security/cve/CVE-2021-4100.html
https://www.suse.com/security/cve/CVE-2021-4101.html
https://www.suse.com/security/cve/CVE-2021-4102.html
https://www.suse.com/security/cve/CVE-2022-0096.html
https://www.suse.com/security/cve/CVE-2022-0097.html
https://www.suse.com/security/cve/CVE-2022-0098.html
https://www.suse.com/security/cve/CVE-2022-0099.html
https://www.suse.com/security/cve/CVE-2022-0100.html
https://www.suse.com/security/cve/CVE-2022-0101.html
https://www.suse.com/security/cve/CVE-2022-0102.html
https://www.suse.com/security/cve/CVE-2022-0103.html
https://www.suse.com/security/cve/CVE-2022-0104.html
https://www.suse.com/security/cve/CVE-2022-0105.html
https://www.suse.com/security/cve/CVE-2022-0106.html
https://www.suse.com/security/cve/CVE-2022-0107.html
https://www.suse.com/security/cve/CVE-2022-0108.html
https://www.suse.com/security/cve/CVE-2022-0109.html
https://www.suse.com/security/cve/CVE-2022-0110.html
https://www.suse.com/security/cve/CVE-2022-0111.html
https://www.suse.com/security/cve/CVE-2022-0112.html
https://www.suse.com/security/cve/CVE-2022-0113.html
https://www.suse.com/security/cve/CVE-2022-0114.html
https://www.suse.com/security/cve/CVE-2022-0115.html
https://www.suse.com/security/cve/CVE-2022-0116.html
https://www.suse.com/security/cve/CVE-2022-0117.html
https://www.suse.com/security/cve/CVE-2022-0118.html
https://www.suse.com/security/cve/CVE-2022-0120.html
https://www.suse.com/security/cve/CVE-2022-0289.html
https://www.suse.com/security/cve/CVE-2022-0290.html
https://www.suse.com/security/cve/CVE-2022-0291.html
https://www.suse.com/security/cve/CVE-2022-0292.html
https://www.suse.com/security/cve/CVE-2022-0293.html
https://www.suse.com/security/cve/CVE-2022-0294.html
https://www.suse.com/security/cve/CVE-2022-0295.html
https://www.suse.com/security/cve/CVE-2022-0296.html
https://www.suse.com/security/cve/CVE-2022-0297.html
https://www.suse.com/security/cve/CVE-2022-0298.html
https://www.suse.com/security/cve/CVE-2022-0300.html
https://www.suse.com/security/cve/CVE-2022-0301.html
https://www.suse.com/security/cve/CVE-2022-0302.html
https://www.suse.com/security/cve/CVE-2022-0304.html
https://www.suse.com/security/cve/CVE-2022-0305.html
https://www.suse.com/security/cve/CVE-2022-0306.html
https://www.suse.com/security/cve/CVE-2022-0307.html
https://www.suse.com/security/cve/CVE-2022-0308.html
https://www.suse.com/security/cve/CVE-2022-0309.html
https://www.suse.com/security/cve/CVE-2022-0310.html
https://www.suse.com/security/cve/CVE-2022-0311.html
https://www.suse.com/security/cve/CVE-2022-0452.html
https://www.suse.com/security/cve/CVE-2022-0453.html
https://www.suse.com/security/cve/CVE-2022-0454.html
https://www.suse.com/security/cve/CVE-2022-0455.html
https://www.suse.com/security/cve/CVE-2022-0456.html
https://www.suse.com/security/cve/CVE-2022-0457.html
https://www.suse.com/security/cve/CVE-2022-0458.html
https://www.suse.com/security/cve/CVE-2022-0459.html
https://www.suse.com/security/cve/CVE-2022-0460.html
https://www.suse.com/security/cve/CVE-2022-0461.html
https://www.suse.com/security/cve/CVE-2022-0462.html
https://www.suse.com/security/cve/CVE-2022-0463.html
https://www.suse.com/security/cve/CVE-2022-0464.html
https://www.suse.com/security/cve/CVE-2022-0465.html
https://www.suse.com/security/cve/CVE-2022-0466.html
https://www.suse.com/security/cve/CVE-2022-0467.html
https://www.suse.com/security/cve/CVE-2022-0468.html
https://www.suse.com/security/cve/CVE-2022-0469.html
https://www.suse.com/security/cve/CVE-2022-0470.html
https://www.suse.com/security/cve/CVE-2022-0603.html
https://www.suse.com/security/cve/CVE-2022-0604.html
https://www.suse.com/security/cve/CVE-2022-0605.html
https://www.suse.com/security/cve/CVE-2022-0606.html
https://www.suse.com/security/cve/CVE-2022-0607.html
https://www.suse.com/security/cve/CVE-2022-0608.html
https://www.suse.com/security/cve/CVE-2022-0609.html
https://www.suse.com/security/cve/CVE-2022-0610.html
https://www.suse.com/security/cve/CVE-2022-0789.html
https://www.suse.com/security/cve/CVE-2022-0790.html
https://www.suse.com/security/cve/CVE-2022-0791.html
https://www.suse.com/security/cve/CVE-2022-0792.html
https://www.suse.com/security/cve/CVE-2022-0793.html
https://www.suse.com/security/cve/CVE-2022-0794.html
https://www.suse.com/security/cve/CVE-2022-0795.html
https://www.suse.com/security/cve/CVE-2022-0796.html
https://www.suse.com/security/cve/CVE-2022-0797.html
https://www.suse.com/security/cve/CVE-2022-0798.html
https://www.suse.com/security/cve/CVE-2022-0799.html
https://www.suse.com/security/cve/CVE-2022-0800.html
https://www.suse.com/security/cve/CVE-2022-0801.html
https://www.suse.com/security/cve/CVE-2022-0802.html
https://www.suse.com/security/cve/CVE-2022-0803.html
https://www.suse.com/security/cve/CVE-2022-0804.html
https://www.suse.com/security/cve/CVE-2022-0805.html
https://www.suse.com/security/cve/CVE-2022-0806.html
https://www.suse.com/security/cve/CVE-2022-0807.html
https://www.suse.com/security/cve/CVE-2022-0808.html
https://www.suse.com/security/cve/CVE-2022-0809.html
https://www.suse.com/security/cve/CVE-2022-1096.html
1
0
openSUSE-SU-2022:0108-1: important: Security update for seamonkey
by opensuse-security@opensuse.org 08 Apr '22
by opensuse-security@opensuse.org 08 Apr '22
08 Apr '22
openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0108-1
Rating: important
References: #1185055 #1188564 #1188565 #1191902 #1191904
#1191905 #1191909 #1191910 #1191911 #1191913
#1191914 #1192052 #1194198 #1194232 #1197518
Cross-References: CVE-2021-2163 CVE-2021-2341 CVE-2021-2369
CVE-2021-35556 CVE-2021-35559 CVE-2021-35560
CVE-2021-35564 CVE-2021-35565 CVE-2021-35578
CVE-2021-35586 CVE-2021-35588 CVE-2021-41035
CVSS scores:
CVE-2021-2163 (NVD) : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-2163 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-2341 (NVD) : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-2341 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-2369 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2021-2369 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2021-35556 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35556 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35559 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35560 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-35560 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-35564 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-35564 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-35565 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35565 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35578 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35578 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35586 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35586 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-35588 (NVD) : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-35588 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-41035 (SUSE): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 12 vulnerabilities and has three
fixes is now available.
Description:
SeaMonkey was updated to 2.53.11.1:
Update to SeaMonkey 2.53.11.1
* Fix edge case when setting IntersectionObserver threshold bug 1758291.
* OAuth2 prefs should use realuserName instead of username bug 1518126.
* SeaMonkey 2.53.11.1 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.11.1 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.7 and
Thunderbird 91.7 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.
* Remove obsolete MOZ_EXTENSIONS check in suite
* Add connect button to cZ Networks Editor
* Remove freenode remnants from ChatZilla in SeaMonkey
* Prefer secure over insecure protocol in network list in ChatZilla
* Composer - Change tag textbox is not removed after use
* Clean up repo links in debugQA
* Fix misspelled references to macOS in suite
* Remove obsolete references to Java and Flash
* Help button not working in delete cert dialog
* Rearrange Message Filter Dialog to make room for new features
* Use Insert key as shortcut to create new message filters
* Rename some variables used in SeaMonkey's FilterListDialog to match
Thunderbird's
* Implement Copy to New message filter functionality
* Add move to top / bottom buttons to message filters
* Add preference to not prompt for message filter deletion
* Clean up folder handling in FilterListDialog
* Add refresh function to Filter list dialog so that it can be updated
when already open and new filters are added externally
* Use listbox rather than tree in FilterListDialog
* MsgFilterList(args) should take targetFilter and pass it to
FilterListDialog
* Mail&News' start.xhtml: "We" link broken
* Add search functionality to filter dialog
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-2022-108=1 openSUSE-SLE-15.3-2022-108=1
Package List:
- openSUSE Leap 15.3 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.0-3.53.1
java-1_8_0-ibm-demo-1.8.0_sr7.0-3.53.1
java-1_8_0-ibm-devel-1.8.0_sr7.0-3.53.1
java-1_8_0-ibm-src-1.8.0_sr7.0-3.53.1
- openSUSE Leap 15.3 (i586 x86_64):
seamonkey-2.53.11.1-lp153.17.5.1
seamonkey-debuginfo-2.53.11.1-lp153.17.5.1
seamonkey-debugsource-2.53.11.1-lp153.17.5.1
seamonkey-dom-inspector-2.53.11.1-lp153.17.5.1
seamonkey-irc-2.53.11.1-lp153.17.5.1
- openSUSE Leap 15.3 (x86_64):
java-1_8_0-ibm-32bit-1.8.0_sr7.0-3.53.1
java-1_8_0-ibm-alsa-1.8.0_sr7.0-3.53.1
java-1_8_0-ibm-devel-32bit-1.8.0_sr7.0-3.53.1
java-1_8_0-ibm-plugin-1.8.0_sr7.0-3.53.1
References:
https://www.suse.com/security/cve/CVE-2021-2163.html
https://www.suse.com/security/cve/CVE-2021-2341.html
https://www.suse.com/security/cve/CVE-2021-2369.html
https://www.suse.com/security/cve/CVE-2021-35556.html
https://www.suse.com/security/cve/CVE-2021-35559.html
https://www.suse.com/security/cve/CVE-2021-35560.html
https://www.suse.com/security/cve/CVE-2021-35564.html
https://www.suse.com/security/cve/CVE-2021-35565.html
https://www.suse.com/security/cve/CVE-2021-35578.html
https://www.suse.com/security/cve/CVE-2021-35586.html
https://www.suse.com/security/cve/CVE-2021-35588.html
https://www.suse.com/security/cve/CVE-2021-41035.html
https://bugzilla.suse.com/1185055
https://bugzilla.suse.com/1188564
https://bugzilla.suse.com/1188565
https://bugzilla.suse.com/1191902
https://bugzilla.suse.com/1191904
https://bugzilla.suse.com/1191905
https://bugzilla.suse.com/1191909
https://bugzilla.suse.com/1191910
https://bugzilla.suse.com/1191911
https://bugzilla.suse.com/1191913
https://bugzilla.suse.com/1191914
https://bugzilla.suse.com/1192052
https://bugzilla.suse.com/1194198
https://bugzilla.suse.com/1194232
https://bugzilla.suse.com/1197518
1
0
openSUSE-SU-2022:1127-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 07 Apr '22
by opensuse-security@opensuse.org 07 Apr '22
07 Apr '22
openSUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:1127-1
Rating: important
References: #1197698 #1197903
Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-24713
CVE-2022-28281 CVE-2022-28282 CVE-2022-28285
CVE-2022-28286 CVE-2022-28289
CVSS scores:
CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24713 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 8 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.8.0 ESR (bsc#1197903):
MFSA 2022-14 (bsc#1197903)
* CVE-2022-1097: Fixed memory safety violations that could occur when
PKCS#11 tokens are removed while in use
* CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN
Extensions
* CVE-2022-1196: Fixed a use-after-free after VR Process destruction
* CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument
* CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen
* CVE-2022-28286: Fixed that iframe contents could be rendered outside the
border
* CVE-2022-24713: Fixed a denial of service via complex regular expressions
* CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR
91.8
The following non-security bugs were fixed:
- Adjust rust dependency for SP3 and later. TW uses always the newest
version of rust, but we don't, so we can't use the rust+cargo notation,
which would need both < and >= requirements. (bsc#1197698)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1127=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1127=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.8.0-150200.152.26.1
MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1
MozillaFirefox-debuginfo-91.8.0-150200.152.26.1
MozillaFirefox-debugsource-91.8.0-150200.152.26.1
MozillaFirefox-devel-91.8.0-150200.152.26.1
MozillaFirefox-translations-common-91.8.0-150200.152.26.1
MozillaFirefox-translations-other-91.8.0-150200.152.26.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.8.0-150200.152.26.1
MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1
MozillaFirefox-debuginfo-91.8.0-150200.152.26.1
MozillaFirefox-debugsource-91.8.0-150200.152.26.1
MozillaFirefox-devel-91.8.0-150200.152.26.1
MozillaFirefox-translations-common-91.8.0-150200.152.26.1
MozillaFirefox-translations-other-91.8.0-150200.152.26.1
References:
https://www.suse.com/security/cve/CVE-2022-1097.html
https://www.suse.com/security/cve/CVE-2022-1196.html
https://www.suse.com/security/cve/CVE-2022-24713.html
https://www.suse.com/security/cve/CVE-2022-28281.html
https://www.suse.com/security/cve/CVE-2022-28282.html
https://www.suse.com/security/cve/CVE-2022-28285.html
https://www.suse.com/security/cve/CVE-2022-28286.html
https://www.suse.com/security/cve/CVE-2022-28289.html
https://bugzilla.suse.com/1197698
https://bugzilla.suse.com/1197903
1
0
openSUSE-SU-2022:0105-1: important: Security update for pdns-recursor
by opensuse-security@opensuse.org 07 Apr '22
by opensuse-security@opensuse.org 07 Apr '22
07 Apr '22
openSUSE Security Update: Security update for pdns-recursor
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0105-1
Rating: important
References: #1197525
Cross-References: CVE-2022-27227
CVSS scores:
CVE-2022-27227 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27227 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pdns-recursor fixes the following issues:
- CVE-2022-27227: Fixed incomplete validation of incoming IXFR transfers.
It applies to setups retrieving one or more RPZ zones from a remote
server if the network path to the server is not trusted. (boo#1197525)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-105=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
pdns-recursor-4.3.5-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-27227.html
https://bugzilla.suse.com/1197525
1
0
openSUSE-SU-2022:0104-1: important: Security update for SDL2
by opensuse-security@opensuse.org 07 Apr '22
by opensuse-security@opensuse.org 07 Apr '22
07 Apr '22
openSUSE Security Update: Security update for SDL2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0104-1
Rating: important
References: #1181201 #1181202 #1197525
Cross-References: CVE-2020-14409 CVE-2020-14410 CVE-2022-27227
CVSS scores:
CVE-2020-14409 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-14409 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-14410 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2020-14410 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27227 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27227 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for SDL2 fixes the following issues:
- CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in
SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP (bsc#1181202).
- CVE-2020-14410: Fixed heap-based buffer over-read in
Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP
(bsc#1181201).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-104=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-104=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-11.3.1
libSDL2-2_0-0-2.0.8-11.3.1
libSDL2-2_0-0-debuginfo-2.0.8-11.3.1
libSDL2-devel-2.0.8-11.3.1
- openSUSE Leap 15.3 (x86_64):
libSDL2-2_0-0-32bit-2.0.8-11.3.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-11.3.1
libSDL2-devel-32bit-2.0.8-11.3.1
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
pdns-4.3.1-bp153.2.3.1
pdns-backend-geoip-4.3.1-bp153.2.3.1
pdns-backend-godbc-4.3.1-bp153.2.3.1
pdns-backend-ldap-4.3.1-bp153.2.3.1
pdns-backend-lua-4.3.1-bp153.2.3.1
pdns-backend-mysql-4.3.1-bp153.2.3.1
pdns-backend-postgresql-4.3.1-bp153.2.3.1
pdns-backend-remote-4.3.1-bp153.2.3.1
pdns-backend-sqlite3-4.3.1-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2020-14409.html
https://www.suse.com/security/cve/CVE-2020-14410.html
https://www.suse.com/security/cve/CVE-2022-27227.html
https://bugzilla.suse.com/1181201
https://bugzilla.suse.com/1181202
https://bugzilla.suse.com/1197525
1
0
openSUSE-SU-2022:0103-1: important: Security update for opera
by opensuse-security@opensuse.org 04 Apr '22
by opensuse-security@opensuse.org 04 Apr '22
04 Apr '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0103-1
Rating: important
References:
Cross-References: CVE-2022-0789 CVE-2022-0790 CVE-2022-0791
CVE-2022-0792 CVE-2022-0793 CVE-2022-0794
CVE-2022-0795 CVE-2022-0796 CVE-2022-0797
CVE-2022-0798 CVE-2022-0799 CVE-2022-0800
CVE-2022-0801 CVE-2022-0802 CVE-2022-0803
CVE-2022-0804 CVE-2022-0805 CVE-2022-0806
CVE-2022-0807 CVE-2022-0808 CVE-2022-0809
CVE-2022-1096
Affected Products:
openSUSE Leap 15.3:NonFree
______________________________________________________________________________
An update that fixes 22 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Opera was updated to 85.0.4341.28
- CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84
- DNA-98092 Crash at views::MenuItemView::GetMenuController()
- DNA-98278 Translations for O85
- DNA-98320 [Mac] Unable to delete recent search entries
- DNA-98614 Show recent searches for non-BABE users
- DNA-98615 Allow removal of recent searches
- DNA-98616 Add recent searches to ���old��� BABE
- DNA-98617 Make it possible to disable ad-blocker per-country
- DNA-98651 Remove Instagram and Facebook Messenger in Russia
- DNA-98653 Add flag #recent-searches
- DNA-98696 smoketest
PageInfoHistoryDataSourceTest.FormatTimestampString failing
- DNA-98703 Port Chromium issue 1309225 to Opera Stable
- The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096
- Changes in 85.0.4341.18
- CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51
- DNA-98059 [Linux] Crash at
opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled
- DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()
- DNA-98126 System crash dialog shown on macOS <= 10.15
- DNA-98331 [Snap] Meme generator cropping / resizing broken
- DNA-98394 Audio tab indicator set to "muted" on videoconferencing sites
- DNA-98481 Report errors in opauto_collector
- The update to chromium 99.0.4844.51 fixes following issues:
CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,
CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,
CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,
CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,
CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809
- Changes in 85.0.4341.13
- DNA-94119 Upgrade curl to 7.81.0
- DNA-97849 [Mac monterey] System shortcut interfere with Opera���s
`ToggleSearchInOpenTabs` shortcut
- DNA-98204 Automatic popout happens when video is paused
- DNA-98231 Shortcuts are blocked by displayed tab tooltip when
triggered quickly after tooltip appears
- DNA-98321 Add thinlto-cache warnings to suppression list
- DNA-98395 Promote O85 to stable
- Complete Opera 85.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-85/
- Update to 84.0.4316.42
- DNA-94119 Upgrade curl to 7.81.0
- DNA-98092 Crash at views::MenuItemView::GetMenuController()
- DNA-98204 Automatic popout happens when video is paused
- DNA-98231 Shortcuts are blocked by displayed tab tooltip when
triggered quickly after tooltip appears
- Update to 84.0.4316.31
- CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109
- DNA-97573 [Win][Lin]���Close tab��� button is not displayed on tabs
playing media when many tabs are open
- DNA-97729 cancelling the process uploading custom Wallpaper crashes
the browser
- DNA-97871 Google meet tab���s icons don���t fit on pinned tab
- DNA-97872 Tab is being unpinned when video conferencing button is
clicked
- DNA-98039 Dark theme top sites have black background
- DNA-98117 Clicking current tab information should hide tooltip
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:NonFree:
zypper in -t patch openSUSE-2022-103=1
Package List:
- openSUSE Leap 15.3:NonFree (x86_64):
opera-85.0.4341.28-lp153.2.42.1
References:
https://www.suse.com/security/cve/CVE-2022-0789.html
https://www.suse.com/security/cve/CVE-2022-0790.html
https://www.suse.com/security/cve/CVE-2022-0791.html
https://www.suse.com/security/cve/CVE-2022-0792.html
https://www.suse.com/security/cve/CVE-2022-0793.html
https://www.suse.com/security/cve/CVE-2022-0794.html
https://www.suse.com/security/cve/CVE-2022-0795.html
https://www.suse.com/security/cve/CVE-2022-0796.html
https://www.suse.com/security/cve/CVE-2022-0797.html
https://www.suse.com/security/cve/CVE-2022-0798.html
https://www.suse.com/security/cve/CVE-2022-0799.html
https://www.suse.com/security/cve/CVE-2022-0800.html
https://www.suse.com/security/cve/CVE-2022-0801.html
https://www.suse.com/security/cve/CVE-2022-0802.html
https://www.suse.com/security/cve/CVE-2022-0803.html
https://www.suse.com/security/cve/CVE-2022-0804.html
https://www.suse.com/security/cve/CVE-2022-0805.html
https://www.suse.com/security/cve/CVE-2022-0806.html
https://www.suse.com/security/cve/CVE-2022-0807.html
https://www.suse.com/security/cve/CVE-2022-0808.html
https://www.suse.com/security/cve/CVE-2022-0809.html
https://www.suse.com/security/cve/CVE-2022-1096.html
1
0
openSUSE-SU-2022:1100-1: important: Security update for 389-ds
by opensuse-security@opensuse.org 04 Apr '22
by opensuse-security@opensuse.org 04 Apr '22
04 Apr '22
openSUSE Security Update: Security update for 389-ds
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:1100-1
Rating: important
References: #1194068 #1194084 #1197275 #1197345
Cross-References: CVE-2022-0918 CVE-2022-0996
CVSS scores:
CVE-2022-0918 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0918 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0996 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0996 (SUSE): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves two vulnerabilities and has two fixes
is now available.
Description:
This update for 389-ds fixes the following issues:
- CVE-2022-0918: Fixed a potential denial of service via crafted packet
(bsc#1197275).
- CVE-2022-0996: Fixed a mishandling of password expiry (bsc#1197345).
- Resolved LDAP-Support not working with DHCP by adding required schema
(bsc#1194068)
- Resolved multiple index migration bug (bsc#1194084)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1100=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
389-ds-1.4.4.19~git28.b12c72226-150300.3.12.1
389-ds-debuginfo-1.4.4.19~git28.b12c72226-150300.3.12.1
389-ds-debugsource-1.4.4.19~git28.b12c72226-150300.3.12.1
389-ds-devel-1.4.4.19~git28.b12c72226-150300.3.12.1
389-ds-snmp-1.4.4.19~git28.b12c72226-150300.3.12.1
389-ds-snmp-debuginfo-1.4.4.19~git28.b12c72226-150300.3.12.1
lib389-1.4.4.19~git28.b12c72226-150300.3.12.1
libsvrcore0-1.4.4.19~git28.b12c72226-150300.3.12.1
libsvrcore0-debuginfo-1.4.4.19~git28.b12c72226-150300.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-0918.html
https://www.suse.com/security/cve/CVE-2022-0996.html
https://bugzilla.suse.com/1194068
https://bugzilla.suse.com/1194084
https://bugzilla.suse.com/1197275
https://bugzilla.suse.com/1197345
1
0
openSUSE-SU-2022:1091-1: moderate: Security update for python
by opensuse-security@opensuse.org 01 Apr '22
by opensuse-security@opensuse.org 01 Apr '22
01 Apr '22
openSUSE Security Update: Security update for python
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:1091-1
Rating: moderate
References: #1175619 #1186819 #1194146 #1195396
Cross-References: CVE-2021-3572 CVE-2021-4189 CVE-2022-0391
CVSS scores:
CVE-2021-3572 (SUSE): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
CVE-2021-4189 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-0391 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-0391 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for python fixes the following issues:
- CVE-2022-0391: Fixed URL sanitization containing ASCII newline and tabs
in urlparse (bsc#1195396).
- CVE-2021-4189: Fixed ftplib not to trust the PASV response (bsc#1194146).
- CVE-2021-3572: Fixed an improper handling of unicode characters in pip
(bsc#1186819).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1091=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1091=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpython2_7-1_0-2.7.18-150000.38.2
libpython2_7-1_0-debuginfo-2.7.18-150000.38.2
python-2.7.18-150000.38.1
python-base-2.7.18-150000.38.2
python-base-debuginfo-2.7.18-150000.38.2
python-base-debugsource-2.7.18-150000.38.2
python-curses-2.7.18-150000.38.1
python-curses-debuginfo-2.7.18-150000.38.1
python-debuginfo-2.7.18-150000.38.1
python-debugsource-2.7.18-150000.38.1
python-demo-2.7.18-150000.38.1
python-devel-2.7.18-150000.38.2
python-gdbm-2.7.18-150000.38.1
python-gdbm-debuginfo-2.7.18-150000.38.1
python-idle-2.7.18-150000.38.1
python-tk-2.7.18-150000.38.1
python-tk-debuginfo-2.7.18-150000.38.1
python-xml-2.7.18-150000.38.2
python-xml-debuginfo-2.7.18-150000.38.2
- openSUSE Leap 15.4 (noarch):
python-doc-2.7.18-150000.38.1
python-doc-pdf-2.7.18-150000.38.1
- openSUSE Leap 15.4 (x86_64):
libpython2_7-1_0-32bit-2.7.18-150000.38.2
libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.38.2
python-32bit-2.7.18-150000.38.1
python-32bit-debuginfo-2.7.18-150000.38.1
python-base-32bit-2.7.18-150000.38.2
python-base-32bit-debuginfo-2.7.18-150000.38.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpython2_7-1_0-2.7.18-150000.38.2
libpython2_7-1_0-debuginfo-2.7.18-150000.38.2
python-2.7.18-150000.38.1
python-base-2.7.18-150000.38.2
python-base-debuginfo-2.7.18-150000.38.2
python-base-debugsource-2.7.18-150000.38.2
python-curses-2.7.18-150000.38.1
python-curses-debuginfo-2.7.18-150000.38.1
python-debuginfo-2.7.18-150000.38.1
python-debugsource-2.7.18-150000.38.1
python-demo-2.7.18-150000.38.1
python-devel-2.7.18-150000.38.2
python-gdbm-2.7.18-150000.38.1
python-gdbm-debuginfo-2.7.18-150000.38.1
python-idle-2.7.18-150000.38.1
python-tk-2.7.18-150000.38.1
python-tk-debuginfo-2.7.18-150000.38.1
python-xml-2.7.18-150000.38.2
python-xml-debuginfo-2.7.18-150000.38.2
- openSUSE Leap 15.3 (x86_64):
libpython2_7-1_0-32bit-2.7.18-150000.38.2
libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.38.2
python-32bit-2.7.18-150000.38.1
python-32bit-debuginfo-2.7.18-150000.38.1
python-base-32bit-2.7.18-150000.38.2
python-base-32bit-debuginfo-2.7.18-150000.38.2
- openSUSE Leap 15.3 (noarch):
python-doc-2.7.18-150000.38.1
python-doc-pdf-2.7.18-150000.38.1
References:
https://www.suse.com/security/cve/CVE-2021-3572.html
https://www.suse.com/security/cve/CVE-2021-4189.html
https://www.suse.com/security/cve/CVE-2022-0391.html
https://bugzilla.suse.com/1175619
https://bugzilla.suse.com/1186819
https://bugzilla.suse.com/1194146
https://bugzilla.suse.com/1195396
1
0
openSUSE-SU-2022:1073-1: moderate: Security update for yaml-cpp
by opensuse-security@opensuse.org 01 Apr '22
by opensuse-security@opensuse.org 01 Apr '22
01 Apr '22
openSUSE Security Update: Security update for yaml-cpp
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:1073-1
Rating: moderate
References: #1121227 #1121230 #1122004 #1122021
Cross-References: CVE-2018-20573 CVE-2018-20574 CVE-2019-6285
CVE-2019-6292
CVSS scores:
CVE-2018-20573 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20573 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20574 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20574 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-6285 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-6285 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-6292 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-6292 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for yaml-cpp fixes the following issues:
- CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function
Scanner:EnsureTokensInQueue (bsc#1121227).
- CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function
SingleDocParser:HandleFlowMap (bsc#1121230).
- CVE-2019-6285: Fixed remote DOS via a crafted YAML file in function
SingleDocParser::HandleFlowSequence (bsc#1122004).
- CVE-2019-6292: Fixed DOS by stack consumption in singledocparser.cpp
(bsc#1122021).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1073=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libyaml-cpp0_6-0.6.1-4.5.1
libyaml-cpp0_6-debuginfo-0.6.1-4.5.1
yaml-cpp-debugsource-0.6.1-4.5.1
yaml-cpp-devel-0.6.1-4.5.1
References:
https://www.suse.com/security/cve/CVE-2018-20573.html
https://www.suse.com/security/cve/CVE-2018-20574.html
https://www.suse.com/security/cve/CVE-2019-6285.html
https://www.suse.com/security/cve/CVE-2019-6292.html
https://bugzilla.suse.com/1121227
https://bugzilla.suse.com/1121230
https://bugzilla.suse.com/1122004
https://bugzilla.suse.com/1122021
1
0