openSUSE Security Announce
Threads by month
- ----- 2025 -----
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
April 2022
- 2 participants
- 61 discussions
SUSE-SU-2022:1477-1: moderate: Security update for python-Twisted
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for python-Twisted
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1477-1
Rating: moderate
References: #1198086
Cross-References: CVE-2022-24801
CVSS scores:
CVE-2022-24801 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24801 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Twisted fixes the following issues:
- CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to
prevent HTTP request smuggling. (bsc#1198086)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1477=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1477=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1477=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1477=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1477=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.9.1
python-Twisted-debugsource-19.10.0-150200.3.9.1
python2-Twisted-19.10.0-150200.3.9.1
python2-Twisted-debuginfo-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.9.1
python-Twisted-debugsource-19.10.0-150200.3.9.1
python-Twisted-doc-19.10.0-150200.3.9.1
python2-Twisted-19.10.0-150200.3.9.1
python2-Twisted-debuginfo-19.10.0-150200.3.9.1
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.9.1
python-Twisted-debugsource-19.10.0-150200.3.9.1
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debugsource-19.10.0-150200.3.9.1
python3-Twisted-19.10.0-150200.3.9.1
python3-Twisted-debuginfo-19.10.0-150200.3.9.1
References:
https://www.suse.com/security/cve/CVE-2022-24801.html
https://bugzilla.suse.com/1198086
1
0
SUSE-SU-2022:1479-1: moderate: Security update for jasper
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for jasper
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1479-1
Rating: moderate
References: #1182104 #1182105 #1184757 #1184798
Cross-References: CVE-2021-26926 CVE-2021-26927 CVE-2021-3443
CVE-2021-3467
CVSS scores:
CVE-2021-26926 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2021-26926 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2021-26927 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-26927 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-3443 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3443 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3467 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-3467 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for jasper fixes the following issues:
- CVE-2021-3467: Fixed NULL pointer deref in jp2_decode() (bsc#1184757).
- CVE-2021-3443: Fixed NULL pointer deref in jp2_decode() (bsc#1184798).
- CVE-2021-26927: Fixed NULL pointer deref in jp2_decode() (bsc#1182104).
- CVE-2021-26926: Fixed an out of bounds read in jp2_decode()
(bsc#1182105).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1479=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1479=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1479=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1479=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1479=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1479=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1479=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
jasper-2.0.14-150000.3.25.1
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- openSUSE Leap 15.4 (x86_64):
libjasper4-32bit-2.0.14-150000.3.25.1
libjasper4-32bit-debuginfo-2.0.14-150000.3.25.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
jasper-2.0.14-150000.3.25.1
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- openSUSE Leap 15.3 (x86_64):
libjasper4-32bit-2.0.14-150000.3.25.1
libjasper4-32bit-debuginfo-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper-devel-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
jasper-debuginfo-2.0.14-150000.3.25.1
jasper-debugsource-2.0.14-150000.3.25.1
libjasper4-2.0.14-150000.3.25.1
libjasper4-debuginfo-2.0.14-150000.3.25.1
References:
https://www.suse.com/security/cve/CVE-2021-26926.html
https://www.suse.com/security/cve/CVE-2021-26927.html
https://www.suse.com/security/cve/CVE-2021-3443.html
https://www.suse.com/security/cve/CVE-2021-3467.html
https://bugzilla.suse.com/1182104
https://bugzilla.suse.com/1182105
https://bugzilla.suse.com/1184757
https://bugzilla.suse.com/1184798
1
0
SUSE-SU-2022:1476-1: moderate: Security update for libcaca
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for libcaca
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1476-1
Rating: moderate
References: #1197028
Cross-References: CVE-2022-0856
CVSS scores:
CVE-2022-0856 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0856 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libcaca fixes the following issues:
- CVE-2022-0856: Fixed a divide by zero issue which could be exploited to
cause an application crash (bsc#1197028).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1476=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1476=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1476=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1476=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1476=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
caca-utils-0.99.beta19.git20171003-150200.11.6.1
caca-utils-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.4 (x86_64):
libcaca0-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.4 (noarch):
python3-caca-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
caca-utils-0.99.beta19.git20171003-150200.11.6.1
caca-utils-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-0.99.beta19.git20171003-150200.11.6.1
libcaca-ruby-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.3 (noarch):
python3-caca-0.99.beta19.git20171003-150200.11.6.1
- openSUSE Leap 15.3 (x86_64):
libcaca0-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-32bit-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libcaca-debugsource-0.99.beta19.git20171003-150200.11.6.1
libcaca-devel-0.99.beta19.git20171003-150200.11.6.1
libcaca0-0.99.beta19.git20171003-150200.11.6.1
libcaca0-debuginfo-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-0.99.beta19.git20171003-150200.11.6.1
libcaca0-plugins-debuginfo-0.99.beta19.git20171003-150200.11.6.1
References:
https://www.suse.com/security/cve/CVE-2022-0856.html
https://bugzilla.suse.com/1197028
1
0
SUSE-SU-2022:0731-2: important: Security update for mariadb
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for mariadb
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:0731-2
Rating: important
References: #1195325 #1195334 #1195339 #1196016 SLE-22245
Cross-References: CVE-2021-46657 CVE-2021-46658 CVE-2021-46659
CVE-2021-46661 CVE-2021-46663 CVE-2021-46664
CVE-2021-46665 CVE-2021-46668 CVE-2022-24048
CVE-2022-24050 CVE-2022-24051 CVE-2022-24052
CVSS scores:
CVE-2021-46657 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46657 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-46658 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46658 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-46659 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46659 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-46661 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46661 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46663 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46663 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46664 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46665 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46668 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24048 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24050 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24051 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24052 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 12 vulnerabilities, contains one
feature is now available.
Description:
This update for mariadb fixes the following issues:
- Update to 10.5.15 (bsc#1196016):
* 10.5.15: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668
CVE-2021-46663
* 10.5.14: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048
CVE-2021-46659, bsc#1195339
- The following issues have already been fixed in this package but weren't
previously mentioned in the changes file: CVE-2021-46658, bsc#1195334
CVE-2021-46657, bsc#1195325
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-731=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
mariadb-galera-10.5.15-150300.3.15.1
References:
https://www.suse.com/security/cve/CVE-2021-46657.html
https://www.suse.com/security/cve/CVE-2021-46658.html
https://www.suse.com/security/cve/CVE-2021-46659.html
https://www.suse.com/security/cve/CVE-2021-46661.html
https://www.suse.com/security/cve/CVE-2021-46663.html
https://www.suse.com/security/cve/CVE-2021-46664.html
https://www.suse.com/security/cve/CVE-2021-46665.html
https://www.suse.com/security/cve/CVE-2021-46668.html
https://www.suse.com/security/cve/CVE-2022-24048.html
https://www.suse.com/security/cve/CVE-2022-24050.html
https://www.suse.com/security/cve/CVE-2022-24051.html
https://www.suse.com/security/cve/CVE-2022-24052.html
https://bugzilla.suse.com/1195325
https://bugzilla.suse.com/1195334
https://bugzilla.suse.com/1195339
https://bugzilla.suse.com/1196016
1
0
SUSE-SU-2022:1465-1: important: Security update for libslirp
by opensuse-security@opensuse.org 29 Apr '22
by opensuse-security@opensuse.org 29 Apr '22
29 Apr '22
SUSE Security Update: Security update for libslirp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1465-1
Rating: important
References: #1187364 #1187366 #1187367 #1198773
Cross-References: CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
CVSS scores:
CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for libslirp fixes the following issues:
- CVE-2021-3592: Fixed invalid pointer initialization may lead to
information disclosure (bootp) (bsc#1187364).
- CVE-2021-3594: Fixed invalid pointer initialization may lead to
information disclosure (udp) (bsc#1187367).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to
information disclosure (tftp) (bsc#1187366).
- Fix a dhcp regression [bsc#1198773]
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1465=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1465=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-1465=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1465=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1465=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1465=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp-devel-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.2.7.1
libslirp0-4.3.1-150300.2.7.1
libslirp0-debuginfo-4.3.1-150300.2.7.1
References:
https://www.suse.com/security/cve/CVE-2021-3592.html
https://www.suse.com/security/cve/CVE-2021-3594.html
https://www.suse.com/security/cve/CVE-2021-3595.html
https://bugzilla.suse.com/1187364
https://bugzilla.suse.com/1187366
https://bugzilla.suse.com/1187367
https://bugzilla.suse.com/1198773
1
0
SUSE-SU-2022:1461-1: important: Security update for nodejs12
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1461-1
Rating: important
References: #1194819 #1196877 #1197283 #1198247
Cross-References: CVE-2021-44906 CVE-2021-44907 CVE-2022-0235
CVE-2022-0778
CVSS scores:
CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-44907 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44907 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-0235 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
CVE-2022-0778 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0778 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs12 fixes the following issues:
- CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when
parsing certificates (bsc#1196877).
- CVE-2021-44906: Fixed a prototype pollution in node-minimist
(bsc#1198247).
- CVE-2021-44907: Fixed a potential Denial of Service vulnerability in
node-qs (bsc#1197283).
- CVE-2022-0235: Fixed an exposure of sensitive information to an
unauthorized actor in node-fetch (bsc#1194819).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1461=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1461=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1461=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1461=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1461=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1461=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1461=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1461=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1461=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1461=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1461=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1461=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- openSUSE Leap 15.4 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Manager Server 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Manager Proxy 4.1 (x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Manager Proxy 4.1 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs12-12.22.12-150200.4.32.1
nodejs12-debuginfo-12.22.12-150200.4.32.1
nodejs12-debugsource-12.22.12-150200.4.32.1
nodejs12-devel-12.22.12-150200.4.32.1
npm12-12.22.12-150200.4.32.1
- SUSE Enterprise Storage 7 (noarch):
nodejs12-docs-12.22.12-150200.4.32.1
References:
https://www.suse.com/security/cve/CVE-2021-44906.html
https://www.suse.com/security/cve/CVE-2021-44907.html
https://www.suse.com/security/cve/CVE-2022-0235.html
https://www.suse.com/security/cve/CVE-2022-0778.html
https://bugzilla.suse.com/1194819
https://bugzilla.suse.com/1196877
https://bugzilla.suse.com/1197283
https://bugzilla.suse.com/1198247
1
0
SUSE-SU-2022:1462-1: important: Security update for nodejs14
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for nodejs14
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1462-1
Rating: important
References: #1194819 #1196877 #1197283 #1198247
Cross-References: CVE-2021-44906 CVE-2021-44907 CVE-2022-0235
CVE-2022-0778
CVSS scores:
CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-44907 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44907 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-0235 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
CVE-2022-0778 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0778 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs14 fixes the following issues:
- CVE-2022-0778: Fixed a infinite loop in BN_mod_sqrt() reachable when
parsing certificates (bsc#1196877).
- CVE-2021-44906: Fixed a prototype pollution in node-minimist
(bsc#1198247).
- CVE-2021-44907: Fixed a potential Denial of Service vulnerability in
node-qs (bsc#1197283).
- CVE-2022-0235: Fixed an exposure of sensitive information to an
unauthorized actor in node-fetch (bsc#1194819).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1462=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1462=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1462=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1462=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1462=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1462=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1462=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1462=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1462=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1462=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1462=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1462=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack14-14.19.1-150200.15.31.1
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- openSUSE Leap 15.4 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Manager Server 4.1 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Manager Proxy 4.1 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Manager Proxy 4.1 (x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs14-14.19.1-150200.15.31.1
nodejs14-debuginfo-14.19.1-150200.15.31.1
nodejs14-debugsource-14.19.1-150200.15.31.1
nodejs14-devel-14.19.1-150200.15.31.1
npm14-14.19.1-150200.15.31.1
- SUSE Enterprise Storage 7 (noarch):
nodejs14-docs-14.19.1-150200.15.31.1
References:
https://www.suse.com/security/cve/CVE-2021-44906.html
https://www.suse.com/security/cve/CVE-2021-44907.html
https://www.suse.com/security/cve/CVE-2022-0235.html
https://www.suse.com/security/cve/CVE-2022-0778.html
https://bugzilla.suse.com/1194819
https://bugzilla.suse.com/1196877
https://bugzilla.suse.com/1197283
https://bugzilla.suse.com/1198247
1
0
SUSE-SU-2022:1454-1: moderate: Security update for python-pip
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for python-pip
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1454-1
Rating: moderate
References: #1176262 #1195831 SLE-18038
Cross-References: CVE-2019-20916
CVSS scores:
CVE-2019-20916 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2019-20916 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability, contains one
feature and has one errata is now available.
Description:
This update for python-pip fixes the following issues:
- Add wheel subpackage with the generated wheel for this package
(bsc#1176262, CVE-2019-20916).
- Make wheel a separate build run to avoid the setuptools/wheel build
cycle.
- Switch this package to use update-alternatives for all files in
%{_bindir} so it doesn't collide with the versions on "the latest"
versions of Python interpreter (jsc#SLE-18038, bsc#1195831).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1454=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1454=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1454=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-1454=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1454=1
Package List:
- openSUSE Leap 15.4 (noarch):
python2-pip-20.0.2-150100.6.18.1
- openSUSE Leap 15.3 (noarch):
python2-pip-20.0.2-150100.6.18.1
python3-pip-20.0.2-150100.6.18.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
python3-pip-20.0.2-150100.6.18.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (noarch):
python2-pip-20.0.2-150100.6.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-pip-20.0.2-150100.6.18.1
References:
https://www.suse.com/security/cve/CVE-2019-20916.html
https://bugzilla.suse.com/1176262
https://bugzilla.suse.com/1195831
1
0
SUSE-SU-2022:1446-1: moderate: Security update for python-paramiko
by opensuse-security@opensuse.org 28 Apr '22
by opensuse-security@opensuse.org 28 Apr '22
28 Apr '22
SUSE Security Update: Security update for python-paramiko
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1446-1
Rating: moderate
References: #1197279
Cross-References: CVE-2022-24302
CVSS scores:
CVE-2022-24302 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-24302 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-paramiko fixes the following issues:
- CVE-2022-24302: Fixed a race condition between creation and chmod when
writing private keys. (bsc#1197279)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1446=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1446=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1446=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-1446=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1446=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1446=1
Package List:
- openSUSE Leap 15.4 (noarch):
python-paramiko-doc-2.4.2-150100.6.12.1
python2-paramiko-2.4.2-150100.6.12.1
python3-paramiko-2.4.2-150100.6.12.1
- openSUSE Leap 15.3 (noarch):
python-paramiko-doc-2.4.2-150100.6.12.1
python2-paramiko-2.4.2-150100.6.12.1
python3-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
python3-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (noarch):
python2-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-paramiko-2.4.2-150100.6.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-paramiko-2.4.2-150100.6.12.1
References:
https://www.suse.com/security/cve/CVE-2022-24302.html
https://bugzilla.suse.com/1197279
1
0
28 Apr '22
SUSE Security Update: Security update for glib2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1455-1
Rating: low
References: #1183533
Cross-References: CVE-2021-28153
CVSS scores:
CVE-2021-28153 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-28153 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for glib2 fixes the following issues:
- CVE-2021-28153: Fixed an issue where symlink targets would be
incorrectly created as empty files (bsc#1183533).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1455=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1455=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1455=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1455=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1455=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1455=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1455=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
glib2-tests-2.62.6-150200.3.9.1
glib2-tests-debuginfo-2.62.6-150200.3.9.1
libgio-fam-2.62.6-150200.3.9.1
libgio-fam-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.4 (x86_64):
libgio-fam-32bit-2.62.6-150200.3.9.1
libgio-fam-32bit-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-devel-2.62.6-150200.3.9.1
glib2-devel-debuginfo-2.62.6-150200.3.9.1
glib2-devel-static-2.62.6-150200.3.9.1
glib2-tests-2.62.6-150200.3.9.1
glib2-tests-debuginfo-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgio-fam-2.62.6-150200.3.9.1
libgio-fam-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-2.62.6-150200.3.9.1
libgthread-2_0-0-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.3 (x86_64):
glib2-devel-32bit-2.62.6-150200.3.9.1
glib2-devel-32bit-debuginfo-2.62.6-150200.3.9.1
glib2-tools-32bit-2.62.6-150200.3.9.1
glib2-tools-32bit-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgio-fam-32bit-2.62.6-150200.3.9.1
libgio-fam-32bit-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-32bit-2.62.6-150200.3.9.1
libgthread-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
- openSUSE Leap 15.3 (noarch):
gio-branding-upstream-2.62.6-150200.3.9.1
glib2-lang-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
glib2-lang-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-devel-2.62.6-150200.3.9.1
glib2-devel-debuginfo-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-2.62.6-150200.3.9.1
libgthread-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-devel-2.62.6-150200.3.9.1
glib2-devel-debuginfo-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgthread-2_0-0-2.62.6-150200.3.9.1
libgthread-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libgio-2_0-0-32bit-2.62.6-150200.3.9.1
libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-2.62.6-150200.3.9.1
libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-2.62.6-150200.3.9.1
libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-2.62.6-150200.3.9.1
libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
glib2-lang-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
glib2-debugsource-2.62.6-150200.3.9.1
glib2-tools-2.62.6-150200.3.9.1
glib2-tools-debuginfo-2.62.6-150200.3.9.1
libgio-2_0-0-2.62.6-150200.3.9.1
libgio-2_0-0-debuginfo-2.62.6-150200.3.9.1
libglib-2_0-0-2.62.6-150200.3.9.1
libglib-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgmodule-2_0-0-2.62.6-150200.3.9.1
libgmodule-2_0-0-debuginfo-2.62.6-150200.3.9.1
libgobject-2_0-0-2.62.6-150200.3.9.1
libgobject-2_0-0-debuginfo-2.62.6-150200.3.9.1
References:
https://www.suse.com/security/cve/CVE-2021-28153.html
https://bugzilla.suse.com/1183533
1
0
SUSE-SU-2022:1437-1: moderate: Security update for buildah
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for buildah
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1437-1
Rating: moderate
References: #1197870
Cross-References: CVE-2022-27651
CVSS scores:
CVE-2022-27651 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-27651 (SUSE): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for buildah fixes the following issues:
- CVE-2022-27651: Fixed incorrect default inheritable capabilities for
linux container (bsc#1197870).
Update to version 1.25.1.
The following non-security bugs were fixed:
- add workaround for https://bugzilla.opensuse.org/show_bug.cgi?id=1183043
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1437=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-1437=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
buildah-1.25.1-150300.8.6.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
buildah-1.25.1-150300.8.6.1
References:
https://www.suse.com/security/cve/CVE-2022-27651.html
https://bugzilla.suse.com/1197870
1
0
SUSE-SU-2022:1435-1: important: Security update for firewalld, golang-github-prometheus-prometheus
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for firewalld, golang-github-prometheus-prometheus
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1435-1
Rating: important
References: #1196338 #1197042 SLE-24373 SLE-24374 SLE-24375
Cross-References: CVE-2022-21698
CVSS scores:
CVE-2022-21698 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-21698 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 6
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability, contains three
features and has one errata is now available.
Description:
This update for firewalld, golang-github-prometheus-prometheus fixes the
following issues:
Security fixes for golang-github-prometheus-prometheus:
- CVE-2022-21698: Denial of Service through unbounded cardinality, and
potential memory exhaustion, when handling requests with non-standard
HTTP methods (bsc#1196338).
Other non security changes for golang-github-prometheus-prometheus:
- Build `firewalld-prometheus-config` only for SUSE Linux Enterprise 15,
15-SP1 and 15-SP2, and require `firewalld`.
- Only recommends `firewalld-prometheus-config` as prometheus does not
require it to run.
- Create `firewalld-prometheus-config` subpackage (bsc#1197042,
jsc#SLE-24373, jsc#SLE-24374, jsc#SLE-24375)
Other non security changes for firewalld:
- Provide dummy `firewalld-prometheus-config` package (bsc#1197042)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1435=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1435=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-1435=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-1435=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-1435=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1435=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1435=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1435=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1435=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1435=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- openSUSE Leap 15.3 (noarch):
firewall-applet-0.9.3-150300.3.6.1
firewall-config-0.9.3-150300.3.6.1
firewall-macros-0.9.3-150300.3.6.1
firewalld-0.9.3-150300.3.6.1
firewalld-lang-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (aarch64 ppc64le s390x x86_64):
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (aarch64 ppc64le s390x x86_64):
firewalld-prometheus-config-0.1-150100.4.9.2
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (noarch):
firewall-applet-0.9.3-150300.3.6.1
firewall-config-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
firewall-macros-0.9.3-150300.3.6.1
firewalld-0.9.3-150300.3.6.1
firewalld-lang-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
firewalld-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
firewalld-0.9.3-150300.3.6.1
python3-firewall-0.9.3-150300.3.6.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
firewalld-prometheus-config-0.1-150100.4.9.2
golang-github-prometheus-prometheus-2.32.1-150100.4.9.2
References:
https://www.suse.com/security/cve/CVE-2022-21698.html
https://bugzilla.suse.com/1196338
https://bugzilla.suse.com/1197042
1
0
SUSE-SU-2022:1436-1: moderate: Security update for libaom
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for libaom
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1436-1
Rating: moderate
References: #1185778
Cross-References: CVE-2021-30473
CVSS scores:
CVE-2021-30473 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-30473 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libaom fixes the following issues:
- CVE-2021-30473: AOMedia in aom_image.c frees memory that is not located
on the heap (bsc#1185778).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1436=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1436=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1436=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1436=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.4 (x86_64):
libaom0-32bit-1.0.0-150200.3.12.1
libaom0-32bit-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
aom-tools-1.0.0-150200.3.12.1
aom-tools-debuginfo-1.0.0-150200.3.12.1
libaom-debugsource-1.0.0-150200.3.12.1
libaom-devel-1.0.0-150200.3.12.1
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.3 (x86_64):
libaom0-32bit-1.0.0-150200.3.12.1
libaom0-32bit-debuginfo-1.0.0-150200.3.12.1
- openSUSE Leap 15.3 (noarch):
libaom-devel-doc-1.0.0-150200.3.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libaom-debugsource-1.0.0-150200.3.12.1
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libaom-debugsource-1.0.0-150200.3.12.1
libaom0-1.0.0-150200.3.12.1
libaom0-debuginfo-1.0.0-150200.3.12.1
References:
https://www.suse.com/security/cve/CVE-2021-30473.html
https://bugzilla.suse.com/1185778
1
0
SUSE-SU-2022:1431-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1431-1
Rating: important
References: #1196133 #1198290
Cross-References: CVE-2022-22594 CVE-2022-22624 CVE-2022-22628
CVE-2022-22629 CVE-2022-22637
CVSS scores:
CVE-2022-22594 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-22594 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-22624 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-22628 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-22629 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-22637 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for webkit2gtk3 fixes the following issues:
Update to version 2.36.0 (bsc#1198290):
- CVE-2022-22624: Fixed use after free that may lead to arbitrary code
execution.
- CVE-2022-22628: Fixed use after free that may lead to arbitrary code
execution.
- CVE-2022-22629: Fixed a buffer overflow that may lead to arbitrary code
execution.
- CVE-2022-22637: Fixed an unexpected cross-origin behavior due to a logic
error.
Missing CVE reference for the update to 2.34.6 (bsc#1196133):
- CVE-2022-22594: Fixed a cross-origin issue in the IndexDB API.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1431=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1431=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1431=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1431=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1431=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1431=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1431=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1431=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1431=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1431=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1431=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1431=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1431=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1431=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1431=1
Package List:
- openSUSE Leap 15.4 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit-jsc-4-2.36.0-150200.32.1
webkit-jsc-4-debuginfo-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
webkit2gtk3-minibrowser-2.36.0-150200.32.1
webkit2gtk3-minibrowser-debuginfo-2.36.0-150200.32.1
- openSUSE Leap 15.3 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-32bit-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-32bit-debuginfo-2.36.0-150200.32.1
- openSUSE Leap 15.3 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Manager Server 4.1 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Manager Proxy 4.1 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Manager Proxy 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.0-150200.32.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-2.36.0-150200.32.1
libwebkit2gtk-4_0-37-debuginfo-2.36.0-150200.32.1
typelib-1_0-JavaScriptCore-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2-4_0-2.36.0-150200.32.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-2.36.0-150200.32.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.0-150200.32.1
webkit2gtk3-debugsource-2.36.0-150200.32.1
webkit2gtk3-devel-2.36.0-150200.32.1
- SUSE Enterprise Storage 7 (noarch):
libwebkit2gtk3-lang-2.36.0-150200.32.1
References:
https://www.suse.com/security/cve/CVE-2022-22594.html
https://www.suse.com/security/cve/CVE-2022-22624.html
https://www.suse.com/security/cve/CVE-2022-22628.html
https://www.suse.com/security/cve/CVE-2022-22629.html
https://www.suse.com/security/cve/CVE-2022-22637.html
https://bugzilla.suse.com/1196133
https://bugzilla.suse.com/1198290
1
0
SUSE-SU-2022:1430-1: important: Security update for cifs-utils
by opensuse-security@opensuse.org 27 Apr '22
by opensuse-security@opensuse.org 27 Apr '22
27 Apr '22
SUSE Security Update: Security update for cifs-utils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1430-1
Rating: important
References: #1197216
Cross-References: CVE-2022-27239
CVSS scores:
CVE-2022-27239 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for cifs-utils fixes the following issues:
- CVE-2022-27239: Fixed a buffer overflow in the command line ip option
(bsc#1197216).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1430=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1430=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1430=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1430=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1430=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1430=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1430=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1430=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1430=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1430=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1430=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1430=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1430=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1430=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1430=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1430=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
pam_cifscreds-6.9-150100.5.15.1
pam_cifscreds-debuginfo-6.9-150100.5.15.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Manager Proxy 4.1 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
- SUSE CaaS Platform 4.0 (x86_64):
cifs-utils-6.9-150100.5.15.1
cifs-utils-debuginfo-6.9-150100.5.15.1
cifs-utils-debugsource-6.9-150100.5.15.1
cifs-utils-devel-6.9-150100.5.15.1
References:
https://www.suse.com/security/cve/CVE-2022-27239.html
https://bugzilla.suse.com/1197216
1
0
27 Apr '22
SUSE Security Update: Security update for ant
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1418-1
Rating: moderate
References: #1188468 #1188469
Cross-References: CVE-2021-36373 CVE-2021-36374
CVSS scores:
CVE-2021-36373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-36373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-36374 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-36374 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for ant fixes the following issues:
- CVE-2021-36373: Fixed an excessive memory allocation when reading a
specially crafted TAR archive (bsc#1188468).
- CVE-2021-36374: Fixed an excessive memory allocation when reading a
specially crafted ZIP archive (bsc#1188469).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1418=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1418=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1418=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1418=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1418=1
Package List:
- openSUSE Leap 15.4 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-apache-xalan2-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-commons-net-1.10.7-150200.4.6.1
ant-imageio-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-jsch-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-junit5-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
ant-testutil-1.10.7-150200.4.6.1
ant-xz-1.10.7-150200.4.6.1
- openSUSE Leap 15.3 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-apache-xalan2-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-commons-net-1.10.7-150200.4.6.1
ant-imageio-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-jsch-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-junit5-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
ant-testutil-1.10.7-150200.4.6.1
ant-xz-1.10.7-150200.4.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
ant-1.10.7-150200.4.6.1
ant-antlr-1.10.7-150200.4.6.1
ant-apache-bcel-1.10.7-150200.4.6.1
ant-apache-bsf-1.10.7-150200.4.6.1
ant-apache-log4j-1.10.7-150200.4.6.1
ant-apache-oro-1.10.7-150200.4.6.1
ant-apache-regexp-1.10.7-150200.4.6.1
ant-apache-resolver-1.10.7-150200.4.6.1
ant-commons-logging-1.10.7-150200.4.6.1
ant-javamail-1.10.7-150200.4.6.1
ant-jdepend-1.10.7-150200.4.6.1
ant-jmf-1.10.7-150200.4.6.1
ant-junit-1.10.7-150200.4.6.1
ant-manual-1.10.7-150200.4.6.1
ant-scripts-1.10.7-150200.4.6.1
ant-swing-1.10.7-150200.4.6.1
References:
https://www.suse.com/security/cve/CVE-2021-36373.html
https://www.suse.com/security/cve/CVE-2021-36374.html
https://bugzilla.suse.com/1188468
https://bugzilla.suse.com/1188469
1
0
SUSE-SU-2022:1411-1: moderate: Security update for go1.17
by opensuse-security@opensuse.org 26 Apr '22
by opensuse-security@opensuse.org 26 Apr '22
26 Apr '22
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1411-1
Rating: moderate
References: #1190649 #1198423 #1198424
Cross-References: CVE-2022-24675 CVE-2022-28327
CVSS scores:
CVE-2022-24675 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28327 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for go1.17 fixes the following issues:
- Updated to version 1.17.9 (bsc#1190649):
- CVE-2022-24675: Fixed a stack overflow via crafted PEM file
(bsc#1198423).
- CVE-2022-28327: Fixed a potential panic when using big P-256 scalars
in the crypto/elliptic module (bsc#1198424).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1411=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1411=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1411=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1411=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1411=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
go1.17-race-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.9-150000.1.28.1
go1.17-doc-1.17.9-150000.1.28.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.9-150000.1.28.1
References:
https://www.suse.com/security/cve/CVE-2022-24675.html
https://www.suse.com/security/cve/CVE-2022-28327.html
https://bugzilla.suse.com/1190649
https://bugzilla.suse.com/1198423
https://bugzilla.suse.com/1198424
1
0
SUSE-SU-2022:1410-1: moderate: Security update for go1.18
by opensuse-security@opensuse.org 26 Apr '22
by opensuse-security@opensuse.org 26 Apr '22
26 Apr '22
SUSE Security Update: Security update for go1.18
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1410-1
Rating: moderate
References: #1183043 #1193742 #1198423 #1198424 #1198427
Cross-References: CVE-2022-24675 CVE-2022-27536 CVE-2022-28327
CVSS scores:
CVE-2022-24675 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27536 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28327 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has two
fixes is now available.
Description:
This update for go1.18 fixes the following issues:
- CVE-2022-24675: Fixed a stack overlow in Decode() in encoding/pem
(bsc#1198423).
- CVE-2022-28327: Fixed a crash due to refused oversized scalars in
generic P-256 (bsc#1198424).
- CVE-2022-27536: Fixed a crash in Certificate.Verify in crypto/x509
(bsc#1198427).
Bump go1.18 (bsc#1193742)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1410=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1410=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1410=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1410=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.1-150000.1.11.1
go1.18-doc-1.18.1-150000.1.11.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.18-race-1.18.1-150000.1.11.1
References:
https://www.suse.com/security/cve/CVE-2022-24675.html
https://www.suse.com/security/cve/CVE-2022-27536.html
https://www.suse.com/security/cve/CVE-2022-28327.html
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1193742
https://bugzilla.suse.com/1198423
https://bugzilla.suse.com/1198424
https://bugzilla.suse.com/1198427
1
0
SUSE-SU-2022:1376-1: moderate: Security update for mutt
by opensuse-security@opensuse.org 25 Apr '22
by opensuse-security@opensuse.org 25 Apr '22
25 Apr '22
SUSE Security Update: Security update for mutt
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1376-1
Rating: moderate
References: #1198518
Cross-References: CVE-2022-1328
CVSS scores:
CVE-2022-1328 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-1328 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for mutt fixes the following issues:
- CVE-2022-1328: Fixed an invalid memory access when reading untrusted
uuencoded data. This could result in including private memory in replies
(bsc#1198518).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1376=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1376=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1376=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1376=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1376=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- openSUSE Leap 15.4 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- openSUSE Leap 15.3 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
mutt-1.10.1-150000.3.23.1
mutt-debuginfo-1.10.1-150000.3.23.1
mutt-debugsource-1.10.1-150000.3.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
mutt-doc-1.10.1-150000.3.23.1
mutt-lang-1.10.1-150000.3.23.1
References:
https://www.suse.com/security/cve/CVE-2022-1328.html
https://bugzilla.suse.com/1198518
1
0
SUSE-SU-2022:1396-1: moderate: Security update for SUSE Manager Client Tools
by opensuse-security@opensuse.org 25 Apr '22
by opensuse-security@opensuse.org 25 Apr '22
25 Apr '22
SUSE Security Update: Security update for SUSE Manager Client Tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1396-1
Rating: moderate
References: #1181400 #1194363 #1194873 #1194909 #1195726
#1195727 #1195728 #1197579 SLE-23051 SLE-23422
SLE-23439
Cross-References: CVE-2021-36222 CVE-2021-3711 CVE-2021-39226
CVE-2021-41174 CVE-2021-41244 CVE-2021-43798
CVE-2021-43813 CVE-2021-43815 CVE-2022-21673
CVE-2022-21702 CVE-2022-21703 CVE-2022-21713
CVSS scores:
CVE-2021-36222 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-36222 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3711 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3711 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-39226 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-39226 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-41174 (NVD) : 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41174 (SUSE): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41244 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-41244 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-43798 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43798 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43813 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43813 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21673 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21673 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21702 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVE-2022-21702 (SUSE): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
CVE-2022-21703 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-21703 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-21713 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-21713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise Module for SUSE Manager Server 4.2
SUSE Manager Server 4.2
SUSE Manager Tools 15
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 12 vulnerabilities, contains three
features is now available.
Description:
This update fixes the following issues:
grafana:
- Update from version 7.5.12 to version 8.3.5 (jsc#SLE-23439,
jsc#SLE-23422)
+ Security:
* Fixes XSS vulnerability in handling data sources (bsc#1195726,
CVE-2022-21702)
* Fixes cross-origin request forgery vulnerability (bsc#1195727,
CVE-2022-21703)
* Fixes Insecure Direct Object Reference vulnerability in Teams API
(bsc#1195728, CVE-2022-21713)
- Update to Go 1.17.
- Add build-time dependency on `wire`.
- Update license to GNU Affero General Public License v3.0.
- Update to version 8.3.4
* GetUserInfo: return an error if no user was found (bsc#1194873,
CVE-2022-21673)
+ Features and enhancements:
* Alerting: Allow configuration of non-ready alertmanagers.
* Alerting: Allow customization of Google chat message.
* AppPlugins: Support app plugins with only default nav.
* InfluxDB: query editor: skip fields in metadata queries.
* Postgres/MySQL/MSSQL: Cancel in-flight SQL query if user cancels
query in grafana.
* Prometheus: Forward oauth tokens after prometheus datasource
migration.
+ Bug fixes:
* Azure Monitor: Bug fix for variable interpolations in metrics
dropdowns.
* Azure Monitor: Improved error messages for variable queries.
* CloudMonitoring: Fixes broken variable queries that use group bys.
* Configuration: You can now see your expired API keys if you have no
active ones.
* Elasticsearch: Fix handling multiple datalinks for a single field.
* Export: Fix error being thrown when exporting dashboards using query
variables that reference the default datasource.
* ImportDashboard: Fixes issue with importing dashboard and name
ending up in uid.
* Login: Page no longer overflows on mobile.
* Plugins: Set backend metadata property for core plugins.
* Prometheus: Fill missing steps with null values.
* Prometheus: Fix interpolation of $__rate_interval variable.
* Prometheus: Interpolate variables with curly brackets syntax.
* Prometheus: Respect the http-method data source setting.
* Table: Fixes issue with field config applied to wrong fields when
hiding columns.
* Toolkit: Fix bug with rootUrls not being properly parsed when
signing a private plugin.
* Variables: Fix so data source variables are added to adhoc
configuration.
+ Plugin development fixes & changes:
* Toolkit: Revert build config so tslib is bundled with plugins to
prevent plugins from crashing.
- Update to version 8.3.3:
* BarChart: Use new data error view component to show actions in panel
edit.
* CloudMonitor: Iterate over pageToken for resources.
* Macaron: Prevent WriteHeader invalid HTTP status code panic.
* AnnoListPanel: Fix interpolation of variables in tags.
* CloudWatch: Allow queries to have no dimensions specified.
* CloudWatch: Fix broken queries for users migrating from 8.2.4/8.2.5
to 8.3.0.
* CloudWatch: Make sure MatchExact flag gets the right value.
* Dashboards: Fix so that empty folders can be deleted from the manage
dashboards/folders page.
* InfluxDB: Improve handling of metadata query errors in InfluxQL.
* Loki: Fix adding of ad hoc filters for queries with parser and
line_format expressions.
* Prometheus: Fix running of exemplar queries for non-histogram
metrics.
* Prometheus: Interpolate template variables in interval.
* StateTimeline: Fix toolitp not showing when for frames with multiple
fields.
* TraceView: Fix virtualized scrolling when trace view is
opened in right pane in Explore.
* Variables: Fix repeating panels for on time range changed variables.
* Variables: Fix so queryparam option works for scoped
- Update to version 8.3.2
+ Security: Fixes CVE-2021-43813 and CVE-2021-43815.
- Update to version 8.3.1
+ Security: Fixes CVE-2021-43798.
- Update to version 8.3.0
* Alerting: Prevent folders from being deleted when they contain
alerts.
* Alerting: Show full preview value in tooltip.
* BarGauge: Limit title width when name is really long.
* CloudMonitoring: Avoid to escape regexps in filters.
* CloudWatch: Add support for AWS Metric Insights.
* TooltipPlugin: Remove other panels' shared tooltip in edit panel.
* Visualizations: Limit y label width to 40% of visualization width.
* Alerting: Clear alerting rule evaluation errors after intermittent
failures.
* Alerting: Fix refresh on legacy Alert List panel.
* Dashboard: Fix queries for panels with non-integer widths.
* Explore: Fix url update inconsistency.
* Prometheus: Fix range variables interpolation for time ranges
smaller than 1 second.
* ValueMappings: Fixes issue with regex value mapping that only sets
color.
- Update to version 8.3.0-beta2
+ Breaking changes:
* Grafana 8 Alerting enabled by default for installations that do not
use legacy alerting.
* Keep Last State for "If execution error or timeout" when upgrading
to Grafana 8 alerting.
* Alerting: Create DatasourceError alert if evaluation returns error.
* Alerting: Make Unified Alerting enabled by default for those who do
not use legacy alerting.
* Alerting: Support mute timings configuration through the api for the
embedded alert manager.
* CloudWatch: Add missing AWS/Events metrics.
* Docs: Add easier to find deprecation notices to certain data sources
and to the changelog.
* Plugins Catalog: Enable install controls based on the
pluginAdminEnabled flag.
* Table: Add space between values for the DefaultCell and JSONViewCell.
* Tracing: Make query editors available in dashboard for Tempo and
Zipkin.
* AccessControl: Renamed orgs roles, removed fixed:orgs:reader
introduced in beta1.
* Azure Monitor: Add trap focus for modals in grafana/ui and
other small a11y fixes for Azure Monitor.
* CodeEditor: Prevent suggestions from being clipped.
* Dashboard: Fix cache timeout persistence.
* Datasource: Fix stable sort order of query responses.
* Explore: Fix error in query history when removing last item.
* Logs: Fix requesting of older logs when flipped order.
* Prometheus: Fix running of health check query based on access mode.
* TextPanel: Fix suggestions for existing panels.
* Tracing: Fix incorrect indentations due to reoccurring spanIDs.
* Tracing: Show start time of trace with milliseconds precision.
* Variables: Make renamed or missing variable section expandable.
* Select: Select menus now properly scroll during keyboard navigation.
- Update to version 8.3.0-beta1
* Alerting: Add UI for contact point testing with custom annotations
and labels.
* Alerting: Make alert state indicator in panel header work with
Grafana 8 alerts.
* Alerting: Option for Discord notifier to use webhook name.
* Annotations: Deprecate AnnotationsSrv.
* Auth: Omit all base64 paddings in JWT tokens for the JWT auth.
* Azure Monitor: Clean up fields when editing Metrics.
* AzureMonitor: Add new starter dashboards.
* AzureMonitor: Add starter dashboard for app monitoring with
Application Insights.
* Barchart/Time series: Allow x axis label.
* CLI: Improve error handling for installing plugins.
* CloudMonitoring: Migrate to use backend plugin SDK contracts.
* CloudWatch Logs: Add retry strategy for hitting max concurrent
queries.
* CloudWatch: Add AWS RoboMaker metrics and dimension.
* CloudWatch: Add AWS Transfer metrics and dimension.
* Dashboard: replace datasource name with a reference object.
* Dashboards: Show logs on time series when hovering.
* Elasticsearch: Add support for Elasticsearch 8.0 (Beta).
* Elasticsearch: Add time zone setting to Date Histogram aggregation.
* Elasticsearch: Enable full range log volume histogram.
* Elasticsearch: Full range logs volume.
* Explore: Allow changing the graph type.
* Explore: Show ANSI colors when highlighting matched words in the
logs panel.
* Graph(old) panel: Listen to events from Time series panel.
* Import: Load gcom dashboards from URL.
* LibraryPanels: Improves export and import of library panels between
orgs.
* OAuth: Support PKCE.
* Panel edit: Overrides now highlight correctly when searching.
* PanelEdit: Display drag indicators on draggable sections.
* Plugins: Refactor Plugin Management.
* Prometheus: Add custom query parameters when creating PromLink url.
* Prometheus: Remove limits on metrics, labels, and values in Metrics
Browser.
* StateTimeline: Share cursor with rest of the panels.
* Tempo: Add error details when json upload fails.
* Tempo: Add filtering for service graph query.
* Tempo: Add links to nodes in Service Graph pointing to Prometheus
metrics.
* Time series/Bar chart panel: Add ability to sort series via legend.
* TimeSeries: Allow multiple axes for the same unit.
* TraceView: Allow span links defined on dataFrame.
* Transformations: Support a rows mode in labels to fields.
* ValueMappings: Don't apply field config defaults to time fields.
* Variables: Only update panels that are impacted by variable change.
* API: Fix dashboard quota limit for imports.
* Alerting: Fix rule editor issues with Azure Monitor data source.
* Azure monitor: Make sure alert rule editor is not enabled when
template variables are being used.
* CloudMonitoring: Fix annotation queries.
* CodeEditor: Trigger the latest getSuggestions() passed to CodeEditor.
* Dashboard: Remove the current panel from the list of options in the
Dashboard datasource.
* Encryption: Fix decrypting secrets in alerting migration.
* InfluxDB: Fix corner case where index is too large in ALIAS
* NavBar: Order App plugins alphabetically.
* NodeGraph: Fix zooming sensitivity on touchpads.
* Plugins: Add OAuth pass-through logic to api/ds/query endpoint.
* Snapshots: Fix panel inspector for snapshot data.
* Tempo: Fix basic auth password reset on adding tag.
* ValueMapping: Fixes issue with regex mappings.
* grafana/ui: Enable slider marks display.
- Update to version 8.2.7
- Update to version 8.2.6
* Security: Upgrade Docker base image to Alpine 3.14.3.
* Security: Upgrade Go to 1.17.2.
* TimeSeries: Fix fillBelowTo wrongly affecting fills of unrelated
series.
- Update to version 8.2.5
* Fix No Data behaviour in Legacy Alerting.
* Alerting: Fix a bug where the metric in the evaluation string was
not correctly populated.
* Alerting: Fix no data behaviour in Legacy Alerting for alert rules
using the AND operator.
* CloudMonitoring: Ignore min and max aggregation in MQL queries.
* Dashboards: 'Copy' is no longer added to new dashboard titles.
* DataProxy: Fix overriding response body when response is a WebSocket
upgrade.
* Elasticsearch: Use field configured in query editor as field for
date_histogram aggregations.
* Explore: Fix running queries without a datasource property set.
* InfluxDB: Fix numeric aliases in queries.
* Plugins: Ensure consistent plugin settings list response.
* Tempo: Fix validation of float durations.
* Tracing: Correct tags for each span are shown.
- Update to version 8.2.4
+ Security: Fixes CVE-2021-41244.
- Update to version 8.2.3
+ Security: Fixes CVE-2021-41174.
- Update to version 8.2.2
* Annotations: We have improved tag search performance.
* Application: You can now configure an error-template title.
* AzureMonitor: We removed a restriction from the resource filter
query.
* Packaging: We removed the ProcSubset option in systemd. This
option prevented Grafana from starting in LXC environments.
* Prometheus: We removed the autocomplete limit for metrics.
* Table: We improved the styling of the type icons to make them more
distinct from column / field name.
* ValueMappings: You can now use value mapping in stat, gauge, bar
gauge, and pie chart visualizations.
* Alerting: Fix panic when Slack's API sends unexpected response.
* Alerting: The Create Alert button now appears on the dashboard panel
when you are working with a default datasource.
* Explore: We fixed the problem where the Explore log panel disappears
when an Elasticsearch logs query returns no results.
* Graph: You can now see annotation descriptions on hover.
* Logs: The system now uses the JSON parser only if the line is parsed
to an object.
* Prometheus: We fixed the issue where the system did not reuse TCP
connections when querying from Grafana alerting.
* Prometheus: We fixed the problem that resulted in an error when a
user created a query with a $__interval min step.
* RowsToFields: We fixed the issue where the system was not properly
interpreting number values.
* Scale: We fixed how the system handles NaN percent when data min =
data max.
* Table panel: You can now create a filter that includes special
characters.
- Update to version 8.2.1
* Dashboard: Fix rendering of repeating panels.
* Datasources: Fix deletion of data source if plugin is not found.
* Packaging: Remove systemcallfilters sections from systemd unit files.
* Prometheus: Add Headers to HTTP client options.
- Update to version 8.2.0
* AWS: Updated AWS authentication documentation.
* Alerting: Added support Alertmanager data source for upstream
Prometheus AM implementation.
* Alerting: Allows more characters in label names so notifications are
sent.
* Alerting: Get alert rules for a dashboard or a panel using
/api/v1/rules endpoints.
* Annotations: Improved rendering performance of event markers.
* CloudWatch Logs: Skip caching for log queries.
* Explore: Added an opt-in configuration for Node Graph in Jaeger,
Zipkin, and Tempo.
* Packaging: Add stricter systemd unit options.
* Prometheus: Metrics browser can now handle label values with
* CodeEditor: Ensure that we trigger the latest onSave callback
provided to the component.
* DashboardList/AlertList: Fix for missing All folder value.
* Plugins: Create a mock icon component to prevent console errors.
- Update to version 8.2.0-beta2
* AccessControl: Document new permissions restricting data source
access.
* TimePicker: Add fiscal years and search to time picker.
* Alerting: Added support for Unified Alerting with Grafana HA.
* Alerting: Added support for tune rule evaluation using configuration
options.
* Alerting: Cleanups alertmanager namespace from key-value store when
disabling Grafana 8 alerts.
* Alerting: Remove ngalert feature toggle and introduce two new
settings for enabling Grafana 8 alerts and disabling them for
specific organisations.
* CloudWatch: Introduced new math expression where it is necessary to
specify the period field.
* InfluxDB: Added support for $__interval and $__interval_ms in Flux
queries for alerting.
* InfluxDB: Flux queries can use more precise start and end timestamps
with nanosecond-precision.
* Plugins Catalog: Make the catalog the default way to interact with
plugins.
* Prometheus: Removed autocomplete limit for metrics.
* Alerting: Fixed an issue where the edit page crashes if you tried to
preview an alert without a condition set.
* Alerting: Fixed rules migration to keep existing Grafana 8 alert
rules.
* Alerting: Fixed the silence file content generated during
* Analytics: Fixed an issue related to interaction event propagation
in Azure Application Insights.
* BarGauge: Fixed an issue where the cell color was lit even though
there was no data.
* BarGauge: Improved handling of streaming data.
* CloudMonitoring: Fixed INT64 label unmarshal error.
* ConfirmModal: Fixes confirm button focus on modal open.
* Dashboard: Add option to generate short URL for variables with
values containing spaces.
* Explore: No longer hides errors containing refId property.
* Fixed an issue that produced State timeline panel tooltip error when
data was not in sync.
* InfluxDB: InfluxQL query editor is set to always use resultFormat.
* Loki: Fixed creating context query for logs with parsed labels.
* PageToolbar: Fixed alignment of titles.
* Plugins Catalog: Update to the list of available panels after an
install, update or uninstall.
* TimeSeries: Fixed an issue where the shared cursor was not showing
when hovering over in old Graph panel.
* Variables: Fixed issues related to change of focus or refresh pages
when pressing enter in a text box variable input.
* Variables: Panel no longer crash when using the adhoc variable in
data links.
- Update to version 8.2.0-beta1
* AccessControl: Introduce new permissions to restrict access for
reloading provisioning configuration.
* Alerting: Add UI to edit Cortex/Loki namespace, group names, and
group evaluation interval.
* Alerting: Add a Test button to test contact point.
* Alerting: Allow creating/editing recording rules for Loki and Cortex.
* Alerting: Metrics should have the label org instead of user.
* Alerting: Sort notification channels by name to make them easier to
locate.
* Alerting: Support org level isolation of notification
* AzureMonitor: Add data links to deep link to Azure Portal Azure
Resource Graph.
* AzureMonitor: Add support for annotations from Azure Monitor Metrics
and Azure Resource Graph services.
* AzureMonitor: Show error message when subscriptions request fails in
ConfigEditor.
* Chore: Update to Golang 1.16.7.
* CloudWatch Logs: Add link to X-Ray data source for trace IDs in logs.
* CloudWatch Logs: Disable query path using websockets (Live) feature.
* CloudWatch/Logs: Don't group dataframes for non time series
* Cloudwatch: Migrate queries that use multiple stats to one query per
stat.
* Dashboard: Keep live timeseries moving left (v2).
* Datasources: Introduce response_limit for datasource responses.
* Explore: Add filter by trace or span ID to trace to logs
* Explore: Download traces as JSON in Explore Inspector.
* Explore: Reuse Dashboard's QueryRows component.
* Explore: Support custom display label for derived fields buttons for
Loki datasource.
* Grafana UI: Update monaco-related dependencies.
* Graphite: Deprecate browser access mode.
* InfluxDB: Improve handling of intervals in alerting.
* InfluxDB: InfluxQL query editor: Handle unusual characters in tag
values better.
* Jaeger: Add ability to upload JSON file for trace data.
* LibraryElements: Enable specifying UID for new and existing library
elements.
* LibraryPanels: Remove library panel icon from the panel header so
you can no longer tell that a panel is a library panel from the
dashboard view.
* Logs panel: Scroll to the bottom on page refresh when sorting in
ascending order.
* Loki: Add fuzzy search to label browser.
* Navigation: Implement active state for items in the Sidemenu.
* Packaging: Update PID file location from /var/run to /run.
* Plugins: Add Hide OAuth Forward config option.
* Postgres/MySQL/MSSQL: Add setting to limit the maximum number
of rows processed.
* Prometheus: Add browser access mode deprecation warning.
* Prometheus: Add interpolation for built-in-time variables to backend.
* Tempo: Add ability to upload trace data in JSON format.
* TimeSeries/XYChart: Allow grid lines visibility control in XYChart
and TimeSeries panels.
* Transformations: Convert field types to time string number or
boolean.
* Value mappings: Add regular-expression based value mapping.
* Zipkin: Add ability to upload trace JSON.
* Admin: Prevent user from deleting user's current/active
organization.
* LibraryPanels: Fix library panel getting saved in the dashboard's
folder.
* OAuth: Make generic teams URL and JMES path configurable.
* QueryEditor: Fix broken copy-paste for mouse middle-click
* Thresholds: Fix undefined color in "Add threshold".
* Timeseries: Add wide-to-long, and fix multi-frame output.
* TooltipPlugin: Fix behavior of Shared Crosshair when Tooltip is set
to All.
* Grafana UI: Fix TS error property css is missing in type.
- Update to version 8.1.8
- Update to version 8.1.7
* Alerting: Fix alerts with evaluation interval more than 30 seconds
resolving before notification.
* Elasticsearch/Prometheus: Fix usage of proper SigV4 service
namespace.
- Update to version 8.1.6
+ Security: Fixes CVE-2021-39226.
- Update to version 8.1.5
* BarChart: Fixes panel error that happens on second refresh.
- Update to version 8.1.4
+ Features and enhancements
* Explore: Ensure logs volume bar colors match legend colors.
* LDAP: Search all DNs for users.
* Alerting: Fix notification channel migration.
* Annotations: Fix blank panels for queries with unknown data sources.
* BarChart: Fix stale values and x axis labels.
* Graph: Make old graph panel thresholds work even if ngalert is
enabled.
* InfluxDB: Fix regex to identify / as separator.
* LibraryPanels: Fix update issues related to library panels in rows.
* Variables: Fix variables not updating inside a Panel when the
preceding Row uses "Repeat For".
- Update to version 8.1.3
+ Bug fixes
* Alerting: Fix alert flapping in the internal alertmanager.
* Alerting: Fix request handler failed to convert dataframe "results"
to plugins.DataTimeSeriesSlice: input frame is not recognized as a
time series.
* Dashboard: Fix UIDs are not preserved when importing/creating
dashboards thru importing .json file.
* Dashboard: Forces panel re-render when exiting panel edit.
* Dashboard: Prevent folder from changing when navigating to general
settings.
* Docker: Force use of libcrypto1.1 and libssl1.1 versions to fix
CVE-2021-3711.
* Elasticsearch: Fix metric names for alert queries.
* Elasticsearch: Limit Histogram field parameter to numeric values.
* Elasticsearch: Prevent pipeline aggregations to show up in terms
order by options.
* LibraryPanels: Prevent duplicate repeated panels from being created.
* Loki: Fix ad-hoc filter in dashboard when used with parser.
* Plugins: Track signed files + add warn log for plugin assets which
are not signed.
* Postgres/MySQL/MSSQL: Fix region annotations not displayed correctly.
* Prometheus: Fix validate selector in metrics browser.
* Security: Fix stylesheet injection vulnerability.
* Security: Fix short URL vulnerability.
- Update to version 8.1.2
* AzureMonitor: Add support for PostgreSQL and MySQL Flexible Servers.
* Datasource: Change HTTP status code for failed datasource health
check to 400.
* Explore: Add span duration to left panel in trace viewer.
* Plugins: Use file extension allowlist when serving plugin assets
instead of checking for UNIX executable.
* Profiling: Add support for binding pprof server to custom network
interfaces.
* Search: Make search icon keyboard navigable.
* Template variables: Keyboard navigation improvements.
* Tooltip: Display ms within minute time range.
* Alerting: Fix saving LINE contact point.
* Annotations: Fix alerting annotation coloring.
* Annotations: Alert annotations are now visible in the correct Panel.
* Auth: Hide SigV4 config UI and disable middleware when its config
flag is disabled.
* Dashboard: Prevent incorrect panel layout by comparing window width
against theme breakpoints.
* Explore: Fix showing of full log context.
* PanelEdit: Fix 'Actual' size by passing the correct panel size to
Dashboard.
* Plugins: Fix TLS datasource settings.
* Variables: Fix issue with empty drop downs on navigation.
* Variables: Fix URL util converting false into true.
* Toolkit: Fix matchMedia not found error.
- Update to version 8.1.1
* CloudWatch Logs: Fix crash when no region is selected.
- Update to version 8.1.0
* Alerting: Deduplicate receivers during migration.
* ColorPicker: Display colors as RGBA.
* Select: Make portalling the menu opt-in, but opt-in everywhere.
* TimeRangePicker: Improve accessibility.
* Annotations: Correct annotations that are displayed upon page
refresh.
* Annotations: Fix Enabled button that disappeared from Grafana v8.0.6.
* Annotations: Fix data source template variable that was not
available for annotations.
* AzureMonitor: Fix annotations query editor that does not load.
* Geomap: Fix scale calculations.
* GraphNG: Fix y-axis autosizing.
* Live: Display stream rate and fix duplicate channels in list
* Loki: Update labels in log browser when time range changes in
dashboard.
* NGAlert: Send resolve signal to alertmanager on alerting -> Normal.
* PasswordField: Prevent a password from being displayed when you
click the Enter button.
* Renderer: Remove debug.log file when Grafana is stopped.
* Security: Update dependencies to fix CVE-2021-36222.
- Update to version 8.1.0-beta3
* Alerting: Support label matcher syntax in alert rule list filter.
* IconButton: Put tooltip text as aria-label.
* Live: Experimental HA with Redis.
* UI: FileDropzone component.
* CloudWatch: Add AWS LookoutMetrics.
* Docker: Fix builds by delaying go mod verify until all required
files are copied over.
* Exemplars: Fix disable exemplars only on the query that failed.
* SQL: Fix SQL dataframe resampling (fill mode + time intervals).
- Update to version 8.1.0-beta2
* Alerting: Expand the value string in alert annotations and
* Auth: Add Azure HTTP authentication middleware.
* Auth: Auth: Pass user role when using the authentication proxy.
* Gazetteer: Update countries.json file to allow for linking to
3-letter country codes.
* Config: Fix Docker builds by correcting formatting in sample.ini.
* Explore: Fix encoding of internal URLs.
- Update to version 8.1.0-beta1
* Alerting: Add Alertmanager notifications tab.
* Alerting: Add button to deactivate current Alertmanager
* Alerting: Add toggle in Loki/Prometheus data source configuration to
opt out of alerting UI.
* Alerting: Allow any "evaluate for" value >=0 in the alert rule form.
* Alerting: Load default configuration from status endpoint, if Cortex
Alertmanager returns empty user configuration.
* Alerting: view to display alert rule and its underlying data.
* Annotation panel: Release the annotation panel.
* Annotations: Add typeahead support for tags in built-in annotations.
* AzureMonitor: Add curated dashboards for Azure services.
* AzureMonitor: Add support for deep links to Microsoft Azure portal
for Metrics.
* AzureMonitor: Remove support for different credentials for Azure
Monitor Logs.
* AzureMonitor: Support querying any Resource for Logs queries.
* Elasticsearch: Add frozen indices search support.
* Elasticsearch: Name fields after template variables values instead
of their name.
* Elasticsearch: add rate aggregation.
* Email: Allow configuration of content types for email notifications.
* Explore: Add more meta information when line limit is hit.
* Explore: UI improvements to trace view.
* FieldOverrides: Added support to change display name in an
override field and have it be matched by a later rule.
* HTTP Client: Introduce dataproxy_max_idle_connections config
variable.
* InfluxDB: InfluxQL: adds tags to timeseries data.
* InfluxDB: InfluxQL: make measurement search case insensitive. Legacy
Alerting: Replace simplejson with a struct in webhook notification
channel.
* Legend: Updates display name for Last (not null) to just Last*.
* Logs panel: Add option to show common labels.
* Loki: Add $__range variable.
* Loki: Add support for "label_values(log stream selector, label)" in
templating.
* Loki: Add support for ad-hoc filtering in dashboard.
* MySQL Datasource: Add timezone parameter.
* NodeGraph: Show gradient fields in legend.
* PanelOptions: Don't mutate panel options/field config object when
updating.
* PieChart: Make pie gradient more subtle to match other charts.
* Prometheus: Update PromQL typeahead and highlighting.
* Prometheus: interpolate variable for step field.
* Provisioning: Improve validation by validating across all dashboard
providers.
* SQL Datasources: Allow multiple string/labels columns with time
series.
* Select: Portal select menu to document.body.
* Team Sync: Add group mapping to support team sync in the Generic
OAuth provider.
* Tooltip: Make active series more noticeable.
* Tracing: Add support to configure trace to logs start and end time.
* Transformations: Skip merge when there is only a single data frame.
* ValueMapping: Added support for mapping text to color, boolean
values, NaN and Null. Improved UI for value mapping.
* Visualizations: Dynamically set any config (min, max, unit, color,
thresholds) from query results.
* live: Add support to handle origin without a value for the port when
matching with root_url.
* Alerting: Handle marshaling Inf values.
* AzureMonitor: Fix macro resolution for template variables.
* AzureMonitor: Fix queries with Microsoft.NetApp/../../volumes
resources.
* AzureMonitor: Request and concat subsequent resource pages.
* Bug: Fix parse duration for day.
* Datasources: Improve error handling for error messages.
* Explore: Correct the functionality of shift-enter shortcut across
all uses.
* Explore: Show all dataFrames in data tab in Inspector.
* GraphNG: Fix Tooltip mode 'All' for XYChart.
* Loki: Fix highlight of logs when using filter expressions with
backticks.
* Modal: Force modal content to overflow with scroll.
* Plugins: Ignore symlinked folders when verifying plugin signature.
* Toolkit: Improve error messages when tasks fail.
- Update to version 8.0.7
- Update to version 8.0.6
* Alerting: Add annotation upon alert state change.
* Alerting: Allow space in label and annotation names.
* InfluxDB: Improve legend labels for InfluxDB query results.
* Alerting: Fix improper alert by changing the handling of empty
labels.
* CloudWatch/Logs: Reestablish Cloud Watch alert behavior.
* Dashboard: Avoid migration breaking on fieldConfig without defaults
field in folded panel.
* DashboardList: Fix issue not re-fetching dashboard list after
variable change.
* Database: Fix incorrect format of isolation level configuration
parameter for MySQL.
* InfluxDB: Correct tag filtering on InfluxDB data.
* Links: Fix links that caused a full page reload.
* Live: Fix HTTP error when InfluxDB metrics have an incomplete
or asymmetrical field set.
* Postgres/MySQL/MSSQL: Change time field to "Time" for time series
queries.
* Postgres: Fix the handling of a null return value in query
* Tempo: Show hex strings instead of uints for IDs.
* TimeSeries: Improve tooltip positioning when tooltip
overflows.
* Transformations: Add 'prepare time series' transformer.
- Update to version 8.0.5
* Cloudwatch Logs: Send error down to client.
* Folders: Return 409 Conflict status when folder already exists.
* TimeSeries: Do not show series in tooltip if it's hidden in the viz.
* AzureMonitor: Fix issue where resource group name is missing
on the resource picker button.
* Chore: Fix AWS auth assuming role with workspace IAM.
* DashboardQueryRunner: Fixes unrestrained subscriptions being
* DateFormats: Fix reading correct setting key for use_browser_locale.
* Links: Fix links to other apps outside Grafana when under sub path.
* Snapshots: Fix snapshot absolute time range issue.
* Table: Fix data link color.
* Time Series: Fix X-axis time format when tick increment is larger
than a year.
* Tooltip Plugin: Prevent tooltip render if field is undefined.
- Update to version 8.0.4
* Live: Rely on app url for origin check.
* PieChart: Sort legend descending, update placeholder.
* TimeSeries panel: Do not reinitialize plot when thresholds mode
change.
* Elasticsearch: Allow case sensitive custom options in date_histogram
interval.
* Elasticsearch: Restore previous field naming strategy when using
variables.
* Explore: Fix import of queries between SQL data sources.
* InfluxDB: InfluxQL query editor: fix retention policy handling.
* Loki: Send correct time range in template variable queries.
* TimeSeries: Preserve RegExp series overrides when migrating from old
graph panel.
- Update to version 8.0.3
* Alerting: Increase alertmanager_conf column if MySQL.
* Time series/Bar chart panel: Handle infinite numbers as nulls when
converting to plot array.
* TimeSeries: Ensure series overrides that contain color are migrated,
and migrate the previous fieldConfig when changing the panel type.
* ValueMappings: Improve singlestat value mappings migration.
* Annotations: Fix annotation line and marker colors.
* AzureMonitor: Fix KQL template variable queries without default
workspace.
* CloudWatch/Logs: Fix missing response data for log queries.
* LibraryPanels: Fix crash in library panels list when panel plugin is
not found.
* LogsPanel: Fix performance drop when moving logs panel in
* Loki: Parse log levels when ANSI coloring is enabled.
* MSSQL: Fix issue with hidden queries still being executed.
* PanelEdit: Display the VisualizationPicker that was not displayed if
a panel has an unknown panel plugin.
* Plugins: Fix loading symbolically linked plugins.
* Prometheus: Fix issue where legend name was replaced with name Value
in stat and gauge panels.
* State Timeline: Fix crash when hovering over panel.
- Update to version 8.0.2
* Datasource: Add support for max_conns_per_host in dataproxy settings.
* Configuration: Fix changing org preferences in FireFox.
* PieChart: Fix legend dimension limits.
* Postgres/MySQL/MSSQL: Fix panic in concurrent map writes.
* Variables: Hide default data source if missing from regex.
- Update to version 8.0.1
* Alerting/SSE: Fix "count_non_null" reducer validation.
* Cloudwatch: Fix duplicated time series.
* Cloudwatch: Fix missing defaultRegion.
* Dashboard: Fix Dashboard init failed error on dashboards with
old singlestat panels in collapsed rows.
* Datasource: Fix storing timeout option as numeric.
* Postgres/MySQL/MSSQL: Fix annotation parsing for empty
* Postgres/MySQL/MSSQL: Numeric/non-string values are now returned
from query variables.
* Postgres: Fix an error that was thrown when the annotation query did
not return any results.
* StatPanel: Fix an issue with the appearance of the graph when
switching color mode.
* Visualizations: Fix an issue in the Stat/BarGauge/Gauge/PieChart
panels where all values mode were showing the same name if they had
the same value.
* Toolkit: Resolve external fonts when Grafana is served from a sub
path.
- Update to version 8.0.0
* The following endpoints were deprecated for Grafana v5.0 and support
for them has now been removed: GET /dashboards/db/:slug GET
/dashboard-solo/db/:slug GET /api/dashboard/db/:slug DELETE
/api/dashboards/db/:slug
* AzureMonitor: Require default subscription for workspaces() template
variable query.
* AzureMonitor: Use resource type display names in the UI.
* Dashboard: Remove support for loading and deleting dashboard by slug.
* InfluxDB: Deprecate direct browser access in data source.
* VizLegend: Add a read-only property.
* AzureMonitor: Fix Azure Resource Graph queries in Azure China.
* Checkbox: Fix vertical layout issue with checkboxes due to fixed
height.
* Dashboard: Fix Table view when editing causes the panel data to not
update.
* Dashboard: Fix issues where unsaved-changes warning is not displayed.
* Login: Fixes Unauthorized message showing when on login page
or snapshot page.
* NodeGraph: Fix sorting markers in grid view.
* Short URL: Include orgId in generated short URLs.
* Variables: Support raw values of boolean type.
- Update to version 8.0.0-beta3
* The default HTTP method for Prometheus data source is now POST.
* API: Support folder UID in dashboards API.
* Alerting: Add support for configuring avatar URL for the Discord
notifier.
* Alerting: Clarify that Threema Gateway Alerts support only Basic IDs.
* Azure: Expose Azure settings to external plugins.
* AzureMonitor: Deprecate using separate credentials for Azure Monitor
Logs.
* AzureMonitor: Display variables in resource picker for Azure
* AzureMonitor: Hide application insights for data sources not using
it.
* AzureMonitor: Support querying subscriptions and resource groups in
Azure Monitor Logs.
* AzureMonitor: remove requirement for default subscription.
* CloudWatch: Add Lambda@Edge Amazon CloudFront metrics.
* CloudWatch: Add missing AWS AppSync metrics.
* ConfirmModal: Auto focus delete button.
* Explore: Add caching for queries that are run from logs
* Loki: Add formatting for annotations.
* Loki: Bring back processed bytes as meta information.
* NodeGraph: Display node graph collapsed by default with trace view.
* Overrides: Include a manual override option to hide something from
visualization.
* PieChart: Support row data in pie charts.
* Prometheus: Update default HTTP method to POST for existing data
sources.
* Time series panel: Position tooltip correctly when window is
scrolled or resized.
* Admin: Fix infinite loading edit on the profile page.
* Color: Fix issues with random colors in string and date
* Dashboard: Fix issue with title or folder change has no effect after
exiting settings view.
* DataLinks: Fix an issue __series.name is not working in data link.
* Datasource: Fix dataproxy timeout should always be applied for
outgoing data source HTTP requests.
* Elasticsearch: Fix NewClient not passing httpClientProvider to
client impl.
* Explore: Fix Browser title not updated on Navigation to Explore.
* GraphNG: Remove fieldName and hideInLegend properties from
UPlotSeriesBuilder.
* OAuth: Fix fallback to auto_assign_org_role setting for Azure AD
OAuth when no role claims exists.
* PanelChrome: Fix issue with empty panel after adding a non data
panel and coming back from panel edit.
* StatPanel: Fix data link tooltip not showing for single value.
* Table: Fix sorting for number fields.
* Table: Have text underline for datalink, and add support for image
datalink.
* Transformations: Prevent FilterByValue transform from crashing panel
edit.
- Update to version 8.0.0-beta2
* AppPlugins: Expose react-router to apps.
* AzureMonitor: Add Azure Resource Graph.
* AzureMonitor: Managed Identity configuration UI.
* AzureMonitor: Token provider with support for Managed Identities.
* AzureMonitor: Update Logs workspace() template variable query to
return resource URIs.
* BarChart: Value label sizing.
* CloudMonitoring: Add support for preprocessing.
* CloudWatch: Add AWS/EFS StorageBytes metric.
* CloudWatch: Allow use of missing AWS namespaces using custom
* Datasource: Shared HTTP client provider for core backend data
sources and any data source using the data source proxy.
* InfluxDB: InfluxQL: allow empty tag values in the query editor.
* Instrumentation: Instrument incoming HTTP request with histograms by
default.
* Library Panels: Add name endpoint & unique name validation to
AddLibraryPanelModal.
* Logs panel: Support details view.
* PieChart: Always show the calculation options dropdown in the
* PieChart: Remove beta flag.
* Plugins: Enforce signing for all plugins.
* Plugins: Remove support for deprecated backend plugin protocol
version.
* Tempo/Jaeger: Add better display name to legend.
* Timeline: Add time range zoom.
* Timeline: Adds opacity & line width option.
* Timeline: Value text alignment option.
* ValueMappings: Add duplicate action, and disable dismiss on backdrop
click.
* Zipkin: Add node graph view to trace response.
* Annotations panel: Remove subpath from dashboard links.
* Content Security Policy: Allow all image sources by default.
* Content Security Policy: Relax default template wrt. loading
of scripts, due to nonces not working.
* Datasource: Fix tracing propagation for alert execution by
introducing HTTP client outgoing tracing middleware.
* InfluxDB: InfluxQL always apply time interval end.
* Library Panels: Fixes "error while loading library panels".
* NewsPanel: Fixes rendering issue in Safari.
* PanelChrome: Fix queries being issued again when scrolling in and
out of view.
* Plugins: Fix Azure token provider cache panic and auth param nil
value.
* Snapshots: Fix key and deleteKey being ignored when creating an
external snapshot.
* Table: Fix issue with cell border not showing with colored
background cells.
* Table: Makes tooltip scrollable for long JSON values.
* TimeSeries: Fix for Connected null values threshold toggle during
panel editing.
* Variables: Fixes inconsistent selected states on dashboard
* Variables: Refreshes all panels even if panel is full screen.
* QueryField: Remove carriage return character from pasted text.
- Update to version 8.0.0-beta1
+ License update:
* AGPL License: Update license from Apache 2.0 to the GNU Affero
General Public License (AGPL).
* Removes the never refresh option for Query variables.
* Removes the experimental Tags feature for Variables.
+ Deprecations:
* The InfoBox & FeatureInfoBox are now deprecated please use the Alert
component instead with severity info.
* API: Add org users with pagination.
* API: Return 404 when deleting nonexistent API key.
* API: Return query results as JSON rather than base64 encoded Arrow.
* Alerting: Allow sending notification tags to Opsgenie as extra
properties.
* Alerts: Replaces all uses of InfoBox & FeatureInfoBox with Alert.
* Auth: Add support for JWT Authentication.
* AzureMonitor: Add support for Microsoft.SignalRService/SignalR
metrics.
* AzureMonitor: Azure settings in Grafana server config.
* AzureMonitor: Migrate Metrics query editor to React.
* BarChart panel: enable series toggling via legend.
* BarChart panel: Adds support for Tooltip in BarChartPanel.
* PieChart panel: Change look of highlighted pie slices.
* CloudMonitoring: Migrate config editor from angular to react.
* CloudWatch: Add Amplify Console metrics and dimensions.
* CloudWatch: Add missing Redshift metrics to CloudWatch data
* CloudWatch: Add metrics for managed RabbitMQ service.
* DashboardList: Enable templating on search tag input.
* Datasource config: correctly remove single custom http header.
* Elasticsearch: Add generic support for template variables.
* Elasticsearch: Allow omitting field when metric supports inline
script.
* Elasticsearch: Allow setting a custom limit for log queries.
* Elasticsearch: Guess field type from first non-empty value.
* Elasticsearch: Use application/x-ndjson content type for multisearch
requests.
* Elasticsearch: Use semver strings to identify ES version.
* Explore: Add logs navigation to request more logs.
* Explore: Map Graphite queries to Loki.
* Explore: Scroll split panes in Explore independently.
* Explore: Wrap each panel in separate error boundary.
* FieldDisplay: Smarter naming of stat values when visualising row
values (all values) in stat panels.
* Graphite: Expand metric names for variables.
* Graphite: Handle unknown Graphite functions without breaking the
visual editor.
* Graphite: Show graphite functions descriptions.
* Graphite: Support request cancellation properly (Uses new
backendSrv.fetch Observable request API).
* InfluxDB: Flux: Improve handling of complex response-structures.
* InfluxDB: Support region annotations.
* Inspector: Download logs for manual processing.
* Jaeger: Add node graph view for trace.
* Jaeger: Search traces.
* Loki: Use data source settings for alerting queries.
* NodeGraph: Exploration mode.
* OAuth: Add support for empty scopes.
* PanelChrome: New logic-less emotion based component with no
dependency on PanelModel or DashboardModel.
* PanelEdit: Adds a table view toggle to quickly view data in table
form.
* PanelEdit: Highlight matched words when searching options.
* PanelEdit: UX improvements.
* Plugins: PanelRenderer and simplified QueryRunner to be used from
plugins.
* Plugins: AuthType in route configuration and params interpolation.
* Plugins: Enable plugin runtime install/uninstall capabilities.
* Plugins: Support set body content in plugin routes.
* Plugins: Introduce marketplace app.
* Plugins: Moving the DataSourcePicker to grafana/runtime so it can be
reused in plugins.
* Prometheus: Add custom query params for alert and exemplars
* Prometheus: Use fuzzy string matching to autocomplete metric names
and label.
* Routing: Replace Angular routing with react-router.
* Slack: Use chat.postMessage API by default.
* Tempo: Search for Traces by querying Loki directly from Tempo.
* Tempo: Show graph view of the trace.
* Themes: Switch theme without reload using global shortcut.
* TimeSeries panel: Add support for shared cursor.
* TimeSeries panel: Do not crash the panel if there is no time series
data in the response.
* Variables: Do not save repeated panels, rows and scopedVars.
* Variables: Removes experimental Tags feature.
* Variables: Removes the never refresh option.
* Visualizations: Unify tooltip options across visualizations.
* Visualizations: Refactor and unify option creation between new
visualizations.
* Visualizations: Remove singlestat panel.
* APIKeys: Fixes issue with adding first api key.
* Alerting: Add checks for non supported units - disable defaulting to
seconds.
* Alerting: Fix issue where Slack notifications won't link to user IDs.
* Alerting: Omit empty message in PagerDuty notifier.
* AzureMonitor: Fix migration error from older versions of App
Insights queries.
* CloudWatch: Fix AWS/Connect dimensions.
* CloudWatch: Fix broken AWS/MediaTailor dimension name.
* Dashboards: Allow string manipulation as advanced variable format
option.
* DataLinks: Includes harmless extended characters like Cyrillic
characters.
* Drawer: Fixes title overflowing its container.
* Explore: Fix issue when some query errors were not shown.
* Generic OAuth: Prevent adding duplicated users.
* Graphite: Handle invalid annotations.
* Graphite: Fix autocomplete when tags are not available.
* InfluxDB: Fix Cannot read property 'length' of undefined in when
parsing response.
* Instrumentation: Enable tracing when Jaeger host and port are
* Instrumentation: Prefix metrics with grafana.
* MSSQL: By default let driver choose port.
* OAuth: Add optional strict parsing of role_attribute_path.
* Panel: Fixes description markdown with inline code being rendered on
newlines and full width.
* PanelChrome: Ignore data updates & errors for non data panels.
* Permissions: Fix inherited folder permissions can prevent new
permissions being added to a dashboard.
* Plugins: Remove pre-existing plugin installs when installing with
grafana-cli.
* Plugins: Support installing to folders with whitespace and fix
pluginUrl trailing and leading whitespace failures.
* Postgres/MySQL/MSSQL: Don't return connection failure details to the
client.
* Postgres: Fix ms precision of interval in time group macro when
TimescaleDB is enabled.
* Provisioning: Use dashboard checksum field as change indicator.
* SQL: Fix so that all captured errors are returned from sql engine.
* Shortcuts: Fixes panel shortcuts so they always work.
* Table: Fixes so border is visible for cells with links.
* Variables: Clear query when data source type changes.
* Variables: Filters out builtin variables from unknown list.
* Button: Introduce buttonStyle prop.
* DataQueryRequest: Remove deprecated props showingGraph and
showingTabel and exploreMode.
* grafana/ui: Update React Hook Form to v7.
* IconButton: Introduce variant for red and blue icon buttons.
* Plugins: Expose the getTimeZone function to be able to get the
current selected timeZone.
* TagsInput: Add className to TagsInput.
* VizLegend: Move onSeriesColorChanged to PanelContext (breaking
change).
- Update to version 7.5.13
* Alerting: Fix NoDataFound for alert rules using AND operator.
mgr-cfg:
- Version 4.2.8-1
* Fix the condition for preventing building python 2 subpackage for
SLE15 (bsc#1197579)
- Version 4.2.7-1
* Fix installation problem for SLE15SP4 due missing python-selinux
mgr-osad:
- Version 4.2.8-1
* Fix the condition for preventing building python 2 subpackage for SLE15
mgr-push:
- Version 4.2.5-1
* Fix the condition for preventing building python 2 subpackage for SLE15
mgr-virtualization:
- Version 4.2.4-1
* Fix the condition for preventing building python 2 subpackage for SLE15
prometheus-postgres_exporter:
- Version 0.10.0
* Added hardening to systemd service(s) with changes to
`prometheus-postgres_exporter.service` (bsc#1181400)
* Package rename from golang-github-wrouesnel-postgres_exporter
(jsc#SLE-23051)
rhnlib:
- Version 4.2.6-1
* Fix the condition for preventing building python 2 subpackage for SLE15
spacecmd:
- Version 4.2.16-1
* implement system.bootstrap (bsc#1194909)
* Fix interactive mode for "system_applyerrata" and "errata_apply"
(bsc#1194363)
spacewalk-client-tools:
- Version 4.2.18-1
* Fix the condition for preventing building python 2 subpackage for SLE15
- Version 4.2.17-1
* Update translation strings
spacewalk-koan:
- Version 4.2.6-1
* Fix the condition for preventing building python 2 subpackage for SLE15
spacewalk-oscap:
- Version 4.2.4-1
* Fix the condition for preventing building python 2 subpackage for SLE15
suseRegisterInfo:
- Version 4.2.6-1
* Fix the condition for preventing building python 2 subpackage for SLE15
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1396=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1396=1
- SUSE Manager Tools 15:
zypper in -t patch SUSE-SLE-Manager-Tools-15-2022-1396=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-1396=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
prometheus-postgres_exporter-0.10.0-150000.1.3.1
- openSUSE Leap 15.4 (noarch):
spacecmd-4.2.16-150000.3.77.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
prometheus-postgres_exporter-0.10.0-150000.1.3.1
- openSUSE Leap 15.3 (noarch):
python3-rhnlib-4.2.6-150000.3.34.1
spacecmd-4.2.16-150000.3.77.1
- SUSE Manager Tools 15 (aarch64 ppc64le s390x x86_64):
grafana-8.3.5-150000.1.30.1
grafana-debuginfo-8.3.5-150000.1.30.1
prometheus-postgres_exporter-0.10.0-150000.1.3.1
- SUSE Manager Tools 15 (noarch):
mgr-cfg-4.2.8-150000.1.24.1
mgr-cfg-actions-4.2.8-150000.1.24.1
mgr-cfg-client-4.2.8-150000.1.24.1
mgr-cfg-management-4.2.8-150000.1.24.1
mgr-osad-4.2.8-150000.1.36.1
mgr-push-4.2.5-150000.1.18.2
mgr-virtualization-host-4.2.4-150000.1.26.1
python3-mgr-cfg-4.2.8-150000.1.24.1
python3-mgr-cfg-actions-4.2.8-150000.1.24.1
python3-mgr-cfg-client-4.2.8-150000.1.24.1
python3-mgr-cfg-management-4.2.8-150000.1.24.1
python3-mgr-osa-common-4.2.8-150000.1.36.1
python3-mgr-osad-4.2.8-150000.1.36.1
python3-mgr-push-4.2.5-150000.1.18.2
python3-mgr-virtualization-common-4.2.4-150000.1.26.1
python3-mgr-virtualization-host-4.2.4-150000.1.26.1
python3-rhnlib-4.2.6-150000.3.34.1
python3-spacewalk-check-4.2.18-150000.3.59.1
python3-spacewalk-client-setup-4.2.18-150000.3.59.1
python3-spacewalk-client-tools-4.2.18-150000.3.59.1
python3-spacewalk-koan-4.2.6-150000.3.27.1
python3-spacewalk-oscap-4.2.4-150000.3.18.1
python3-suseRegisterInfo-4.2.6-150000.3.21.1
spacecmd-4.2.16-150000.3.77.1
spacewalk-check-4.2.18-150000.3.59.1
spacewalk-client-setup-4.2.18-150000.3.59.1
spacewalk-client-tools-4.2.18-150000.3.59.1
spacewalk-koan-4.2.6-150000.3.27.1
spacewalk-oscap-4.2.4-150000.3.18.1
suseRegisterInfo-4.2.6-150000.3.21.1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64):
prometheus-postgres_exporter-0.10.0-150000.1.3.1
References:
https://www.suse.com/security/cve/CVE-2021-36222.html
https://www.suse.com/security/cve/CVE-2021-3711.html
https://www.suse.com/security/cve/CVE-2021-39226.html
https://www.suse.com/security/cve/CVE-2021-41174.html
https://www.suse.com/security/cve/CVE-2021-41244.html
https://www.suse.com/security/cve/CVE-2021-43798.html
https://www.suse.com/security/cve/CVE-2021-43813.html
https://www.suse.com/security/cve/CVE-2021-43815.html
https://www.suse.com/security/cve/CVE-2022-21673.html
https://www.suse.com/security/cve/CVE-2022-21702.html
https://www.suse.com/security/cve/CVE-2022-21703.html
https://www.suse.com/security/cve/CVE-2022-21713.html
https://bugzilla.suse.com/1181400
https://bugzilla.suse.com/1194363
https://bugzilla.suse.com/1194873
https://bugzilla.suse.com/1194909
https://bugzilla.suse.com/1195726
https://bugzilla.suse.com/1195727
https://bugzilla.suse.com/1195728
https://bugzilla.suse.com/1197579
1
0
22 Apr '22
SUSE Security Update: Security update for libslirp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1314-1
Rating: low
References: #1187364 #1187366 #1187367
Cross-References: CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
CVSS scores:
CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for libslirp fixes the following issues:
- CVE-2021-3592: Fixed invalid pointer initialization may lead to
information disclosure (bootp) (bsc#1187364).
- CVE-2021-3594: Fixed invalid pointer initialization may lead to
information disclosure (udp) (bsc#1187367).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to
information disclosure (tftp) (bsc#1187366).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1314=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1314=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1314=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1314=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp-devel-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp-devel-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp-devel-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.3.3.1
libslirp0-4.3.1-150300.3.3.1
libslirp0-debuginfo-4.3.1-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3592.html
https://www.suse.com/security/cve/CVE-2021-3594.html
https://www.suse.com/security/cve/CVE-2021-3595.html
https://bugzilla.suse.com/1187364
https://bugzilla.suse.com/1187366
https://bugzilla.suse.com/1187367
1
0
SUSE-SU-2022:1307-1: important: Security update for dnsmasq
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for dnsmasq
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1307-1
Rating: important
References: #1197872
Cross-References: CVE-2022-0934
CVSS scores:
CVE-2022-0934 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for dnsmasq fixes the following issues:
- CVE-2022-0934: Fixed an invalid memory access that could lead to remote
denial
of service via crafted packet (bsc#1197872).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1307=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1307=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1307=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1307=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1307=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1307=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1307=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1307=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1307=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1307=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1307=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1307=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1307=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1307=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1307=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1307=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1307=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1307=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1307=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1307=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
dnsmasq-utils-2.86-150100.7.20.1
dnsmasq-utils-debuginfo-2.86-150100.7.20.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
dnsmasq-utils-2.86-150100.7.20.1
dnsmasq-utils-debuginfo-2.86-150100.7.20.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Manager Proxy 4.1 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
- SUSE CaaS Platform 4.0 (x86_64):
dnsmasq-2.86-150100.7.20.1
dnsmasq-debuginfo-2.86-150100.7.20.1
dnsmasq-debugsource-2.86-150100.7.20.1
References:
https://www.suse.com/security/cve/CVE-2022-0934.html
https://bugzilla.suse.com/1197872
1
0
SUSE-SU-2022:1315-1: moderate: Security update for netty
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for netty
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1315-1
Rating: moderate
References: #1184203
Cross-References: CVE-2021-21409
CVSS scores:
CVE-2021-21409 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-21409 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for netty fixes the following issues:
- CVE-2021-21409: Fixed request smuggling via content-length header
(bsc#1184203).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1315=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1315=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.9.1
- openSUSE Leap 15.4 (noarch):
netty-javadoc-4.1.75-150200.4.9.1
netty-poms-4.1.75-150200.4.9.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.9.1
- openSUSE Leap 15.3 (noarch):
netty-javadoc-4.1.75-150200.4.9.1
netty-poms-4.1.75-150200.4.9.1
References:
https://www.suse.com/security/cve/CVE-2021-21409.html
https://bugzilla.suse.com/1184203
1
0
SUSE-SU-2022:1305-1: important: Security update for libinput
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for libinput
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1305-1
Rating: important
References: #1198111
Cross-References: CVE-2022-1215
CVSS scores:
CVE-2022-1215 (SUSE): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libinput fixes the following issues:
- CVE-2022-1215: Fixed a format string vulnerability (bsc#1198111).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1305=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1305=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1305=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1305=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1305=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1305=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1305=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1305=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1305=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1305=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1305=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1305=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1305=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1305=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1305=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1305=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1305=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- openSUSE Leap 15.3 (x86_64):
libinput10-32bit-1.10.5-150000.3.3.1
libinput10-32bit-debuginfo-1.10.5-150000.3.3.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Manager Proxy 4.1 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
- SUSE CaaS Platform 4.0 (x86_64):
libinput-debugsource-1.10.5-150000.3.3.1
libinput-devel-1.10.5-150000.3.3.1
libinput-tools-1.10.5-150000.3.3.1
libinput-tools-debuginfo-1.10.5-150000.3.3.1
libinput-udev-1.10.5-150000.3.3.1
libinput-udev-debuginfo-1.10.5-150000.3.3.1
libinput10-1.10.5-150000.3.3.1
libinput10-debuginfo-1.10.5-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1215.html
https://bugzilla.suse.com/1198111
1
0
SUSE-SU-2022:1304-1: important: Security update for tomcat
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for tomcat
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1304-1
Rating: important
References: #1198136
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for tomcat fixes the following issues:
Security hardening, related to Spring Framework vulnerabilities:
- Deprecate getResources() and always return null (bsc#1198136).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1304=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1304=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1304=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1304=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1304=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1304=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1304=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1304=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-1304=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1304=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1304=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1304=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1304=1
Package List:
- openSUSE Leap 15.4 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-docs-webapp-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-embed-9.0.36-150200.22.1
tomcat-javadoc-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-jsvc-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- openSUSE Leap 15.3 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-docs-webapp-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-embed-9.0.36-150200.22.1
tomcat-javadoc-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-jsvc-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Manager Server 4.1 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Manager Proxy 4.1 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
- SUSE Enterprise Storage 7 (noarch):
tomcat-9.0.36-150200.22.1
tomcat-admin-webapps-9.0.36-150200.22.1
tomcat-el-3_0-api-9.0.36-150200.22.1
tomcat-jsp-2_3-api-9.0.36-150200.22.1
tomcat-lib-9.0.36-150200.22.1
tomcat-servlet-4_0-api-9.0.36-150200.22.1
tomcat-webapps-9.0.36-150200.22.1
References:
https://bugzilla.suse.com/1198136
1
0
SUSE-SU-2022:1316-1: moderate: Security update for podofo
by opensuse-security@opensuse.org 22 Apr '22
by opensuse-security@opensuse.org 22 Apr '22
22 Apr '22
SUSE Security Update: Security update for podofo
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1316-1
Rating: moderate
References: #1159921
Cross-References: CVE-2019-20093
CVSS scores:
CVE-2019-20093 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-20093 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for podofo fixes the following issues:
- CVE-2019-20093: Fixed an invalid memory access that could cause an
application crash (bsc#1159921).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1316=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1316=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpodofo-devel-0.9.6-150300.3.3.1
libpodofo0_9_6-0.9.6-150300.3.3.1
libpodofo0_9_6-debuginfo-0.9.6-150300.3.3.1
podofo-0.9.6-150300.3.3.1
podofo-debuginfo-0.9.6-150300.3.3.1
podofo-debugsource-0.9.6-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpodofo-devel-0.9.6-150300.3.3.1
libpodofo0_9_6-0.9.6-150300.3.3.1
libpodofo0_9_6-debuginfo-0.9.6-150300.3.3.1
podofo-0.9.6-150300.3.3.1
podofo-debuginfo-0.9.6-150300.3.3.1
podofo-debugsource-0.9.6-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2019-20093.html
https://bugzilla.suse.com/1159921
1
0
SUSE-SU-2022:1296-1: important: Security update for openjpeg
by opensuse-security@opensuse.org 21 Apr '22
by opensuse-security@opensuse.org 21 Apr '22
21 Apr '22
SUSE Security Update: Security update for openjpeg
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1296-1
Rating: important
References: #1102016 #1106881 #1162090 #1173578 #1180457
#1184774
Cross-References: CVE-2018-14423 CVE-2018-16376 CVE-2020-15389
CVE-2020-27823 CVE-2020-8112 CVE-2021-29338
CVSS scores:
CVE-2018-14423 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-14423 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-16376 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16376 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2020-15389 (NVD) : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2020-15389 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-27823 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-27823 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-29338 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29338 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for openjpeg fixes the following issues:
- CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions
pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c
(bsc#1102016).
- CVE-2018-16376: Fixed heap-based buffer overflow function
t2_encode_packet in lib/openmj2/t2.c (bsc#1106881).
- CVE-2020-8112: Fixed a heap buffer overflow in
opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090).
- CVE-2020-15389: Fixed a use-after-free if a mix of valid and invalid
files in a directory operated on by the decompressor (bsc#1173578).
- CVE-2020-27823: Fixed a heap buffer over-write in
opj_tcd_dc_level_shift_encode() (bsc#1180457),
- CVE-2021-29338: Fixed an integer Overflow allows remote attackers to
crash the application (bsc#1184774).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1296=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1296=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1296=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1296=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1296=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1296=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1296=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1296=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1296=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1296=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1296=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1296=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1296=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1296=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1296=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1296=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1296=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1296=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1296=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- openSUSE Leap 15.4 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.5.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.5.1
openjpeg-devel-32bit-1.5.2-150000.4.5.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- openSUSE Leap 15.3 (x86_64):
libopenjpeg1-32bit-1.5.2-150000.4.5.1
libopenjpeg1-32bit-debuginfo-1.5.2-150000.4.5.1
openjpeg-devel-32bit-1.5.2-150000.4.5.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Manager Proxy 4.1 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
- SUSE CaaS Platform 4.0 (x86_64):
libopenjpeg1-1.5.2-150000.4.5.1
libopenjpeg1-debuginfo-1.5.2-150000.4.5.1
openjpeg-debuginfo-1.5.2-150000.4.5.1
openjpeg-debugsource-1.5.2-150000.4.5.1
openjpeg-devel-1.5.2-150000.4.5.1
References:
https://www.suse.com/security/cve/CVE-2018-14423.html
https://www.suse.com/security/cve/CVE-2018-16376.html
https://www.suse.com/security/cve/CVE-2020-15389.html
https://www.suse.com/security/cve/CVE-2020-27823.html
https://www.suse.com/security/cve/CVE-2020-8112.html
https://www.suse.com/security/cve/CVE-2021-29338.html
https://bugzilla.suse.com/1102016
https://bugzilla.suse.com/1106881
https://bugzilla.suse.com/1162090
https://bugzilla.suse.com/1173578
https://bugzilla.suse.com/1180457
https://bugzilla.suse.com/1184774
1
0
21 Apr '22
SUSE Security Update: Security update for swtpm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1297-1
Rating: low
References: #1196240
Cross-References: CVE-2022-23645
CVSS scores:
CVE-2022-23645 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for swtpm fixes the following issues:
- Update to version 0.5.3
- CVE-2022-23645: Check header size indicator against expected size
(bsc#1196240).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1297=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1297=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1297=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1297=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
swtpm-devel-0.5.3-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
swtpm-devel-0.5.3-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
swtpm-devel-0.5.3-150300.3.3.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
swtpm-0.5.3-150300.3.3.1
swtpm-debuginfo-0.5.3-150300.3.3.1
swtpm-debugsource-0.5.3-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-23645.html
https://bugzilla.suse.com/1196240
1
0
SUSE-SU-2022:1277-1: moderate: Security update for dcraw
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for dcraw
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1277-1
Rating: moderate
References: #1056170 #1063798 #1084690 #1097973 #1097974
#1117436 #1117512 #1117517 #1117622 #1117896
#1189642
Cross-References: CVE-2017-13735 CVE-2017-14608 CVE-2018-19565
CVE-2018-19566 CVE-2018-19567 CVE-2018-19568
CVE-2018-19655 CVE-2018-5801 CVE-2018-5805
CVE-2018-5806 CVE-2021-3624
CVSS scores:
CVE-2017-13735 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-13735 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2017-14608 (NVD) : 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2017-14608 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-19565 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2018-19565 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-19566 (NVD) : 7.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2018-19566 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2018-19567 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-19567 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-19568 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-19568 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-19655 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-19655 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5801 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5801 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-5805 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-5805 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-5806 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5806 (SUSE): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3624 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for dcraw fixes the following issues:
- CVE-2017-13735: Fixed a denial of service issue due to a floating point
exception (bsc#1056170).
- CVE-2017-14608: Fixed an invalid memory access that could lead to
information disclosure or denial of service (bsc#1063798).
- CVE-2018-19655: Fixed a buffer overflow that could lead to an
application crash (bsc#1117896).
- CVE-2018-5801: Fixed an invalid memory access that could lead to denial
of service (bsc#1084690).
- CVE-2018-5805: Fixed a buffer overflow that could lead to an application
crash (bsc#1097973).
- CVE-2018-5806: Fixed an invalid memory access that could lead to denial
of service (bsc#1097974).
- CVE-2018-19565: Fixed an invalid memory access that could lead to
information disclosure or denial of service (bsc#1117622).
- CVE-2018-19566: Fixed an invalid memory access that could lead to
information disclosure or denial of service (bsc#1117517).
- CVE-2018-19567: Fixed a denial of service issue due to a floating point
exception (bsc#1117512).
- CVE-2018-19568: Fixed a denial of service issue due to a floating point
exception (bsc#1117436).
- CVE-2021-3624: Fixed a buffer overflow that could lead to code execution
or denial of service (bsc#1189642).
Non-security fixes:
- Updated to version 9.28.0.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1277=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1277=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dcraw-9.28.0-150000.3.3.1
dcraw-debuginfo-9.28.0-150000.3.3.1
dcraw-debugsource-9.28.0-150000.3.3.1
- openSUSE Leap 15.4 (noarch):
dcraw-lang-9.28.0-150000.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dcraw-9.28.0-150000.3.3.1
dcraw-debuginfo-9.28.0-150000.3.3.1
dcraw-debugsource-9.28.0-150000.3.3.1
- openSUSE Leap 15.3 (noarch):
dcraw-lang-9.28.0-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2017-13735.html
https://www.suse.com/security/cve/CVE-2017-14608.html
https://www.suse.com/security/cve/CVE-2018-19565.html
https://www.suse.com/security/cve/CVE-2018-19566.html
https://www.suse.com/security/cve/CVE-2018-19567.html
https://www.suse.com/security/cve/CVE-2018-19568.html
https://www.suse.com/security/cve/CVE-2018-19655.html
https://www.suse.com/security/cve/CVE-2018-5801.html
https://www.suse.com/security/cve/CVE-2018-5805.html
https://www.suse.com/security/cve/CVE-2018-5806.html
https://www.suse.com/security/cve/CVE-2021-3624.html
https://bugzilla.suse.com/1056170
https://bugzilla.suse.com/1063798
https://bugzilla.suse.com/1084690
https://bugzilla.suse.com/1097973
https://bugzilla.suse.com/1097974
https://bugzilla.suse.com/1117436
https://bugzilla.suse.com/1117512
https://bugzilla.suse.com/1117517
https://bugzilla.suse.com/1117622
https://bugzilla.suse.com/1117896
https://bugzilla.suse.com/1189642
1
0
SUSE-SU-2022:1271-1: important: Security update for netty
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for netty
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1271-1
Rating: important
References: #1182103 #1183262 #1190610 #1190613 #1193672
Cross-References: CVE-2021-21290 CVE-2021-21295 CVE-2021-37136
CVE-2021-37137 CVE-2021-43797
CVSS scores:
CVE-2021-21290 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-21290 (SUSE): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-21295 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-21295 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-37136 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37136 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37137 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37137 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-43797 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2021-43797 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for netty fixes the following issues:
- Updated to version 4.1.75:
- CVE-2021-37136: Fixed an unrestricted decompressed data size in
Bzip2Decoder (bsc#1190610).
- CVE-2021-37137: Fixed an unrestricted chunk length in
SnappyFrameDecoder, which might lead to excessive memory usage
(#bsc#1190613).
- CVE-2021-43797: Fixed a potential HTTP request smuggling issue due to
insufficient validation against control characters (bsc#1193672).
- CVE-2021-21290: Fixed an information disclosure via the local system
temporary directory (bsc#1182103).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1271=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1271=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.6.2
- openSUSE Leap 15.4 (noarch):
netty-javadoc-4.1.75-150200.4.6.2
netty-poms-4.1.75-150200.4.6.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
netty-4.1.75-150200.4.6.2
- openSUSE Leap 15.3 (noarch):
netty-javadoc-4.1.75-150200.4.6.2
netty-poms-4.1.75-150200.4.6.2
References:
https://www.suse.com/security/cve/CVE-2021-21290.html
https://www.suse.com/security/cve/CVE-2021-21295.html
https://www.suse.com/security/cve/CVE-2021-37136.html
https://www.suse.com/security/cve/CVE-2021-37137.html
https://www.suse.com/security/cve/CVE-2021-43797.html
https://bugzilla.suse.com/1182103
https://bugzilla.suse.com/1183262
https://bugzilla.suse.com/1190610
https://bugzilla.suse.com/1190613
https://bugzilla.suse.com/1193672
1
0
SUSE-SU-2022:1274-1: important: Security update for GraphicsMagick
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for GraphicsMagick
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1274-1
Rating: important
References: #1198351
Cross-References: CVE-2022-1270
CVSS scores:
CVE-2022-1270 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for GraphicsMagick fixes the following issues:
- CVE-2022-1270: Fixed a heap buffer overflow when parsing MIFF
(bsc#1198351).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1274=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1274=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
GraphicsMagick-1.3.35-150300.3.3.1
GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
GraphicsMagick-debugsource-1.3.35-150300.3.3.1
GraphicsMagick-devel-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick++-devel-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick3-config-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.35-150300.3.3.1
perl-GraphicsMagick-1.3.35-150300.3.3.1
perl-GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
GraphicsMagick-1.3.35-150300.3.3.1
GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
GraphicsMagick-debugsource-1.3.35-150300.3.3.1
GraphicsMagick-devel-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1
libGraphicsMagick++-Q16-12-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick++-devel-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1
libGraphicsMagick-Q16-3-debuginfo-1.3.35-150300.3.3.1
libGraphicsMagick3-config-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1
libGraphicsMagickWand-Q16-2-debuginfo-1.3.35-150300.3.3.1
perl-GraphicsMagick-1.3.35-150300.3.3.1
perl-GraphicsMagick-debuginfo-1.3.35-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1270.html
https://bugzilla.suse.com/1198351
1
0
SUSE-SU-2022:1273-1: important: Security update for SDL
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for SDL
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1273-1
Rating: important
References: #1181201 #1181202 #1198001
Cross-References: CVE-2020-14409 CVE-2020-14410 CVE-2021-33657
CVSS scores:
CVE-2020-14409 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-14409 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-14410 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2020-14410 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33657 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-33657 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for SDL fixes the following issues:
- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap
corruption) in SDL_BlitCopy in video/SDL_blit_copy.c. (bsc#1181202)
- CVE-2020-14410: Fixed a heap-based buffer over-read in
Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c. (bsc#1181201)
- CVE-2021-33657: Fixed a Heap overflow problem in video/SDL_pixels.c.
(bsc#1198001)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1273=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1273=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1273=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1273=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1273=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1273=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1273=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1273=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1273=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1273=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1273=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1273=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1273=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1273=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1273=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1273=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1273=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1273=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1273=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1273=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- openSUSE Leap 15.4 (x86_64):
libSDL-1_2-0-32bit-1.2.15-150000.3.19.1
libSDL-1_2-0-32bit-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-32bit-1.2.15-150000.3.19.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- openSUSE Leap 15.3 (x86_64):
libSDL-1_2-0-32bit-1.2.15-150000.3.19.1
libSDL-1_2-0-32bit-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-32bit-1.2.15-150000.3.19.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Manager Proxy 4.1 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
- SUSE CaaS Platform 4.0 (x86_64):
SDL-debugsource-1.2.15-150000.3.19.1
libSDL-1_2-0-1.2.15-150000.3.19.1
libSDL-1_2-0-debuginfo-1.2.15-150000.3.19.1
libSDL-devel-1.2.15-150000.3.19.1
References:
https://www.suse.com/security/cve/CVE-2020-14409.html
https://www.suse.com/security/cve/CVE-2020-14410.html
https://www.suse.com/security/cve/CVE-2021-33657.html
https://bugzilla.suse.com/1181201
https://bugzilla.suse.com/1181202
https://bugzilla.suse.com/1198001
1
0
SUSE-SU-2022:1276-1: important: Security update for nbd
by opensuse-security@opensuse.org 20 Apr '22
by opensuse-security@opensuse.org 20 Apr '22
20 Apr '22
SUSE Security Update: Security update for nbd
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1276-1
Rating: important
References: #1196827 #1196828
Cross-References: CVE-2022-26495 CVE-2022-26496
CVSS scores:
CVE-2022-26495 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26495 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26496 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26496 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for nbd fixes the following issues:
- CVE-2022-26495: Fixed an integer overflow with a resultant heap-based
buffer overflow (bsc#1196827).
- CVE-2022-26496: Fixed a stack-based buffer overflow when parsing the
name field by sending a crafted NBD_OPT_INFO (bsc#1196828).
Update to version 3.24 (bsc#1196827, bsc#1196828, CVE-2022-26495,
CVE-2022-26496):
* https://github.com/advisories/GHSA-q9rw-8758-hccj
Update to version 3.23:
* Don't overwrite the hostname with the TLS hostname
Update to version 3.22:
- nbd-server: handle auth for v6-mapped IPv4 addresses
- nbd-client.c: parse the next option in all cases
- configure.ac: silence a few autoconf 2.71 warnings
- spec: Relax NBD_OPT_LIST_META_CONTEXTS
- client: Don't confuse Unix socket with TLS hostname
- server: Avoid deprecated g_memdup
Update to version 3.21:
- Fix --disable-manpages build
- Fix a bug in whitespace handling regarding authorization files
- Support client-side marking of devices as read-only
- Support preinitialized NBD connection (i.e., skip the negotiation).
- Fix the systemd unit file for nbd-client so it works with netlink (the
more common situation nowadays)
Update to 3.20.0 (no changelog)
Update to version 3.19.0:
* Better error messages in case of unexpected disconnects
* Better compatibility with non-bash sh implementations (for
configure.sh)
* Fix for a segfault in NBD_OPT_INFO handling
* The ability to specify whether to listen on both TCP and Unix domain
sockets, rather than to always do so
* Various minor editorial and spelling fixes in the documentation.
Update to version 1.18.0:
* Client: Add the "-g" option to avoid even trying the NBD_OPT_GO message
* Server: fixes to inetd mode
* Don't make gnutls and libnl automagic.
* Server: bugfixes in handling of some export names during verification.
* Server: clean supplementary groups when changing user.
* Client: when using the netlink protocol, only set a timeout when there
actually is a timeout, rather than defaulting to 0 seconds
* Improve documentation on the nbdtab file
* Minor improvements to some error messages
* Improvements to test suite so it works better on non-GNU userland
environments
- Update to version 1.17.0:
* proto: add xNBD command NBD_CMD_CACHE to the spec
* server: do not crash when handling child name
* server: Close socket pair when fork fails
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1276=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1276=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nbd-3.24-150000.3.3.1
nbd-debuginfo-3.24-150000.3.3.1
nbd-debugsource-3.24-150000.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nbd-3.24-150000.3.3.1
nbd-debuginfo-3.24-150000.3.3.1
nbd-debugsource-3.24-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-26495.html
https://www.suse.com/security/cve/CVE-2022-26496.html
https://bugzilla.suse.com/1196827
https://bugzilla.suse.com/1196828
1
0
SUSE-SU-2022:1265-1: important: Security update for jsoup, jsr-305
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for jsoup, jsr-305
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1265-1
Rating: important
References: #1189749
Cross-References: CVE-2021-37714
CVSS scores:
CVE-2021-37714 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-37714 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jsoup, jsr-305 fixes the following issues:
- CVE-2021-37714: Fixed infinite in untrusted HTML or XML data parsing
(bsc#1189749).
Changes in jsr-305:
- Build with java source and target levels 8
- Upgrade to upstream version 3.0.2
Changes in jsoup:
- Upgrade to upstream version 1.14.2
- Generate tarball using source service instead of a script
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1265=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1265=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1265=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1265=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1265=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1265=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1265=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1265=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1265=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1265=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1265=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1265=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1265=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1265=1
Package List:
- openSUSE Leap 15.4 (noarch):
jsoup-1.14.2-150200.3.3.1
jsoup-javadoc-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
jsr-305-javadoc-3.0.2-150200.3.3.1
- openSUSE Leap 15.3 (noarch):
jsoup-1.14.2-150200.3.3.1
jsoup-javadoc-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
jsr-305-javadoc-3.0.2-150200.3.3.1
- SUSE Manager Server 4.1 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Manager Proxy 4.1 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
- SUSE Enterprise Storage 7 (noarch):
jsoup-1.14.2-150200.3.3.1
jsr-305-3.0.2-150200.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-37714.html
https://bugzilla.suse.com/1189749
1
0
SUSE-SU-2022:1256-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1256-1
Rating: important
References: #1189562 #1193738 #1194943 #1195051 #1195254
#1195353 #1196018 #1196114 #1196433 #1196468
#1196488 #1196514 #1196639 #1196761 #1196830
#1196836 #1196942 #1196973 #1197227 #1197331
#1197366 #1197391 #1198031 #1198032 #1198033
SLE-18234 SLE-23652
Cross-References: CVE-2021-39713 CVE-2021-45868 CVE-2022-0812
CVE-2022-0850 CVE-2022-1016 CVE-2022-1048
CVE-2022-23036 CVE-2022-23037 CVE-2022-23038
CVE-2022-23039 CVE-2022-23040 CVE-2022-23041
CVE-2022-23042 CVE-2022-26490 CVE-2022-26966
CVE-2022-28356 CVE-2022-28388 CVE-2022-28389
CVE-2022-28390
CVSS scores:
CVE-2021-39713 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-39713 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0812 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-26490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26490 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-26966 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-26966 (SUSE): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-28356 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28356 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 19 vulnerabilities, contains two
features and has 6 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c
(bnc#1197391).
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution (bsc#1197227).
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel (bnc#1198032).
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel (bnc#1198033).
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel (bnc#1198031).
- CVE-2022-0812: Fixed an incorrect header size calculations in xprtrdma
(bsc#1196639).
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock
(bsc#1197331).
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c (bsc#1196761).
- CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which
allowed attackers to obtain sensitive information from the memory via
crafted frame lengths from a USB device (bsc#1196836).
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota file
(bnc#1197366).
- CVE-2021-39713: Fixed a race condition in the network scheduling
subsystem which could lead to a use-after-free (bsc#1196973).
-
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
lead to read/write access to memory pages or denial of service. These
issues are related to the Xen PV device frontend drivers (bsc#1196488).
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An
attacker with adjacent NFC access could trigger crash the system or
corrupt system memory (bsc#1196830).
The following non-security bugs were fixed:
- ax88179_178a: Fixed memory issues that could be triggered by malicious
USB devices (bsc#1196018).
- genirq: Use rcu in kstat_irqs_usr() (bsc#1193738).
- gve/net: Fixed multiple bugfixes (jsc#SLE-23652).
- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
- net: tipc: validate domain record count on input (bsc#1195254).
- powerpc: Fixed issues related to slow I/O on PowerPC (bsc#1196433).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1256=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1256=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1256=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1256=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1256=1
- SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-1256=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1256=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1256=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-1256=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1256=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-4.12.14-150100.197.111.1
kernel-vanilla-base-4.12.14-150100.197.111.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debugsource-4.12.14-150100.197.111.1
kernel-vanilla-devel-4.12.14-150100.197.111.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.111.1
kernel-debug-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.4 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.111.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.4 (s390x):
kernel-default-man-4.12.14-150100.197.111.1
kernel-zfcpdump-man-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-4.12.14-150100.197.111.1
kernel-vanilla-base-4.12.14-150100.197.111.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-debugsource-4.12.14-150100.197.111.1
kernel-vanilla-devel-4.12.14-150100.197.111.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.111.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.111.1
kernel-debug-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.111.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.111.1
- openSUSE Leap 15.3 (s390x):
kernel-default-man-4.12.14-150100.197.111.1
kernel-zfcpdump-man-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):
kernel-default-man-4.12.14-150100.197.111.1
kernel-zfcpdump-debuginfo-4.12.14-150100.197.111.1
kernel-zfcpdump-debugsource-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-livepatch-4.12.14-150100.197.111.1
kernel-default-livepatch-devel-4.12.14-150100.197.111.1
kernel-livepatch-4_12_14-150100_197_111-default-1-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-150100.197.111.1
cluster-md-kmp-default-debuginfo-4.12.14-150100.197.111.1
dlm-kmp-default-4.12.14-150100.197.111.1
dlm-kmp-default-debuginfo-4.12.14-150100.197.111.1
gfs2-kmp-default-4.12.14-150100.197.111.1
gfs2-kmp-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
ocfs2-kmp-default-4.12.14-150100.197.111.1
ocfs2-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
- SUSE Enterprise Storage 6 (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE CaaS Platform 4.0 (noarch):
kernel-devel-4.12.14-150100.197.111.1
kernel-docs-4.12.14-150100.197.111.1
kernel-macros-4.12.14-150100.197.111.1
kernel-source-4.12.14-150100.197.111.1
- SUSE CaaS Platform 4.0 (x86_64):
kernel-default-4.12.14-150100.197.111.1
kernel-default-base-4.12.14-150100.197.111.1
kernel-default-base-debuginfo-4.12.14-150100.197.111.1
kernel-default-debuginfo-4.12.14-150100.197.111.1
kernel-default-debugsource-4.12.14-150100.197.111.1
kernel-default-devel-4.12.14-150100.197.111.1
kernel-default-devel-debuginfo-4.12.14-150100.197.111.1
kernel-obs-build-4.12.14-150100.197.111.1
kernel-obs-build-debugsource-4.12.14-150100.197.111.1
kernel-syms-4.12.14-150100.197.111.1
reiserfs-kmp-default-4.12.14-150100.197.111.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.111.1
References:
https://www.suse.com/security/cve/CVE-2021-39713.html
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0812.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-23036.html
https://www.suse.com/security/cve/CVE-2022-23037.html
https://www.suse.com/security/cve/CVE-2022-23038.html
https://www.suse.com/security/cve/CVE-2022-23039.html
https://www.suse.com/security/cve/CVE-2022-23040.html
https://www.suse.com/security/cve/CVE-2022-23041.html
https://www.suse.com/security/cve/CVE-2022-23042.html
https://www.suse.com/security/cve/CVE-2022-26490.html
https://www.suse.com/security/cve/CVE-2022-26966.html
https://www.suse.com/security/cve/CVE-2022-28356.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1193738
https://bugzilla.suse.com/1194943
https://bugzilla.suse.com/1195051
https://bugzilla.suse.com/1195254
https://bugzilla.suse.com/1195353
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196114
https://bugzilla.suse.com/1196433
https://bugzilla.suse.com/1196468
https://bugzilla.suse.com/1196488
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196639
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196830
https://bugzilla.suse.com/1196836
https://bugzilla.suse.com/1196942
https://bugzilla.suse.com/1196973
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197391
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
1
0
SUSE-SU-2022:1260-1: important: Security update for git
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1260-1
Rating: important
References: #1198234
Cross-References: CVE-2022-24765
CVSS scores:
CVE-2022-24765 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for git fixes the following issues:
- CVE-2022-24765: Fixed a potential command injection via git worktree
(bsc#1198234).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1260=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1260=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1260=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1260=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1260=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1260=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1260=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1260=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1260=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1260=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1260=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1260=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1260=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1260=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1260=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1260=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1260=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-svn-debuginfo-2.26.2-150000.36.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
git-svn-debuginfo-2.26.2-150000.36.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Manager Server 4.1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Manager Proxy 4.1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Manager Proxy 4.1 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Enterprise Storage 7 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE Enterprise Storage 6 (noarch):
git-doc-2.26.2-150000.36.1
- SUSE CaaS Platform 4.0 (x86_64):
git-2.26.2-150000.36.1
git-arch-2.26.2-150000.36.1
git-core-2.26.2-150000.36.1
git-core-debuginfo-2.26.2-150000.36.1
git-cvs-2.26.2-150000.36.1
git-daemon-2.26.2-150000.36.1
git-daemon-debuginfo-2.26.2-150000.36.1
git-debuginfo-2.26.2-150000.36.1
git-debugsource-2.26.2-150000.36.1
git-email-2.26.2-150000.36.1
git-gui-2.26.2-150000.36.1
git-svn-2.26.2-150000.36.1
git-svn-debuginfo-2.26.2-150000.36.1
git-web-2.26.2-150000.36.1
gitk-2.26.2-150000.36.1
- SUSE CaaS Platform 4.0 (noarch):
git-doc-2.26.2-150000.36.1
References:
https://www.suse.com/security/cve/CVE-2022-24765.html
https://bugzilla.suse.com/1198234
1
0
SUSE-SU-2022:1259-1: important: Security update for icedtea-web
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for icedtea-web
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1259-1
Rating: important
References: #1142825 #1142832 #1142835
Cross-References: CVE-2019-10181 CVE-2019-10182 CVE-2019-10185
CVSS scores:
CVE-2019-10181 (NVD) : 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-10181 (SUSE): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-10182 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2019-10182 (SUSE): 6.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2019-10185 (SUSE): 8.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for icedtea-web fixes the following issues:
- CVE-2019-10181: Fixed an issue where an attacker could inject unsigned
code in a signed JAR file (bsc#1142835).
- CVE-2019-10182: Fixed a path traversal issue where an attacker could
upload arbritrary files by tricking a victim into running a specially
crafted application(bsc#1142825).
- CVE-2019-10185: Fixed an issue where an attacker could write files to
arbitrary locations during JAR auto-extraction (bsc#1142832).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1259=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1259=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1259=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1259=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1259=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1259=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
icedtea-web-1.7.2-150100.7.3.1
- openSUSE Leap 15.4 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
icedtea-web-1.7.2-150100.7.3.1
- openSUSE Leap 15.3 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
icedtea-web-1.7.2-150100.7.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
icedtea-web-javadoc-1.7.2-150100.7.3.1
References:
https://www.suse.com/security/cve/CVE-2019-10181.html
https://www.suse.com/security/cve/CVE-2019-10182.html
https://www.suse.com/security/cve/CVE-2019-10185.html
https://bugzilla.suse.com/1142825
https://bugzilla.suse.com/1142832
https://bugzilla.suse.com/1142835
1
0
SUSE-SU-2022:1252-1: important: Security update for openjpeg2
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
SUSE Security Update: Security update for openjpeg2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1252-1
Rating: important
References: #1076314 #1076967 #1079845 #1102016 #1106881
#1106882 #1140130 #1160782 #1162090 #1173578
#1180457 #1184774 #1197738
Cross-References: CVE-2018-14423 CVE-2018-16375 CVE-2018-16376
CVE-2018-20845 CVE-2018-5727 CVE-2018-5785
CVE-2018-6616 CVE-2020-15389 CVE-2020-27823
CVE-2020-6851 CVE-2020-8112 CVE-2021-29338
CVE-2022-1122
CVSS scores:
CVE-2018-14423 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2018-14423 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-16375 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16375 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2018-16376 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-16376 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2018-20845 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20845 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-5727 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5727 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-5785 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-5785 (SUSE): 4 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
CVE-2018-6616 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-6616 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-15389 (NVD) : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2020-15389 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-27823 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-27823 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-6851 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-6851 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-8112 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-29338 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-29338 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-1122 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-1122 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 13 vulnerabilities is now available.
Description:
This update for openjpeg2 fixes the following issues:
- CVE-2018-5727: Fixed integer overflow vulnerability in
theopj_t1_encode_cblks function (bsc#1076314).
- CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds
leftshift in the opj_j2k_setup_encoder function (bsc#1076967).
- CVE-2018-6616: Fixed excessive iteration in the opj_t1_encode_cblks
function of openjp2/t1.c (bsc#1079845).
- CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions
pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c
(bsc#1102016).
- CVE-2018-16375: Fixed missing checks for header_info.height and
header_info.width in the function pnmtoimage in bin/jpwl/convert.c
(bsc#1106882).
- CVE-2018-16376: Fixed heap-based buffer overflow function
t2_encode_packet in lib/openmj2/t2.c (bsc#1106881).
- CVE-2018-20845: Fixed division-by-zero in the functions pi_next_pcrl,
pi_next_cprl, and pi_next_rpcl in openmj2/pi.ci (bsc#1140130).
- CVE-2020-6851: Fixed heap-based buffer overflow in
opj_t1_clbl_decode_processor (bsc#1160782).
- CVE-2020-8112: Fixed heap-based buffer overflow in
opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090).
- CVE-2020-15389: Fixed use-after-free if t a mix of valid and invalid
files in a directory operated on by the decompressor (bsc#1173578).
- CVE-2020-27823: Fixed heap buffer over-write in
opj_tcd_dc_level_shift_encode() (bsc#1180457).
- CVE-2021-29338: Fixed integer overflow that allows remote attackers to
crash the application (bsc#1184774).
- CVE-2022-1122: Fixed segmentation fault in opj2_decompress due to
uninitialized pointer (bsc#1197738).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1252=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1252=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1252=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1252=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1252=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1252=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1252=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1252=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1252=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1252=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1252=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1252=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1252=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1252=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1252=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1252=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1252=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1252=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1252=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1252=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- openSUSE Leap 15.4 (x86_64):
libopenjp2-7-32bit-2.3.0-150000.3.5.1
libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.5.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- openSUSE Leap 15.3 (x86_64):
libopenjp2-7-32bit-2.3.0-150000.3.5.1
libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.5.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Manager Proxy 4.1 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libopenjp2-7-32bit-2.3.0-150000.3.5.1
libopenjp2-7-32bit-debuginfo-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
- SUSE CaaS Platform 4.0 (x86_64):
libopenjp2-7-2.3.0-150000.3.5.1
libopenjp2-7-debuginfo-2.3.0-150000.3.5.1
openjpeg2-2.3.0-150000.3.5.1
openjpeg2-debuginfo-2.3.0-150000.3.5.1
openjpeg2-debugsource-2.3.0-150000.3.5.1
openjpeg2-devel-2.3.0-150000.3.5.1
References:
https://www.suse.com/security/cve/CVE-2018-14423.html
https://www.suse.com/security/cve/CVE-2018-16375.html
https://www.suse.com/security/cve/CVE-2018-16376.html
https://www.suse.com/security/cve/CVE-2018-20845.html
https://www.suse.com/security/cve/CVE-2018-5727.html
https://www.suse.com/security/cve/CVE-2018-5785.html
https://www.suse.com/security/cve/CVE-2018-6616.html
https://www.suse.com/security/cve/CVE-2020-15389.html
https://www.suse.com/security/cve/CVE-2020-27823.html
https://www.suse.com/security/cve/CVE-2020-6851.html
https://www.suse.com/security/cve/CVE-2020-8112.html
https://www.suse.com/security/cve/CVE-2021-29338.html
https://www.suse.com/security/cve/CVE-2022-1122.html
https://bugzilla.suse.com/1076314
https://bugzilla.suse.com/1076967
https://bugzilla.suse.com/1079845
https://bugzilla.suse.com/1102016
https://bugzilla.suse.com/1106881
https://bugzilla.suse.com/1106882
https://bugzilla.suse.com/1140130
https://bugzilla.suse.com/1160782
https://bugzilla.suse.com/1162090
https://bugzilla.suse.com/1173578
https://bugzilla.suse.com/1180457
https://bugzilla.suse.com/1184774
https://bugzilla.suse.com/1197738
1
0
openSUSE-SU-2022:0114-1: important: Security update for chromium
by opensuse-security@opensuse.org 19 Apr '22
by opensuse-security@opensuse.org 19 Apr '22
19 Apr '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0114-1
Rating: important
References: #1198509
Cross-References: CVE-2022-1364
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for chromium fixes the following issues:
Updated Chromium to 100.0.4896.127 (boo#1198509)
- CVE-2022-1364: Type Confusion in V8
- Various fixes from internal audits, fuzzing and other initiatives
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-114=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-100.0.4896.127-bp153.2.85.1
chromium-100.0.4896.127-bp153.2.85.1
References:
https://www.suse.com/security/cve/CVE-2022-1364.html
https://bugzilla.suse.com/1198509
1
0
openSUSE-SU-2022:0113-1: moderate: Security update for nodejs12
by opensuse-security@opensuse.org 17 Apr '22
by opensuse-security@opensuse.org 17 Apr '22
17 Apr '22
openSUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0113-1
Rating: moderate
References: #1194511 #1194512 #1194513 #1194514 #1198204
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-21824 CVE-2022-24191
CVSS scores:
CVE-2021-44531 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
CVE-2022-24191 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for nodejs12 fixes the following issues:
- CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names
(bsc#1194511).
- CVE-2021-44532: Fixed certificate Verification Bypass via String
Injection (bsc#1194512).
- CVE-2021-44533: Fixed incorrect handling of certificate subject and
issuer fields (bsc#1194513).
- CVE-2022-21824: Fixed prototype pollution via console.table properties
(bsc#1194514).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-113=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-113=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.9-4.25.1
nodejs12-debuginfo-12.22.9-4.25.1
nodejs12-debugsource-12.22.9-4.25.1
nodejs12-devel-12.22.9-4.25.1
npm12-12.22.9-4.25.1
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.9-4.25.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
htmldoc-1.9.12-bp153.2.9.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://www.suse.com/security/cve/CVE-2022-24191.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
https://bugzilla.suse.com/1198204
1
0
SUSE-SU-2022:1218-1: important: Security update for SDL2
by opensuse-security@opensuse.org 14 Apr '22
by opensuse-security@opensuse.org 14 Apr '22
14 Apr '22
SUSE Security Update: Security update for SDL2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1218-1
Rating: important
References: #1198001
Cross-References: CVE-2021-33657
CVSS scores:
CVE-2021-33657 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-33657 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for SDL2 fixes the following issues:
- CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image
(bsc#1198001).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1218=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1218=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1218=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1218=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1218=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1218=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1218=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1218=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1218=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1218=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1218=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1218=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1218=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1218=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1218=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1218=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- openSUSE Leap 15.4 (x86_64):
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-32bit-2.0.8-150200.11.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- openSUSE Leap 15.3 (x86_64):
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-32bit-2.0.8-150200.11.6.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Manager Proxy 4.1 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
SDL2-debugsource-2.0.8-150200.11.6.1
libSDL2-2_0-0-2.0.8-150200.11.6.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.6.1
libSDL2-devel-2.0.8-150200.11.6.1
References:
https://www.suse.com/security/cve/CVE-2021-33657.html
https://bugzilla.suse.com/1198001
1
0
openSUSE-SU-2022:0112-1: important: Security update for chromium
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0112-1
Rating: important
References: #1194511 #1194512 #1194513 #1194514 #1197680
#1198053 #1198361
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-1125 CVE-2022-1127 CVE-2022-1128
CVE-2022-1129 CVE-2022-1130 CVE-2022-1131
CVE-2022-1132 CVE-2022-1133 CVE-2022-1134
CVE-2022-1135 CVE-2022-1136 CVE-2022-1137
CVE-2022-1138 CVE-2022-1139 CVE-2022-1141
CVE-2022-1142 CVE-2022-1143 CVE-2022-1144
CVE-2022-1145 CVE-2022-1146 CVE-2022-1232
CVE-2022-1305 CVE-2022-1306 CVE-2022-1307
CVE-2022-1308 CVE-2022-1309 CVE-2022-1310
CVE-2022-1311 CVE-2022-1312 CVE-2022-1313
CVE-2022-1314 CVE-2022-21824
CVSS scores:
CVE-2021-44531 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 35 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Updated to Chromium 100.0.4896.88 (boo#1198361)
- CVE-2022-1305: Use after free in storage
- CVE-2022-1306: Inappropriate implementation in compositing
- CVE-2022-1307: Inappropriate implementation in full screen
- CVE-2022-1308: Use after free in BFCache
- CVE-2022-1309: Insufficient policy enforcement in developer tools
- CVE-2022-1310: Use after free in regular expressions
- CVE-2022-1311: Use after free in Chrome OS shell
- CVE-2022-1312: Use after free in storage
- CVE-2022-1313: Use after free in tab groups
- CVE-2022-1314: Type Confusion in V8
- Various fixes from internal audits, fuzzing and other initiatives
Updated to version 100.0.4896.75:
- CVE-2022-1232: Type Confusion in V8 (boo#1198053)
Update to version 100.0.4896.60 (boo#1197680):
- CVE-2022-1125: Use after free in Portals
- CVE-2022-1127: Use after free in QR Code Generator
- CVE-2022-1128: Inappropriate implementation in Web Share API
- CVE-2022-1129: Inappropriate implementation in Full Screen Mode
- CVE-2022-1130: Insufficient validation of untrusted input in WebOTP
- CVE-2022-1131: Use after free in Cast UI
- CVE-2022-1132: Inappropriate implementation in Virtual Keyboard
- CVE-2022-1133: Use after free in WebRTC
- CVE-2022-1134: Type Confusion in V8
- CVE-2022-1135: Use after free in Shopping Cart
- CVE-2022-1136: Use after free in Tab Strip
- CVE-2022-1137: Inappropriate implementation in Extensions
- CVE-2022-1138: Inappropriate implementation in Web Cursor
- CVE-2022-1139: Inappropriate implementation in Background Fetch API
- CVE-2022-1141: Use after free in File Manager
- CVE-2022-1142: Heap buffer overflow in WebUI
- CVE-2022-1143: Heap buffer overflow in WebUI
- CVE-2022-1144: Use after free in WebUI
- CVE-2022-1145: Use after free in Extensions
- CVE-2022-1146: Inappropriate implementation in Resource Timing
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-112=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-112=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.18.3-15.24.1
nodejs14-debuginfo-14.18.3-15.24.1
nodejs14-debugsource-14.18.3-15.24.1
nodejs14-devel-14.18.3-15.24.1
npm14-14.18.3-15.24.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.18.3-15.24.1
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-100.0.4896.88-bp153.2.82.1
chromedriver-debuginfo-100.0.4896.88-bp153.2.82.1
chromium-100.0.4896.88-bp153.2.82.1
chromium-debuginfo-100.0.4896.88-bp153.2.82.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-1125.html
https://www.suse.com/security/cve/CVE-2022-1127.html
https://www.suse.com/security/cve/CVE-2022-1128.html
https://www.suse.com/security/cve/CVE-2022-1129.html
https://www.suse.com/security/cve/CVE-2022-1130.html
https://www.suse.com/security/cve/CVE-2022-1131.html
https://www.suse.com/security/cve/CVE-2022-1132.html
https://www.suse.com/security/cve/CVE-2022-1133.html
https://www.suse.com/security/cve/CVE-2022-1134.html
https://www.suse.com/security/cve/CVE-2022-1135.html
https://www.suse.com/security/cve/CVE-2022-1136.html
https://www.suse.com/security/cve/CVE-2022-1137.html
https://www.suse.com/security/cve/CVE-2022-1138.html
https://www.suse.com/security/cve/CVE-2022-1139.html
https://www.suse.com/security/cve/CVE-2022-1141.html
https://www.suse.com/security/cve/CVE-2022-1142.html
https://www.suse.com/security/cve/CVE-2022-1143.html
https://www.suse.com/security/cve/CVE-2022-1144.html
https://www.suse.com/security/cve/CVE-2022-1145.html
https://www.suse.com/security/cve/CVE-2022-1146.html
https://www.suse.com/security/cve/CVE-2022-1232.html
https://www.suse.com/security/cve/CVE-2022-1305.html
https://www.suse.com/security/cve/CVE-2022-1306.html
https://www.suse.com/security/cve/CVE-2022-1307.html
https://www.suse.com/security/cve/CVE-2022-1308.html
https://www.suse.com/security/cve/CVE-2022-1309.html
https://www.suse.com/security/cve/CVE-2022-1310.html
https://www.suse.com/security/cve/CVE-2022-1311.html
https://www.suse.com/security/cve/CVE-2022-1312.html
https://www.suse.com/security/cve/CVE-2022-1313.html
https://www.suse.com/security/cve/CVE-2022-1314.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
https://bugzilla.suse.com/1197680
https://bugzilla.suse.com/1198053
https://bugzilla.suse.com/1198361
1
0
SUSE-SU-2022:1183-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1183-1
Rating: important
References: #1065729 #1156395 #1175667 #1177028 #1178134
#1179639 #1180153 #1189562 #1194649 #1195640
#1195926 #1196018 #1196196 #1196478 #1196761
#1196823 #1197227 #1197243 #1197300 #1197302
#1197331 #1197343 #1197366 #1197389 #1197462
#1197501 #1197534 #1197661 #1197675 #1197702
#1197811 #1197812 #1197815 #1197817 #1197819
#1197820 #1197888 #1197889 #1197894 #1197914
#1198027 #1198028 #1198029 #1198030 #1198031
#1198032 #1198033
Cross-References: CVE-2021-45868 CVE-2022-0850 CVE-2022-0854
CVE-2022-1011 CVE-2022-1016 CVE-2022-1048
CVE-2022-1055 CVE-2022-1195 CVE-2022-1198
CVE-2022-1199 CVE-2022-1205 CVE-2022-27666
CVE-2022-28388 CVE-2022-28389 CVE-2022-28390
CVSS scores:
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-0854 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0854 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1011 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1195 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1198 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1199 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1205 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27666 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27666 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 15 vulnerabilities and has 32 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels
DMA subsystem. This flaw allowed a local user to read random memory from
the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow
a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock.
(bsc#1197331)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota
file. (bnc#1197366)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal
user privilege to overwrite kernel heap objects and may cause a local
privilege escalation. (bnc#1197462)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c. (bsc#1196761)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities
that allow an attacker to crash the linux kernel by simulating Amateur
Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free
vulnerabilities that allow an attacker to crash the linux kernel by
simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an
attacker to crash the linux kernel by simulating Amateur Radio
(bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a
local attacker with a user privilege to execute a denial of service.
(bsc#1198029)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other
data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
(git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods
(git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: docs: enumeration: Update UART serial bus resource documentation
(git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more
references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
(git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
(git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
(git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put
(git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
(git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
(git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in
msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in
rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
(bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device
(bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records
(git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the
log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log
(bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs
(bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log
(bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink
(bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode
(bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists
(bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged
(bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging
inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes
(bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit
(bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync
(bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged()
(bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans
(bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir
entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log
(bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode
(bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device
when fully ready (git-fixes).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
(git-fixes).
- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in
timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail
(git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations
(git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
(git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
(git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages
(bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
(git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq
function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe
(git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops
(git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
(git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling
(git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector
(git-fixes).
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer
(git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type
(bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data
(git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available
(git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across
encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert "media: em28xx: add missing em28xx_close_extension"
(git-fixes).
- media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm: add vma_lookup(), update find_vma_intersection() comments
(git-fixes).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no
managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
(git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
(git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend
functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
(bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable
(git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state
(bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir
(git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking
(git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
(git-fixes).
- pinctrl: mediatek: paris: Fix "argument" argument type for
mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
(git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
(git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
(bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/pseries: Fix use after free in remove_phb_dynamic()
(bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty
(bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before
pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
(git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in
__gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set
(bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations
(git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling
functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte()
(git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675
bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download
(bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
(bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped()
(bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure
(bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test
(bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing
(bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device
(git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags
(git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing
(git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m ->
VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of
'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists
(git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
(git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response()
(git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
(git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature
(bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency
across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
(bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1183=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1183=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1183=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1183=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1183=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1183=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-default-optional-5.3.18-150300.59.63.1
kernel-default-optional-debuginfo-5.3.18-150300.59.63.1
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-obs-qa-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
kselftests-kmp-default-5.3.18-150300.59.63.1
kselftests-kmp-default-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-150300.59.63.1
kernel-debug-debuginfo-5.3.18-150300.59.63.1
kernel-debug-debugsource-5.3.18-150300.59.63.1
kernel-debug-devel-5.3.18-150300.59.63.1
kernel-debug-devel-debuginfo-5.3.18-150300.59.63.1
kernel-debug-livepatch-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-5.3.18-150300.59.63.1
kernel-kvmsmall-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-debugsource-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-150300.59.63.1
cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-64kb-5.3.18-150300.59.63.1
dlm-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dtb-al-5.3.18-150300.59.63.1
dtb-allwinner-5.3.18-150300.59.63.1
dtb-altera-5.3.18-150300.59.63.1
dtb-amd-5.3.18-150300.59.63.1
dtb-amlogic-5.3.18-150300.59.63.1
dtb-apm-5.3.18-150300.59.63.1
dtb-arm-5.3.18-150300.59.63.1
dtb-broadcom-5.3.18-150300.59.63.1
dtb-cavium-5.3.18-150300.59.63.1
dtb-exynos-5.3.18-150300.59.63.1
dtb-freescale-5.3.18-150300.59.63.1
dtb-hisilicon-5.3.18-150300.59.63.1
dtb-lg-5.3.18-150300.59.63.1
dtb-marvell-5.3.18-150300.59.63.1
dtb-mediatek-5.3.18-150300.59.63.1
dtb-nvidia-5.3.18-150300.59.63.1
dtb-qcom-5.3.18-150300.59.63.1
dtb-renesas-5.3.18-150300.59.63.1
dtb-rockchip-5.3.18-150300.59.63.1
dtb-socionext-5.3.18-150300.59.63.1
dtb-sprd-5.3.18-150300.59.63.1
dtb-xilinx-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
gfs2-kmp-64kb-5.3.18-150300.59.63.1
gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-extra-5.3.18-150300.59.63.1
kernel-64kb-extra-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1
kernel-64kb-optional-5.3.18-150300.59.63.1
kernel-64kb-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-64kb-5.3.18-150300.59.63.1
kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-docs-5.3.18-150300.59.63.1
kernel-docs-html-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
kernel-source-vanilla-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
kernel-docs-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
References:
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-0854.html
https://www.suse.com/security/cve/CVE-2022-1011.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-1055.html
https://www.suse.com/security/cve/CVE-2022-1195.html
https://www.suse.com/security/cve/CVE-2022-1198.html
https://www.suse.com/security/cve/CVE-2022-1199.html
https://www.suse.com/security/cve/CVE-2022-1205.html
https://www.suse.com/security/cve/CVE-2022-27666.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1175667
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1179639
https://bugzilla.suse.com/1180153
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1194649
https://bugzilla.suse.com/1195640
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196196
https://bugzilla.suse.com/1196478
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196823
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197243
https://bugzilla.suse.com/1197300
https://bugzilla.suse.com/1197302
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197389
https://bugzilla.suse.com/1197462
https://bugzilla.suse.com/1197501
https://bugzilla.suse.com/1197534
https://bugzilla.suse.com/1197661
https://bugzilla.suse.com/1197675
https://bugzilla.suse.com/1197702
https://bugzilla.suse.com/1197811
https://bugzilla.suse.com/1197812
https://bugzilla.suse.com/1197815
https://bugzilla.suse.com/1197817
https://bugzilla.suse.com/1197819
https://bugzilla.suse.com/1197820
https://bugzilla.suse.com/1197888
https://bugzilla.suse.com/1197889
https://bugzilla.suse.com/1197894
https://bugzilla.suse.com/1197914
https://bugzilla.suse.com/1198027
https://bugzilla.suse.com/1198028
https://bugzilla.suse.com/1198029
https://bugzilla.suse.com/1198030
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
1
0
SUSE-SU-2022:1176-1: important: Security update for MozillaThunderbird
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1176-1
Rating: important
References: #1197903
Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-1197
CVE-2022-24713 CVE-2022-28281 CVE-2022-28282
CVE-2022-28285 CVE-2022-28286 CVE-2022-28289
CVSS scores:
CVE-2022-1097 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1196 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-1197 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-28281 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-28282 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-28285 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-28286 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-28289 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
- Updated to version 91.8 (bsc#1197903):
- CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects.
- CVE-2022-28281: Fixed a memory corruption issue due to unexpected
WebAuthN Extensions.
- CVE-2022-1197: Fixed an issue where OpenPGP revocation information was
ignored.
- CVE-2022-1196: Fixed a memory corruption issue after VR process
destruction.
- CVE-2022-28282: Fixed a memory corruption issue in document
translation.
- CVE-2022-28285: Fixed a memory corruption issue in JIT code generation.
- CVE-2022-28286: Fixed an iframe layout issue that could have been
exploited to stage spoofing attacks.
- CVE-2022-24713: Fixed a potential denial of service via complex
regular expressions.
- CVE-2022-28289: Fixed multiple memory corruption issues.
Non-security fixes:
- Changed Google accounts using password authentication to use OAuth2.
- Fixed an issue where OpenPGP ECC keys created by Thunderbird could not
be imported into GnuPG.
- Fixed an issue where exporting multiple public PGP keys from Thunderbird
was not possible.
- Fixed an issue where replying to a newsgroup message erroneously
displayed a "No-reply" popup warning.
- Fixed an issue with opening older address books.
- Fixed an issue where LDAP directories would be lost when switching to
"Offline" mode.
- Fixed an issue when importing webcals.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1176=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1176=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1176=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1176=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1176=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1176=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
References:
https://www.suse.com/security/cve/CVE-2022-1097.html
https://www.suse.com/security/cve/CVE-2022-1196.html
https://www.suse.com/security/cve/CVE-2022-1197.html
https://www.suse.com/security/cve/CVE-2022-24713.html
https://www.suse.com/security/cve/CVE-2022-28281.html
https://www.suse.com/security/cve/CVE-2022-28282.html
https://www.suse.com/security/cve/CVE-2022-28285.html
https://www.suse.com/security/cve/CVE-2022-28286.html
https://www.suse.com/security/cve/CVE-2022-28289.html
https://bugzilla.suse.com/1197903
1
0
SUSE-SU-2022:1167-1: important: Security update for go1.17
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1167-1
Rating: important
References: #1183043 #1190649 #1196732
Cross-References: CVE-2022-24921
CVSS scores:
CVE-2022-24921 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24921 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for go1.17 fixes the following issues:
Update to version 1.17.8 (bsc#1190649):
- CVE-2022-24921: Fixed a potential denial of service via large regular
expressions (bsc#1196732).
Non-security fixes:
- Fixed an issue with v2 modules (go#51332).
- Fixed an issue when building source in riscv64 (go#51199).
- Increased compatibility for the DNS protocol in the net module
(go#51162).
- Fixed an issue with histograms in the runtime/metrics module
(go#50734).
- Fixed an issue when parsing x509 certificates (go#51000).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1167=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1167=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1167=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1167=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1167=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1167=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1167=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1167=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1167=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1167=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1167=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1167=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1167=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1167=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Manager Server 4.1 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Proxy 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
References:
https://www.suse.com/security/cve/CVE-2022-24921.html
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1190649
https://bugzilla.suse.com/1196732
1
0
SUSE-SU-2022:1164-1: important: Security update for go1.16
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for go1.16
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1164-1
Rating: important
References: #1182345 #1183043 #1196732
Cross-References: CVE-2022-24921
CVSS scores:
CVE-2022-24921 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24921 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for go1.16 fixes the following issues:
Update to version 1.16.15 (bsc#1182345):
- CVE-2022-24921: Fixed a potential denial of service via large regular
expressions (bsc#1196732).
Non-security fixes:
- Fixed an issue with v2 modules (go#51331).
- Fixed an issue when building source in riscv64 (go#51198).
- Increased compatibility for the DNS protocol in the net module
(go#51161).
- Fixed an issue with histograms in the runtime/metrics module
(go#50733).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1164=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1164=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1164=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1164=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1164=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1164=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1164=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1164=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1164=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1164=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1164=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1164=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1164=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Manager Server 4.1 (x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Manager Proxy 4.1 (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
go1.16-1.16.15-150000.1.46.1
go1.16-doc-1.16.15-150000.1.46.1
go1.16-race-1.16.15-150000.1.46.1
References:
https://www.suse.com/security/cve/CVE-2022-24921.html
https://bugzilla.suse.com/1182345
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1196732
1
0
SUSE-SU-2022:1157-1: important: Security update for libsolv, libzypp, zypper
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for libsolv, libzypp, zypper
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1157-1
Rating: important
References: #1184501 #1194848 #1195999 #1196061 #1196317
#1196368 #1196514 #1196925 #1197134
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP2
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Installer 15-SP2
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for libsolv, libzypp, zypper fixes the following issues:
Security relevant fix:
- Harden package signature checks (bsc#1184501).
libsolv update to 0.7.22:
- reworked choice rule generation to cover more usecases
- support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514)
- support parsing of Debian's Multi-Arch indicator
- fix segfault on conflict resolution when using bindings
- fix split provides not working if the update includes a forbidden vendor
change
- support strict repository priorities new solver flag:
SOLVER_FLAG_STRICT_REPO_PRIORITY
- support zstd compressed control files in debian packages
- add an ifdef allowing to rename Solvable dependency members ("requires"
is a keyword in C++20)
- support setting/reading userdata in solv files new functions:
repowriter_set_userdata, solv_read_userdata
- support queying of the custom vendor check function new function:
pool_get_custom_vendorcheck
- support solv files with an idarray block
- allow accessing the toolversion at runtime
libzypp update to 17.30.0:
- ZConfig: Update solver settings if target changes (bsc#1196368)
- Fix possible hang in singletrans mode (bsc#1197134)
- Do 2 retries if mount is still busy.
- Fix package signature check (bsc#1184501) Pay attention that header and
payload are secured by a valid signature and report more detailed which
signature is missing.
- Retry umount if device is busy (bsc#1196061, closes #381) A previously
released ISO image may need a bit more time to release it's loop device.
So we wait a bit and retry.
- Fix serializing/deserializing type mismatch in zypp-rpm protocol
(bsc#1196925)
- Fix handling of ISO media in releaseAll (bsc#1196061)
- Hint on common ptf resolver conflicts (bsc#1194848)
- Hint on ptf<>patch resolver conflicts (bsc#1194848)
zypper update to 1.14.52:
- info: print the packages upstream URL if available (fixes #426)
- info: Fix SEGV with not installed PTFs (bsc#1196317)
- Don't prevent less restrictive umasks (bsc#1195999)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1157=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1157=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1157=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1157=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1157=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1157=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1157=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1157=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1157=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1157=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1157=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1157=1
- SUSE Linux Enterprise Installer 15-SP2:
zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2022-1157=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1157=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1157=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1157=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-demo-0.7.22-150200.12.1
libsolv-demo-debuginfo-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
libzypp-devel-doc-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python-solv-0.7.22-150200.12.1
python-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- openSUSE Leap 15.3 (noarch):
zypper-aptitude-1.14.52-150200.30.2
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Manager Server 4.1 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Manager Retail Branch Server 4.1 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Manager Proxy 4.1 (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Manager Proxy 4.1 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.1 (noarch):
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise Micro 5.0 (noarch):
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise Installer 15-SP2 (aarch64 ppc64le s390x x86_64):
libsolv-tools-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libsolv-debuginfo-0.7.22-150200.12.1
libsolv-debugsource-0.7.22-150200.12.1
libsolv-devel-0.7.22-150200.12.1
libsolv-devel-debuginfo-0.7.22-150200.12.1
libsolv-tools-0.7.22-150200.12.1
libsolv-tools-debuginfo-0.7.22-150200.12.1
libzypp-17.30.0-150200.36.1
libzypp-debuginfo-17.30.0-150200.36.1
libzypp-debugsource-17.30.0-150200.36.1
libzypp-devel-17.30.0-150200.36.1
perl-solv-0.7.22-150200.12.1
perl-solv-debuginfo-0.7.22-150200.12.1
python3-solv-0.7.22-150200.12.1
python3-solv-debuginfo-0.7.22-150200.12.1
ruby-solv-0.7.22-150200.12.1
ruby-solv-debuginfo-0.7.22-150200.12.1
zypper-1.14.52-150200.30.2
zypper-debuginfo-1.14.52-150200.30.2
zypper-debugsource-1.14.52-150200.30.2
- SUSE Enterprise Storage 7 (noarch):
zypper-log-1.14.52-150200.30.2
zypper-needs-restarting-1.14.52-150200.30.2
References:
https://bugzilla.suse.com/1184501
https://bugzilla.suse.com/1194848
https://bugzilla.suse.com/1195999
https://bugzilla.suse.com/1196061
https://bugzilla.suse.com/1196317
https://bugzilla.suse.com/1196368
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196925
https://bugzilla.suse.com/1197134
1
0
SUSE-SU-2022:1163-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1163-1
Rating: important
References: #1065729 #1156395 #1175667 #1177028 #1178134
#1179639 #1180153 #1189562 #1194589 #1194625
#1194649 #1194943 #1195051 #1195353 #1195640
#1195926 #1196018 #1196130 #1196196 #1196478
#1196488 #1196761 #1196823 #1196956 #1197227
#1197243 #1197245 #1197300 #1197302 #1197331
#1197343 #1197366 #1197389 #1197460 #1197462
#1197501 #1197534 #1197661 #1197675 #1197677
#1197702 #1197811 #1197812 #1197815 #1197817
#1197819 #1197820 #1197888 #1197889 #1197894
#1198027 #1198028 #1198029 #1198030 #1198031
#1198032 #1198033 #1198077
Cross-References: CVE-2021-39698 CVE-2021-45402 CVE-2021-45868
CVE-2022-0850 CVE-2022-0854 CVE-2022-1011
CVE-2022-1016 CVE-2022-1048 CVE-2022-1055
CVE-2022-1195 CVE-2022-1198 CVE-2022-1199
CVE-2022-1205 CVE-2022-23036 CVE-2022-23037
CVE-2022-23038 CVE-2022-23039 CVE-2022-23040
CVE-2022-23041 CVE-2022-23042 CVE-2022-27223
CVE-2022-27666 CVE-2022-28388 CVE-2022-28389
CVE-2022-28390
CVSS scores:
CVE-2021-39698 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-39698 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-45402 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-45402 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-0854 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0854 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1011 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1195 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1198 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1199 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1205 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-23036 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23036 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23037 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23037 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23038 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23038 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23039 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23039 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23040 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23040 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23041 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23041 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-23042 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23042 (SUSE): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2022-27223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27223 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-27666 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27666 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 25 vulnerabilities and has 33 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels
DMA subsystem. This flaw allowed a local user to read random memory from
the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities
that allow an attacker to crash the linux kernel by simulating Amateur
Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free
vulnerabilities that allow an attacker to crash the linux kernel by
simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an
attacker to crash the linux kernel by simulating Amateur Radio
(bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a
local attacker with a user privilege to execute a denial of service.
(bsc#1198029)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock.
(bsc#1197331)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow
a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c. (bsc#1196761)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal
user privilege to overwrite kernel heap objects and may cause a local
privilege escalation. (bnc#1197462)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota
file. (bnc#1197366)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other
data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
- CVE-2022-27223: Fixed an out-of-array access in
/usb/gadget/udc/udc-xilinx.c. (bsc#1197245)
- CVE-2021-39698: Fixed a possible memory corruption due to a use after
free in aio_poll_complete_work. This could lead to local escalation of
privilege with no additional execution privileges needed. (bsc#1196956)
- CVE-2021-45402: Fixed a pointer leak in check_alu_op() of
kernel/bpf/verifier.c. (bsc#1196130).
-
CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,
CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have
lead to read/write access to memory pages or denial of service. These
issues are related to the Xen PV device frontend drivers. (bsc#1196488)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
(git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods
(git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more
references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
(git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
(git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
(git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put
(git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
(git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
(git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in
msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in
rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
(bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device
(bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records
(git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the
log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log
(bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs
(bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log
(bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink
(bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode
(bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists
(bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged
(bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging
inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes
(bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit
(bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync
(bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged()
(bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans
(bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir
entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log
(bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode
(bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device
when fully ready (git-fixes).
- cifs: do not skip link targets when an I/O fails (bsc#1194625).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in
timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail
(git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations
(git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
(git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
(git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages
(bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
(git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq
function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe
(git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops
(git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
(git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling
(git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector
(git-fixes).
- Drop HID multitouch fix patch (bsc#1197243),
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- EDAC: Fix calculation of returned address and next offset in
edac_align_ptr() (bsc#1178134).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer
(git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).
- gpio: ts4900: Do not set DAT and OE together (git-fixes).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds
(git-fixes).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type
(bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data
(git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available
(git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- kernel-binary.spec: Do not use the default certificate path
(bsc#1194943).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across
encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert "media: em28xx: add missing em28xx_close_extension"
(git-fixes).
- media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no
managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
(git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
(git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: DP83822: clear MISR2 register to disable interrupts
(git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend
functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
(bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable
(git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state
(bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir
(git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking
(git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
- NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
(git-fixes).
- pinctrl: mediatek: paris: Fix "argument" argument type for
mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
(git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
(git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
(bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/perf: Expose Performance Monitor Counter SPR's as part of
extended regs (bsc#1198077 ltc#197299).
- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct
(bsc#1198077 ltc#197299).
- powerpc/pseries: Fix use after free in remove_phb_dynamic()
(bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty
(bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before
pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
(git-fixes).
- Revert "build initrd without systemd" (bsc#1197300).
- Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" (bsc#1197243).
- Revert "module, async: async_synchronize_full() on module init iff async
is used" (bsc#1197888).
- Revert "Revert "build initrd without systemd" (bsc#1197300)"
- Revert "usb: dwc3: gadget: Use list_replace_init() before traversing
lists" (git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in
__gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set
(bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations
(git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling
functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte()
(git-fixes).
- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677
LTC#197378).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675
bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download
(bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
(bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped()
(bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure
(bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test
(bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing
(bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device
(git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags
(git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing
(git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- team: protect features update by RCU to avoid deadlock (git-fixes).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m ->
VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of
'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).
- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).
- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists
(git-fixes).
- usb: dwc3: meson-g12a: Disable the regulator in the error handling path
of the probe (git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
(git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response()
(git-fixes).
- usb: host: xen-hcd: add missing unlock in error path (git-fixes).
- usb: hub: Fix locking issues with address0_mutex (git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
(git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature
(bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency
across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
(bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done()
(bsc#1196488, XSA-396).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1163=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1163=1
Package List:
- openSUSE Leap 15.3 (noarch):
kernel-devel-azure-5.3.18-150300.38.53.1
kernel-source-azure-5.3.18-150300.38.53.1
- openSUSE Leap 15.3 (x86_64):
cluster-md-kmp-azure-5.3.18-150300.38.53.1
cluster-md-kmp-azure-debuginfo-5.3.18-150300.38.53.1
dlm-kmp-azure-5.3.18-150300.38.53.1
dlm-kmp-azure-debuginfo-5.3.18-150300.38.53.1
gfs2-kmp-azure-5.3.18-150300.38.53.1
gfs2-kmp-azure-debuginfo-5.3.18-150300.38.53.1
kernel-azure-5.3.18-150300.38.53.1
kernel-azure-debuginfo-5.3.18-150300.38.53.1
kernel-azure-debugsource-5.3.18-150300.38.53.1
kernel-azure-devel-5.3.18-150300.38.53.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.53.1
kernel-azure-extra-5.3.18-150300.38.53.1
kernel-azure-extra-debuginfo-5.3.18-150300.38.53.1
kernel-azure-livepatch-devel-5.3.18-150300.38.53.1
kernel-azure-optional-5.3.18-150300.38.53.1
kernel-azure-optional-debuginfo-5.3.18-150300.38.53.1
kernel-syms-azure-5.3.18-150300.38.53.1
kselftests-kmp-azure-5.3.18-150300.38.53.1
kselftests-kmp-azure-debuginfo-5.3.18-150300.38.53.1
ocfs2-kmp-azure-5.3.18-150300.38.53.1
ocfs2-kmp-azure-debuginfo-5.3.18-150300.38.53.1
reiserfs-kmp-azure-5.3.18-150300.38.53.1
reiserfs-kmp-azure-debuginfo-5.3.18-150300.38.53.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
kernel-devel-azure-5.3.18-150300.38.53.1
kernel-source-azure-5.3.18-150300.38.53.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (x86_64):
kernel-azure-5.3.18-150300.38.53.1
kernel-azure-debuginfo-5.3.18-150300.38.53.1
kernel-azure-debugsource-5.3.18-150300.38.53.1
kernel-azure-devel-5.3.18-150300.38.53.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.53.1
kernel-syms-azure-5.3.18-150300.38.53.1
References:
https://www.suse.com/security/cve/CVE-2021-39698.html
https://www.suse.com/security/cve/CVE-2021-45402.html
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-0854.html
https://www.suse.com/security/cve/CVE-2022-1011.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-1055.html
https://www.suse.com/security/cve/CVE-2022-1195.html
https://www.suse.com/security/cve/CVE-2022-1198.html
https://www.suse.com/security/cve/CVE-2022-1199.html
https://www.suse.com/security/cve/CVE-2022-1205.html
https://www.suse.com/security/cve/CVE-2022-23036.html
https://www.suse.com/security/cve/CVE-2022-23037.html
https://www.suse.com/security/cve/CVE-2022-23038.html
https://www.suse.com/security/cve/CVE-2022-23039.html
https://www.suse.com/security/cve/CVE-2022-23040.html
https://www.suse.com/security/cve/CVE-2022-23041.html
https://www.suse.com/security/cve/CVE-2022-23042.html
https://www.suse.com/security/cve/CVE-2022-27223.html
https://www.suse.com/security/cve/CVE-2022-27666.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1175667
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1179639
https://bugzilla.suse.com/1180153
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1194589
https://bugzilla.suse.com/1194625
https://bugzilla.suse.com/1194649
https://bugzilla.suse.com/1194943
https://bugzilla.suse.com/1195051
https://bugzilla.suse.com/1195353
https://bugzilla.suse.com/1195640
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196130
https://bugzilla.suse.com/1196196
https://bugzilla.suse.com/1196478
https://bugzilla.suse.com/1196488
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196823
https://bugzilla.suse.com/1196956
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197243
https://bugzilla.suse.com/1197245
https://bugzilla.suse.com/1197300
https://bugzilla.suse.com/1197302
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197389
https://bugzilla.suse.com/1197460
https://bugzilla.suse.com/1197462
https://bugzilla.suse.com/1197501
https://bugzilla.suse.com/1197534
https://bugzilla.suse.com/1197661
https://bugzilla.suse.com/1197675
https://bugzilla.suse.com/1197677
https://bugzilla.suse.com/1197702
https://bugzilla.suse.com/1197811
https://bugzilla.suse.com/1197812
https://bugzilla.suse.com/1197815
https://bugzilla.suse.com/1197817
https://bugzilla.suse.com/1197819
https://bugzilla.suse.com/1197820
https://bugzilla.suse.com/1197888
https://bugzilla.suse.com/1197889
https://bugzilla.suse.com/1197894
https://bugzilla.suse.com/1198027
https://bugzilla.suse.com/1198028
https://bugzilla.suse.com/1198029
https://bugzilla.suse.com/1198030
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
https://bugzilla.suse.com/1198077
1
0
12 Apr '22
SUSE Security Update: Security update for xz
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1158-1
Rating: important
References: #1198062
Cross-References: CVE-2022-1271
CVSS scores:
CVE-2022-1271 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xz fixes the following issues:
- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames
(ZDI-CAN-16587). (bsc#1198062)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1158=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1158=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1158=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1158=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1158=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1158=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1158=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1158=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1158=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1158=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1158=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1158=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1158=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1158=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1158=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1158=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1158=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1158=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1158=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1158=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1158=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1158=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- openSUSE Leap 15.4 (noarch):
xz-lang-5.2.3-150000.4.7.1
- openSUSE Leap 15.4 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
xz-devel-32bit-5.2.3-150000.4.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- openSUSE Leap 15.3 (noarch):
xz-lang-5.2.3-150000.4.7.1
- openSUSE Leap 15.3 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
xz-devel-32bit-5.2.3-150000.4.7.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Manager Server 4.1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Manager Server 4.1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Manager Proxy 4.1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Manager Proxy 4.1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 7 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 7 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 6 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
- SUSE Enterprise Storage 6 (noarch):
xz-lang-5.2.3-150000.4.7.1
- SUSE CaaS Platform 4.0 (x86_64):
liblzma5-32bit-5.2.3-150000.4.7.1
liblzma5-32bit-debuginfo-5.2.3-150000.4.7.1
liblzma5-5.2.3-150000.4.7.1
liblzma5-debuginfo-5.2.3-150000.4.7.1
xz-5.2.3-150000.4.7.1
xz-debuginfo-5.2.3-150000.4.7.1
xz-debugsource-5.2.3-150000.4.7.1
xz-devel-5.2.3-150000.4.7.1
xz-static-devel-5.2.3-150000.4.7.1
- SUSE CaaS Platform 4.0 (noarch):
xz-lang-5.2.3-150000.4.7.1
References:
https://www.suse.com/security/cve/CVE-2022-1271.html
https://bugzilla.suse.com/1198062
1
0
SUSE-SU-2022:1162-1: important: Security update for subversion
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for subversion
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1162-1
Rating: important
References: #1197939 #1197940
Cross-References: CVE-2021-28544 CVE-2022-24070
CVSS scores:
CVE-2021-28544 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-24070 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for subversion fixes the following issues:
- CVE-2022-24070: Fixed a memory corruption issue in mod_dav_svn as used
by Apache HTTP server. This could be exploited by a remote attacker to
cause a denial of service (bsc#1197940).
- CVE-2021-28544: Fixed an information leak issue where Subversion servers
may reveal the original path of files protected by path-based
authorization (bsc#1197939).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1162=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1162=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1162=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1162=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1162=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
subversion-python-ctypes-1.10.6-150300.10.8.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsvn_auth_gnome_keyring-1-0-1.10.6-150300.10.8.1
libsvn_auth_gnome_keyring-1-0-debuginfo-1.10.6-150300.10.8.1
libsvn_auth_kwallet-1-0-1.10.6-150300.10.8.1
libsvn_auth_kwallet-1-0-debuginfo-1.10.6-150300.10.8.1
subversion-1.10.6-150300.10.8.1
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-devel-1.10.6-150300.10.8.1
subversion-perl-1.10.6-150300.10.8.1
subversion-perl-debuginfo-1.10.6-150300.10.8.1
subversion-python-1.10.6-150300.10.8.1
subversion-python-ctypes-1.10.6-150300.10.8.1
subversion-python-debuginfo-1.10.6-150300.10.8.1
subversion-ruby-1.10.6-150300.10.8.1
subversion-ruby-debuginfo-1.10.6-150300.10.8.1
subversion-server-1.10.6-150300.10.8.1
subversion-server-debuginfo-1.10.6-150300.10.8.1
subversion-tools-1.10.6-150300.10.8.1
subversion-tools-debuginfo-1.10.6-150300.10.8.1
- openSUSE Leap 15.3 (noarch):
subversion-bash-completion-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-server-1.10.6-150300.10.8.1
subversion-server-debuginfo-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-perl-1.10.6-150300.10.8.1
subversion-perl-debuginfo-1.10.6-150300.10.8.1
subversion-python-1.10.6-150300.10.8.1
subversion-python-debuginfo-1.10.6-150300.10.8.1
subversion-tools-1.10.6-150300.10.8.1
subversion-tools-debuginfo-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
subversion-bash-completion-1.10.6-150300.10.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
subversion-1.10.6-150300.10.8.1
subversion-debuginfo-1.10.6-150300.10.8.1
subversion-debugsource-1.10.6-150300.10.8.1
subversion-devel-1.10.6-150300.10.8.1
References:
https://www.suse.com/security/cve/CVE-2021-28544.html
https://www.suse.com/security/cve/CVE-2022-24070.html
https://bugzilla.suse.com/1197939
https://bugzilla.suse.com/1197940
1
0