openSUSE Security Announce May 2022

security-announce@lists.opensuse.org

1 participants
77 discussions

SUSE-SU-2022:1898-1: moderate: Security update for fribidi

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for fribidi ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1898-1 Rating: moderate References: #1196147 #1196148 #1196150 Cross-References: CVE-2022-25308 CVE-2022-25309 CVE-2022-25310 CVSS scores: CVE-2022-25308 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H CVE-2022-25309 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H CVE-2022-25310 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for fribidi fixes the following issues: - CVE-2022-25308: Fixed stack out of bounds read (bsc#1196147). - CVE-2022-25309: Fixed heap-buffer-overflow in fribidi_cap_rtl_to_unicode (bsc#1196148). - CVE-2022-25310: Fixed NULL pointer dereference in fribidi_remove_bidi_marks (bsc#1196150). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1898=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1898=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1898=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): fribidi-1.0.10-150400.3.3.1 fribidi-debuginfo-1.0.10-150400.3.3.1 fribidi-debugsource-1.0.10-150400.3.3.1 fribidi-devel-1.0.10-150400.3.3.1 libfribidi0-1.0.10-150400.3.3.1 libfribidi0-debuginfo-1.0.10-150400.3.3.1 - openSUSE Leap 15.4 (x86_64): libfribidi0-32bit-1.0.10-150400.3.3.1 libfribidi0-32bit-debuginfo-1.0.10-150400.3.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (x86_64): fribidi-debugsource-1.0.10-150400.3.3.1 libfribidi0-32bit-1.0.10-150400.3.3.1 libfribidi0-32bit-debuginfo-1.0.10-150400.3.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): fribidi-1.0.10-150400.3.3.1 fribidi-debuginfo-1.0.10-150400.3.3.1 fribidi-debugsource-1.0.10-150400.3.3.1 fribidi-devel-1.0.10-150400.3.3.1 libfribidi0-1.0.10-150400.3.3.1 libfribidi0-debuginfo-1.0.10-150400.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-25308.html https://www.suse.com/security/cve/CVE-2022-25309.html https://www.suse.com/security/cve/CVE-2022-25310.html https://bugzilla.suse.com/1196147 https://bugzilla.suse.com/1196148 https://bugzilla.suse.com/1196150

3 weeks, 3 days

SUSE-SU-2022:1895-1: important: Security update for postgresql13

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for postgresql13 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1895-1 Rating: important References: #1199475 Cross-References: CVE-2022-1552 CVSS scores: CVE-2022-1552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Legacy Software 15-SP4 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 SUSE Linux Enterprise Module for Server Applications 15-SP3 SUSE Linux Enterprise Server SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql13 fixes the following issues: - CVE-2022-1552: Confine additional operations within "security restricted operation" sandboxes (bsc#1199475). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1895=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1895=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1895=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1895=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1895=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1895=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1895=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1895=1 - SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1895=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1895=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP4: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-1895=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1895=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1895=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1895=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1895=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-llvmjit-13.7-150200.5.28.1 postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1 postgresql13-llvmjit-devel-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 postgresql13-test-13.7-150200.5.28.1 - openSUSE Leap 15.4 (noarch): postgresql13-docs-13.7-150200.5.28.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-llvmjit-13.7-150200.5.28.1 postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 postgresql13-test-13.7-150200.5.28.1 - openSUSE Leap 15.3 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Manager Server 4.1 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Manager Retail Branch Server 4.1 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Manager Proxy 4.1 (x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Manager Proxy 4.1 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64): postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64): postgresql13-llvmjit-13.7-150200.5.28.1 postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1 postgresql13-test-13.7-150200.5.28.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-llvmjit-13.7-150200.5.28.1 postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1 postgresql13-llvmjit-devel-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP4 (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): postgresql13-docs-13.7-150200.5.28.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): postgresql13-13.7-150200.5.28.1 postgresql13-contrib-13.7-150200.5.28.1 postgresql13-contrib-debuginfo-13.7-150200.5.28.1 postgresql13-debuginfo-13.7-150200.5.28.1 postgresql13-debugsource-13.7-150200.5.28.1 postgresql13-devel-13.7-150200.5.28.1 postgresql13-devel-debuginfo-13.7-150200.5.28.1 postgresql13-plperl-13.7-150200.5.28.1 postgresql13-plperl-debuginfo-13.7-150200.5.28.1 postgresql13-plpython-13.7-150200.5.28.1 postgresql13-plpython-debuginfo-13.7-150200.5.28.1 postgresql13-pltcl-13.7-150200.5.28.1 postgresql13-pltcl-debuginfo-13.7-150200.5.28.1 postgresql13-server-13.7-150200.5.28.1 postgresql13-server-debuginfo-13.7-150200.5.28.1 postgresql13-server-devel-13.7-150200.5.28.1 postgresql13-server-devel-debuginfo-13.7-150200.5.28.1 - SUSE Enterprise Storage 7 (noarch): postgresql13-docs-13.7-150200.5.28.1 References: https://www.suse.com/security/cve/CVE-2022-1552.html https://bugzilla.suse.com/1199475

3 weeks, 3 days

SUSE-SU-2022:1892-1: moderate: Security update for dpdk

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for dpdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1892-1 Rating: moderate References: #1195172 #1198873 #1198963 #1198964 Cross-References: CVE-2021-3839 CVE-2022-0669 CVSS scores: CVE-2021-3839 (SUSE): 5.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L CVE-2022-0669 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Server Applications 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for dpdk fixes the following issues: Security: - CVE-2021-3839: Fixed a memory corruption issue during vhost-user communication (bsc#1198963). - CVE-2022-0669: Fixed a denial of service that could be triggered by a vhost-user master (bsc#1198964). Bugfixes: - kni: allow configuring thread granularity (bsc#1195172). - Fixed reading of PCI device name as UTF strings (bsc#1198873). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1892=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1892=1 - SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1892=1 Package List: - openSUSE Leap 15.4 (aarch64 x86_64): dpdk-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 - openSUSE Leap 15.4 (aarch64): dpdk-thunderx-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-thunderx-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 - openSUSE Leap 15.3 (aarch64 ppc64le x86_64): dpdk-19.11.4-150300.11.1 dpdk-debuginfo-19.11.4-150300.11.1 dpdk-debugsource-19.11.4-150300.11.1 dpdk-devel-19.11.4-150300.11.1 dpdk-devel-debuginfo-19.11.4-150300.11.1 dpdk-examples-19.11.4-150300.11.1 dpdk-examples-debuginfo-19.11.4-150300.11.1 dpdk-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-tools-19.11.4-150300.11.1 dpdk-tools-debuginfo-19.11.4-150300.11.1 libdpdk-20_0-19.11.4-150300.11.1 libdpdk-20_0-debuginfo-19.11.4-150300.11.1 - openSUSE Leap 15.3 (aarch64 x86_64): dpdk-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 - openSUSE Leap 15.3 (aarch64): dpdk-thunderx-19.11.4-150300.11.1 dpdk-thunderx-debuginfo-19.11.4-150300.11.1 dpdk-thunderx-debugsource-19.11.4-150300.11.1 dpdk-thunderx-devel-19.11.4-150300.11.1 dpdk-thunderx-devel-debuginfo-19.11.4-150300.11.1 dpdk-thunderx-examples-19.11.4-150300.11.1 dpdk-thunderx-examples-debuginfo-19.11.4-150300.11.1 dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-thunderx-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-thunderx-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-thunderx-tools-19.11.4-150300.11.1 dpdk-thunderx-tools-debuginfo-19.11.4-150300.11.1 - openSUSE Leap 15.3 (noarch): dpdk-doc-19.11.4-150300.11.1 dpdk-thunderx-doc-19.11.4-150300.11.1 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le x86_64): dpdk-19.11.4-150300.11.1 dpdk-debuginfo-19.11.4-150300.11.1 dpdk-debugsource-19.11.4-150300.11.1 dpdk-devel-19.11.4-150300.11.1 dpdk-devel-debuginfo-19.11.4-150300.11.1 dpdk-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-tools-19.11.4-150300.11.1 dpdk-tools-debuginfo-19.11.4-150300.11.1 libdpdk-20_0-19.11.4-150300.11.1 libdpdk-20_0-debuginfo-19.11.4-150300.11.1 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64): dpdk-thunderx-19.11.4-150300.11.1 dpdk-thunderx-debuginfo-19.11.4-150300.11.1 dpdk-thunderx-debugsource-19.11.4-150300.11.1 dpdk-thunderx-devel-19.11.4-150300.11.1 dpdk-thunderx-devel-debuginfo-19.11.4-150300.11.1 dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1 dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1 References: https://www.suse.com/security/cve/CVE-2021-3839.html https://www.suse.com/security/cve/CVE-2022-0669.html https://bugzilla.suse.com/1195172 https://bugzilla.suse.com/1198873 https://bugzilla.suse.com/1198963 https://bugzilla.suse.com/1198964

3 weeks, 3 days

SUSE-SU-2022:1894-1: important: Security update for postgresql12

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for postgresql12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1894-1 Rating: important References: #1199475 Cross-References: CVE-2022-1552 CVSS scores: CVE-2022-1552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Legacy Software 15-SP3 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 SUSE Linux Enterprise Server SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql12 fixes the following issues: - CVE-2022-1552: Confine additional operations within "security restricted operation" sandboxes (bsc#1199475). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1894=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1894=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1894=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1894=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1894=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1894=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1894=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1894=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1894=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1894=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1894=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1894=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1894=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-llvmjit-12.11-150200.8.32.1 postgresql12-llvmjit-debuginfo-12.11-150200.8.32.1 postgresql12-llvmjit-devel-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 postgresql12-test-12.11-150200.8.32.1 - openSUSE Leap 15.4 (noarch): postgresql12-docs-12.11-150200.8.32.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-llvmjit-12.11-150200.8.32.1 postgresql12-llvmjit-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 postgresql12-test-12.11-150200.8.32.1 - openSUSE Leap 15.3 (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Manager Server 4.1 (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Manager Retail Branch Server 4.1 (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Manager Proxy 4.1 (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Manager Proxy 4.1 (x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64): postgresql12-llvmjit-12.11-150200.8.32.1 postgresql12-llvmjit-debuginfo-12.11-150200.8.32.1 postgresql12-test-12.11-150200.8.32.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): postgresql12-docs-12.11-150200.8.32.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): postgresql12-12.11-150200.8.32.1 postgresql12-contrib-12.11-150200.8.32.1 postgresql12-contrib-debuginfo-12.11-150200.8.32.1 postgresql12-debuginfo-12.11-150200.8.32.1 postgresql12-debugsource-12.11-150200.8.32.1 postgresql12-devel-12.11-150200.8.32.1 postgresql12-devel-debuginfo-12.11-150200.8.32.1 postgresql12-plperl-12.11-150200.8.32.1 postgresql12-plperl-debuginfo-12.11-150200.8.32.1 postgresql12-plpython-12.11-150200.8.32.1 postgresql12-plpython-debuginfo-12.11-150200.8.32.1 postgresql12-pltcl-12.11-150200.8.32.1 postgresql12-pltcl-debuginfo-12.11-150200.8.32.1 postgresql12-server-12.11-150200.8.32.1 postgresql12-server-debuginfo-12.11-150200.8.32.1 postgresql12-server-devel-12.11-150200.8.32.1 postgresql12-server-devel-debuginfo-12.11-150200.8.32.1 - SUSE Enterprise Storage 7 (noarch): postgresql12-docs-12.11-150200.8.32.1 References: https://www.suse.com/security/cve/CVE-2022-1552.html https://bugzilla.suse.com/1199475

3 weeks, 3 days

openSUSE-SU-2022:10001-1: moderate: Security update for pcmanfm

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for pcmanfm ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:10001-1 Rating: moderate References: #1039140 Cross-References: CVE-2017-8934 CVSS scores: CVE-2017-8934 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pcmanfm fixes the following issues: update to 1.3.2: * Fixed case when some keyboard shortcuts stopped working: Alt+Home, Alt+Up * Fixed sytem reboot delayed for 90 seconds in some cases new upstream release of pcmanfm 1.3.1 * fixed crash on reload while directory changes * changed size of large thumbnails to 512 * added application/gzip to archivers.list * added image/x-compressed-xcf to archivers.list * allowed bigger sizes of icons and thumbnails new upstream release of pcmanfm 1.3.0 * Fixed potential access violation, use runtime user dir instead of tmp diri for single instance socket. boo#1039140 CVE-2017-8934 * Fixed an issue with losing icons on desktop, when file name has a ��[�� char. * Added a missing tooltip for ��New Window�� toolbar button. * Fixed an issue when single instance socket directory did not exist Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-10001=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64): pcmanfm-1.3.2-bp153.2.3.1 pcmanfm-devel-1.3.2-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (noarch): pcmanfm-lang-1.3.2-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2017-8934.html https://bugzilla.suse.com/1039140

3 weeks, 3 days

SUSE-SU-2022:1888-1: moderate: Security update for helm-mirror

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for helm-mirror ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1888-1 Rating: moderate References: #1156646 #1197728 Cross-References: CVE-2019-18658 CVSS scores: CVE-2019-18658 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-18658 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Containers 15-SP3 SUSE Linux Enterprise Module for Containers 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for helm-mirror fixes the following issues: - Updated to version 0.3.1: - CVE-2019-18658: Fixed a potential symbolic link issue in helm that could be used to leak sensitive files (bsc#1156646). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1888=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1888=1 - SUSE Linux Enterprise Module for Containers 15-SP4: zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-1888=1 - SUSE Linux Enterprise Module for Containers 15-SP3: zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-1888=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): helm-mirror-0.3.1-150000.1.13.1 helm-mirror-debuginfo-0.3.1-150000.1.13.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): helm-mirror-0.3.1-150000.1.13.1 helm-mirror-debuginfo-0.3.1-150000.1.13.1 - SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64): helm-mirror-0.3.1-150000.1.13.1 helm-mirror-debuginfo-0.3.1-150000.1.13.1 - SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64): helm-mirror-0.3.1-150000.1.13.1 helm-mirror-debuginfo-0.3.1-150000.1.13.1 References: https://www.suse.com/security/cve/CVE-2019-18658.html https://bugzilla.suse.com/1156646 https://bugzilla.suse.com/1197728

3 weeks, 3 days

SUSE-SU-2022:1890-1: important: Security update for postgresql10

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for postgresql10 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1890-1 Rating: important References: #1199475 Cross-References: CVE-2022-1552 CVSS scores: CVE-2022-1552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise Module for Legacy Software 15-SP3 SUSE Linux Enterprise Server SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for postgresql10 fixes the following issues: - CVE-2022-1552: Confine additional operations within "security restricted operation" sandboxes (bsc#1199475). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1890=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1890=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1890=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1890=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1890=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1890=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1890=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1890=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1890=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1890=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1890=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1890=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1890=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1890=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1890=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1890=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1890=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-1890=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-llvmjit-devel-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 postgresql10-test-10.21-150100.8.47.1 - openSUSE Leap 15.4 (noarch): postgresql10-docs-10.21-150100.8.47.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 postgresql10-test-10.21-150100.8.47.1 - openSUSE Leap 15.3 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Manager Server 4.1 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Manager Retail Branch Server 4.1 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Manager Proxy 4.1 (x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Manager Proxy 4.1 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise Server 15-SP1-BCL (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Enterprise Storage 7 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 - SUSE Enterprise Storage 6 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE CaaS Platform 4.0 (noarch): postgresql10-docs-10.21-150100.8.47.1 - SUSE CaaS Platform 4.0 (x86_64): postgresql10-10.21-150100.8.47.1 postgresql10-contrib-10.21-150100.8.47.1 postgresql10-contrib-debuginfo-10.21-150100.8.47.1 postgresql10-debuginfo-10.21-150100.8.47.1 postgresql10-debugsource-10.21-150100.8.47.1 postgresql10-devel-10.21-150100.8.47.1 postgresql10-devel-debuginfo-10.21-150100.8.47.1 postgresql10-plperl-10.21-150100.8.47.1 postgresql10-plperl-debuginfo-10.21-150100.8.47.1 postgresql10-plpython-10.21-150100.8.47.1 postgresql10-plpython-debuginfo-10.21-150100.8.47.1 postgresql10-pltcl-10.21-150100.8.47.1 postgresql10-pltcl-debuginfo-10.21-150100.8.47.1 postgresql10-server-10.21-150100.8.47.1 postgresql10-server-debuginfo-10.21-150100.8.47.1 References: https://www.suse.com/security/cve/CVE-2022-1552.html https://bugzilla.suse.com/1199475

3 weeks, 3 days

SUSE-SU-2022:1883-1: important: Security update for pcre2

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for pcre2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1883-1 Rating: important References: #1199232 Cross-References: CVE-2022-1586 CVSS scores: CVE-2022-1586 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2022-1586 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pcre2 fixes the following issues: - CVE-2022-1586: Fixed out-of-bounds read via missing Unicode property matching issue in JIT compiled regular expressions (bsc#1199232). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1883=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1883=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1883=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1883=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1883=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1883=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1883=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1883=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1883=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1883=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1883=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1883=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1883=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1883=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1883=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1883=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1883=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1883=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1883=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1883=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1883=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1883=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-1883=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 pcre2-devel-static-10.31-150000.3.7.1 pcre2-tools-10.31-150000.3.7.1 pcre2-tools-debuginfo-10.31-150000.3.7.1 - openSUSE Leap 15.3 (x86_64): libpcre2-16-0-32bit-10.31-150000.3.7.1 libpcre2-16-0-32bit-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-32bit-10.31-150000.3.7.1 libpcre2-32-0-32bit-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-32bit-10.31-150000.3.7.1 libpcre2-8-0-32bit-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-32bit-10.31-150000.3.7.1 libpcre2-posix2-32bit-debuginfo-10.31-150000.3.7.1 - openSUSE Leap 15.3 (noarch): pcre2-doc-10.31-150000.3.7.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Manager Proxy 4.1 (x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 - SUSE CaaS Platform 4.0 (x86_64): libpcre2-16-0-10.31-150000.3.7.1 libpcre2-16-0-debuginfo-10.31-150000.3.7.1 libpcre2-32-0-10.31-150000.3.7.1 libpcre2-32-0-debuginfo-10.31-150000.3.7.1 libpcre2-8-0-10.31-150000.3.7.1 libpcre2-8-0-debuginfo-10.31-150000.3.7.1 libpcre2-posix2-10.31-150000.3.7.1 libpcre2-posix2-debuginfo-10.31-150000.3.7.1 pcre2-debugsource-10.31-150000.3.7.1 pcre2-devel-10.31-150000.3.7.1 References: https://www.suse.com/security/cve/CVE-2022-1586.html https://bugzilla.suse.com/1199232

3 weeks, 4 days

SUSE-SU-2022:1882-1: important: Security update for tiff

by opensuse-security＠opensuse.org

SUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1882-1 Rating: important References: #1195964 #1195965 #1197066 #1197068 #1197072 #1197073 #1197074 #1197631 Cross-References: CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-1056 CVSS scores: CVE-2022-0561 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0561 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0562 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0562 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0865 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0865 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0891 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H CVE-2022-0891 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0908 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0908 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0909 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0909 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0924 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0924 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-1056 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-1056 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for tiff fixes the following issues: - CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964). - CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965). - CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc (bsc#1197066). - CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197072). - CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073). - CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() (bsc#1197074). - CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197631). - CVE-2022-0891: Fixed heap buffer overflow in extractImageSection (bsc#1197068). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1882=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1882=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1882=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1882=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1882=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1882=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1882=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1882=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1882=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1882=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1882=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1882=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1882=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1882=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1882=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1882=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1882=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1882=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1882=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1882=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1882=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1882=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1882=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1882=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1882=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1882=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-1882=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - openSUSE Leap 15.4 (x86_64): libtiff-devel-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - openSUSE Leap 15.3 (x86_64): libtiff-devel-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Manager Server 4.1 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Manager Proxy 4.1 (x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server for SAP 15 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64): tiff-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64): tiff-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Enterprise Storage 7 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 - SUSE Enterprise Storage 6 (x86_64): libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 - SUSE CaaS Platform 4.0 (x86_64): libtiff-devel-4.0.9-150000.45.8.1 libtiff5-32bit-4.0.9-150000.45.8.1 libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1 libtiff5-4.0.9-150000.45.8.1 libtiff5-debuginfo-4.0.9-150000.45.8.1 tiff-debuginfo-4.0.9-150000.45.8.1 tiff-debugsource-4.0.9-150000.45.8.1 References: https://www.suse.com/security/cve/CVE-2022-0561.html https://www.suse.com/security/cve/CVE-2022-0562.html https://www.suse.com/security/cve/CVE-2022-0865.html https://www.suse.com/security/cve/CVE-2022-0891.html https://www.suse.com/security/cve/CVE-2022-0908.html https://www.suse.com/security/cve/CVE-2022-0909.html https://www.suse.com/security/cve/CVE-2022-0924.html https://www.suse.com/security/cve/CVE-2022-1056.html https://bugzilla.suse.com/1195964 https://bugzilla.suse.com/1195965 https://bugzilla.suse.com/1197066 https://bugzilla.suse.com/1197068 https://bugzilla.suse.com/1197072 https://bugzilla.suse.com/1197073 https://bugzilla.suse.com/1197074 https://bugzilla.suse.com/1197631

3 weeks, 4 days

openSUSE-SU-2022:0156-1: important: Security update for opera

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0156-1 Rating: important References: Cross-References: CVE-2022-1364 CVE-2022-1633 CVE-2022-1634 CVE-2022-1635 CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640 CVE-2022-1641 Affected Products: openSUSE Leap 15.4:NonFree ______________________________________________________________________________ An update that fixes 10 vulnerabilities is now available. Description: This update for opera fixes the following issues: Update to 87.0.4390.25: - CHR-8870 Update chromium on desktop-stable-101-4390 to 101.0.4951.64 - DNA-99209 Enable #easy-files-multiupload on all streams - DNA-99325 Use a preference to set number of recent searches and recently closed in unfiltered dropdown - DNA-99353 Translations for O87 - DNA-99365 Adding title to the first category duplicates categories titles in the dropdown - DNA-99385 Feedback button in filtered dropdown can overlap with other web buttons for highlighted suggestion - DNA-99391 Add bookmarks at the bottom of a bookmarks bar folder - DNA-99491 Suggestion is not immediately removed form recent searches view in dropdown. - DNA-99501 Promote O87 to stable - DNA-99504 ��Switch to tab�� button is not aligned to the right for some categories in dropdown - The update to chromium 101.0.4951.64 fixes following issues: CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636, CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641 - Complete Opera 87.0 changelog at: https://blogs.opera.com/desktop/changelog-for-87/ - Update to 86.0.4363.59 - DNA-99021 Crash in sidebar when extension of sidebar item was uninstalled - DNA-99359 Crash at opera:: ContinueShoppingExpiredProductRemoverImpl::RemoveExpiredProducts() - Update to 86.0.4363.50 - DNA-68493 Opera doesn��t close address field drop-down when dragging text from the address field - DNA-99003 Crash at views::Widget::GetNativeView() const - DNA-99133 BrowserSidebarWithProxyAuthTest.PreloadWithWebModalDialog fails - DNA-99230 Switching search engine with shortcut stopped working after DNA-99178 - DNA-99317 Make history match appear on top - Update to 86.0.4363.32 - DNA-98510 Blank icon in sidebar setup - DNA-98525 Unable to drag tab to far right - DNA-98893 Sound indicator is too precise in Google Meet - DNA-98919 Shopping corner internal API access update - DNA-98924 Tab tooltip gets stuck on screen - DNA-98981 Enable easy-files-multiupload on developer stream - DNA-99041 Move Shopping Corner to sidebar entry - DNA-99061 Enable #address-bar-dropdown-categories on all streams - DNA-99062 Create flag to show top sites and recently closed in unfiltered suggestions - DNA-99064 Hard to drag & drop current URL to a specific folder on bookmarks bar when unfiltered dropdown is displayed - DNA-99070 Make scroll button in Continue On scroll multiple items - DNA-99089 Shopping corner tab is not preserved after restart - DNA-99115 Request updating the Avro schema for sidebar event - DNA-99117 Make sure shopping corner is enabled by default - DNA-99178 Left/right not working in address bar dropdown - DNA-99204 Hide Shopping Corner by default - Update to 86.0.4363.23 - CHR-8843 Update chromium on desktop-stable-100-4363 to 100.0.4896.127 - DNA-98236 Turn on #snap-text-selection on all streams - DNA-98507 DCHECK at address_bar_controller.cc(547) - DNA-98528 Suggestions for internal pages disappear when typing their full name - DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet" - DNA-98540 Booking.com used instead of custom search engine - DNA-98587 Favicon of booking suggestion in the city category is unexpectedly changing - DNA-98605 City suggestions should show URL in address field when selected - DNA-98608 #address-bar-dropdown-categories expired - DNA-98616 Add recent searches to 'old' BABE - DNA-98668 Switch to tab button leads to wrong tab - DNA-98673 Improve suggestion removal handling in suggestion providers - DNA-98681 Remove unused suggestion consumers - DNA-98684 Have a dedicated SuggestionList for the new address bar dropdown - DNA-98685 Enable #native-crypto-wallet on developer - DNA-98688 "Disable this feature" mini-menu settings is non-intuitive - DNA-98690 Autocompleted text stayed in address field after removing suggestion - DNA-98738 Inline autocomplete suggestion for SD disappears after typing 3rd letter of SD name - DNA-98743 Blank dropdown after pressing space key - DNA-98783 Improve showing suggestions with long URLs or page titles - DNA-98785 "Switch to tab" button not shown for suggestions with www subdomain when typing domain text - DNA-98879 "Disable suggestions before typing" mini-menu option should change to "Enable suggestions before typing" when being selected - DNA-98917 Translations for O86 - DNA-98975 Turn on #snap-crop-tool on all channels - DNA-98980 Enable #native-crypto-wallet on all streams - DNA-99005 The sidebar item is not visible for already active crypto wallet users when #native-crypto-wallet flag is enabled. - DNA-99007 Crash at TemplateURLRef::ParseIfNecessary(SearchTermsData const&) const - DNA-99047 Promote O86 to stable - The update to chromium 100.0.4896.127 fixes following issues: CVE-2022-1364 - Complete Opera 86.0 changelog at: https://blogs.opera.com/desktop/changelog-for-86/ - Update to 85.0.4341.60 - DNA-98666 Set baidu as default search engine in China - DNA-98707 Hint is not displayed for new crypto wallet sidebar icon - DNA-98775 RichHintsSearchEngineCondition.testSogouSearchEngine errors - Update to 85.0.4341.47 - DNA-98249 Add feature flag #native-crypto-wallet - DNA-98250 Install extension on startup - DNA-98251 Make Crypto Wallet setting enable / disable extension - DNA-98252 Deactivate old desktop crypto wallet - DNA-98253 Always show ��Crypto Wallet�� in Sidebar Setup - DNA-98497 Crash when installing extension - DNA-98506 Enable opera_feature_crypto_wallet_encryption on desktop - DNA-98510 Blank icon in sidebar setup - DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet" - DNA-98685 Enable #native-crypto-wallet on developer - DNA-98766 Crash at opera::AddressBarControllerImpl::OpenNativeDropdown() - DNA-98768 Crash at extensions::ContentFilterPrivateIsWhitelistedFunction::Run() - DNA-98770 Recent searches stay in address field after selecting entry from dropdown - DNA-98772 Screen sharing broken - DNA-98803 Autofilled part appended after selecting address bar using shortcut Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4:NonFree: zypper in -t patch openSUSE-2022-156=1 Package List: - openSUSE Leap 15.4:NonFree (x86_64): opera-87.0.4390.25-lp154.2.8.1 References: https://www.suse.com/security/cve/CVE-2022-1364.html https://www.suse.com/security/cve/CVE-2022-1633.html https://www.suse.com/security/cve/CVE-2022-1634.html https://www.suse.com/security/cve/CVE-2022-1635.html https://www.suse.com/security/cve/CVE-2022-1636.html https://www.suse.com/security/cve/CVE-2022-1637.html https://www.suse.com/security/cve/CVE-2022-1638.html https://www.suse.com/security/cve/CVE-2022-1639.html https://www.suse.com/security/cve/CVE-2022-1640.html https://www.suse.com/security/cve/CVE-2022-1641.html

3 weeks, 6 days

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

openSUSE Security Announce May 2022